Author Topic: AV in your Browser (Read 12834 times)

The Maxx · « **on:** July 08, 2005, 02:04:18 PM »

http://info.drweb.com/show/2653

If this works right and doesn't slow anything down I really hope to see something like this added to avast! or at least avast! Pro

"Dr.Web in your browser — new free service of scanning for viruses!

Doctor Web, Ltd., the developer of the popular Dr.Web anti-virus, announces release of the new free service developed for users traveling on the World Wide Web with the help of Mozilla, Mozilla Firefox or MS Internet Explorer.

New free service by Doctor Web, Ltd. is designed as a plug-in, which scans for viruses and different kinds of malicious programs, such as dialers, spywares or adwares any link to a page before it is s opened, or any file before it is downloaded onto a computer with the most up-to-date version of the Dr.Web scanner and hot add-ons to the virus base, released twice per hour – no other antivirus company releases updates so often!

To scan a link or a file, you should neither to install the Dr.Web antivirus onto your computer, nor download the file you want to open or save — the scanning for viruses is done on the servers of the Global updating system of the Dr.Web antivirus. Depending on the size of the checked file, the scanning will be done in several seconds and then you can open the page or download the file and never fear of a virus attack."

Eddy · « **Reply #1 on:** July 08, 2005, 02:15:30 PM »

Avast is already doing so (if you have Avast setup correctly), no need for a plugin or anything.

The Maxx · « **Reply #2 on:** July 08, 2005, 02:42:18 PM »

avast! already scans files before you download them? How do you make sure it's setup right? I want to make sure mines setup right.

igor · « **Reply #3 on:** July 08, 2005, 02:46:19 PM »

Try to download eicar test file from www.eicar.org.
If you'll see a virus dialog with "Abort connection" button, it has been caught by the WebShield provider.

Lisandro · « **Reply #4 on:** July 08, 2005, 02:53:29 PM »

Quote from: The Maxx on July 08, 2005, 02:04:18 PM

New free service by Doctor Web, Ltd. is designed as a plug-in, which scans for viruses and different kinds of malicious programs, such as dialers, spywares or adwares any link to a page before it is s opened, or any file before it is downloaded onto a computer

This seems to be the same of WebShield provider of avast!

Quote from: The Maxx on July 08, 2005, 02:04:18 PM

To scan a link or a file, you should neither to install the Dr.Web antivirus onto your computer, nor download the file you want to open or save — the scanning for viruses is done on the servers of the Global updating system of the Dr.Web antivirus. Depending on the size of the checked file, the scanning will be done in several seconds and then you can open the page or download the file and never fear of a virus attack."

This not... Dr.Web seems to be scanning at their server, like a server proxy... ?
avast! scans the download traffic in your computer, local proxy.

DavidR · « **Reply #5 on:** July 08, 2005, 02:56:41 PM »

Quote from: The Maxx on July 08, 2005, 02:42:18 PM

avast! already scans files before you download them? How do you make sure it's setup right? I want to make sure mines setup right.

Start by reading the avast help file, avast! - help: resident protection - Web Shield - Provider Settings.

You can also check and see if the Scanned Count is increasing on the detailed view of the Web Shield provider.

Not to mention the check Igor mentioned:
Web Shield Test
http://www.eicar.org/download/eicar.com

MFB · « **Reply #6 on:** July 09, 2005, 01:17:09 AM »

I check out this Dr. Web extension for firefox. It takes a quite a while to scan the links plus it's not really like WebShield cause you have to manually scan the link by right clicking it. It scan scripts too which is good.

polonus · « **Reply #7 on:** August 01, 2005, 10:42:48 PM »

Hi FIXER,

I tried the plug-in for Firefox, it is not slow at all, does not interfere with the resident AV scanner, which in my case is AVAST,
it scans scripts OK, and I like it to pre-scan from the search-engine result list to see whether the link is "kosher". I think it is a good extra security addition, as it does not interfere. And update frequency with the best.

greets,

polonus

MFB · « **Reply #8 on:** August 01, 2005, 10:48:06 PM »

Hey polonus, I install the extension again and you're right, it's not really slow. I must be sleepy or something.
I think I'll keep Dr.Web Extension for Firefox for a while.

