AVG Free Edition -- new user question

[John Blaustein]

Thanks to everyone who responded to my question yesterday about AV programs.

I've installed AVG on my XP system and have a couple of questions:

1) Should I use "heuristics?" In the AVG Control Center, it's on the
Resident Shield tab. Any reason not to use it? (I'm not quite sure what it
is.)

2) In the AVG Control Center, E-mail scanner tab, there is a checkbox for
"Use Outlook Express 5 Plug-in." I'm using Outlook Express 6.0, so I don't
know if I should check this box.

3) In the Readme.txt file, it says this:

=========================================================
Personal E-mail Scanner

To support all e-mail program based on the POP3/SMTP protocols
a new program AVG EMS has been created. You can download it
from the URL

http://www.grisoft.cz/beta/avgemc/avgemc_en.htm
=========================================================

Has anyone who is using Outlook Express 6.0 used this? Is it really
necessary, or is e-mail already scanned by AVG?

Thank you.

John

 

[Frederic Bonroy]

1) Should I use "heuristics?" In the AVG Control Center, it's on the
Resident Shield tab. Any reason not to use it? (I'm not quite sure what it
is.)

Heuristics is a technology designed to try to detect unknown viruses.
Note that I said "try to". It supplements the actual scanner, it does
not replace it so you still need to update AVG regularly.
You should enable it, but you must be aware that it can produce false
alerts.

2) In the AVG Control Center, E-mail scanner tab, there is a checkbox for
"Use Outlook Express 5 Plug-in." I'm using Outlook Express 6.0, so I don't
know if I should check this box.

Whatever you do, do NOT let AVG attach a "virus free" certificate to
your outgoing messages. I'm saying this because unfortunately, this
certificate is just as meaningless as it is widespread.

 

[John Blaustein]

I'll enable Heuristics.

No, AVG does not append any message to outgoing mail.

John

 

[Roy Coorne]

Frederic Bonroy wrote:

....

Whatever you do, do NOT let AVG attach a "virus free" certificate to
your outgoing messages. I'm saying this because unfortunately, this
certificate is just as meaningless as it is widespread.

FACK - it is not only meaningless but also misleading as searching
Google Groups for "virus" leads to postings which have nothing to do
with this subject but include the AVG attachment.

Roy

 

[Andrew Lee]

Whatever you do, do NOT let AVG attach a "virus free" certificate to
your outgoing messages. I'm saying this because unfortunately, this
certificate is just as meaningless as it is widespread.

Or you could add an amusingly altered version of the message - like

"This message has been scanned by AVG - you should note that this means
absolutely nothing, and if you trust the message on that basis, you should
have your head read."

 

[Blevins]

Or you could add an amusingly altered version of the message - like

"This message has been scanned by AVG - you should note that this means
absolutely nothing, and if you trust the message on that basis, you should
have your head read."

Or you could be a normal adult and use no bullshit footer at all.

 

[Andrew Lee]

Or you could be a normal adult and use no bullshit footer at all.

Where would be the fun in that?

I've never tried to be normal (nor indeed adult) in my entire life.


-AJ

 

[Richard Steven Hack]

Or you could add an amusingly altered version of the message - like

"This message has been scanned by AVG - you should note that this means
absolutely nothing, and if you trust the message on that basis, you should
have your head read."

Actually I leave the message as it is and use it. It lets people know
something looked at the email. If they're dumb enough to believe the
phrase "certified virus-free" is necessarily true, that's their
problem.

When it says "certified virus-free" on my incoming email, what am I
supposed to do? Disbelieve it? Run another scan with another AV for
a second opinion on every email? Discard ALL email because it MIGHT
have a virus?

People who make broad comments about viruses are usually trying to
prove how knowledgeable they are and they are usually wrong about
everything.

There is nothing "wrong" with having an email scanner (in or out),
nothing "wrong" with having it say it scanned email (in or out), and
nothing wrong with trusting it to do its job until it fails to do its
job.

No antivirus is perfect whether it gets somebody's award twenty times
in a row or not. It's just another security tool, no more, no less.

And in the end, as Rutger Hauer said repeatedly in the movie
"Nighthawks", "Remember - there IS no security."

 

[Ant]

Actually I leave the message as it is and use it. It lets people
know something looked at the email.

And can give them a false sense of security.

If they're dumb enough to believe the phrase "certified virus-free"
is necessarily true, that's their problem.

