# Anti-Virus software - Comparing AVG to Trendmicro



## EricT (Dec 3, 2004)

Hi all-

I am and have been a long time user/installer of AVG (www.grisoft.com)

However, I also use housecall.trendmicro.com to dual scan infected systems.

I have noticed the past few months that the trendmicro product seems to catch the trojan downloaders a whole lot more often. AVG rarely sees them, and is often thwarted by self-protecting files.

My question- how is the PC-Cillin (the pay for version) in comparison to AVG? I look at 3 things with AV software- effectiveness, system load, and cost. Effectiveness being how well it detects and cleans, system load - how much does it slow things down, and cost- how much!

Not looking for anyone to comment on either norton or mcafee- as a professional virus remover, I have seen enough of those products to have already made a decision there... no offense, not trolling just... I dont wanna hear it from the norton crowd. 

Thanks!

Eric


----------



## crazijoe (Oct 19, 2004)

I am neither a norton or mcafee user but I have used AVG and was a little dissapointed because of all the good reviews. I, myself use F-Secure and it has found and removed viruses that AVG could not remove.


----------



## EricT (Dec 3, 2004)

I will look into F-secure, but I was specifically looking for pc-cillin users to compare that product to AVG. 

Thanks,

Eric


----------



## dai (Jul 2, 2004)

avg is for anti virus
for trojans here are 2 free ones
http://www.ewido.net/en/?section=download
http://www.emsisoft.com/en/software/download/?


----------



## YeeFam (Nov 19, 2004)

OK - just to help me understand -
avg for virus protection
ewido, emsisoft for trojans
adaware for spyware

Plus the firewall protection....

No wonder we need bigger hard drives!


----------



## dai (Jul 2, 2004)

yes thats about it


----------



## Detah (Jun 30, 2004)

There seems to be some misunderstanding in the (beginner to medium range-user) internet community about what programs protect versus what. I think that is understandable, in that, the companies themselves are not always upfront about the boundaries, limitations and scope of their products. Let me see if I can help some.

*Firewalls* (like Norton Firewall, ZoneAlarm pro, Kerio, etc)
In the simplest terms, when you go online, your computer is talking to another computer. The 'mouth' of your computer is a port. A port is like a portal or door through which, your information passes. You have many many ports on your computer. Each port is numbered; some are reserved port numbers and others are open for any type of traffic. For example, port 80 is reserved for HTTP traffic. 

A Firewall simply sets up a set of rules for using those ports. You can tell your firewall "nobody uses port 194" or 'alert me when port 194 is accessed' or 'leave port 194 wide open for anyone and dont tell me about it'. (194 is the IRC reserved port.) You would have to either specify another port to connect with your IRC program, or not be able to use it at all.

http://webopedia.internet.com/quick_ref/portnumbers.asp
has a nice list of reserved port numbers.

Now most firewalls, monitor and regulate inbound traffic through these ports. But fewer firewalls monitor and regulate outbound traffic. So it is important to choose a firewall which monitors inbound and outbound. 

Q. Why do we need to monitor outbound if we are protected from the badguys who are on the outside?
A. Because no matter how good your antivirus program is, there is always someone out there coding the next new badguy that your antivirus program doesn't know about yet. Or you could upload it on an mp3 that you downloaded from napster. Or you could unwittingly install it with some other software that you purchased. *yes, this happens all the time.* So there are many ways that badguys get on your system. Once they are there, the most common thing for them to do is replicate, send themselves to other users, or worse...use your machine as a robot to attack webservers. 

If you have outbound protection, then this cant happen. At least you will be made aware that you have a badguy on board so you can take appropriate action.

So a firewall simply monitors and regulates traffic over a network (this can be between your computer and another server like www.techsupportforum.com or it can be between your computer and another computer). A firewall has nothing to do with monitoring file types, file sizes, or file functions. 

