Desktop antivirus - it's dead

[Dustin Cook]

"cbgerry" <cbgerry@bluecollarpc.net> wrote in
news:1176069380.219622.283790@l77g2000hsb.googlegr oups.com:

> On Apr 8, 5:19 pm, "cmsix" <c...@hotmail.com> wrote:
>> "cbgerry" <cbge...@bluecollarpc.net> wrote in message
>>
>> news:1176066034.635620.156670@b75g2000hsg.googlegr oups.com...
>>
>>
>>
>> > On Apr 6, 3:45 pm, George Orwell <Use-Author-Supplied-Address-
>> > Header@[127.1]> wrote:
>> >> PC Worldhttp://elfurl.com/qympl
>>
>> >> Some industry analysts are proclaiming the traditional antivirus
>> >> method for detecting and eradicating viruses, trojans, spyware and
>> >> other baneful code by matching it against a
>> >> signaturehttp://************/crapwaretobe "dead."
>>
>> >> They say signature-based checking can't keep up with the flood of
>> >> virus variants manufactured by a criminal underworld that is
>> >> beating the antivirus vendors at their own game. And they are
>> >> arguing it's time for companies to adopt newer approaches, such as
>> >> whitelisting or behavior- blocking, to protect desktops and
>> >> servers.
>>
>> >> "It's the beginning of the end for antivirus," says Robin Bloor,
>> >> partner at consulting firm Hurwitz & Associates, in Boston, who
>> >> adds he began his "antivirus is dead" campaign a year ago and
>> >> feels even more strongly about it today. "...The approach
>> >> antivirus vendors take is completely wrong. The criminals working
>> >> to release these viruses against computer users are testing
>> >> against antivirus software. They know what works and how to create
>> >> variants."
>>
>> >> ..Instead of antivirus software, he says, users should be
>> >> investing in whitelisting software that prevents viruses from
>> >> running because it only allows authorized applications to run.
>>
>> >> Whitelisting products are available from SecureWave, Bit9, Savant,
>> >> AppSense and CA, the first traditional antivirus vendor to see the
>> >> light, in Bloor's view.
>>
>> > ========================>
>>
>> > They mean "heurisitics" in all descent antivirus paid protection ?
>> > Duh.... heurisitics. This is activated meaning real time protection
>> > in paid subscription antivirus software programs. Heurisitics is
>> > the ability to identifiy the malware threat by typical behavior
>> > without having the definitions yet written for removal and blocking
>> > of the particular threat - worm, virus, many trojans.
>>
>> > ""QUOTE""
>> >> They say signature-based checking can't keep up with the flood of
>> >> virus
>> > ""UNQUOTE""
>>
>> > ...and it never did and never will. For newbies these idiot editors
>> > are writing to (and I am not the only one recognizing this) - for
>> > newbies / novice information here, the writer is calling a system
>> > scan with your antivirus as "signature-based checking" - like duh
>> > a-hole. Why would you do a scan, find and remove malware and then
>> > turn around and say that the PC was protected in the beginning as
>> > "signature-based checking" ??? How the h*ll was the PC ever
>> > protected by "sinature- based checking"?"?? Duh !!!
>>
>> > So where's the distinction that something is or did die ???? Idiot
>> > Editors playing with new people's minds. Malicious bad information
>> > even intentionally. I have caught some of the4se creeps before
>> > giving out bad information and responded to it.
>>
>> > ""QUOTE""
>> > they are arguing it's time for companies to adopt newer approaches,
>> > such as ... behavior- blocking
>> > ""UNQUOTE""
>>
>> > ...You mean BUY some antivirus protection ??? to activate real time
>> > protection - - Duh !!!
>>
>> > This is the result of trolls, criminal elements, idiots, plain
>> > newbies, and bragging rights malicious persons giving the constant
>> > idea of freeware security as your silver bullet. That is absurd and
>> > even for the most new person. Anybody new to computers instantly
>> > realizes that the software business is a multi-million and multi-
>> > billion dollar industry. You can't even miss that one on TV News
>> > always informing the public of the amount of trade done over the
>> > internet if you are not a computer owner/operator. I believe it is
>> > in the neighborhood of 16 billion dollars yearly or more. So point
>> > is the "newbie" knows better and are taking their chances and they
>> > know it. They know you are only getting what they pay for in the
>> > worst ignorance of software or computers.
>>
>> > A little knowledge spread around stops all of this in a very, very
>> > great degree.
>>
>> Hell, you don't even have to buy any. You can download avast for free
>> and it does real time checking, even scans incoming email.
>>
>> Of course the most common path of infection can be easily blocked by
>> simply turning off html rendering in your mail client. No text
>> message has ever infected a machine without the help of that
>> machine's user.
>>
>> cmsix
>>
>>
>
> ========================>
> And what protection does free antivirus offer when browsing the
> internet ? Free open source Clam AV has an Outlook plug-in to scan
> email. But you are only talking about being protected with email
> scanning. What about browsing ? That is absurd to just use a computer
> for email - cell phones do that. I have never heard of such a thing
> that someone pays up to and over 2 thousand dollars for a computer and
> then not use it because free antivirus only scans email. Strange
> answer.
>
>

