Agnitum Outpost blocking everything

[Shane]

IIRC they only work in OE if prefixed with the "prefix,
otherwise OE assumes it's an email address.

What I specifically encountered previously was a failed attempt to download
a recent message, ie reporting that it doesn't exist, as though the string
were incomplete or the original was cancelled, except so many have responded
(without quoting the original, hence why I'm trying to download it) that it
seems unlikely it was.

Agent and Free Agent are both a bit smarter. If the prefix is missing
the program will ask if it's an email address or a news link.

Of course, the link will only work if/while the message is on the
user's news server so it's probably better to find it in the google
archives and link to that instead.

Agreed. And I expected to have to do so, though as part of the point was
that the post was made that morning and most everyone's servers relay the MS
groups and I know Art's does......

But, point taken, and indeed, well made!


Cheers,

Shane

 

[Roger Wilco]

If it's someone else's machine I'm personally cleaning, I'll do multiple
scans and have faith that nothing's getting past KAV and Sysclean/PCScan and
Stinger/Viruscan etc. Harden as much as I can get away with. And when
reasonably sure the pc is clean and working well, I will flush SR.

The only reason I can see for disabling prior to cleaning is to prevent
the restore's "file change monitor" feature from backing up what the
cleaning process is trying to delete. If you are cleaning someone elses
machine for them, then flushing after cleaning will also prevent them
from having alerts on content within the system restore and also allows
you to make good use of the system restore if something goes wrong.

If the alert the user is getting is from within the sytem restore
folder, usually all they need to do is flush it away. Flushing it as a
matter of course for any alert is a baby/bathwater sort of thing - but
to be honest I feel that users should have other (better) methods of
recovery than SR which is by design incomplete.

 

[Shane]

The only reason I can see for disabling prior to cleaning is to
prevent the restore's "file change monitor" feature from backing up
what the cleaning process is trying to delete. If you are cleaning

But it's not a good reason.........

someone elses machine for them, then flushing after cleaning will
also prevent them from having alerts on content within the system
restore and also allows you to make good use of the system restore if
something goes wrong.

...........because what you said.

If the alert the user is getting is from within the sytem restore
folder, usually all they need to do is flush it away. Flushing it as a
matter of course for any alert is a baby/bathwater sort of thing - but
Agreed.

to be honest I feel that users should have other (better) methods of
recovery than SR which is by design incomplete.

Agreed again. But should it come as part of Windows? That's a big can of
worms. MSBackup/NTBackup do, but are inadequate. I remember it being argued
years ago that expecting Windows to have everything you need is akin to
buying a house and expecting to find a car in the garage.

If you have to buy 3rd party stuff, why not a proper backup program? Maybe
you have to pay for it to learn it's utility? Though then the same would
apply to AntiVirus and I happily use freeware - so I don't really have the
answer myself.

Anyway, I don't see why there can't be layers of restoration. Like Scanreg
(or Erunt) restoring just the registry (and one or two extra config files).
System Restore can be a very logical halfway house between Scanreg/Erunt and
drive imaging/mirroring (or other) solutions.

Shane

 

[Roger Wilco]

Agreed again. But should it come as part of Windows?

No! In fact the homogeneity of applications and utilities among bundled
(especially Windows) software is the bane of the internet. Microsoft
realized that most users wouldn't bother with disaster planning until
"after" the disaster and so included some halfway measures to mitigate
loss. Unfortunately, it lulls semi-clued users into feeling the OS came
with all that was needed.

That's a big can of
worms. MSBackup/NTBackup do, but are inadequate. I remember it being argued
years ago that expecting Windows to have everything you need is akin to
buying a house and expecting to find a car in the garage.

I was surprised (and even pleased) with the amount of applications and
utilities that came bundled with the Windows OS until I realized what
damage would be done by having widespread homogeneous sloppy coding
populating the internet. It is funny to see posts where people think
that applications and utilities are part of the OS just because they
came bundled with the OS.

If you have to buy 3rd party stuff, why not a proper backup program? Maybe
you have to pay for it to learn it's utility?

People have to realize they have a need before they will buy something
to fulfill it.

Though then the same would
apply to AntiVirus and I happily use freeware - so I don't really have the
answer myself.

Free is okay, but for AV especially the paid for versions generally have
better detection. If you use safe practices, you will only expose an AV
to a small fraction of what is out there and free AV programs are quite
sufficient for low exposure users.

Anyway, I don't see why there can't be layers of restoration. Like Scanreg
(or Erunt) restoring just the registry (and one or two extra config files).
System Restore can be a very logical halfway house between Scanreg/Erunt and
drive imaging/mirroring (or other) solutions.

System Restore can be a good thing, but if disabling/purging is viewed
as a problem it is because a "real" recovery system isn't in place as it
should be. A "real" recovery system wasn't in place usually because the
user thinks 'it came with SR, so I'm covered'.

