Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Security Statistics and Reports
May 2022: Advanced In The Wild Malware Test (changes based on user suggestions)
Message
<blockquote data-quote="Andy Ful" data-source="post: 994985" data-attributes="member: 32260"><p>It looks like the automated method of downloading samples does not support the Microsoft Defender Block At First Sight feature.</p><p></p><p>[ATTACH=full]267768[/ATTACH]</p><p></p><p>When the user downloads manually the sample from the Internet via Edge or Chrome then the file gets MOTW and BAFS is automatically triggered. But, when Firefox is used, the BAFS does not work, even if the file has got MOTW.</p><p>This can be seen when downloading the Eicar samples via Edge (Chrome) and Firefox. So, MOTW alone is not sufficient to trigger BAFS.</p><p></p><p>My guess is that the automated method of downloading the samples in the last few AVLab tests can have a similar issue with BAFS, as the method used by Firefox.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 994985, member: 32260"] It looks like the automated method of downloading samples does not support the Microsoft Defender Block At First Sight feature. [ATTACH type="full" alt="1656540906048.png"]267768[/ATTACH] When the user downloads manually the sample from the Internet via Edge or Chrome then the file gets MOTW and BAFS is automatically triggered. But, when Firefox is used, the BAFS does not work, even if the file has got MOTW. This can be seen when downloading the Eicar samples via Edge (Chrome) and Firefox. So, MOTW alone is not sufficient to trigger BAFS. My guess is that the automated method of downloading the samples in the last few AVLab tests can have a similar issue with BAFS, as the method used by Firefox. [/QUOTE]
Insert quotes…
Verification
Post reply
Top