Ehh, If you don't mind me asking, what makes you think free antivirus
only scans email? Most resident antivirus scans files after
creation/during, when opening, before execution etc. In those cases, if
the malware is known to the scanner, it should flag it and provide you
some options for dealing with it, depending on your setup.



--
Dustin Cook
Author of BugHunter - MalWare Removal Tool - v2.2a
email: bughunter.dustin@gmail.com.removethis
web..: http://bughunter.it-mate.co.uk
Pad..: http://bughunter.it-mate.co.uk/pad.xml

[Virus Guy]

Far Canal wrote:

> > > Exploits/viruses don't come from casual browsing of 'normal'
> > > websites. They come from wank/warez sites & spam mail.
> >
> > Many "normal" web sites have been, and currently are hacked
> > and do serve up exploits.
> >
> > The Asus website is one current example.
>
> You are clueless. The site you refer has used a ****load of
> AVP's ...

You are truely stupid.

You made a statement that exploits don't come from casual browsing of
"normal" websites.

I show you an example where a normal web site (Asus.com) was hacked.

Why don't you respond to that?

That was the point of my response. Why don't you admit that you are
wrong about exploits NOT being present on "normal" sites?

[Virus Guy]

kurt wismer wrote:

> virus guy's contention that anti-virus products don't detect
> exploits on their way in is demonstrably false - there are
> products that do have technology for scanning things as they
> come off the wire (nod32 is one of the ones that implements...

I don't recall that it was ever shown that any AV product prevented,
for example, IE from crashing when exposed to test samples of the VML
vulnerability.

Can you point to a URL that describes how (or where) nod32 situates
itself such that it's able to be the first process to intercept (scan)
ethernet packets before that data is passed to a higher layer?

Does NOD make such a claim?

[cbgerry]