*Antivirus*
A virus is any piece of code (ie program) that has the ability to replicate itself. Viruses are usually executable files (.exe), but can have any extension, eg. .dll, .com, etc. A virus can do anything that a user can command a computer to do. ie. if your computer can do it, then one can code a virus to do that action/command. A Worm is a special type of virus that can replicate itself, use memory, but cannot attach itself to other programs. 

A Trojan is not a virus. Trojans cannot replicate themselves, but can be just as destructive as viruses.
Specifically a trojan is a malicious program that masquerades as a legitimate program or piggy-packs on a legitimate program and 'drops the payload' during installation or running of that legitimate program.

Like all programs, viruses, worms and trojans contain text code. Within this code, they have certain signatures or strings of code that are recognizable and distinct from other legitimate programs' code. 

Antivirus programs look for these signature or patterns in the files or memory of your computer that indicate the possible presence of a known virus. So when you upload 'definition files' for Norton Antivirus, McAfee Virusscan, etc, that is what you are doing. You are adding new signatures of known new viruses.

An antivirus program literally compares it's known list of badguy signatures to the code in the files on your system. That is what is happening during a scan. 

So the antivirus program is only as good as the most current definition list. If you download a badguy which is not known to your antivirus program, then most likely you will have no protection and be infected. Antivirus companies try to stay as current as possible. But new viruses appear everyday, so it is always a cat and mouse game where the antivirus companies are trying to catch up.

*Spyware, Adware, Malware*
Spyware is any program which records or transmits data from your computer and sends it to a secondary source.

Adware is any program which places, installs or updates advertisements on your computer. Adware may appear as ads, banners, or popup advertising on your computer.

Malware, short for malicious software, is a general term for any program which damages your computer and was placed on your computer without your authorization.

Most people consider malware to be the header category and spyware, adware, viruses, trojans and worms are the subcategories. 

Q. What is the difference between a virus and a non-virus piece of malware?
A. Its difficult to say. Technically, if it harms your system and can replicate itself, then it is a virus. If it harms your system but cannot replicate, then it is called 'malware'. Even though in reality, by definition all viruses are malware. 

Now, ideally we want the antivirus software to stop all the malware. But in reality this would not be practical or efficient. So where do antivirus companies draw the line? It is hard to say. Mostly they stick to the strict definition of viruses and most antivirus programs also tackle worms and trojans. But dont be fooled. There are non-virus malware out there which are as deadly and evil as their virus counterparts. There are simple viruses which can disable your ability to rename file names. Likewise, there are simple malware programs which cause endless popup windows to appear during internet browsing. After 5 minutes of browsers opening on top of each other, your memory is completely taxed. And your system crashes. Which is worse? 

Sometimes you will find that the programs overlap; an antispyware program and your antivirus program both discover and remove a particular badguy. But for the most part, each program specializes in a particular area of malware. eg. AdAware and Spybot focus on adware and spyware. There are several tools out there which specialize specific to one type of infection, like Kill2Me is a decent program to remove the Look2Me bug.

No one tool can do everything....at least not yet. Ultimately, you need a variety of utilities on your machine to prevent all the malware, adware, spyware and virii out there. The bare essentials are: a good Firewall, a good virusscanner with autoprotect enabled, Spybot with Immunize enabled, AdAware, SpywareBlaster and SpywareGuard. For maximum effectiveness, these programs need to be updated regularly. Regularly means at least once a week. Preferably twice per week.
----------------------------------------------------------------
As a first line of defense I strongly recommend a good firewall, like Norton Firewall 2004, ZoneAlarm Pro or Kerio; all three are very highly rated. If you are short on $ there are several free options available to you. Consider ZoneAlarm or Outpost.
Running Spybot S&D and AdAware regularly are a good second line of defense.

Additional protections
SpywareGuard is live protection from spyware. SpywareBlaster and IE-SpyAd are run-once prevention programs which are also free. You only need to update them periodically.

*SpywareGuard* (1.96 MB) functions like an antivirus program, scanning files before they are opened and downloaded, but for spyware. It also protects your internet browser from hijacks. 

