Anti Trojan Software For Home Network

[Beauregard T. Shagnasty]

On Thu, 11 Aug 2005 14:31:42 GMT, "Beauregard T. Shagnasty"


That's quite a claim and with all due respect, one that I don't
buy. Maybe not that you know of, but to say "never", I don't think
anyone can say, at least not someone who doesn't run real time
protection.

Heh, feel free to not buy it, but it is true.

I believe the first virus I ever encountered was Magellan? Fifteen
years ago? A friend mailed me some files on 5¼ floppies, and I scanned
them with my then-current a-v program (forgot what it was). It told me
the disks were infected... so naturally I didn't use them. He was then
quite surprised to find this virus on his computer, and most of his
diskettes.

I just cleaned up one, after installing a new virus scanner the
other day, that none of the others picked up on.

On your computer? An actual infector? So ... where did it come from?
Do you think I've had a virus because you did?

And I don't go to suspect web sites, nor do I download attachments
via email.

I go to all kinds of web sites, even posted suspect sites, and none
has ever done anything bad to me. Oh, occasionally, I'll find one that
might crash the browser, but that's all. The trick here is to use a
modern browser (that doesn't support ActiveX), and turn off JavaScript
and Java.

Like I said, I do run the occasional scan with the aforementioned
programs, and other than my Eicar files and a few stored, unexecuted
virus files in that /suspect directory, they never find a thing. Really.

 

[Art]

The trick here is to use a
modern browser (that doesn't support ActiveX), and turn off JavaScript
and Java.

I've never had a problem leaving javascript enabled in my Gecko based
browsers. Seems that so far, the developers have fixed vulnerabilities
before exploits are developed by the bad guys. I do expect that to
change, though. I saw recently that Firefox is now used by seven
percent of users ... an amazing increase in a short time. So security
by obscurity will not go on indefinitely

I can't see myself ever using realtime av. Not that it's a problem.
KAV v. 3.5 works fine on both my Win ME and 2K Pro machines. With the
default "smart" scan setting, I can't preceive any slowdown. It's
just the idea that it's the wrong way to do things. Far better to use
your head and practice "safe hex" ... and I'm afraid if I used
realtime av I'd get sloppy ... and get nailed

Art

http://home.epix.net/~artnpeg

 

[Beauregard T. Shagnasty]

I've never had a problem leaving javascript enabled in my Gecko
based browsers. Seems that so far, the developers have fixed
vulnerabilities before exploits are developed by the bad guys.

Turning off JavaScript is just one of my safe-hex practices. If I find
a site that needs it, I'll inspect the code and proceed accordingly.

I do expect that to change, though. I saw recently that Firefox is
now used by seven percent of users ... an amazing increase in a
short time. So security by obscurity will not go on indefinitely

The real figure is probably above 7%, and of course this depends on
what stats you read. For example:
http://www.w3schools.com/browsers/browsers_stats.asp
almost 20% of W3schools visitors use Firefox.

I can't see myself ever using realtime av. Not that it's a problem.
KAV v. 3.5 works fine on both my Win ME and 2K Pro machines. With
the default "smart" scan setting, I can't preceive any slowdown.
It's just the idea that it's the wrong way to do things. Far better
to use your head and practice "safe hex" ... and I'm afraid if I
used realtime av I'd get sloppy ... and get nailed

Makes sense...

 

[Art]

The real figure is probably above 7%, and of course this depends on
what stats you read. For example:
http://www.w3schools.com/browsers/browsers_stats.asp
almost 20% of W3schools visitors use Firefox.

As this site points out though, web technologies users aren't average
users.

Art

http://home.epix.net/~artnpeg

 

[Pastor Dave]

Heh, feel free to not buy it, but it is true.

Okay, we'll agree to disagree.

I believe the first virus I ever encountered was Magellan?
Fifteen years ago?

Then your claim was not true.

On your computer? An actual infector? So ... where did it come from?

Turns out it was from a web site that I would not
have suspected.

Do you think I've had a virus because you did?

I think everyone has had a virus and I don't buy
your claim. I've been a tech for over 20 years
and I have never run across a system (even
hundreds of network systems that has never
experienced a virus, without running real time
protection.

I go to all kinds of web sites, even posted suspect sites,

Then you are getting them and with all due respect,
frankly, to continue this conversation is foolishness
and it is simply you being cocky.

--

Pastor Dave

"If you believe what you like in the Gospel,
and reject what you like - it is not the Gospel
you believe, but yourselves." - St. Augustine

http://www.ecclesia.org/truth/solution.html

http://tinyurl.com/ce97m

 

[Beauregard T. Shagnasty]

Okay, we'll agree to disagree.

Well, I guess so!

Then your claim was not true.

Ahem, my claim, was/is that I have never been *infected* with a virus.
I was *sent* the virus. I did not become *infected* with it. Wake up,
Dave. Haven't I stated that I have been sent viruses, recognized them,
saved the attachments and scanned them, and did NOT execute them to
get infected?