On Apr 8, 11:58 pm, Dustin Cook
<spamfilterineffect.see....@nowhere.com> wrote:
> "cbgerry" <cbge...@bluecollarpc.net> wrote innews:1176069380.219622.283790@l77g2000hsb.google groups.com:
>
>
>
>
>
> > On Apr 8, 5:19 pm, "cmsix" <c...@hotmail.com> wrote:
> >> "cbgerry" <cbge...@bluecollarpc.net> wrote in message
>
> >>news:1176066034.635620.156670@b75g2000hsg.google groups.com...
>
> >> > On Apr 6, 3:45 pm, George Orwell <Use-Author-Supplied-Address-
> >> > Header@[127.1]> wrote:
> >> >> PC Worldhttp://elfurl.com/qympl
>
> >> >> Some industry analysts are proclaiming the traditional antivirus
> >> >> method for detecting and eradicating viruses, trojans, spyware and
> >> >> other baneful code by matching it against a
> >> >> signaturehttp://************/crapwaretobe"dead."
>
> >> >> They say signature-based checking can't keep up with the flood of
> >> >> virus variants manufactured by a criminal underworld that is
> >> >> beating the antivirus vendors at their own game. And they are
> >> >> arguing it's time for companies to adopt newer approaches, such as
> >> >> whitelisting or behavior- blocking, to protect desktops and
> >> >> servers.
>
> >> >> "It's the beginning of the end for antivirus," says Robin Bloor,
> >> >> partner at consulting firm Hurwitz & Associates, in Boston, who
> >> >> adds he began his "antivirus is dead" campaign a year ago and
> >> >> feels even more strongly about it today. "...The approach
> >> >> antivirus vendors take is completely wrong. The criminals working
> >> >> to release these viruses against computer users are testing
> >> >> against antivirus software. They know what works and how to create
> >> >> variants."
>
> >> >> ..Instead of antivirus software, he says, users should be
> >> >> investing in whitelisting software that prevents viruses from
> >> >> running because it only allows authorized applications to run.
>
> >> >> Whitelisting products are available from SecureWave, Bit9, Savant,
> >> >> AppSense and CA, the first traditional antivirus vendor to see the
> >> >> light, in Bloor's view.
>
> >> > ========================>
>
> >> > They mean "heurisitics" in all descent antivirus paid protection ?
> >> > Duh.... heurisitics. This is activated meaning real time protection
> >> > in paid subscription antivirus software programs. Heurisitics is
> >> > the ability to identifiy the malware threat by typical behavior
> >> > without having the definitions yet written for removal and blocking
> >> > of the particular threat - worm, virus, many trojans.
>
> >> > ""QUOTE""
> >> >> They say signature-based checking can't keep up with the flood of
> >> >> virus
> >> > ""UNQUOTE""
>
> >> > ...and it never did and never will. For newbies these idiot editors
> >> > are writing to (and I am not the only one recognizing this) - for
> >> > newbies / novice information here, the writer is calling a system
> >> > scan with your antivirus as "signature-based checking" - like duh
> >> > a-hole. Why would you do a scan, find and remove malware and then
> >> > turn around and say that the PC was protected in the beginning as
> >> > "signature-based checking" ??? How the h*ll was the PC ever
> >> > protected by "sinature- based checking"?"?? Duh !!!
>
> >> > So where's the distinction that something is or did die ???? Idiot
> >> > Editors playing with new people's minds. Malicious bad information
> >> > even intentionally. I have caught some of the4se creeps before
> >> > giving out bad information and responded to it.
>
> >> > ""QUOTE""
> >> > they are arguing it's time for companies to adopt newer approaches,
> >> > such as ... behavior- blocking
> >> > ""UNQUOTE""
>
> >> > ...You mean BUY some antivirus protection ??? to activate real time
> >> > protection - - Duh !!!
>
> >> > This is the result of trolls, criminal elements, idiots, plain
> >> > newbies, and bragging rights malicious persons giving the constant
> >> > idea of freeware security as your silver bullet. That is absurd and
> >> > even for the most new person. Anybody new to computers instantly
> >> > realizes that the software business is a multi-million and multi-
> >> > billion dollar industry. You can't even miss that one on TV News
> >> > always informing the public of the amount of trade done over the
> >> > internet if you are not a computer owner/operator. I believe it is
> >> > in the neighborhood of 16 billion dollars yearly or more. So point
> >> > is the "newbie" knows better and are taking their chances and they
> >> > know it. They know you are only getting what they pay for in the
> >> > worst ignorance of software or computers.
>
> >> > A little knowledge spread around stops all of this in a very, very
> >> > great degree.
>
> >> Hell, you don't even have to buy any. You can download avast for free
> >> and it does real time checking, even scans incoming email.
>
> >> Of course the most common path of infection can be easily blocked by
> >> simply turning off html rendering in your mail client. No text
> >> message has ever infected a machine without the help of that
> >> machine's user.
>
> >> cmsix
>
> > ========================>
> > And what protection does free antivirus offer when browsing the
> > internet ? Free open source Clam AV has an Outlook plug-in to scan
> > email. But you are only talking about being protected with email
> > scanning. What about browsing ? That is absurd to just use a computer
> > for email - cell phones do that. I have never heard of such a thing
> > that someone pays up to and over 2 thousand dollars for a computer and
> > then not use it because free antivirus only scans email. Strange
> > answer.
>
> Ehh, If you don't mind me asking, what makes you think free antivirus
> only scans email? Most resident antivirus scans files after
> creation/during, when opening, before execution etc. In those cases, if
> the malware is known to the scanner, it should flag it and provide you
> some options for dealing with it, depending on your setup.
>
> --
> Dustin Cook
> Author of BugHunter - MalWare Removal Tool - v2.2a
> email: bughunter.dus...@gmail.com.removethis
> web..:http://bughunter.it-mate.co.uk
> Pad..:http://bughunter.it-mate.co.uk/pad.xml- Hide quoted text -
>
> - Show quoted text -

==================================>
Ehhh... yourself.

