Re: Virus testing
Friday, November 29, 2002, 1:05:05 PM, you wrote: MDP AV scanner that real-time scan non-malicious temp files in this way MDP are a PITA for TB. TB is trying to download a message and, before it MDP can even look at it, the AV software has poked its nose where it MDP needn't. The rug has been well and truly pulled from under TB's feet MDP and TB can't recover. The message download is aborted and next time MDP you download, it happens all over again. There is a fourth choice if your VS supports it. Use it as a proxy to get to your POP3 account. Trend Micro's PCCillin does this. I have to enter the POP3 Server as localhost/servername. It then goes through PCCillin first, which clears infected messages. Thanks Mike for that suggestion. I am using my AV as a pop-proxy, and with this setting happened exactly what Marck describes. What I'm not sure about now is what part of the AV did the catch: mail-scan or real-time monitor? Any insights? 3w Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Friday, November 15, 2002, 6:24:20 PM, Marck scribbled: MDP -BEGIN PGP SIGNED MESSAGE- MDP Hash: SHA1 MDP Hi 3w, MDP @16-Nov-2002, 01:04 +0100 (00:04 UK time) 3w [3] in MDP [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said: 3 Any suggestions? MDP I really must put this on the FAQ. MDP AV scanner that real-time scan non-malicious temp files in this way MDP are a PITA for TB. TB is trying to download a message and, before it MDP can even look at it, the AV software has poked its nose where it MDP needn't. The rug has been well and truly pulled from under TB's feet MDP and TB can't recover. The message download is aborted and next time MDP you download, it happens all over again. There is a fourth choice if your VS supports it. Use it as a proxy to get to your POP3 account. Trend Micro's PCCillin does this. I have to enter the POP3 Server as localhost/servername. It then goes through PCCillin first, which clears infected messages. Mike Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Hello Michael, On Fri, 29 Nov 2002 06:05:05 -0600 GMT (29/11/02, 19:05 +0700 GMT), Michael Disabato wrote: There is a fourth choice if your VS supports it. Use it as a proxy to get to your POP3 account. Trend Micro's PCCillin does this. I have to enter the POP3 Server as localhost/servername. It then goes through PCCillin first, which clears infected messages. Which version? I am using PCC6, which doesn't have this feature. Maybe I need to upgrade? -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Thursday night - pot luck supper. Prayer and medication to follow. Message reply created with The Bat! 1.62/Beta7 under Chinese Windows 98 4.10 Build A using an AMD Athlon K7 1.2GHz, 128MB RAM Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Hello 3w! On Saturday, November 16, 2002 at 8:09:24 AM you wrote: He said I should open a thread on fox.wikis.com (he's the creator of that site) so more people can see that there are other things than M$ to use in terms of mail. Well then let's do that. :-) Nice to hear. (I know you guys prefer names instead of nicknames, so I'll switch) Since when? -- Dierk Haasis The Bat 1.62/Beta6 on Windows XP 5.1 2600Service Pack 1 Calling Things by their right name marks the beginning of Wisdom. Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Hello Marck! On Saturday, November 16, 2002 at 1:24:20 AM you wrote: AV scanner that real-time scan non-malicious temp files in this way are a PITA for TB. Sadly with some AV scanners real-time scanning becomes the standard. I just purchased the newest from F-Secure (now with three scan engines) for my XP machine (the old 4.x doesn't work here anymore). A lot of flexibility has gone from it in favour of real-time scanning. Since this new notebook is fast enough and not at all hurt by the good old resource trouble I let it go - or I have to think of disabling the real-time scanner every time I load F-Secure (at start-up of Windows), the option not to is not sticky. I mailed F-Secure about developing a plug-in for TB, BTW. As the engines used are partially already supported, I think, (AVP, F-Prot), there shouldn't be a big problem. Let's see what happens ... -- Dierk Haasis The Bat 1.62/Beta6 on Windows XP 5.1 2600Service Pack 1 Life isn't about finding yourself. Life is about creating yourself. (George Bernard Shaw) Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
