Re: OT: Antivirus software review
Hello, Thank you all for the extensive replies to my inquiry. I learned a lot, not just about the number of AV softwares available, but also what is the reason for the "plug-in" or "Hook". Since I use GetRight already and it is linked to my current AV software, if I can use a plug-in with Bat I don't have to run my AV software in monitor mode. In that case I have to use one of the AV softwares with plugin. >From all the discussion I think my best bet is AVG from Grisoft, since it appears to be good and is free. The second choice would be NOD32. It is reasonable priced. Thank you again for all the help. -- Peter Kerekes, Toronto, Canada Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Ochrid,
@16 July 2002, 13:44 +0200 (12:44 UK time) Ochrid [O] in
[EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said to Marck D Pearlstone:
MDP>> The hook? What, for the TB plug-in?
O> Sorry, no, I haven't been very clear.
O> I was referring to what Allie C Martin called the 'hook' that she
(erm.. "he". See www.silverstones.com/thebat/rogues.html ).
O> points her Download Accelerator at.
O> Allie doesn´t use AVG, but you do I believe, so I thought you might
O> know which particular .exe file I have to point my downloader at so
O> that it can the download for virusses as or before they come in.
Right. Well, I don't use any download accelerators myself. As for
checking downloaded files ... the AVG real-time file scan does that
anyway. Why would you need to tie it into the accelerator too? Anyway,
I believe that avgse.exe ("Shell Extension" simple file checker, takes
a filename on the command line) is the file to use.
- --
Cheers -- .\\arck D. Pearlstone -- List moderator
SB! v1.61 on Windows 2000 5.0.2195 Service Pack 2
'
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.1.90-nr1 (Windows 2000)
iD8DBQE9NAtNOeQkq5KdzaARAhPeAKDpgy69AL6oviBKncklIdyqDZKM2ACgrAEh
myoPlvWJZGTafK69FmSog1A=
=FWn0
-END PGP SIGNATURE-
Current Ver: 1.61
FAQ: http://faq.thebat.dutaint.com
Unsubscribe: mailto:[EMAIL PROTECTED]
Archives : http://tbudl.thebat.dutaint.com
Moderators : mailto:[EMAIL PROTECTED]
TBTech List: mailto:[EMAIL PROTECTED]
Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
Hello Marck, On Tue, 16 Jul 2002 10:20:33 +0100 GMT (16/07/02, 16:20 +0700 GMT), Marck D Pearlstone wrote: MDP> Actually, in the case of an external AV having intercepted the MDP> infection before TB could even see it, it *won't* be in the message MDP> base, will it? Correct. MDP> It will never have reached TB. And if the detection was MDP> a false positive? How do you get the data back? In PC-Cillin: Quarantine / Restore. MDP> An attachment in a message body cannot be scanned by an external MDP> scanner. It must be scanned by either the TB AV plug-in or by an MDP> incoming mail stream scanner. Not quite correct. I had a virus (obviously in an attachment) that was not in the list of viruses that PCC knew when it arrived. It was some macro virus in a Word document that was attached to an email; as it never did any harm it is likely I never opened that Word documents. I keep attachments in the message body. Once PCC was updated and I tried to open that folder, the real-time scanner quarantined the whole .tbb file. Proving that PCC does indeed scan MIME encoded message attachmenbts stored in the message body. MDP> To have an infected attachment sat calmly and unidentified in a MDP> folder is dangerous. Certainly correct. But this has nothing to do with plug-ins or not, has it? MDP> IMHO a plug-in is the best way to handle virus scanning of MDP> incoming messages. And this is also true: PCC quarantined the whole .tbb file, as it only knows to quarantine files, not messages within a file. A plug-in would have quarantined only that message (maybe even only that attachment?) saving me the trouble of sifting through a couple of hundred messages to find the one with the virus. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Be more or less specific. Message reply created with The Bat! 1.61 under Chinese Windows 98 4.10 Build A using an AMD Athlon K7 1.2GHz, 128MB RAM Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Joseph N. [JN] wrote: JN> You just happen to keep an assortment of nasties around in virtual JN> Petri dishes, waiting for experiments?? Yes. I keep a couple for experiments. ;) I do use the eicar test virus for most things tests though. - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0z89UACgkQV8nrYCsHF+JvqwCgne89K3QjBhruSVsoarcgo3mU R+0An3/VxQ3HzLiWccZwJrvF2JDp4Irx =XIVa -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Ochrid, @16 July 2002, 10:28 +0200 (09:28 UK time) Ochrid [O] in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said to Marck D Pearlstone: MDP>> I use AVG from Grisoft myself and have always been very MDP>> satisfied with it. O>Can you tell me at what .exe file I should point the 'hook'? O> I guess plain avg.exe, but I also have avgcc32.exe, avginet.ext O> and a whole lot more. The hook? What, for the TB plug-in? They point to .BAV files, not executables. You can download the various BAV plug-ins from these locations: AVG: http://www.thebat.ipex.cz/stazeni/beta/avgbat8us.exe Dr Web: http://www.dials.ru/english/inf/thebat.htm And these: ftp://www.ritlabs.com/pub/the_bat/bav/SophosNT.BAV ftp://www.ritlabs.com/pub/the_bat/bav/Sophos95.BAV ftp://www.ritlabs.com/pub/the_bat/bav/Panda.BAV ftp://www.ritlabs.com/pub/the_bat/bav/Nod32.BAV ftp://www.ritlabs.com/pub/the_bat/bav/BitDefSt.BAV ftp://www.ritlabs.com/pub/the_bat/bav/AntiVirNT.BAV ftp://www.ritlabs.com/pub/the_bat/bav/AntiVir95.BAV - -- Cheers -- .\\arck D. Pearlstone -- List moderator SB! v1.61 on Windows 2000 5.0.2195 Service Pack 2 ' -BEGIN PGP SIGNATURE- Version: GnuPG v1.1.90-nr1 (Windows 2000) iD8DBQE9M+rNOeQkq5KdzaARAnviAKCDKQPWeMtEh0bqAWiAOiInVD2UHgCffe+2 FBs/p8VypS/4Zah5V6BPjmU= =aNT7 -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Thomas, @16 July 2002, 12:17 +0700 (06:17 UK time) Thomas F [TF] in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said to Marck D Pearlstone on TBUDL: TF> ... I would think that the AV software does understand MIME TF> encryption and will decrypt the attachment on the fly for TF> checking. Correct. I just prefer the control and centralisation of having messages scanned by my email client rather than an AV MIME stream scanner. I know what harm and damage false positives can wreak. At least when the infection is in a quarantine folder in the mailbase, I can get to it easily and maybe analyze the routing headers to find out where it came from so I can warn family/friends/colleagues of the infection. I don't understand why so many folks say "I don't want my OS/MS telling me what to do or hiding files and functions" and yet are perfectly happy for their AV software to do far more than that. - -- Cheers -- .\\arck D. Pearlstone -- List moderator SB! v1.61 on Windows 2000 5.0.2195 Service Pack 2 ' -BEGIN PGP SIGNATURE- Version: GnuPG v1.1.90-nr1 (Windows 2000) iD8DBQE9M+f3OeQkq5KdzaARAicfAKCrw7TAdOelE+xhQ0prY8zr5L6ZtgCgwNt3 V4MPoOJUZ79qXsqoljoGews= =3q80 -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Joseph, @16 July 2002, 22:07 -0500 (04:07 UK time) Joseph N. [JN] in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said to Marck D Pearlstone: MDP>> A virus in an executable parsed by an external AV is already both MDP>> loaded into and visible from the OS. Raw MIME data in a message MDP>> base folder is neither. JN> Yes, that's true. But if the attachment remains in the message body JN> under both conditions, then the difference you described does not JN> exist, right? Actually, in the case of an external AV having intercepted the infection before TB could even see it, it *won't* be in the message base, will it? It will never have reached TB. And if the detection was a false positive? How do you get the data back? As a discarded bit stream? You don't. As an internally and safely quarantined message? Easy! An attachment in a message body cannot be scanned by an external scanner. It must be scanned by either the TB AV plug-in or by an incoming mail stream scanner. This thread is about the merits of the plug-ins. To have an infected attachment sat calmly and unidentified in a folder is dangerous. IMHO a plug-in is the best way to handle virus scanning of incoming messages. - -- Cheers -- .\\arck D. Pearlstone -- List moderator SB! v1.61 on Windows 2000 5.0.2195 Service Pack 2 ' -BEGIN PGP SIGNATURE- Version: GnuPG v1.1.90-nr1 (Windows 2000) iD8DBQE9M+ViOeQkq5KdzaARAnqqAJ90U3Ya7w1h4fgEg9rEpdJEcxwsFQCgm1uv /LLZNYWR3oCClzFgGEvVLhY= =yziO -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