*SpywareBlaster* (2.1 MB) is not a system cleaner like Spybot; rather it blocks/prevents bad ActiveX and malevolent cookies from entering your system in the first place. 

*IE-SpyAd* (227 kB) places over 5000 sites into your Restricted Zone so you do not accidentally visit known evil sites.

See also So how did I get infected in the first place?  for more information about spyware prevention.
----------------------------------------------------------------
*Internet Explorer security settings*

* IE | Tools | Internet Options | General tab | under Temporary Internet Files, click Delete Files, Wait
* same location, under History, click Clear History, OK
* IE | Tools | Internet Options | Security tab
Highlight Trusted Sites. Click Sites.
Make sure this is empty. There should never ever be anything in here. Badguys hijack known good sites everyday. So don't give them free access to your machine.

Now highlight Internet | Custom Level
Under Download signed ActiveX controls
set to Prompt
Under Download unsigned ActiveX controls
set to Disable
Initialize and script ActiveX not marked as safe
set to Disable
Java permissions
set to High Safety

Now unsigned ActiveX programs will not be allowed at all. When a Signed ActiveX programs attempts to download/install, you will be prompted. NOTE: if you click on a page (even a page you consider safe) but didn't actively download something, and are prompted to download an ActiveX file, ALWAYS DENY. Reputable sites are hijacked by malicious code all the time. So play it defensively. Only accept when you have actively clicked on something that you know requires an ActiveX program. If you are unsure, DENY access.


----------



## YeeFam (Nov 19, 2004)

Excellent tutorial, Detah,

(I have used sygate for firewall protection when I had Win 98 SE.)


----------



## jgvernonco (Sep 13, 2003)

I am a HUGE fan of Trend Micro, but I would not trust it to protect me against trojans and worms; no way.

This is a fast moving business, and no one has demonstrated, as yet, the competency to do it all.

I run all free programs on my system, to prove a point; you don't have to spend money to be secure on the net. Heck, as part of my volunteer work here, I have, at times, visited known "bad" sites; no infections, ever.

So, yes, you need a bigger hard drive, several programs to protect you from different things (as they really are specialists), a firewall (or you are almost wasting your time with the other progs) and some knowledge of safe computing.

These bad guys are brilliant, at times, and the multi-layered aproach is the only way to go.


----------



## Don Do Right (Oct 7, 2004)

jgvernonco said:


> I
> I run all free programs on my system, to prove a point; you don't have to spend money to be secure on the net.


 Could you provide us with this FREE list.... Would it be different for Win98 users?


----------



## Detah (Jun 30, 2004)

Free programs

*Firewall*
ZoneAlarm

*AntiVirus*
Grisoft's AVG

*AntiSpyware, AntiAdware and AntiMalware*

*Spybot Search & Destroy* instructions (~3.5MB)

 Download Spybot (written by Patrick Kolla). Click <download> from 
http://www.safer-networking.org/
Save spybotsd13.exe into its own directory, NOT in a TEMPorary folder or on the Desktop. 
I recommend c:/program files/spybot/
 Doubleclick spybotsd13.exe. Make sure to direct the program to install in the c:/program files/spybot/ directory, NOT the default directory.
 Open Spybot from Start | Programs | Spybot | Spybot S&D
 Select <Search for Updates>. Let it install all updates. This is very important!
 Select <Immunize>
 Select <Check for Problems>
 Check all entries that are in RED. Only RED, NOTHING ELSE. For your records, write/print out each item that you have fixed. Date it.
 Select <Fix Selected Problems>
 Close Spybot//

*Ad-Aware* instructions (2563 kB)