That's absurd - where in the hell did you get that at ? The whole
message I wrote was about antivirus heurisitics for browsing the
internet.....

You wrote:
""QUOTE""
> Ehh, If you don't mind me asking, what makes you think free antivirus
> only scans email?
""UNQUOTE""
Perhaps you are talking abou the magazine editor comments?

Could you quote this ?..... waiting.

[cbgerry]

On Apr 9, 12:51 am, "cbgerry" <cbge...@bluecollarpc.net> wrote:
> On Apr 8, 11:58 pm, Dustin Cook
>
>
>
>
>
> <spamfilterineffect.see....@nowhere.com> wrote:
> > "cbgerry" <cbge...@bluecollarpc.net> wrote innews:1176069380.219622.283790@l77g2000hsb.google groups.com:
>
> > > On Apr 8, 5:19 pm, "cmsix" <c...@hotmail.com> wrote:
> > >> "cbgerry" <cbge...@bluecollarpc.net> wrote in message
>
> > >>news:1176066034.635620.156670@b75g2000hsg.google groups.com...
>
> > >> > On Apr 6, 3:45 pm, George Orwell <Use-Author-Supplied-Address-
> > >> > Header@[127.1]> wrote:
> > >> >> PC Worldhttp://elfurl.com/qympl
>
> > >> >> Some industry analysts are proclaiming the traditional antivirus
> > >> >> method for detecting and eradicating viruses, trojans, spyware and
> > >> >> other baneful code by matching it against a
> > >> >> signaturehttp://************/crapwaretobe"dead."
>
> > >> >> They say signature-based checking can't keep up with the flood of
> > >> >> virus variants manufactured by a criminal underworld that is
> > >> >> beating the antivirus vendors at their own game. And they are
> > >> >> arguing it's time for companies to adopt newer approaches, such as
> > >> >> whitelisting or behavior- blocking, to protect desktops and
> > >> >> servers.
>
> > >> >> "It's the beginning of the end for antivirus," says Robin Bloor,
> > >> >> partner at consulting firm Hurwitz & Associates, in Boston, who
> > >> >> adds he began his "antivirus is dead" campaign a year ago and
> > >> >> feels even more strongly about it today. "...The approach
> > >> >> antivirus vendors take is completely wrong. The criminals working
> > >> >> to release these viruses against computer users are testing
> > >> >> against antivirus software. They know what works and how to create
> > >> >> variants."
>
> > >> >> ..Instead of antivirus software, he says, users should be
> > >> >> investing in whitelisting software that prevents viruses from
> > >> >> running because it only allows authorized applications to run.
>
> > >> >> Whitelisting products are available from SecureWave, Bit9, Savant,
> > >> >> AppSense and CA, the first traditional antivirus vendor to see the
> > >> >> light, in Bloor's view.
>
> > >> > ========================>
>
> > >> > They mean "heurisitics" in all descent antivirus paid protection ?
> > >> > Duh.... heurisitics. This is activated meaning real time protection
> > >> > in paid subscription antivirus software programs. Heurisitics is
> > >> > the ability to identifiy the malware threat by typical behavior
> > >> > without having the definitions yet written for removal and blocking
> > >> > of the particular threat - worm, virus, many trojans.
>
> > >> > ""QUOTE""
> > >> >> They say signature-based checking can't keep up with the flood of
> > >> >> virus
> > >> > ""UNQUOTE""
>
> > >> > ...and it never did and never will. For newbies these idiot editors
> > >> > are writing to (and I am not the only one recognizing this) - for
> > >> > newbies / novice information here, the writer is calling a system
> > >> > scan with your antivirus as "signature-based checking" - like duh
> > >> > a-hole. Why would you do a scan, find and remove malware and then
> > >> > turn around and say that the PC was protected in the beginning as
> > >> > "signature-based checking" ??? How the h*ll was the PC ever
