Monday, November 15, 1999
Hello Thomas,
Monday, Monday, November 15, 1999, you wrote:
Thomas> Hi tracer,
Thomas> on Monday, November 15, 1999, 2:53:23 PM GMT+0800, tracer wrote:
t>> In your case I would either get a good antivirus program (and that
t>> means NOT MCAFEE or NORTON) and run them to clean your system up.
Thomas> Interesting, as I thought these were good. Anyway, I am using PC-Cillin
Thomas> (registered and paid for), which I update about every week, and would
Thomas> like to know your opinion on this.
I havent really heard any bad news about PC-Cilin.
Or Dr Solomons even if latest version seems to be a twin of McAfee.
I just hope they learned enough from the Solomons product to improve
their own scanner...
They tried it before by nicking code from Symantec (they probably
ended up paying for it)...
I have a paid Thunderbyte and the Norman successor to it.
Plus company wise we paid for several others.
AVP is one of them and it allows installation in an infected system to
clean it.
I quite liked it till 3-4 months ago when it caused me an unstable
system and now I run Dr Web, another Russian AV program which like AVP
gets about 95% of my samples. Without causing me a big headache.
I quite like the way it behaves and works (a bit like thunderbyte) by
letting you control what happens.
No idea how the latest Norman works as it was just emailed to me a few
days ago and I was busy with another problem.
With both Norton and McAfee I have seen many disasters and to get the
best advice you really should go to those most likely to get
infected...
Ask any hacking/cracking group what their opinion is and you will be
convinced..
I know, that doesnt mean much as answer but using a program like this
depends on you as user, your system , you doing your updates.
Your knowledge of what the program does/doesnt do.
Not only on the actual antivirus program.
Norton and McAfee marketing is excellent and their latest versions are
getting a lot better but if you test them over as I did on a set of
around 10000 virus strains, I found they recognised around 6000 or so,
and AVP, and several others got close to 9500. Still leaves 500 they
ignored but then a lot of infections will get caught by their
actions..
Essentially they are a bit the victim of our last dead horse
subject.... trying to be idiot proof and simple enough for the
masses... But they donot work properly!
I even suspect that some 10 dead drives I saw last year may have been
caused by Nortons AVP life update corrupting the MBR. One drive died
on the reboot. I ended up with a sized 0 partition front of the real
partition and while I got the data off, drive somehow like the other 9
was physical damaged. We never figured out what really happened but as
one died during the update and all the others were running NAV 4...
I myself use a combination of things and have over the years never
been infected except one time, a backdoor but that trojan was a total
new one and my firewall caught it after which a friendly visitor
recognised my system name and told me what was running and how to get rid of it.
It was quite obvious as I suddenly had loads of visitors tryng to get
into my system... And they were very annoyed to get kicked off if they
insisted too long...
At present with the latest strains of Outlook related virus strains I
am locally advicing to dump any MS email programs as its getting too
dangerous as the latest donot even require you to open the attachments
anymore.
(but thats a kind of useless advice here as we use thebat!....)
Thomas> Also, do you know whether it kills CIH so that I don't need the
Thomas> programme you (illegally ;-)) attached to your posting?
Its a legal freeware program.
100% sure, I can give you the website as well...
Spinrite isnt but then I wouldnt post that. Too big anyway.
He also wrote a program to test zip and Jazz disks to see if the
drive/disks may have the click of death problem.
Nortons 2000 WILL clean CIH infected files.
Your program no idea.
McAfee was reported to have cleaned and all the files were useless...
I know as I did one today... About 4 hours ago I was called to clean a
system with pretty park or whatever and which someone had tried to
clean manually following lousy instructions from the website. he then
used Norton which quarantened the offending file after which windows
didnt work anymore. Noting executed!.
Anyway, I ran scanreg from dos, grabbed a backup registry 3 days old,
rebooted and he had a working system after which Norton (had to be
reinstalled cleaned the lot. So making sure as one virus means the
owner wasnt properly protected, we ran the Norton over it and it found
the CIH. Not active but it cleaned it.
No idea if the file is then still runnable!
Basically the real cure is get the data, reinstall as you can never
properly trust the system after cleaning but I know, most people donot
do it...
AVP I know can clean it. It intercepted last year a whole cd full with
it. A collection of hardware drivers...
Anyway, if one has a virus one has to clean properly as in the case of
the machine which doesnt want the bat installed, in 11 days or so he
can have a dead PC if he doesnt sort it out soon.
Problem isnt making the bat run, that system needs to be properly
cleaned as if cih is in memory, the whole pc is likely full with it
and it will spread as well.
Best regards,
tracer
Using theBAT 1.37 Beta/3
mail to: [EMAIL PROTECTED]
NOTE: 1 MAILRUN PER DAY ONLY