YLAP · « **Reply #9 on:** August 01, 2005, 10:56:25 PM »

I'm using it too now. it's already 10 minutes I have it. Seems to be nice plug-in for my Foxie as it's not resident, scans link only the you need it and it uses nothing from my PC (I mean definitions or other typical on-line AV's stuff). I think it's very handfull thing as it's easy to use (only one right click on mouse) and it's really fast. At the moment. Is hard to say how it will work on high loads... $:-\$

essexboy · « **Reply #10 on:** August 02, 2005, 12:11:06 AM »

Also a good way of tracking web site usage, or am I just a cynic

polonus · « **Reply #11 on:** August 02, 2005, 12:26:12 AM »

Hello Essexboy,

Why always see the dark site of something. If you trust google with all your webcontent and acceleration of all your data if you have it, and desktop searching, this information can be used against YOU, even all that you have published HERE, will be in the hands of Google. No one seems to bother it sits on this gigantic privacy bomb. Dr.Web is a respectable antivirus product, and when it scans your links to be safe, you think it is back tracking. You don't feed it all of your computer. Besides all your links are checked by marketeers anyway with webbugs. No I think for me it is a desirable functionality, and if they find something they know where the web is unsafe. That they do an exploration of where the malware hides, I think that is a good thing, and if asked I would cooperate. Also if it is closing more of my vulnerabilty window.

polonus

essexboy · « **Reply #12 on:** August 02, 2005, 07:36:08 PM »

I have no problem there, I know that there is probably no way to backtrack to your system unless you use a static ip. But my thought was that it would be a good earner for this company to give site visit statistics, which in a way would pay for the av. And as for seeing the dark side.............May the force be with you

polonus · « **Reply #13 on:** August 02, 2005, 10:38:16 PM »

Hello essexboy,

Well that is why this is a good service, it is a bit like with mailwasher but than for AV and from a distance (St.Petersburg based and there global update servers), another factor is their terrific update rate of 2 hours (now we know how "they" do that), using heuristics is a two-sided sword we know, but it is not on our machine and that is safer. Normal online scanning and RAV online scan is so honest to state this openly is a privacy danger for confidential files because it takes place via non-secured connections, so they can take no responsibilty as what could happen with the content of the files you update. With plug-in link scanning on global update servers that risk is non-existing.
While e-mail can be made safe at provider level, web browsing is the main risk to be infected with malware. To be able to pre-scan a link and then load it after it seems OK is a bit more secure anyway. Thanks to the "Pitriski" (meaning those from St.Petersburg (sprytni ludzi z Petersburga).

greets,

polonus

Thrash · « **Reply #14 on:** August 05, 2005, 09:35:16 PM »

Quote from: igor on July 08, 2005, 02:46:19 PM

Try to download eicar test file from www.eicar.org.
If you'll see a virus dialog with "Abort connection" button, it has been caught by the WebShield provider.

That´s cool!

I don´t know that this is possible.

But there is a probably security risk in avast!
I try to download there the file via SSL secure connection and avast don´t show the risk, no attention ... nothing. I save it.
Only when I (for example a zip file) open it and open the file in it oder save it, there was a message from avast.

And a other problem:
Try to download the .txt file via SSL https connection and save it. Nothing. Than try to open it with a double click (= editor). Nothing! First a attention message pops up when I try to rename it from .com.txt to .com.
That´t not really bad because a file in a archiv or as a text file is not really a risc.

But what is with this double-extensions as attachments on emails?
If I remember correctly there where be a bug in the past in Outlook (or Outlook Express) that it not show right files with a double extension and if you made a double click on it, it was opened for it´s real extension. maybe a .com.txt file was shown as .txt file, but it could be open as a .com file.
What is with this risc?

I now make a little test.
I deactivate avast and send myself a email with this double extension file on a mailbox where I can download Files via ssl.
And than I´m really interested in what avast do!

I will report it in a few minutes.
I guess it only "cries" when I try to open it with a double click out of the mailbox.

In this combination a other question:
It there any virus/worm/trojan (or whatever) known which can kill the avast process so that nothing will be scanned and the virus can spreading in the system!?

Author Topic: AV in your Browser (Read 12834 times)

The Maxx

AV in your Browser

Eddy

Re: AV in your Browser

The Maxx

Re: AV in your Browser

igor

Re: AV in your Browser

Lisandro

Re: AV in your Browser

DavidR

Re: AV in your Browser

MFB

Re: AV in your Browser

polonus

Re: AV in your Browser

MFB

Re: AV in your Browser

YLAP

Re: AV in your Browser

essexboy

Re: AV in your Browser

polonus

Re: AV in your Browser

essexboy

Re: AV in your Browser

polonus

Re: AV in your Browser

Thrash

Re: AV in your Browser