> > >> > protected by "sinature- based checking"?"?? Duh !!!
>
> > >> > So where's the distinction that something is or did die ???? Idiot
> > >> > Editors playing with new people's minds. Malicious bad information
> > >> > even intentionally. I have caught some of the4se creeps before
> > >> > giving out bad information and responded to it.
>
> > >> > ""QUOTE""
> > >> > they are arguing it's time for companies to adopt newer approaches,
> > >> > such as ... behavior- blocking
> > >> > ""UNQUOTE""
>
> > >> > ...You mean BUY some antivirus protection ??? to activate real time
> > >> > protection - - Duh !!!
>
> > >> > This is the result of trolls, criminal elements, idiots, plain
> > >> > newbies, and bragging rights malicious persons giving the constant
> > >> > idea of freeware security as your silver bullet. That is absurd and
> > >> > even for the most new person. Anybody new to computers instantly
> > >> > realizes that the software business is a multi-million and multi-
> > >> > billion dollar industry. You can't even miss that one on TV News
> > >> > always informing the public of the amount of trade done over the
> > >> > internet if you are not a computer owner/operator. I believe it is
> > >> > in the neighborhood of 16 billion dollars yearly or more. So point
> > >> > is the "newbie" knows better and are taking their chances and they
> > >> > know it. They know you are only getting what they pay for in the
> > >> > worst ignorance of software or computers.
>
> > >> > A little knowledge spread around stops all of this in a very, very
> > >> > great degree.
>
> > >> Hell, you don't even have to buy any. You can download avast for free
> > >> and it does real time checking, even scans incoming email.
>
> > >> Of course the most common path of infection can be easily blocked by
> > >> simply turning off html rendering in your mail client. No text
> > >> message has ever infected a machine without the help of that
> > >> machine's user.
>
> > >> cmsix
>
> > > ========================>
> > > And what protection does free antivirus offer when browsing the
> > > internet ? Free open source Clam AV has an Outlook plug-in to scan
> > > email. But you are only talking about being protected with email
> > > scanning. What about browsing ? That is absurd to just use a computer
> > > for email - cell phones do that. I have never heard of such a thing
> > > that someone pays up to and over 2 thousand dollars for a computer and
> > > then not use it because free antivirus only scans email. Strange
> > > answer.
>
> > Ehh, If you don't mind me asking, what makes you think free antivirus
> > only scans email? Most resident antivirus scans files after
> > creation/during, when opening, before execution etc. In those cases, if
> > the malware is known to the scanner, it should flag it and provide you
> > some options for dealing with it, depending on your setup.
>
> > --
> > Dustin Cook
> > Author of BugHunter - MalWare Removal Tool - v2.2a
> > email: bughunter.dus...@gmail.com.removethis
> > web..:http://bughunter.it-mate.co.uk
> > Pad..:http://bughunter.it-mate.co.uk/pad.xml-Hide quoted text -
>
> > - Show quoted text -
>
> ==================================>
> Ehhh... yourself.
>
> That's absurd - where in the hell did you get that at ? The whole
> message I wrote was about antivirus heurisitics for browsing the
> internet.....
>
> You wrote:
>
> ""QUOTE""> Ehh, If you don't mind me asking, what makes you think free antivirus
> > only scans email?
>
> ""UNQUOTE""
> Perhaps you are talking abou the magazine editor comments?
>
> Could you quote this ?..... waiting.- Hide quoted text -
>
> - Show quoted text -
============================================>

