Kaspersky Vs. Norton/Symantec
in [Anti-Virus]
|
From: Ron Reaugh on 19 Jun 2005 16:22 "cquirke (MVP Windows shell/user)" <cquirkenews(a)nospam.mvps.org> wrote in message news:69cbb1l2i42l16c82sh2hq90e86de52kdo(a)4ax.com... -snip > Because of the "product activation" commercial malware factor, > "Norton" would be at the very bottom of my list. I'm using AVG as > resident scanner, and Trend SysClean and F-Prot for DOS as my > on-demand scanners for formal post-infection interventions. RIGHT, like most the other well informed.
From: Kaimbridge on 20 Jun 2005 09:55 cquirke (MVP Windows shell/user) wrote: >> On a couple of programs I've run, I've gotten the "16 bit MS-DOS >> Subsystem" error box, "C:\PROGRA~1\Symantec\S32EVNT1.DLL. An >> installable Virtual Device Driver failed Dll initialization. Choose >> 'Close' to terminate the application." > >> Doing a Google search, I see that it is the result of a >> faulty/corrupt Symantec (i.e., Norton) register--HUH!!!: > > Register? Hardware processors have registers, software may have > registry entries. Do you mean, registry entry? Yup. >> But, sure enough, while visiting the registry (regarding a separate >> issue--see below), there *is* a Symantec registry folder!?! Under HKEY_CURRENT_USER/Software/Symantec, there is a "LiveUpdate Administration Utility" folder, and under HKEY_LOCAL_MACHINE/Software/Symantec, there are several folders: "CCPD-LC", "IDS", "InstalledApps", "PaqchInst", "SharedUsage", "Symevent" and "SymNetDrv"!. I went to their site and searched, and came up with the culprit: # The two most common causes for the error messages to display when # launching 16 bit applications are outdated (older) Symantec Event # files (Symevnt) or a corrupt registry key. To resolve the problem, # use the steps in the following sections. # # Update the Symevnt files # To update Symevnt files, download and run the Sevinst.exe update # file. I bit and ran it and it did seem to cure it (though now in "Program Files/Symantec", there are five brand new files: S32EVNT1.DLL, SYMEVENT.CAT, SYMEVENT.INF and SYMEVENT.SYS! P=/ ). >> Could SP2 have added the Symantec folder? > > Possibly. In some cases, registry settings and/or Program Files > subdirs may be pre-seeded so that appropriate permissions can be set, > and so on. That may be the case here.. or you may already have active > malware that's seeded its own "Norton" material, either to kosh > "Norton" or as protective camoflage. As "Norton" contains its own > commercial malware - a hidden system designed to DoS you if it > "thinks" you are breaking their precious licensing terms - you'd not > want to pick a fight with it, deleting arbitrary files etc. I had considered seeing if I could remove their program/registry files, but came to the same conclusion you did: Let sleeping dogs lie! > So pretending to be a part of "Norton" is quite smart. even if those > files or settings didn't have a particular counter-NAV purpose. >> The reason that I was in the registry was that SP2 locked out >> WordPad's ability to load "Word For Windows 6.0" ".doc" files, >> due to an apparent security hole. > > That's interesting. WordPad doesn't interpret Visual Basic for > Attacks or Word macros, so they must be hedging against some sort of > code exploit These two pages give the cure: http://support.microsoft.com/kb/883090 http://support.microsoft.com/?kbid=870883 I tried it and .doc files open fine now! P=) ~Kaimbridge~ ----- Wanted-Kaimbridge (w/mugshot!): http://www.angelfire.com/ma2/digitology/Wanted_KMGC.html ---------- Digitology-The Grand Theory Of The Universe: http://www.angelfire.com/ma2/digitology/index.html ***** Void Where Permitted; Limit 0 Per Customer. *****
From: Marco A. Cruz Quevedo on 20 Jun 2005 23:28 Why not jus give atry to: http://www.freeav.com ? I have been using it for 2 years and does the job! Regards
From: ktvoelker on 23 Jun 2005 00:09 But when a group of people make a product for themselves because they need it, and aren't interested in turning it into a business, you can get a good thing for free. Of course, this wouldn't have worked in the 1800's, when there weren't really any products that a person could give away at no significant cost to themselves. But now software is such a thing. Clam Antivirus (http://www.clamav.net) is such a community-created piece of software. It is free and freely redistributable and alterable under the GNU General Public License, and many major companies (Macintosh included) trust it.
From: cquirke (MVP Windows shell/user) on 24 Jun 2005 02:44
On 22 Jun 2005 21:09:04 -0700, ktvoelker(a)gmail.com wrote: >Clam Antivirus (http://www.clamav.net) is a community-created >piece of software. It is free and freely redistributable and alterable >under the GNU General Public License Freely alterable? You mean I can create and distribute a malware'd (sorry, "commercially value-added") version? :-) I went to the Wiki but I could not edit. As I see this is a primarily non-Windows initiative, I would have asked about a mOS version: - bootable Linux CDR such as Knoppix, etc. - ClamAV on a oft-updated, write-protected USB stick - scan all files and report malware found (ClamAV doesn't clean) >-------------------- ----- ---- --- -- - - - - Tip Of The Day: To disable the 'Tip of the Day' feature... >-------------------- ----- ---- --- -- - - - - |