Then there's no point to the message.

When it says "certified virus-free" on my incoming email, what am I
supposed to do? Disbelieve it?

Yes. Perhaps it contains a new virus. Perhaps a message like this will
be the next social engineering tactic from virus authors.

Run another scan with another AV for a second opinion on every email?

I would if it contained an executable attachment, but then I would be
hardly likely to run such a thing anyway.

Discard ALL email because it MIGHT have a virus?

Don't allow attachments or embedded html/script instructions to be run.

People who make broad comments about viruses are usually trying to
prove how knowledgeable they are and they are usually wrong about
everything.

People in this group who comment usually have experience with viruses.

 

[Richard Steven Hack]

And can give them a false sense of security.

Try reading the next line before you respond.

Then there's no point to the message.


Yes. Perhaps it contains a new virus. Perhaps a message like this will
be the next social engineering tactic from virus authors.

In other words, let's not use email at all, is that what you're
saying? I'm not saying I must believe that my AV will always catch a
new virus, note. I'm saying that I have no reason not to believe it
is doing its job until it in fact fails to do its job. If I am to
assume it is not doing it's job, then why bother having it at all?

I would if it contained an executable attachment, but then I would be
hardly likely to run such a thing anyway.

Me either - which is why I never have to do it. But according to you
I have to ASSUME it might have a virus AND ASSUME that my AV is not
catching it and therefore run another AV - which I suppose you want me
to assume is not catching it either. What's wrong with this picture?

Don't allow attachments or embedded html/script instructions to be run.

I don't allow them to run automatically. That's not the point. The
point is why should I assume my AV is not doing its job. Contrary to
some people's belief, there is a time when somebody sends you
something you want to or need to run - possibly for business reasons..
You have to decide whether to run it or not based on your trust in
your AV. If you decision is never to run anything anybody sends you,
you might as well not have an AV. Like I said, you might as well not
have email at all.

People in this group who comment usually have experience with viruses.

You couldn't prove it by some of the comments. And getting a virus
seems to me to be proof that your "experience with viruses" is not
necessarily equivalent to competence in preventing viruses.

For the record, I have had one virus presented to my system in the
last three years and that one was a Chernobyl that came in on a P2P
download maybe two years ago. It was caught and cleaned by the AV I
was using at the time. I get very little email and I never get or run
executables, although I will send some HTML email to my browser
(Opera, not IE) and images to my image viewer (quite safe). So I am
not at the same level of risk as someone who gets 400 emails a day
from everybody on the planet. I give out my primary email address to
very people and I use a spamtrap for everything else (I have not seen
one single SWEN virus sent to my main email - they've all gone to the
spamtrap).

I don't assume my AV will catch everything forever. I don't assume it
won't catch anything. As for the original point, I leave the
"certification" message on my email because it shows I went to the
trouble of scanning my outbound (and inbound) email, and hopefully
others will take the hint to do the same. No harm in that. If
someone else assumes they don't need an AV because I scanned MY email,
then they are idiots and I take no responsibility for idiots. I also
do not change my behavior because someone else is an idiot. So the
AVG message stays on my email. Period. Anybody who doesn't like it
is an idiot and can kiss my ass.

Any further questions?

 

[Ant]

[snip]
In other words, let's not use email at all, is that what you're
saying?
No.

[snip]

I would if it contained an executable attachment, but then I would be
hardly likely to run such a thing anyway.

Me either - which is why I never have to do it. But according to you
I have to ASSUME it might have a virus

Yes (for incoming email with attachments).

AND ASSUME that my AV is not catching it and therefore run another AV
- which I suppose you want me to assume is not catching it either.

No, I am not saying you should scan it more than once.

What's wrong with this picture?

I'm not talking about deficencies of your AV. What I'm saying is don't
believe the claims of the email sender. In other words you run your own
scan, not rely on what they might claim. Your scan may detect something
where theirs failed (or their claim was bogus).

[snip]

For the record, I have had one virus presented to my system in the
last three years

In the 12 or so years I've been using PCs, I've had none. I occasionaly
extract them from newsgroup posts for analysis, and report them to my
AV vendor if appropriate.

[snip]

As for the original point, I leave the
"certification" message on my email because it shows I went to the
trouble of scanning my outbound (and inbound) email, and hopefully
others will take the hint to do the same.

If that's the message they get, then fine. My view is different.

[snip]

Any further questions?

No questions here; just opinions.