Here.... I will quote it for you .... I said:

""QUOTE""
> > And what protection does free antivirus offer when browsing the
> > internet ? Free open source Clam AV has an Outlook plug-in to scan
> > email. But you are only talking about being protected with email
> > scanning. What about browsing ? That is absurd to just use a computer
> > for email - cell phones do that. I have never heard of such a thing
> > that someone pays up to and over 2 thousand dollars for a computer and
> > then not use it because free antivirus only scans email. Strange
> > answer.
""UNQUOTE""

Now again 'Ehhhh" where do you get this to say about me: ...

You said :
""QUOTE""
Ehh, If you don't mind me asking, what makes you think free antivirus
> > only scans email?
""UNQUOTE""

I do no think absurdly like that or your question. Got It ? Quit being
absurd or making comments only a-holes would.

[cbgerry]

On Apr 9, 1:02 am, "cbgerry" <cbge...@bluecollarpc.net> wrote:
> On Apr 9, 12:51 am, "cbgerry" <cbge...@bluecollarpc.net> wrote:
>
>
>
> > On Apr 8, 11:58 pm, Dustin Cook
>
> > <spamfilterineffect.see....@nowhere.com> wrote:
> > > "cbgerry" <cbge...@bluecollarpc.net> wrote innews:1176069380.219622.283790@l77g2000hsb.google groups.com:
>
> > > > On Apr 8, 5:19 pm, "cmsix" <c...@hotmail.com> wrote:
> > > >> "cbgerry" <cbge...@bluecollarpc.net> wrote in message
>
> > > >>news:1176066034.635620.156670@b75g2000hsg.google groups.com...
>
> > > >> > On Apr 6, 3:45 pm, George Orwell <Use-Author-Supplied-Address-
> > > >> > Header@[127.1]> wrote:
> > > >> >> PC Worldhttp://elfurl.com/qympl
>
> > > >> >> Some industry analysts are proclaiming the traditional antivirus
> > > >> >> method for detecting and eradicating viruses, trojans, spyware and
> > > >> >> other baneful code by matching it against a
> > > >> >> signaturehttp://************/crapwaretobe"dead."
>
> > > >> >> They say signature-based checking can't keep up with the flood of
> > > >> >> virus variants manufactured by a criminal underworld that is
> > > >> >> beating the antivirus vendors at their own game. And they are
> > > >> >> arguing it's time for companies to adopt newer approaches, such as
> > > >> >> whitelisting or behavior- blocking, to protect desktops and
> > > >> >> servers.
>
> > > >> >> "It's the beginning of the end for antivirus," says Robin Bloor,
> > > >> >> partner at consulting firm Hurwitz & Associates, in Boston, who
> > > >> >> adds he began his "antivirus is dead" campaign a year ago and
> > > >> >> feels even more strongly about it today. "...The approach
> > > >> >> antivirus vendors take is completely wrong. The criminals working
> > > >> >> to release these viruses against computer users are testing
> > > >> >> against antivirus software. They know what works and how to create
> > > >> >> variants."
>
> > > >> >> ..Instead of antivirus software, he says, users should be
> > > >> >> investing in whitelisting software that prevents viruses from
> > > >> >> running because it only allows authorized applications to run.
>
> > > >> >> Whitelisting products are available from SecureWave, Bit9, Savant,
> > > >> >> AppSense and CA, the first traditional antivirus vendor to see the
> > > >> >> light, in Bloor's view.
>
> > > >> > ========================>
>
> > > >> > They mean "heurisitics" in all descent antivirus paid protection ?
> > > >> > Duh.... heurisitics. This is activated meaning real time protection
> > > >> > in paid subscription antivirus software programs. Heurisitics is
> > > >> > the ability to identifiy the malware threat by typical behavior
> > > >> > without having the definitions yet written for removal and blocking
> > > >> > of the particular threat - worm, virus, many trojans.
>
> > > >> > ""QUOTE""
> > > >> >> They say signature-based checking can't keep up with the flood of
> > > >> >> virus
> > > >> > ""UNQUOTE""
>
> > > >> > ...and it never did and never will. For newbies these idiot editors
> > > >> > are writing to (and I am not the only one recognizing this) - for
> > > >> > newbies / novice information here, the writer is calling a system
> > > >> > scan with your antivirus as "signature-based checking" - like duh
> > > >> > a-hole. Why would you do a scan, find and remove malware and then
> > > >> > turn around and say that the PC was protected in the beginning as
> > > >> > "signature-based checking" ??? How the h*ll was the PC ever
> > > >> > protected by "sinature- based checking"?"?? Duh !!!
>
> > > >> > So where's the distinction that something is or did die ???? Idiot
> > > >> > Editors playing with new people's minds. Malicious bad information