In [EMAIL PROTECTED]">mid:[EMAIL PROTECTED], Dierk Haasis [DH] wrote:' DH Since this new notebook is fast enough and not at all hurt by DH the good old resource trouble I let it go - or I have to think DH of disabling the real-time scanner every time I load F-Secure DH (at start-up of Windows), the option not to is not sticky. Oops!. All the decent scanners I've tried has this option sticky. Also all decent ones I've used allows you to be able to exclude directories and particular file-types from real-time scanning. NOD32 here doesn't seem to scan tmp files by default. I have the realtime scanner on here and have no problems. DH I mailed F-Secure about developing a plug-in for TB, BTW. Nowadays, it's a good idea to keep a realtime scanner running. Reading about Nimbda and its ilk, has convinced me of this. I browse with IE's engine through Netcaptor, and install security updates as soon as they're available, but I still have to be careful. I think you use Opera though. -- Allie C Martin \ TB! v1.62/Beta7 WinXP Pro (SP1) List Moderator/ PGP Key - http://pub-key.ac-martin.com Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Hello Allie! On Saturday, November 16, 2002 at 11:23:45 AM you wrote: Also all decent ones I've used allows you to be able to exclude directories and particular file-types from real-time scanning. F-Secure has this. I forgot - and can't find it at the moment -, is there an option within TB to customize the Temp directory for downloading mail? If not, the exclusion of the general Temp directory (or even all TMP files) is *not* a viable option. Nowadays, it's a good idea to keep a realtime scanner running. Not for me (since this is a matter of taste I won't go into it any further). With my old machine - still up and running - it wasn't an option at all as it slowed down opening files noticeably, couldn't really work anymore. On my new machine it doesn't seem to matter. BTW, the default to not include archives in real-time scanning is counterproductive. As they are often used to download files, and are also used to hide the vectors, users who rely on the defaults of a virus scanner (normal users) will get infected. They won't even know how to scan files manually. -- Dierk Haasis The Bat 1.62/Beta6 on Windows XP 5.1 2600Service Pack 1 When you lose, don't lose the lesson. Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Saturday, November 16, 2002, 10:57:25 AM, you wrote: (I know you guys prefer names instead of nicknames, so I'll switch) Since when? Well some of this list nicely 'reminded' me in doing so. But hey, if it's not a problem for you - it ain't one for me! ;-) cu, 3w Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Hello Allie! On Saturday, November 16, 2002 at 12:06:48 PM you wrote: Especially if you use IE's engine, as I do. I'd prefer not to, but it has the rendering engine that works best for me. Wait for the final of Opera 7; after some early annoyances in the current beta, I had, I am now convinced that it will be a brilliant browser when all the functionality is built in and the bugs (small ones at the moment) are squashed. -- Dierk Haasis The Bat 1.62/Beta6 on Windows XP 5.1 2600Service Pack 1 He who hesitates is probably right. Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
Hallo 3w, On Sat, 16 Nov 2002 01:04:18 +0100GMT (16-11-02, 1:04 +0100GMT, where I live), you wrote: 3 Full system scan with newest version of G-Data Antivirenkit 3 (Dual-Engine with KAV and RAV) doesn't show anything. However, if TB! 3 is running, suddenly a virus warning appears from different .tmp files 3 that are obviously created by TB!. It looks like you've got a virus in your mailbox. TB tries to download it (and is prevented by AV thingie). Since TB couldn't collect, it tries again and again. So far the what's happened. The solution is the mail dispatcher. Start it and select the message you suspect to be infected, delete it and download the rest. -- Groetjes, Roelof Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Virus testing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi 3w, 16-Nov-2002, 01:04 +0100 (00:04 UK time) 3w [3] in mid:1244294785.20021116010418;ewanet.ch said: 3 Any suggestions? I really must put this on the FAQ. AV scanner that real-time scan non-malicious temp files in this way are a PITA for TB. TB is trying to download a message and, before it can even look at it, the AV software has poked its nose where it needn't. The rug has been well and truly pulled from under TB's feet and TB can't recover. The message download is aborted and next time you download, it happens all over again. At this point you have three choices: 1). Disable the AV and let TB strut its stuff safe in the knowledge that you are aware that there's an infected message on the way and it won't hurt you because TB is immune from such issues. 2). Use the Dispatch mail on server function to delete the infected message without downloading it. 3). Switch to using the AV through the TB plugin and don't let it scan the temp folder in realtime. - -- Cheers -- .\\arck D Pearlstone -- List moderator TB! v1.62/Beta7 on Windows 2000 5.0.2195 Service Pack 2 ' -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1rc1-nr1 (Windows 2000) iD8DBQE91ZA1OeQkq5KdzaARAkXjAKC1Cdg82ZYhmbUdBZrcnXg4UtKJhQCg0LEz gndqI4ul6m3z6njPEvZYb0I= =NPj3 -END PGP SIGNATURE- Current version is 1.61 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html