Re: AVG's 'Move to Virus Vault' Parenting
Mike, As far as AVG goes, let's just say I worked for a gov't dept ... The only ones to come through with a clean bill of health (i.e. for the large majority of the tests they had a 100% record) were Symantec and Sophos. Are they free for personal use, or offer a Bat plugin? No program is 100%. You cite Symantec, but: http://www.gfi.com/mailsecurity/wpmultiplevirusengines.htm While Norton [Symantec] AntiVirus achieves a good rate at detecting both ITW and zoo viruses, it fails to detect viruses compressed with packages such as UPX, Shrink, and ASPack. In the tests, it achieves an average detection rate of 75% of backdoors and Trojan files. http://www.computercops.biz/ Concerns Mount over Symantec In Part I of this investigative report series, NewsFactor goes beyond the headlines to find out what industry insiders really think of Symantec, and why so many are concerned about its future. ... Specifically, analysts question whether Symantec can sustain growth in a consumer antivirus market that has already matured. Here's a cheap anti-trojan with a big database - NetArmor. http://www.spytechsecurity.com/net-hack-protection.html Kerio firewall is free for personal use and can block trojans from using the Internet behind your back. http://www.kerio.com Mark Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: AVG's 'Move to Virus Vault' Parenting
Hello Mike, Friday, January 10, 2003, 1:40:24 AM, you wrote: MA Hello Oliver, MA First I digress. For anyone who replied to anything I said in the last MA week or so, sorry if I haven't replied. I wasn't around and when I MA got back the posts were so long I just ctrl-m'ed ;-) MA Thursday, January 9, 2003, 12:19:20 PM, you wrote: OA Hello Maurice, OA This is maybe a bit offtopic but AVG's problem is OA it doesn't find Trojan Horses. I have been OA infected by the backdoor.sdbot.gen. MA Most AV software will not pick up most Trojans. Nor will they often be MA picked up by firewalls when they are communicating outwardly from your MA computer. That's why there are Trojan scanners as separate software. MA I recommend Tauscan from Agnitum (www.agnitum.com). And no, I don't MA work for them or have any contact other than as a satisfied user of MA their firewall and soon to be of Tauscan (I'm using the trial) ;-) I have just downloaded Tauscan and have scanned my computer for Trojans. I have been using AVG AntiVirus. The result of the scan with Tauscan was that there were no viruses found on my computer. Are you sure AVG is not the Bees Knees when it comes to protecting your computer from these infections? -- Love and Light, Granvillemailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[4]: AVG's 'Move to Virus Vault' Parenting
Hello Granville, Friday, January 10, 2003, 10:05:45 AM, you wrote: GC I have just downloaded Tauscan and have scanned my computer for GC Trojans. I have been using AVG AntiVirus. The result of the scan with GC Tauscan was that there were no viruses found on my computer. Are you GC sure AVG is not the Bees Knees when it comes to protecting your GC computer from these infections? Tauscan wouldn't find any viruses. It only scans for Trojans. There is a difference between viruses, worms and Trojans. You need a virus scanner and a Trojan scanner (the AV should catch the worms too). As far as AVG goes, let's just say I worked for a gov't dept where computer security was extremely important. not believing manufacturers hype of course we tested a range of AV solutions from e.g., Symantec, Network Associates, Sophos, and so on, and including most of the smaller companies too. The only ones to come through with a clean bill of health (i.e. for the large majority of the tests they had a 100% record) were Symantec and Sophos. -- Best regards, Mikemailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: AVG's 'Move to Virus Vault' Parenting
Hello Victor, VBG You should be pretty safe simply deleting it or better VBG yet wiping it clean from your system. Have deleted it and so far so good: AVG now gives me a clean bill of health. Many thanks for your help. Regards, Maurice Using The Bat! v1.62 Christmas Edition Windows XP Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: AVG's 'Move to Virus Vault' Parenting
Hello Roelof, Many thanks for yours. RO Did the scanner give you a place where to find the RO infected file? Actually yes: c:\documents and settings\Maurice\Local Settings\Temporary Internet Files\Content.ie5\k5kholkz\Jennifer[1].htm but when I tried to find it with Windows Explorer, I got as far as the temporary internet files, but could not find any folder named 'Content.ie5', or more especially a file named Jennifer. I use ie version 6, so am intrigued by the significance of ie5. As for 'k5kholkz' I have no idea what it might be. Any further thoughts? I should perhaps add that it's something of an academic question by now: having run the AVG scan, and emptying the internet temp. files, I've now got a clean bill of health. Thank you anyway, Maurice Using The Bat! v1.62 Christmas Edition Windows XP Professional Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: AVG's 'Move to Virus Vault' Parenting