> > > >> > even intentionally. I have caught some of the4se creeps before
> > > >> > giving out bad information and responded to it.
>
> > > >> > ""QUOTE""
> > > >> > they are arguing it's time for companies to adopt newer approaches,
> > > >> > such as ... behavior- blocking
> > > >> > ""UNQUOTE""
>
> > > >> > ...You mean BUY some antivirus protection ??? to activate real time
> > > >> > protection - - Duh !!!
>
> > > >> > This is the result of trolls, criminal elements, idiots, plain
> > > >> > newbies, and bragging rights malicious persons giving the constant
> > > >> > idea of freeware security as your silver bullet. That is absurd and
> > > >> > even for the most new person. Anybody new to computers instantly
> > > >> > realizes that the software business is a multi-million and multi-
> > > >> > billion dollar industry. You can't even miss that one on TV News
> > > >> > always informing the public of the amount of trade done over the
> > > >> > internet if you are not a computer owner/operator. I believe it is
> > > >> > in the neighborhood of 16 billion dollars yearly or more. So point
> > > >> > is the "newbie" knows better and are taking their chances and they
> > > >> > know it. They know you are only getting what they pay for in the
> > > >> > worst ignorance of software or computers.
>
> > > >> > A little knowledge spread around stops all of this in a very, very
> > > >> > great degree.
>
> > > >> Hell, you don't even have to buy any. You can download avast for free
> > > >> and it does real time checking, even scans incoming email.
>
> > > >> Of course the most common path of infection can be easily blocked by
> > > >> simply turning off html rendering in your mail client. No text
> > > >> message has ever infected a machine without the help of that
> > > >> machine's user.
>
> > > >> cmsix
>
> > > > ========================>
> > > > And what protection does free antivirus offer when browsing the
> > > > internet ? Free open source Clam AV has an Outlook plug-in to scan
> > > > email. But you are only talking about being protected with email
> > > > scanning. What about browsing ? That is absurd to just use a computer
> > > > for email - cell phones do that. I have never heard of such a thing
> > > > that someone pays up to and over 2 thousand dollars for a computer and
> > > > then not use it because free antivirus only scans email. Strange
> > > > answer.
>
> > > Ehh, If you don't mind me asking, what makes you think free antivirus
> > > only scans email? Most resident antivirus scans files after
> > > creation/during, when opening, before execution etc. In those cases, if
> > > the malware is known to the scanner, it should flag it and provide you
> > > some options for dealing with it, depending on your setup.
>
> > > --
> > > Dustin Cook
> > > Author of BugHunter - MalWare Removal Tool - v2.2a
> > > email: bughunter.dus...@gmail.com.removethis
> > > web..:http://bughunter.it-mate.co.uk
> > > Pad..:http://bughunter.it-mate.co.uk/pad.xml-Hidequoted text -
>
> > > - Show quoted text -
>
> > ==================================>
> > Ehhh... yourself.
>
> > That's absurd - where in the hell did you get that at ? The whole
> > message I wrote was about antivirus heurisitics for browsing the
> > internet.....
>
> > You wrote:
>
> > ""QUOTE""> Ehh, If you don't mind me asking, what makes you think free antivirus
> > > only scans email?
>
> > ""UNQUOTE""
> > Perhaps you are talking abou the magazine editor comments?
>
> > Could you quote this ?..... waiting.- Hide quoted text -
>
> > - Show quoted text -
>
> ============================================>
>
> Here.... I will quote it for you .... I said:
>
> ""QUOTE""> > And what protection does free antivirus offer when browsing the
> > > internet ? Free open source Clam AV has an Outlook plug-in to scan
> > > email. But you are only talking about being protected with email
> > > scanning. What about browsing ? That is absurd to just use a computer
> > > for email - cell phones do that. I have never heard of such a thing
> > > that someone pays up to and over 2 thousand dollars for a computer and
> > > then not use it because free antivirus only scans email. Strange
> > > answer.
>
> ""UNQUOTE""
>
> Now again 'Ehhhh" where do you get this to say about me: ...
>
> You said :
> ""QUOTE""
> Ehh, If you don't mind me asking, what makes you think free antivirus> > only scans email?
>
> ""UNQUOTE""
>
> I do no think absurdly like that or your question. Got It ? Quit being
> absurd or making comments only a-holes would.- Hide quoted text -
>
> - Show quoted text -