Turns out it was from a web site that I would not have suspected.

What is the web site? I'll be glad to check it for you.

I think everyone has had a virus and I don't buy your claim. I've
been a tech for over 20 years and I have never run across a system
(even hundreds of network systems that has never experienced a
virus, without running real time protection.

Well, I don't know what else to tell you to make you believe that none
of my computers have ever been *infected* with a virus.

You use the words "experienced a virus." To you, does that mean the
same as infected?

Then you are getting them and with all due respect, frankly, to
continue this conversation is foolishness and it is simply you
being cocky.

I don't think it is being cocky to state that my computers have never
been infected with any virus. If you don't wish to believe that, then
.... well, as you said, the conversation is probably over.

 

[What's in a Name?]

Well, I guess so!


Ahem, my claim, was/is that I have never been *infected* with a
virus. I was *sent* the virus. I did not become *infected* with
it. Wake up, Dave. Haven't I stated that I have been sent viruses,
recognized them, saved the attachments and scanned them, and did
NOT execute them to get infected?


What is the web site? I'll be glad to check it for you.


Well, I don't know what else to tell you to make you believe that
none of my computers have ever been *infected* with a virus.

You use the words "experienced a virus." To you, does that mean
the same as infected?


I don't think it is being cocky to state that my computers have
never been infected with any virus. If you don't wish to believe
that, then ... well, as you said, the conversation is probably
over.

wannabe"pastor"dave is a troll or a liar-either one-makes no
difference.He says "I've been a tech for twenty years" but seems to
have no knowledge about malware and the various methods/tools to get
rid of and/or prevent them. I have him in my killfile and would not
have noticed but for your quote. As several of the regulars tried to
help him the other day, he was full of himself(seems to be his style
of interaction with others) and was added to their killfiles also.
-max

 

[What's in a Name?]

I also run AdAware and Spybot. I'm looking for Anti Trojan
software.

Besides A^2 there is SwatIt,Bazooka and trojfind by Kaspersky
-max

 

[Beauregard T. Shagnasty]

wannabe"pastor"dave is a troll or a liar-either one-makes no
difference.He says "I've been a tech for twenty years" but seems to
have no knowledge about malware and the various methods/tools to
get rid of and/or prevent them. I have him in my killfile and would
not have noticed but for your quote. As several of the regulars
tried to help him the other day, he was full of himself(seems to be
his style of interaction with others) and was added to their
killfiles also. -max

Sounds like a plan.

 

[me]

wannabe"pastor"dave is a troll or a liar-either one-makes
no difference.He says "I've been a tech for twenty years"
but seems to have no knowledge about malware and the
various methods/tools to get rid of and/or prevent them. I
have him in my killfile and would not have noticed but for
your quote. As several of the regulars tried to help him
the other day, he was full of himself(seems to be his style
of interaction with others) and was added to their
killfiles also. -max

Your (plural) patience was admirable, indeed.
[ quot bts ]Sounds like a plan. [ /quot]

J

 

[* * Chas]

| On Wed, 10 Aug 2005 23:46:36 -0400, kurt wismer <[email protected]>
| wrote:
|
| >Virus Guy wrote:
| >[snip]
| >> A program that gets basically no discussion in these groups is
| >> MooSoft's "The Cleaner".
| >
| >it used to get more attention in the past... i didn't follow things
that
| >closely though so i don't know why that changed...
|
| Heh. Reminds me of this old test:
|
| http://www.claymania.com/tests-trojan.html
|
| Which showed that the better av scan engines such as KAV and McAfee
| (AVK uses the KAV engine) were far superior to Trojan speciic scanners
| in detecting Trojans. In fact, The Cleaner was crap. Be interesting to
| see a more recent comparison.
|
| Art

I used the Cleaner and Pest Patrol for a while. I wasn't very impressed
with either of them and let the renewal lapse.

As I mentioned in my OP, I'm not real concerned that I might be infected
with a trojan; from time to time I just want to make sure.

I don't mind paying $50 USD but I want to be able to check all of my PCs
without having to get a license for each.

I installed a2 Anti Trojan on one of my test PCs about 6-8 months ago
and never finished setting it up because of the intrusive types of info
that they were requesting. I just tried it again this evening and they
seemed to have toned it down a lot with the ability to opt out of their
E-mail messages etc. I updated it and have it running now.

Chas.

 

[Pastor Dave]

Well, I don't know what else to tell you to make you believe that none
of my computers have ever been *infected* with a virus.

It won't happen.

--

Pastor Dave

"If you believe what you like in the Gospel,
and reject what you like - it is not the Gospel
you believe, but yourselves." - St. Augustine

http://www.ecclesia.org/truth/solution.html

http://tinyurl.com/ce97m

 

[* * Chas]

| Pastor Dave wrote:
| > On Tue, 9 Aug 2005 21:31:32 -0700, "* * Chas"
| > <[email protected]> spake thusly:
<snip>

| Chas, try A² from Emisoft. It is an anti-trojan program, and free for
| home use.
| http://www.emsisoft.com/en/
| Scroll down to "a-squared Free"

Thanks, I installed A² on a test PC a number of months ago but never
configured it because I was turned off by the number of hoops required
to jump through in order to activate the program.