Hello Marck, On Tue, 16 Jul 2002 01:54:18 +0100 GMT (16/07/02, 07:54 +0700 GMT), Marck D Pearlstone wrote: MDP> Yes. As I see it there is a clear difference. A virus in an executable MDP> parsed by an external AV is already both loaded into and visible from MDP> the OS. Raw MIME data in a message base folder is neither. The MDP> difference is clear. How then can an AV scanner identify a virus that is being downloaded? I would think that the AV software does understand MIME encryption and will decrypt the attachment on the fly for checking. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Proofread carefully to see if you any words out. Message reply created with The Bat! 1.61 under Chinese Windows 98 4.10 Build A using an AMD Athlon K7 1.2GHz, 128MB RAM Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Rick Reumann [RR] wrote: RR> Does this also really accelerate download times using a cable RR> modem? Potentially yes, since it works off the principle that downloading the same file using multiple concurrent connections to the server is faster than with a single connection. It does seem to go faster, though I haven't done an objective comparison. RR> I'm totally happy with my download times, I just want something RR> that will allow me to use AVG to scan for viruses. I guess I can RR> just download them to a folder and run AVG on the folder before I RR> try an install. Does the free version of DAP work with virus RR> scanning? Can't really tell from their site. Yes, I think so, but it's adware when unregistered. :/ - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zmOwACgkQV8nrYCsHF+KLCwCfTZsE4EPiWNCX5Qo6WJCS3+fF Bj4AoPfnb8DHoKxTQg+ERSMvf0ptj1g/ =fVnh -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Joseph N. [JN] wrote: JN> Yes, that's true. But if the attachment remains in the message body JN> under both conditions, then the difference you described does not JN> exist, right? Yes. If you export the message to text, this shouldn't trigger the anti-virus scanner. I just confirmed this by exporting an infected message to file. I even opened the message in a text viewer with no problems. I tried saving the attachment to file and of course, could not since the real-time scanner stopped me. - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zlH8ACgkQV8nrYCsHF+JYSwCgiJfYkK7Lrh6CZJd5gVLPAfDL 0NQAoNF5/kOBPzZ9IdCX24E5PV6oJ6D2 =Yj5z -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Joseph, @15 July 2002, 15:55 -0500 (21:55 UK time) Joseph N. [JN] in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said to Marck D Pearlstone: JN> I've been using the NOD plug-in. ... flickering and diverting the JN> focus every time it scans a file. Not so good. I don't get that with AVG for sure. JN> Are you of the opinion that, with a high quality AV program in JN> effect and real-time scanning enabled, an infected file in a TB! JN> quarantine folder *cannot* be executed while the same file in the JN> outbox--having been identified by the AV program but without the JN> plug-in--*can* be executed? Yes. As I see it there is a clear difference. A virus in an executable parsed by an external AV is already both loaded into and visible from the OS. Raw MIME data in a message base folder is neither. The difference is clear. - -- Cheers -- .