================================>

I am out of here .... good by trolls....

[What's in a Name?]

After much thought,Virus Guy came up with this jewel:

> kurt wismer wrote:
>
> > virus guy's contention that anti-virus products don't detect
> > exploits on their way in is demonstrably false - there are
> > products that do have technology for scanning things as they
> > come off the wire (nod32 is one of the ones that implements...
>
> I don't recall that it was ever shown that any AV product prevented,
> for example, IE from crashing when exposed to test samples of the VML
> vulnerability.
>
> Can you point to a URL that describes how (or where) nod32 situates
> itself such that it's able to be the first process to intercept (scan)
> ethernet packets before that data is passed to a higher layer?
>
> Does NOD make such a claim?

From the Nod32 help files on "Internet Monitor-IMON" module.

Enable HTTP checking - if enabled, all traffic through HTTP is scanned.

Ports used by the HTTP protocol - a list of ports used by the HTTP
protocol.

Automatically detect HTTP communication on other ports - enables
automatic detection of HTTP communication also on other than the ports
specified.

In the Actions section you can specify how IMON will act if an incoming
infiltration from the Internet is detected.

Display warning window with action selection - IMON will show up a
warning window and allow the user to terminate the connection with the
particular server.

Automatically deny download of infected file - IMON will automatically
terminate the connection.

Compatibility Setup
Client compatibility setup provides an option to toggle between active
and passive mode (better efficiency and better compatibility
respectively) used for a particular application.

IMON works in two modes: "passive" and "active". In passive (higher
compatibility) mode, portions of a downloaded file are continuously
passed on to the target application whilst IMON stores a temporary copy
of each of the fragments. When the last fragment is detected, the whole
file is scanned for viruses. If an infiltration is detected, a warning
window appears and the connection with the particular server is
terminated. A disadvantage of that is that the already downloaded
portion of the file may already contain a fundamental portion of a
malicious code. What's more, if the application repeatedly attempts to
download infected file, it may use the already downloaded data and
request only the rest of the file. In such case, IMON may not find
nothing suspicious in the remaining portion.

In active (higher efficiency) mode, IMON first downloads and scans
whole file and then passes it on to the target application. This
procedure is safer because in the case of an infiltration the
application does not receive any portion of the downloaded file. A
disadvantage is that the application receives all data at once,
therefore it cannot show the download status properly. Therefore, if
the download lasts for more than 5 seconds, a small window showing the
dowload progress pops up beneath the system tray. Active mode is not
suitable for certain types of data which requires a continual data flow
(e.g. multimedia, streaming video/audio).

The Server compatibility option enables you to set Higher compatibility
mode for particular servers regardless of the mode set for the
particular browser.

Switch to passive (compatible) mode for files larger than ... KB - if
enabled, files larger than the specified size will be downloaded in
passive mode automatically.

Switch to passive (compatible) mode for files being downloaded that
take more than ... seconds - if enabled, files being downloaded will
switch to passive mode after the specified time has elapsed. This
setting is useful for larger files or for slower connections.


--
Virus Removal Instructions http://home.neo.rr.com/manna4u/
Keeping Windows Clean http://home.neo.rr.com/manna4u/keepingclean.html
Change nomail.afraid.org to gmail.com to reply. nomail.afraid.org is
specifically setup for USENET.Feel free to use it yourself.

[Peter Seiler]

optikl - 09.04.2007 04:27 :

> "cbgerry" <cbgerry@bluecollarpc.net> wrote in message
> news:1176081345.238680.19410@e65g2000hsc.googlegro ups.com...
>> ============================>
> <snippped rant>.
>
> You would project a more credible, coherent argument if your spelling and
> grammar weren't so awful.
>
>

and if he would shorten his unnecessary quotings.

--

by(e) PS

spam will be killfiled

[Murps]

cbgerry <cbgerry@bluecollarpc.net> wrote:
>
> I am out of here .... good by trolls....

Goodbye, and thank you for your contributions. In your absence I would
suggest you enroll at a course of study in Basic English and descriptive
linguistics. Evening attendance would be prudent giving you the
remainder of your free time to clue up on Internet Security. Please
accept my sincere apologies if you're a Bedouin camel driver.

HTH.

[kurt wismer]

Virus Guy wrote:
> kurt wismer wrote:
>
>> virus guy's contention that anti-virus products don't detect
>> exploits on their way in is demonstrably false - there are
>> products that do have technology for scanning things as they
>> come off the wire (nod32 is one of the ones that implements...
>
> I don't recall that it was ever shown that any AV product prevented,
> for example, IE from crashing when exposed to test samples of the VML
> vulnerability.

i don't recall it either, but that doesn't mean it didn't happen...

> Can you point to a URL that describes how (or where) nod32 situates
> itself such that it's able to be the first process to intercept (scan)
> ethernet packets before that data is passed to a higher layer?

http://www.microsoft.com/msj/0599/La...edService.aspx

> Does NOD make such a claim?

nod32 does have a layered service provider... i've run afoul of it's
imperfections in my professional life...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"