Hi Nick!
In message mid:20021018120126.4F21.ANDRIASH;shaw.ca
on Friday, October 18, 2002, 2:07:25 PM, you wrote:
http://www.microsoft.com/technet/security/bulletin/MS02-054.asp
NA Thanks Marcus... I have read the article, but I still remain skeptical.
NA Why? Because if that were true, the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday, October 18, 2002, Carren Stuart wrote...
JA The virus doesn't exist inside the archive... it is the archive
JA ;)
But if this is the case then surely that would mean that the moment
you unzip the archive, the virus is executed? I don't
Hello Marcus Ohlström,
On Friday, October 18 2002 at 12:43 AM PDT, you wrote:
I have never heard of a *.zip file that was itself a virus. Is that
what you are referring to, and if so can you point to some
documentation that explains how they do it or how it works?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday, October 18, 2002, Nick Andriash wrote...
I have never heard of a *.zip file that was itself a virus. Is
that what you are referring to, and if so can you point to some
documentation that explains how they do it or how it works?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Friday, October 18, 2002
4:04:09 PM
RE: I was just Eicar test virus testing, when.
Greetings Nick,
On Friday, October 18, 2002, 3:07:25 PM, you wrote:
NA Think of all the hundreds of thousands... or millions... of *.zip files
NA that are being
I think I found a weakness in NOD32 pop3 scanning.
At the moment, I'm running pop3 scanning and AVG with the plug-in.
I thought I'd give this little set-up a test run. So;
1. I sent the test file as a notepad attachment using another of my
e-mail address through e-mailanywhere.com directly
On Thursday, October 17, 2002, Chris Weaven wrote in
mid:1527670089.20021017154635;Surfcity.net:
CW I think I found a weakness in NOD32 pop3 scanning.
Hmmm... This is troubling
I downloaded the most fully nested EICAR test file. When NOD32
scanned it after GetRight pulled it in,
Hi Joseph,
On Thursday, October 17, 2002 19:54 your local time, which was 17:54 my
local time, Joseph N. [JN] wrote;
JN I downloaded the most fully nested EICAR test file. When NOD32
JN scanned it after GetRight pulled it in, it came up positive. I then
JN emailed it from one account to
Hi Chris!
In message mid:1417360232.20021017182805;Surfcity.net
on Thursday, October 17, 2002, 8:28:05 PM, you wrote:
CW Maybe it's just the Eicar file or am I being kind?
The EICAR file should always be caught, otherwise the purpose of it is
defeated.
--
--Scott.
mailto:Wizard;local.nu
In mid:1417360232.20021017182805;Surfcity.net,
Chris Weaven [CW] wrote:'
CW Maybe it's just the Eicar file or am I being kind?
CW Still worrying though!
CW Anyone with any comments, suggestions or anything?
I sent it to you zipped. This is why. If you try to unzip eicar.com
then Amon will stop
Hi Allie,
On Thursday, October 17, 2002 20:51 your local time, which was 18:51 my
local time, Allie Martin wrote;
I sent it to you zipped. This is why. If you try to unzip eicar.com
then Amon will stop you.
But I thought it had a function to check zipped files/compressed files?
Chris.
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In mid:198914835.20021017195450;qwest.net,
Joseph N. [JN] wrote:'
JN As I said, this is troubling. Anyone have a compelling
JN explanation for this behavior?
The thing is that neither Amon or the incoming plugin scanner will
check archives. However,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In mid:18819068298.20021017185633;Surfcity.net,
Chris Weaven [CW] wrote:'
CW But I thought it had a function to check zipped files/compressed
CW files?
It does. Scan it manually and you'll see.
Trying to open the archive from TB! also results in an
On Thursday, October 17, 2002, Allie C Martin wrote in
mid:154275702148.20021017211416;landscreek.net:
The thing is that neither Amon or the incoming plugin scanner will
check archives. However, the plugin immediately detects the virus
when you try to open the archive. A manual scan of the
Hi Joseph,
On Thursday, October 17, 2002 22:27 your local time, which was 20:27 my
local time, Joseph N. [JN] wrote;
JN Confidence restored. It would be nice, though, if there were some
JN type of notice when trying to open the archive. All I get (with NOD32
JN and WinRAR 3.00) is a WinRAR
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday, 18 October 2002 at 2:51 p.m. Allie wrote:
ACM I sent it to you zipped. This is why. If you try to unzip
ACM eicar.com then Amon will stop you.
OK, now I am interested. I have just done some playing around with the
files myself out of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In mid:1407572987.20021018174028;myrealbox.com,
Carren Stuart [CS] wrote:'
CS Amon *let* me unzip both zipped files without warning me BUT
CS when I attempted to open the unzipped files, it then gave me a
CS warning as I would have expected. I am
On Thursday, October 17, 2002, Chris Weaven wrote in
mid:16826186323.20021017205511;Surfcity.net:
CW To go one step further, it would be a nice touch if scanners did check
CW compressed files also.
Chris,
This may be a terminology thing, but the NOD32 scanner does check
compressed archive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday, October 17, 2002, Chris Weaven wrote...
To go one step further, it would be a nice touch if scanners did check
compressed files also.
Some do... some don't. Some companies don't deem it necessary to waste
system resources reading the
19 matches
Mail list logo