Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 17 Apr 2014, 20:31
All times are UTC - 4
 Forum index » Off-Topic Area » Security
EICAR test file explanation
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [9 Posts]  
Author Message
mahaju


Joined: 11 Oct 2010
Posts: 493
Location: between the keyboard and the chair

PostPosted: Fri 20 Jan 2012, 00:00    Post subject:  EICAR test file explanation
Subject description: a dummy antivirus code for checking effectiveness of antivirus softewares in Windows
 

A detailed explanation of the EICAR test file

http://www.derkeiler.com/Mailing-Lists/NT-Bugtraq/2003-07/0015.html

EICAR website
http://www.eicar.org/86-0-Intended-use.html

Does anyone know if this works with antivirus softwares in Linux?
Back to top
View user's profile Send private message 
Makoto


Joined: 03 Sep 2009
Posts: 1722
Location: Out wandering... maybe.

PostPosted: Fri 20 Jan 2012, 00:10    Post subject:  

If they test by virus signatures, it should work. If they test by heuristics, perhaps not. It wouldn't hurt to experiment.
_________________
[ Puppy 4.3.1 JP, Frugal install | 1GB RAM | 1.3GB swap ] * My Pidgin Builds for Puppy 4.3.1+
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Back to top
View user's profile Send private message 
mahaju


Joined: 11 Oct 2010
Posts: 493
Location: between the keyboard and the chair

PostPosted: Fri 20 Jan 2012, 02:19    Post subject:  

I tried it with avg in puppy 5.2.8 but running avgscan says avgd not initialized
It seems avg is properly installed but I have no idea how to get it working
I don't normally use antivirus in puppy so I have no idea what this means
If anyone has tried it out maybe you can share it here
Also, used the puppy 5.2.8 in VMWare
Back to top
View user's profile Send private message 
cthisbear

Joined: 29 Jan 2006
Posts: 3251
Location: Sydney Australia

PostPosted: Fri 20 Jan 2012, 03:32    Post subject:  

avg is rubbish..false positives.

Better to use Hiren's Boot cd for virus.

Also has Parted Magic....even ejects the cd now.
So close to Puppy in looks.

http://www.hiren.info/pages/bootcd

":""""

Antivirus Tools

Avira AntiVir Personal (07-12-2011)
Free anti-virus and anti-spyware on-demand scanner, detects and removes more than 50000 viruses and trojans.

ClamWin Free Antivirus 0.97.3 (07-12-2011)
A free antivirus, GNU GPL Open Source Virus Scanner.

ComboFix (07-12-2011)
Designed to cleanup malware infections and restore settings modified
by malware.

Dr.Web CureIt!
Antivirus a free standalone anti-virus and anti-spyware on-demand scanner (downloadable).

GMER 1.0.15
Hidden services, hidden registry, hidden file scanner, Rootkit Detector
and Remover.

Malwarebytes Anti-Malware 1.51.1 (07-12-2011)
anti-malware application that can thoroughly remove even the most advanced malware.

Remove Fake Antivirus 1.82
a tool to remove virus/malware which disguises itself to be an
antivirus and produces fake alert/warnings and urge you to purchase
a useless copy of the fake antivirus.

RootkitRevealer 1.7.1
Rootkit Revealer is an advanced patent-pending root kit detection utility.

Spybot - Search & Destroy 1.6.2 (07-12-2011)
Application to scan for spyware, adware, hijackers and other
malicious software.

SuperAntispyware 5.0.1134 (07-12-2011)
Remove Adware, Malware, Parasites, Rootkits, Spyware, Trojan,
and Worms (a must have tool).

TDSSKiller 2.6.21.0 To remove malware belonging to the family Rootkit.Win32.TDSS aka Tidserv, TDSServ and Alureon.

""""""""""

Parted Magic 6.7

Linux based rescue environment with lots of applications to manage partitions, backup and recovery such as GParted, Parted,
Partition Image, TestDisk, Partimage, Truecrypt, Clonezilla, G4L,
Firefox, ClamAV, GSmartControl, SimpleBurn, dd, ddrescue, with
extensive collection of file system tools are also included, supports
the following: btrfs, ext2, ext3, ext4, fat16, fat32, hfs, hfs+, jfs, linux-swap, ntfs, reiserfs, reiser4, and x

"""""""

Best to use it on usb with a couple of different Puppies.