 

[Art]

Free is okay, but for AV especially the paid for versions generally have
better detection. If you use safe practices, you will only expose an AV
to a small fraction of what is out there and free AV programs are quite
sufficient for low exposure users.

Sorry, I think that's just plain wrong. As long as you need av it
makes sense to use one with the best detection available. And the way
I look at it, using the best is part of safe hex.

Now, my av never finds anything when I scan apps I might want to try
on-demand. And the same goes when I scan on-demand before backup.
But I'm not going to abandon the use of av ... right now anyway
That would be too risky. As long as I think I need one, you can damn
betchum it will be one with the best detection and one that's updated
very frequently.

Personally, I think it's unwise to recommend the free av to anyone.
Users are best off with the best detection. Period.

Art

http://home.epix.net/~artnpeg

 

[James Egan]

Sorry, I think that's just plain wrong. As long as you need av it
makes sense to use one with the best detection available. And the way
I look at it, using the best is part of safe hex.

What happened to the promoter of free av software who used to post to
this ng using the same name as you? You didn't get likened to Scrooge
without good cause.

Jim

 

[Art]

What happened to the promoter of free av software who used to post to
this ng using the same name as you? You didn't get likened to Scrooge
without good cause.

AvpLite for DOS went the way of the dodo bird, in case you haven't
heard.

Art

http://home.epix.net/~artnpeg

 

[Roger Wilco]

Sorry, I think that's just plain wrong. As long as you need av it
makes sense to use one with the best detection available. And the way
I look at it, using the best is part of safe hex.

I agree, but it still follows that the worst AV is still sufficient if
you hardly ever throw anything at it. The free AV with 85% coverage of
"all" known viruses may be closer to 99% effective at detecting what it
is most likely to be exposed to by a semi-clueful user.

Now, my av never finds anything when I scan apps I might want to try
on-demand.

So the gap between the 85% coverage and the 99.8% coverage makes no
difference at all here because you saw to it that the AV was not really
exposed to malware - and even the 85% coverage AV will probably be able
to detect all of the run of the mill worms in your attachments folder.

I know what you mean though. Personally I would rather have an AV
capable of detecting Zmist just in case I were ever exposed to it - but
realistically, what are the chances of that.

 

[Art]

I agree, but it still follows that the worst AV is still sufficient if
you hardly ever throw anything at it.

"Sufficient" is meaningless since we're talking about risk mitigation.
There is no such thing as a "sufficient" av IMO. Many like to say that
since AVG, for example, usually detects at least 99.99% of ITW
malware that it's sufficient. But in the real world AVG misses too
much stuff that's actually out there in circulation, whether the
misses are on a official ITW list or not. The idea of using a av like
that simply because I've not had a problem yet gives me the willies

I know what you mean though. Personally I would rather have an AV
capable of detecting Zmist just in case I were ever exposed to it - but
realistically, what are the chances of that.

Realistically, I have no idea when I might run into something my av
might miss. That's why I use the best and hope for the best. And take
comfort that I can restore my h.d. from backup

Art

http://home.epix.net/~artnpeg

 

[Art]

I know what you mean though. Personally I would rather have an AV
capable of detecting Zmist just in case I were ever exposed to it - but
realistically, what are the chances of that.

BTW, as a afterthought to my other response to this post, I have to
add that I'm fully aware of my inconsistency in regard to risk
mitigation by not using a realtime monitor. So in that way, and in
others, I have my own form of "it's sufficient" point on precautions I
take. I can't stand to have my PC cluttered up with endless active
"protection" sw of various kinds.

Art

http://home.epix.net/~artnpeg

 

[Shane]

I was surprised (and even pleased) with the amount of applications and

utilities that came bundled with the Windows OS until I realized what
damage would be done by having widespread homogeneous sloppy coding
populating the internet. It is funny to see posts where people think
that applications and utilities are part of the OS just because they
came bundled with the OS.

Gawd, yes! My sister's still like that and she's been using Windows longer
than I have!

People have to realize they have a need before they will buy something
to fulfill it.

Or, they can't be cured until they admit they're sick?

Free is okay, but for AV especially the paid for versions generally
have better detection. If you use safe practices, you will only
expose an AV to a small fraction of what is out there and free AV
programs are quite sufficient for low exposure users.


System Restore can be a good thing, but if disabling/purging is viewed
as a problem it is because a "real" recovery system isn't in place as
it should be. A "real" recovery system wasn't in place usually
because the user thinks 'it came with SR, so I'm covered'.

Yeah. It's like driving. I think (as a biker) the standard driving test
should be replaced with the advanced driving test, but it's never going to
happen. Industry and government want everyone on the road with as few
obstacles as possible! That's Windows, isn't it - the standard driving test!


Shane