I looked at again this evening and they seemed to have toned down the
intrusiveness a lot. I updated A² and ran it, seemed to work pretty
well.

Chas.

 

[Pastor Dave]

You mean that you insulted me and kept insulting me
and when I pointed that out and trapped you with your
own words, you kill filed me. You are an idiot who is
dishonest and loves a lie. Let whoever wishes to know
the truth, look it up for themselves. In the mean
time, I don't have time to deal with fools like you.

--

Pastor Dave

"If you believe what you like in the Gospel,
and reject what you like - it is not the Gospel
you believe, but yourselves." - St. Augustine

http://www.ecclesia.org/truth/solution.html

http://tinyurl.com/ce97m

 

[Pastor Dave]

wannabe"pastor"dave is a troll or a liar-either one-makes
no difference.He says "I've been a tech for twenty years"
but seems to have no knowledge about malware and the
various methods/tools to get rid of and/or prevent them. I
have him in my killfile and would not have noticed but for
your quote. As several of the regulars tried to help him
the other day, he was full of himself(seems to be his style
of interaction with others) and was added to their
killfiles also. -max

Your (plural) patience was admirable, indeed.
[ quot bts ]Sounds like a plan. [ /quot]

Yes, I was a real evil person for saying that I don't
believe that someone who has been on PC's for 20 years
has never been infected by a virus, when they have
never run real time protection. Right. I'm sure all
of these companies sell AV software, based on one big
hoax, just designed to fool us. <chuckle>

--

Pastor Dave

"If you believe what you like in the Gospel,
and reject what you like - it is not the Gospel
you believe, but yourselves." - St. Augustine

http://www.ecclesia.org/truth/solution.html

http://tinyurl.com/ce97m

 

[Beauregard T. Shagnasty]

Your (plural) patience was admirable, indeed.
[ quot bts ]Sounds like a plan. [ /quot]

OMG!!! OMG!!!!1!! I just installed Norton 2005 and it found 7,154
viruses on my computer!!!! Whatever shall I do?????????

 

[Roger Wilco]

Yes, I was a real evil person for saying that I don't
believe that someone who has been on PC's for 20 years
has never been infected by a virus, when they have
never run real time protection. Right. I'm sure all
of these companies sell AV software, based on one big
hoax, just designed to fool us. <chuckle>

Yes, the belief that real time protection is a must is wrong thinking.
It might be a must if you have no control over what users are allowed to
do with the system, but if you do have complete control (configuration
and policies) then real time (along with many other so called "must
have" features) AV is not needed. Most AV vendors now compete over how
well they implement these non-essential features, and users complain
about RAM footprints and CPU cycles which are inconsequential when a
good on-demand regimen is inplemented instead. It takes more effort on
the part of the user, but it isn't really all that difficult.

You wouldn't expect the vendors to tell you this would you - considering
they are in 'business' to sell software?

 

[Roger Wilco]

Your (plural) patience was admirable, indeed.
[ quot bts ]Sounds like a plan. [ /quot]

OMG!!! OMG!!!!1!! I just installed Norton 2005 and it found 7,154
viruses on my computer!!!! Whatever shall I do?????????

Errr - - stop collecting viruses? )

 

[Beauregard T. Shagnasty]

Errr - - stop collecting viruses? )

Ahh. Phew! I cleaned out my "/suspect" storage directory and now I
only have four viruses!!!

The four variations of eicar used to verify that the scan works. <g>

 

[Norman L. DeForest]

[snip]

Do you think I've had a virus because you did?

I think everyone has had a virus and I don't buy
your claim. I've been a tech for over 20 years
and I have never run across a system (even
hundreds of network systems that has never
experienced a virus, without running real time
protection.

I have had *one* infection on *one* of my computers because of a freak
situation. I was about to check a floppy disk for viruses with an
"f-prot" command and had typed "f-pr" when the AC power failed for about
two seconds and then came back on. Although my BIOS was set to try
booting from C: first and A: second (since it was necessary to boot from
the hard drive to load a disk manager and *then* continue booting from
a floppy, if that was desired, to make the hard drive accessible), the
hard drive controller took just long enough time to recover from the power
failure that it flunked the test at boot-up time and the system booted off
the floppy disk. The floppy disk was infected with a boot-sector virus
and the virus trashed the disk manager on the hard drive. "Real-time
protection" would have been no help in that case.

I doubt if any virus that used anything else but MS-DOS function calls
could even run on one of my MS-DOS machines as its BIOS and hardware is
not IBM-compatable at all. I don't think that one needs any protection
(except for write-protect tabs on the boot floppies). (OK, the fact that
it hasn't got a hard drive helps.) I don't think there's any virus that
would work on my MP/M-86 machine either.