Puppy 4.31...never fails in getting data off drives.

Puppy 5.28.....etc.

"""""""""

http://www.hirensbootcd.org/download/

Filename: Hirens.
BootCD.15.1.zip....extracts to the >>> ISO file.

Filesize: 498.36 MB (522565534 bytes)

ISO MD5: B5DE7A10DD1586D47535372EA1AD9BED

ZIP MD5: 5B8E9240AE8CF74939B60AD872CBBABA

""""""""""""

And now Mcrapee stuffs up again.

McAfee software bug could turn customers' PCs into spam servers

Read more: http://www.smh.com.au/technology/security/mcafee-software-bug-could-turn-customers-pcs-into-spam-servers-20120120-1q93b.html#ixzz1jyuttwGD

Chris

http://www.smh.com.au/technology/security/mcafee-software-bug-could-turn-customers-pcs-into-spam-servers-20120120-1q93b.html
Back to top
View user's profile Send private message 
mahaju


Joined: 11 Oct 2010
Posts: 493
Location: between the keyboard and the chair

PostPosted: Fri 20 Jan 2012, 03:40    Post subject:  

I don't know about linux but I think it works pretty good in Windows
Back to top
View user's profile Send private message 
amigo

Joined: 02 Apr 2007
Posts: 2167

PostPosted: Fri 20 Jan 2012, 14:59    Post subject:  

It's not that 'avg is rubbish'. The false postives are Puppy's fault. A proper pet for Puppy should eliminate those false positives or filter them so you don't see them. They result from all the busbox versions and other puppy deviations from standard practice.
Back to top
View user's profile Send private message 
Makoto


Joined: 03 Sep 2009
Posts: 1722
Location: Out wandering... maybe.

PostPosted: Fri 20 Jan 2012, 15:46    Post subject:  

I don't know... I don't use AVG, but even on the Windows side, I read reports about AVG getting false positives with files, every so often.
_________________
[ Puppy 4.3.1 JP, Frugal install | 1GB RAM | 1.3GB swap ] * My Pidgin Builds for Puppy 4.3.1+
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3276
Location: Oregon

PostPosted: Fri 20 Jan 2012, 16:03    Post subject:  

Are they dumbing up Hirens? I downloaded the latest version and it does not seem to have nearly as many tools as the older versions did.
I have visited the Bleeping Computer site and it seems to have a lot of information that is presented in terms that the average guy can understand.
Here is one for you to think on.
Someone hacks into your pc and replaces that EICAR test virus with their own creation, but in a way that the same header info shows it as a test virus.
So when your anti-virus program flags it, you think the file is harmless when in fact, your PC has a nasty.
Back to top
View user's profile Send private message 
cthisbear

Joined: 29 Jan 2006
Posts: 3251
Location: Sydney Australia

PostPosted: Fri 20 Jan 2012, 19:42    Post subject:  

" I downloaded the latest version and it does not seem to have nearly as many tools as the older versions did. "

Mate it has a stack of them.
You mustn't have gone through their menus correctly.

On the bottom toolbar >>> RHS or just above it.

:::::::::::

And amigo....sorry to disagree....but AVG is crap.
Went down over the last 5 years.
Slow...bloated...a joke.

The trouble with all of them is that they try to do everything
and fall over.

I usually go for Avira....Free.
But they put nags in it and you have to know what to block in
your firewall to stop it.

Then they stuck in the Ask toolbar.

And now you have to run Service Pack 3 in XP for the latest Avira.
And it's noticeably slower....clunkier...than its predecessor.

Still for all that....Avira runs rings around AVG.

Block these files in your firewall.

avnotify.dll

avnotify.exe

ApnToolbarInstaller.exe

ApnStub.exe
(Boots with windows whether you accept to install the Toolbar
malwareor not, then attempts to Phone home)

ApnIC.dll

http://murga-linux.com/puppy/viewtopic.php?t=58305&start=45

in my 8th post.

Chris.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [9 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0543s ][ Queries: 12 (0.0042s) ][ GZIP on ]