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thursday, January 09, 2003 6:50:39 AM RE: AVG's 'Move to Virus Vault' Parenting Greetings Maurice, On Thursday, January 9, 2003, 4:15:36 AM, you wrote: MM Hello Roelof, MM Many thanks for yours. RO Did the scanner give you a place where to find the RO infected file? MM Actually yes: MM c:\documents and settings\Maurice\Local MM Settings\Temporary Internet MM Files\Content.ie5\k5kholkz\Jennifer[1].htm MM but when I tried to find it with Windows Explorer, I got MM as far as the temporary internet files, but could not MM find any folder named 'Content.ie5', or more especially MM a file named Jennifer. Open up Windows Explorer, select Search, click on All files and folders, type in content*.* without the quotes, select your root drive that WindowsXP Pro is installed on (usually C:) and further select More advanced options then place a checkmark in the box Search hidden files and folders. You should see, with one main user of the system, at least 5 instances of a Content.IE5 folder. HTH. - -- Regards, DG Raftery Sr. Having a smoking section in a restaurant is like having a peeing section in a swimming pool. The_Bat! 1.63 Beta/2 -BEGIN PGP SIGNATURE- Version: PGP for Business Security 6.0 iQA/AwUBPh1jtTaPwvRMcz9cEQL4CQCff36JJQP8OtLroVxe9YkbIZjNfrYAnA7A hM5Ok8GchPLRDJo4tJroB75X =ShSO -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: AVG's 'Move to Virus Vault' Parenting
Hello Maurice, This is maybe a bit offtopic but AVG's problem is it doesn't find Trojan Horses. I have been infected by the backdoor.sdbot.gen. Probably a hacker gained access to my webhost account because of this. If you have commportreg32.exe in your list of running processes you are infected by this trojan. Since yesterday I use Kaspersky, The Bat! has a built-in plugin for this virus scanner. The only strange thing is that it doesn't tell me if I received an infected email message, it silently deletes it. For people who use NOD32, this virus scanner also failed finding this trojan. Hope in the new version this gets better. -- Best regards, Olivermailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[4]: AVG's 'Move to Virus Vault' Parenting
Hello DG, Many thanks for yours. MM but when I tried to find it with Windows Explorer, I got MM as far as the temporary internet files, but could not MM find any folder named 'Content.ie5', or more especially MM a file named Jennifer. DRS Open up Windows Explorer, select Search, click on All DRS files and folders, type in content*.* without the DRS quotes, select your root drive that WindowsXP Pro is DRS installed on (usually C:) and further select More DRS advanced options then place a checkmark in the box DRS Search hidden files and folders. You should see, with DRS one main user of the system, at least 5 instances of a DRS Content.IE5 folder. Have done all the above, but can no longer find 'Jennifer[1].htm'. Has she been cleaned out, or transmogrified into some new virus? Time alone will tell. Thank you for your help. Maurice Using The Bat! v1.62 Christmas Edition Windows XP Pro Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: AVG's 'Move to Virus Vault' Parenting
Hallo Maurice, On Thu, 9 Jan 2003 16:48:13 +0100GMT (9-1-03, 16:48 +0100GMT, where I live), you wrote: MM Have done all the above, but can no longer find MM 'Jennifer[1].htm'. Has she been cleaned out, or Probably it was a temporary internet file that has been erased due tp your settings. -- Groetjes, Roelof Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: AVG's 'Move to Virus Vault' Parenting
Hello Maurice, Thursday, January 9, 2003, 3:57:28 PM, you wrote: MM Does it also do the same thing with the eicar anti-virus MM test file? MM http://www.eicar.org/anti_virus_test_file.htm yes.. thats how I test it.. no confirmation that it deleted a virus. another thing is that the Kaspersky plugin works well with one computer (Win XP) but not at all at another (Win ME). I also tried to go back to version 1.61 and tried Kaspersky lite. The lite version doesn't work at all with the plugin. -- Best regards, Oliver Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: AVG's 'Move to Virus Vault' Parenting
