Want to put some questions regarding things I am doing all night long (it's not what some of you just meant ). I take Shotdown Simulator which Matousec using for Firewall Chalenge and test it on three clasicall antivirus (Avira Free, Avast Free and Kaspersky Antivirus 2009). I was very suprised that only Avira was able to prevent creating of Eicar test file after shotdown simulation was done. Avast and even Kaspersky just failed. Does it mean that some malicious software can simulate system shotdown and drop some nasties after antivirus was closed? What is real possibility for such situation?