\\arck D. Pearlstone -- List moderator SB! v1.61 on Windows 2000 5.0.2195 Service Pack 2 ' -BEGIN PGP SIGNATURE- Version: GnuPG v1.1.90-nr1 (Windows 2000) iD8DBQE9M267OeQkq5KdzaARAjiHAJ9bJ/LubsJ8diiYjqg95yPmzVK8uwCg0RSF fUe9Nag+Z1q5qUUUGEbehvk= =/8k4 -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Joseph N. [JN] wrote: JN> H. Although I could do the same, and trust my firewall to JN> keep out nasty attackers, it seems a big risk. But why? If you can automatically check what comes in through the various routes viruses get in, why should you be worried? The other way is to just scan almost everything that's opened on the system. JN> Do you feel you're conserving enough resources and reclaiming JN> enough speed to justify it? With NOD32 it really seems to be a small amount but it's not only speed and resources that are at issue here. I also get to take one process out of the equation. The less things you have running, the less likely you'll have an adverse interaction between software. - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zZm0ACgkQV8nrYCsHF+Lv7QCdFCC7NdNPJ0TAxLzHnbks/QTY 9EQAn3xJQ5AO9e0R5+ABuWiSjC/UNfaT =T3Qr -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Rick Reumann [RR] wrote: RR> Allie, what kind of hook or download manager do you have for this? RR> This is what I would like. AVG is covering my Bat e-mail just RR> perfect but I do download a lot of stuff and would like it to be RR> checked for viruses after (or right before?) I download it. Is RR> there something hopefully that will work right with the AVG RR> software I already have? Thanks for any more info. Currently I use Download Accelerator Plus. It provides the hook. I also know that Getright provides an antivirus check hook. I can use NOD32 with it so I'd assume that you can use AVG with them as well. http://www.speedbit.com/ for DAP http://www.getrigh.com for Getright - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zTSoACgkQV8nrYCsHF+JlSwCfeeKYdW8EwKpwkzMaIf8TTf5v /OcAn2CpC6Vqm+9am/SLHsmB3ZW1v1w4 =VJZS -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Allie C Martin [ACM] wrote: JN>> Are you of the opinion that, with a high quality AV program in JN>> effect and real-time scanning enabled, an infected file in a TB! JN>> quarantine folder *cannot* be executed while the same file in the JN>> outbox--having been identified by the AV program but without the JN>> plug-in--*can* be executed? ACM> Not at all. You're equally as safe. It's just a matter of ACM> preference and how you wish for infected messages to be indicated ACM> to you. I personally like the quarantining approach. There's also the whole business of efficiency. The main sources of infected files for me is through e-mail (received many here) with a distant following through downloads (not yet received an infected file here) and through files on floppies handed to me (again never received infected file here). Instead of running the real-time scanner, I use the plugin for mail and the hook to check downloads with an antivirus that my download manager provides. With this arrangement, the checking only occurs when needed. This is more efficient than having a real-time scanner checking files on the system all the time. I used to be a real-time scanner advocate but I've since changed my opinion. ;) - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zRpIACgkQV8nrYCsHF+KoHACfQbKktbCuZXMi1yyh5BaKvYOP y0gAnjnVbq04VZkcxOGwNEianHDL9GK7 =DVWn -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Dave Conroy [DC] wrote: MDP>> I can't stand idle and see someone promote Norton AV products MDP>> when I have been so badly bitten by them. DC> I gave my opinion based on experience. Until Norton lets me down DC> then I'll continue using it. I guess you've already made your investment so you have to press on. :-/ Good luck. However, one of the important aspects of software is support and how it's dealt with by the developers/producers. Marck's story is pretty damning and it's one of those stories where I'd think that one would wish not to wait to get bitten. It's not like Windows where compatibility and other issues bind you to using it despite problems with MS policy etc. This is anti-virus software of which there are so many choices. - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zRRkACgkQV8nrYCsHF+JOAACg3uoNSmBCkHFwRHWENJpkja8l jkgAoNGDCuj1ZmaaB5hawfJz+++tvaCY =tuDB -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Joseph N. [JN] wrote: JN> In any event, although I use it, I'm not sure the quarantining is JN> really all that different from not quarantining. There's a qualitative difference in that you will know that you've