 Download Ad-Aware SE build 1.05 (written by Lavasoft) from 
http://www.lavasoft.de/
If you have a previous version of AdAware installed, you will be prompted to uninstall or keep the older version during installation. Be sure to choose Uninstall The Previous Version. Save aawsepersonal.exe into its own directory, NOT in a TEMPorary folder or on the Desktop. I recommend c:/program files/Adaware/
 Doubleclick aawsepersonal.exe. Make sure to direct the program to install in the c:/program files/adaware/ directory, NOT the default directory.
 Open AdAware from Start | Programs | Lavasoft | AdAware. 
 Select <Check for updates now>, <Proceed>
 Setting adjustments. [[Green = checked]] Click the Gear Icon in the top right corner. New settings:
 By default you begin in the <General> section. The following should be checked:
 Automatically save logfile
 Automatically quarantine objects prior to removal
 Safe Mode (always request confirmation)
 Prompt to update outdated confirmation - change to "7 days"

 Click <Scanning>
 Check Scan within Archives
 Select "Select drives & folders to scan", check all of your harddrives. Usually its just c:/, <Proceed>
 Under Memory & Registry, select all options

 Click <Advanced>
 Under Shell Integration, select "Move deleted files to Recycle Bin"
 Under Logfile detail, select all options

 Click <Defaults>
 Type in the full URL of what you want as your default homepage and search page eg. http://www.google.com

 Click <Tweak>
 Expand Scanning Engine and make sure the following are selected:
 Unload recognized processes during scanning
 Obtain command line of scanned processes
 Scan registry for all users instead of current user only

 Expand Cleaning Engine and make sure the following are selected:
 Always try to unload modules before deletion
 During removal, unload explorer and IE if necessary	
 Let Windows remove files in use at next reboot
 Delete quarantined objects after restoring

 Expand Safety Settings and make sure the following are selected:
 Write-protect system files after repair (Hosts file, etc)



 Click <Proceed> | <Start> | select Use custom scanning options | <Next>
 When the scan is finished, rightclick on any entry and choose <Select All Objects>. 
 Select <Clean> 
 Close AdAware//

*SpywareGuard* (1.96 MB) functions like an antivirus program, scanning files before they are opened and downloaded, but for spyware. It also protects your internet browser from hijacks. 

*SpywareBlaster* (2.1 MB) is not a system cleaner like Spybot; rather it blocks/prevents bad ActiveX and malevolent cookies from entering your system in the first place. 

*IE-SpyAd* (227 kB) places over 5000 sites into your Restricted Zone so you do not accidentally visit known evil sites.

Any key ones that I forgot, jg?


----------



## dai (Jul 2, 2004)

two free trojan scanners
http://www.ewido.net/en/
http://www.emsisoft.com/en/software/download/?


----------



## Music_Lover_Lyn (Dec 12, 2004)

crazijoe said:


> I am neither a norton or mcafee user but I have used AVG and was a little dissapointed because of all the good reviews. I, myself use F-Secure and it has found and removed viruses that AVG could not remove.


*What is F-Secure and is it freeware? I'm a current user of AVG, as well, but am upset that certain spyware/threats have been found by using this to scan and search for the spyware/threats that even AVG can't find/remove. So, in conclusion, is F-Secure better than AVG and is it free? Thanks in advance. :grin: *



Detah said:


> *Antivirus*
> A virus is any piece of code (ie program) that has the ability to replicate itself. Viruses are usually executable files (.exe), but can have any extension, eg. .dll, .com, etc. A virus can do anything that a user can command a computer to do. ie. if your computer can do it, then one can code a virus to do that action/command. A Worm is a special type of virus that can replicate itself, use memory, but cannot attach itself to other programs.
> 
> A Trojan is not a virus. Trojans cannot replicate themselves, but can be just as destructive as viruses.
> ...


*That is so freaky on how these things can be created and be so harmful/deadly to any computer that's affected with it/them. :sad: :sayno: *


----------



## dai (Jul 2, 2004)

you need to run a number of programs on your computer as no one will catch everything there are
virus
spyware & malware
trojans
i personally use
avg free
spysweeper
spybot free
adaware free
A2 free
ewido free
winpatrol free
and somewhere along the line a new variant will get through and have to be removed manually,it depends mainly on where you and what you do on the internet usualy when you catch something,you have invited it in,by d/loading something that contains it hidden in it.
if it is a new strain it will get through what you have watching for it.


