Thanks for replying back so quickly with further details. I tested a standard .tar.bz2 file and found that nod32lms didn't report on diving into it. I'll try to make time later to test it with a .tar.bz2 file which contains Eicar. However, I've also included NOD32 support in this reply.
But this is just one company, you do have a point. On Sat, 5 Feb 2005, Barrie Dempster wrote: > I didn't configure the AV's I didn't fancy installing all of them and > thought virus total would give a good indication. It appears from the > virustotal results and from http://www.nod32.com/products/nt.htm that > nod32 will scan and detect tar.gz's but not bz2's. This is the most > common result and could be argued to be valid by the vendors. > > However you can open tar.bz2's on windows so it's still a valid > infection vector, although probably not all that useful for viruses. I > don't believe many users will go googling for the tools needed. > Nonetheless at least a few of the vendors think it's necessary to go > beyond the common zip and rar. -- Regards, Paul Laudanski - Computer Cops, LLC. CastleCops(SM) - http://castlecops.com http://cuddlesnkisses.com | http://justalittlepoke.com | http://zhen-xjell.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