received an infected message right away and you'll know which one it is and finally, you'll easily find it. The NOD32 POP3 scanner just gives a POPup announcing that it let through an infected message with the from address and subject. You'll now have to find the message which could potentially be a tad tedious if it came with a lot of other messages. JN> The file is still on your system, regardless of whether there is a JN> separate Windows directory for it. Yes, but you can't execute the attachments, even if you tried, while the message is within the quarantine folder. You have to deliberately copy the files to another area on your system and then execute it. JN> Are you of the opinion that, with a high quality AV program in JN> effect and real-time scanning enabled, an infected file in a TB! JN> quarantine folder *cannot* be executed while the same file in the JN> outbox--having been identified by the AV program but without the JN> plug-in--*can* be executed? Not at all. You're equally as safe. It's just a matter of preference and how you wish for infected messages to be indicated to you. I personally like the quarantining approach. - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zQ7wACgkQV8nrYCsHF+LmcwCgt9zhhpMEpE4lxKNxMAaNkmqy s/cAoI3jr5IU6x9bvUeZ2yF0FsjJXmX3 =iC/s -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
Hi Marck, Monday, July 15, 2002, 9:36:29 PM, you wrote: DC>> ... including Norton AV, and have been very happy with it. We now DC>> run it on each machine on our network. MDP> I can't stand idle and see someone promote Norton AV products MDP> when I have been so badly bitten by them. I gave my opinion based on experience. Until Norton lets me down then I'll continue using it. Other people can make their own minds up based on the various contributions made. MDP> I use AVG from Grisoft myself and have always been very satisfied MDP> with it. Well I have used that too ... though not with as plug in. I found it slowed down my system unacceptably and caused irregular freezes. It may never happen to you, but every system is different. I wanted to use it, I like it, but it didn't work for me. I found something that does work. End of story. BTW, despite keeping AVG up to date, it did let a virus through, can't remember which, but it caused me a lot of trouble. I finally sorted it out via the Command AV online service of all places. With best wishes, Dave -- David Conroy MSW Consultant, Trainer & Management Coach International Coach Federation, ID 1006660 Charity consulting: http://www.coaching-lab.com Web development/hosting: http://www.buzzdns.com Coaching for women: http://www.womens-life-coach.com Coaching via e-mail: http://www.e-coaching-only.com ICQ 127865569 Phone/Fax +44 (0)1225 314694 Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Dave, @15 July 2002, 16:00 +0100 Dave Conroy [DC] in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said: PK>> Currently I am using "eTrust EZ antivirus program" DC> ... including Norton AV, and have been very happy with it. We now DC> run it on each machine on our network. I can't stand idle and see someone promote Norton AV products when I have been so badly bitten by them. As a developer of software, to have all of my users flood my Inbox with complaints because a shoddy NAV database update wrongly identified my uninstall.exe as "infected". Then, without a by-your-leave or any option, it incinerated the "offending" program on every machine. Not that I want any customers uninstalling my software , but that's hardly what I would call a "professional" approach. This in a "Friday evening, release update, switch phones off, go home for weekend" style! It wasn't until the following Monday that they even began to correct their database, the corrective update for which came out on the Wednesday. The manufacturers of the affected Installer released a patch for the uninstaller on the Sunday, but the damage to reputations, systems and installations had already been done. To be "good", an AV utility has to be trustworthy. That stunt and the subsequent cover-up and disowning of any kind of responsibility from Norton leads me to