Eicar.com Test File

Discussion in 'Prevx Releases' started by redwolfe_98, May 14, 2010.

Thread Status:
Not open for further replies.
  1. sparviero

    sparviero Registered Member

    Joined:
    Apr 23, 2009
    Posts:
    88
    Think about a response like that! Typical!
    If the Prevx says, we are "World's strongest, fastest, most powerful security solution for those who want to be safe online.", but fails with EICAR test !!
    You can be confident that the same software is efficient with a super rootkits o_O??
    I'm sure, someone shoots crap here, it seems !!

    PS:
    And claim to be paid to make fun of people, bravo!
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Prevx does not fail with the eicar test - it is likely a configuration issue or compatibility problem. EICAR is not representative of today's threats (it is a 68 byte text file versus very advanced rootkits) and Prevx focuses on finding advanced threats and guarantees its cleanup so if for whatever reason we don't find and fully clean something, we will assist you in cleaning it.

    Not sure how you could possibly lose with that combination :)
     
  3. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    Yeah, don't understand his comments either joe.
    I've already said that eicar is blocked, just missing the pop up on my side that's all.
     
  4. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    And they where fully blocked with Pop-ups in my test on Win 7 32bit & 64bit!

    TH
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It could be that it is set into the "auto block" mode - could you try minimizing all of your open windows and try running it again to see if there is a small notification in the bottom right corner? If you've blocked a file and re-execute the same file, it will show a "Malware Blocked" dialog (to simplify the user experience by not asking them the same questions over and over again).
     
  6. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    As I use the default settings in this window: Note the last box is unchecked!

    TH

    Capture21-05-2010-11.55.08 AM.jpg
     
  7. sparviero

    sparviero Registered Member

    Joined:
    Apr 23, 2009
    Posts:
    88
    I have download PrevxFree, default install, and confirm PC__Gamer, eicar is blocked, but by windows, Prevx just missing all, zero, nothing o_O
    Prevx fail with the eicar test !!!

    PrevxHelp, before extending the discussion how Prevx focuses on finding advanced threats, you should overcome EICAR test, otherwise the discussion becomes more and more ridiculous. ;)

    About the "guarantees" ??, I repeat, someone shoots crap here, it seems !!
     
  8. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Do you have DEP in windows set above default? And what other security do you have running when testing Prevx? Any other details would be appreciated! ;)

    TH
     
    Last edited: May 21, 2010
  9. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    It sounds like its being blocked by your other security programs, so prevx doesn't see it. If so, this is how layered protection works. Try disabling your other protection and see if prevx finds it.
     
  10. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    Lol sorry but you can't agree with me, as prevx is blocking it on my rig, its just not showing the pop up,
    When I get my machine sorted, ill sort it all out with joe.
     
  11. sparviero

    sparviero Registered Member

    Joined:
    Apr 23, 2009
    Posts:
    88
    Sorry PC__Gamer, you do not know what you're talking, even as others including PrevxHelp.

    from your post #15

    When you run a eicar.com, they get an error message: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the

    item. Runing eicar.com is blocked bay IE8, more precise from:

    Internet Explorer Enhanced Security (IEES) restricts access to scripts, executable files, and other potentially unsafe files on a UNC path.

    So, Prevx no blocking it no detection warning from Prevx. ;) :)
     
  12. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    c:\users\168957\desktop\eicar.com.txt [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\6vjubnvd\eicar[1].com [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\sn9q4s43\eicar.com[1].txt [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\desktop\eicar.com [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\appdata\local\microsoft\windows\temporary internet files\content.ie5\0x7u0d6d\eicar[1].com [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\appdata\local\microsoft\windows\temporary internet files\content.ie5\nvcwv820\eicar[1].com [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\sn9q4s43\eicar[1].com [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\desktop\video-plugin.45099.exe [PX5: F0C34D0C002F53B4D43A0152E93DDA00A51337C2] Malware Group: Medium Risk Malware Dropper
    c:\programdata\microsoft\windows defender\localcopy\{21bfec95-b8e1-41d5-b67b-cda761230859}-eicar[1].com [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus
    c:\users\168957\appdata\local\microsoft\windows\temporary internet files\content.ie5\bwcunvja\eicar[1].com [PX5: 44D8861244FEA8A800F3006DE82E120078ABB02F] Malware Group: Low Risk Test Virus

    these are the detections my log states...

    the video plugin file in the middle is just another sample i was playing around with :D lol

    only 4 av's detected it (1 being Prevx of course :D and of course, seen on the same day and from the same country i reside in *lol* )

    BTW Joe, ive sent ya the log to report@prevxresearch.com
     
  13. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    hmm, i noticed eicar was in my detection overrides to automatically delete it, yet i didnt put it in there.

    i know, should have looked..

    everything is working now, either it was that or Support have fixed it.
     
  14. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I had a feeling that would be the case - when you click "Remove" or "Block" in the realtime warning dialog, it will automatically block it in the future for that file. This can be configured in Detection Overrides as you've found and the configuration option for this is: "Automatically remove blocked files" which is on by default.

    Hope that helps!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.