----------



## crazijoe (Oct 19, 2004)

Music_Lover_Lyn said:


> *What is F-Secure and is it freeware? I'm a current user of AVG, as well, but am upset that certain spyware/threats have been found by using this to scan and search for the spyware/threats that even AVG can't find/remove. So, in conclusion, is F-Secure better than AVG and is it free? Thanks in advance. :grin: *


F-Secure can be found here.
http://www.f-secure.com/
I was a livid Norton user before I started to work at the company I am presently employed for. They use F-Secure because of the dissatisfying outcome of Norton and McAffee. I didn't start using F-Secure until about 6 months ago a friend gave me his computer to repair because of a virus. He ran AVG and it found the virus but could not remove it. I ran Norton on the drive and It could not find any virus. I installed F-Secure and It found the virus plus about 33 more and removed them. I have had this happen on 2 other computers I have worked on since. I'm not here to promote F-Secure but I do believe their Internet Security is the best I have used. I believe when I bought it it was $80.00 and it was the best $80.00 I have ever spent.
But you have to remember that any AV program is only good as the person who uses it. It will warn you when you have a virus but you are the deciding factor on what to do with it afterwards. Plus not all AV programs will protect you from every virus. When a new virus comes out, AV companies don't know about it and it will take a while for them to send out updates for it.


----------



## Music_Lover_Lyn (Dec 12, 2004)

dai said:


> you need to run a number of programs on your computer as no one will catch everything there are
> virus
> spyware & malware
> trojans
> ...


*I already use AVG Free Edition, Spybot Search & Destroy, and Ad-aware...but I'm not familiar with Spysweeper, A2 Free, Ewido Free, or WinPatrol Free. What are those programs and how are they important for the computer, dai?*



crazijoe said:


> F-Secure can be found here.
> http://www.f-secure.com/
> I was a livid Norton user before I started to work at the company I am presently employed for. They use F-Secure because of the dissatisfying outcome of Norton and McAffee. I didn't start using F-Secure until about 6 months ago a friend gave me his computer to repair because of a virus. He ran AVG and it found the virus but could not remove it. I ran Norton on the drive and It could not find any virus. I installed F-Secure and It found the virus plus about 33 more and removed them. I have had this happen on 2 other computers I have worked on since. I'm not here to promote F-Secure but I do believe their Internet Security is the best I have used. I believe when I bought it it was $80.00 and it was the best $80.00 I have ever spent.
> But you have to remember that any AV program is only good as the person who uses it. It will warn you when you have a virus but you are the deciding factor on what to do with it afterwards. Plus not all AV programs will protect you from every virus. When a new virus comes out, AV companies don't know about it and it will take a while for them to send out updates for it.


*So, overall, is F-Secure better than AVG and is there a freeware version of it because I don't have a lot of money to spend on stuff, like this (and I want my computer to be healthy and not get any viruses, ever)? Thanks in advance.:smile:*


----------



## dai (Jul 2, 2004)

spysweeper is a paid for program and win patrol do the same thing they sit in your system tray and when anything tries to install they pop up and give you a discription of it and ask if you agree to it installing or not
A2 and ewido free versions have to be run manually and these are for mainly trojans
i found another free trojan program this week but when installed it wanted to email god knows what about my computer out,i blocked it and uninstalled it spy sweeper picked it up


----------



## Music_Lover_Lyn (Dec 12, 2004)

dai said:


> spysweeper is a paid for program and win patrol do the same thing they sit in your system tray and when anything tries to install they pop up and give you a discription of it and ask if you agree to it installing or not
> A2 and ewido free versions have to be run manually and these are for mainly trojans
> i found another free trojan program this week but when installed it wanted to email god knows what about my computer out,i blocked it and uninstalled it spy sweeper picked it up


*So, which program should I use to keep my computer healthy and ammune from viruses of every kind?*