give their offering a thundering thumbs down in that department whenever it is mentioned in my field of vision. I use AVG from Grisoft myself and have always been very satisfied with it. DC> I can't be bothered with all that TB! plug in stuff, though others DC> on the list seem to be keen. That's because it's worth the "bother". It's actually no bother at all and keeps things much safer. When attachments are kept in message bodies and not in a separate folder, the plug-in quarantines the infecting message without it ever being realised on the recipient's system. It never becomes executable. I like that! - -- Cheers -- .\\arck D. Pearlstone -- List moderator SB! v1.61 on Windows 2000 5.0.2195 Service Pack 2 ' -BEGIN PGP SIGNATURE- Version: GnuPG v1.1.90-nr1 (Windows 2000) iD8DBQE9MzJOOeQkq5KdzaARAufcAKDChSS62LXbOyhlu3dx3dZNAg+BUgCcCH6+ BsfBt9X4iEUC7L1aTmWFBGw= =aTY4 -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Dave Conroy [DC] wrote: DC> Yes, I used the same until I read a review that gave it a poor DC> rating. Same review rated Norton top. Thought I don't always DC> follow review finding, I bought the Norton SystemWorks Pro package DC> to trial it, including Norton AV, and have been very happy with DC> it. We now run it on each machine on our network. I can't be DC> bothered with all that TB! plug in stuff, though others on the DC> list seem to be keen. The TB! plugin is a little module that is quite harmless. Not really stuff. ;) However, Norton System Works Pro is a LOT of stuff and I wish you the best of luck. In the event of problems don't hesitate to make it the number two cause and check there for adverse interactions. Peter, I used PC-Cillin without problems for a couple years but I jumped ship when they decided to add a firewall to their anti-virus package. It was bad enough with the web-filter module but they seem to be following the route of bloat. I've settled on NOD32 which is the best that I've used so far. Small footprint, very focused and configurable in feature base and the scanner is extremely fast and most of all very good at picking up viruses. I tried Panda but it didn't last long on my system. It was very resource hungry and lacks configuration options. I've used Dr.Web which is very good but the system monitor caused instability on my Win2k system, so I stopped using Dr. Web since I wanted a working system monitor. I do otherwise miss it though. I haven't used AVG or Kapersky anti-virus. Norton products have been bad to me and I've helped many out of problems with them. I'm NOT saying that they cause everyone problems, but you'll not get any positive comments about them from me. - -- -=Allie C Martin=- List Moderator | TB! v1.61 | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _ -BEGIN PGP SIGNATURE- iEYEARECAAYFAj0zGCEACgkQV8nrYCsHF+JspgCdGR+SUypvW+kllzReH5edOgvA TxsAnRPZeyV3PHBknxUZwABFBecM9Igz =32jy -END PGP SIGNATURE- Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
Re: OT: Antivirus software review
Hi Peter, Monday, July 15, 2002, 3:43:45 PM, you wrote: PK> Currently I am using "eTrust EZ antivirus program" Yes, I used the same until I read a review that gave it a poor rating. Same review rated Norton top. Thought I don't always follow review finding, I bought the Norton SystemWorks Pro package to trial it, including Norton AV, and have been very happy with it. We now run it on each machine on our network. I can't be bothered with all that TB! plug in stuff, though others on the list seem to be keen. A great source for Norton OEM stuff is eBay. Paid less than £15 for each package of SystemWorks Pro. Definitely legal and registerable, not copies. The auto update works very well. We run Win2000 BTW. With best wishes, Dave -- David Conroy MSW Consultant, Trainer & Management Coach International Coach Federation, ID 1006660 Charity consulting: http://www.coaching-lab.com Web development/hosting: http://www.buzzdns.com Coaching for women: http://www.womens-life-coach.com Coaching via e-mail: http://www.e-coaching-only.com ICQ 127865569 Phone/Fax +44 (0)1225 314694 Current Ver: 1.61 FAQ: http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