Hello Oliver, First I digress. For anyone who replied to anything I said in the last week or so, sorry if I haven't replied. I wasn't around and when I got back the posts were so long I just ctrl-m'ed ;-) Thursday, January 9, 2003, 12:19:20 PM, you wrote: OA Hello Maurice, OA This is maybe a bit offtopic but AVG's problem is OA it doesn't find Trojan Horses. I have been OA infected by the backdoor.sdbot.gen. Most AV software will not pick up most Trojans. Nor will they often be picked up by firewalls when they are communicating outwardly from your computer. That's why there are Trojan scanners as separate software. I recommend Tauscan from Agnitum (www.agnitum.com). And no, I don't work for them or have any contact other than as a satisfied user of their firewall and soon to be of Tauscan (I'm using the trial) ;-) -- Best regards, Mikemailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: AVG's 'Move to Virus Vault' Parenting
Oliver, This failure to detect the trojan horse should be reported to Grisoft. I am cc'ing them this message. You should probably file a tech support incident. There was a 9 Jan update for AVG, don't know if that would have caught it. Regards. Mark -- On 1/9/2003 at 5:19 AM Oliver Antosch wrote: Hello Maurice, This is maybe a bit offtopic but AVG's problem is it doesn't find Trojan Horses. I have been infected by the backdoor.sdbot.gen. Probably a hacker gained access to my webhost account because of this. If you have commportreg32.exe in your list of running processes you are infected by this trojan. Since yesterday I use Kaspersky, The Bat! has a built-in plugin for this virus scanner. The only strange thing is that it doesn't tell me if I received an infected email message, it silently deletes it. For people who use NOD32, this virus scanner also failed finding this trojan. Hope in the new version this gets better. Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
AVG's 'Move to Virus Vault' Parenting
Hello Batters, Grisoft's free anti-virus program told me today that my computer was infected with VBS/NAPTIME.A@MM. I promptly ran my anti-virus program, (System Suite 4 which used to be called Fix-it Utilities) and chose the the so-called deep scan: it found nothing. I then downloaded the latest Grisoft anti-virus update to disinfect my system. The guilty file apparently is 'jenniferp[1].htm' I was told We recommend you select the 'Move to Virus Vault', which I did, but the computer then hung. I have since repeated the AVG virus scan; the same troublesome file is flagged, but each time I click on 'Move to Virus Vault' the computer hangs. In an attempt to have computer literate 'kids', the three of them, have always been allowed access to the machine, whenever it's free. My wife is the fifth user (I'm the only one using The Bat). Would appreciate any suggestions from responsible parents - whatever that is - on the list. Maurice Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: AVG's 'Move to Virus Vault' Parenting
Hello Maurice, You should be pretty safe simply deleting it or better yet wiping it clean from your system. Do not execute or open the file. If any of your other *important files* are infected try to clean them with your AV but if nothing else is infected and the infected file is not at all important you should be safe simply deleting it (better yet wiping it). If you have PGP on your system it has a wipe feature. MM Grisoft's free anti-virus program told me today that MM my computer was infected with VBS/NAPTIME.A@MM. MM I promptly ran my anti-virus program, (System Suite 4 MM which used to be called Fix-it Utilities) and chose MM the the so-called deep scan: it found nothing. I MM then downloaded the latest Grisoft anti-virus update MM to disinfect my system. The guilty file apparently is MM 'jenniferp[1].htm' MM I was told We recommend you select the 'Move to Virus MM Vault', which I did, but the computer then hung. I MM have since repeated the AVG virus scan; the same MM troublesome file is flagged, but each time I click on MM 'Move to Virus Vault' the computer hangs. MM In an attempt to have computer literate 'kids', the MM three of them, have always been allowed access to the MM machine, whenever it's free. My wife is the fifth user MM (I'm the only one using The Bat). Would appreciate any MM suggestions from responsible parents - whatever that MM is - on the list. -- Best regards, Victor B. Gonzalez [EMAIL PROTECTED] Using The Bat! v1.62 Christmas Edition Windows XP 5.1 Build 2600 Service Pack 1 Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: AVG's 'Move to Virus Vault' Parenting
Hallo Maurice, On Wed, 8 Jan 2003 23:20:10 +0100GMT (8-1-03, 23:20 +0100GMT, where I live), you wrote: MM to disinfect my system. The guilty file apparently is MM 'jenniferp[1].htm' Did the scanner give you a place where to find the infected file? If the virus isn't detected by the TB plug-in, it's most likely to be in OE's messagesbase, you should be aware of the fact that AVG has a plug-in for OE too. But anyhow, you should search OE's messagebase, delete any suspicious mails and empty OE's trash folder (it doesn't do that as default, do it can be configured to do so). Best is to convince your family members to use TB too. ;-) -- Groetjes, Roelof Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html