----------



## Detah (Jun 30, 2004)

There are lots of good Virusscanners out there. 
Norton, McAfee, Avast, BitDefender, F-Secure, AVG and Panda are all well-respected. There is no one that is best. Its all a matter of how fast the developers can provide new definitions for the newest bugs. Not all companies provide a new definition file to bugs X, Y and Z at the same time. One may come out with a new definition file for X and Y and another program may come out with a definition file for Y and Z. All in all, they all do a good job of protecting in general. Some people claim there is variation based on the resources that a particular antivirus program provides in autoprotect mode. I have tried 3 different antivirus apps on my 98 machine and I could not tell a difference. Maybe you can. So I recommend visiting some sites, reading reviews, trying out 3 or 4 and then choosing based on cost, review ratings and irgonomics of the interface. 

Many bugs (viruses, trojans and worms) are stopped by antispyware apps, like AdAware and Spybot. So dont forget to install these apps also. See my post #11 above.

I run Norton Antivirus 2004, Norton Firewall 2004, AdAware SE build 1.05, Spybot S&D, SpywareBlaster, SpywareGuard, and IESpyAd on both my home and work machines. I also frequently run HiJackThis, visit online viruscanners like Housecall, and do online security checks at Gibsons site (www.grc.com).


----------



## dai (Jul 2, 2004)

i have all of them on the comp.
and you can run online virus checkers occasionally as well,they keep me reasonably clean considering the amount of d/loading and the places i d/l from


----------



## Music_Lover_Lyn (Dec 12, 2004)

Detah said:


> There are lots of good Virusscanners out there.
> Norton, McAfee, Avast, BitDefender, F-Secure, AVG and Panda are all well-respected. There is no one that is best. Its all a matter of how fast the developers can provide new definitions for the newest bugs. Not all companies provide a new definition file to bugs X, Y and Z at the same time. One may come out with a new definition file for X and Y and another program may come out with a definition file for Y and Z. All in all, they all do a good job of protecting in general. Some people claim there is variation based on the resources that a particular antivirus program provides in autoprotect mode. I have tried 3 different antivirus apps on my 98 machine and I could not tell a difference. Maybe you can. So I recommend visiting some sites, reading reviews, trying out 3 or 4 and then choosing based on cost, review ratings and irgonomics of the interface.
> 
> Many bugs (viruses, trojans and worms) are stopped by antispyware apps, like AdAware and Spybot. So dont forget to install these apps also. See my post #11 above.
> ...


*Thank-you for that big explanation, I appreciate it.:smile: I also just downloaded SpywareGuard (thank-you for telling me about it) and it's on my taskbar. Also, since I'm running Zone Alarm...SpywareGuard won't interfer with Zone Alarm, will it? I mean, they'll both do what they're supposed to do without interferring with each other's duty?*



dai said:


> i have all of them on the comp.
> and you can run online virus checkers occasionally as well,they keep me reasonably clean considering the amount of d/loading and the places i d/l from


*Could you tell me, again, what those computer-helping programs, that you said you have, on your computer, are named? I don't remember what you had said you have. Thanks in advance. :smile:*


----------



## jgvernonco (Sep 13, 2003)

You can find them all, at the link, I believe. 

To help prevent future spyware installations/infections, please read the Anti-Spyware Section and use the tools provided.

Also, the spuyware scanner that we use, here, because it is fussy...

If you have a fast internet connection (broadband), run an online virus scan at TrendMicro. Make sure to select the Autoclean option. Otherwise, make sure your antivirus program has the latest definitions and run a full system scan.


----------



## Music_Lover_Lyn (Dec 12, 2004)

jgvernonco said:


> You can find them all, at the link, I believe.
> 
> To help prevent future spyware installations/infections, please read the Anti-Spyware Section and use the tools provided.
> 
> ...


*Thanks for all of this information, jgvernonco!:smile: But, may I ask (and if you know) why they ask you to turn off "SystemRestore" when running the following on your computer from this site?:

BitDefender Virus Scan
Online Trojan Scan
Panda ActiveScan
RAV Virus Scanner
Symantec Security Check
TrendMicro Online Scan

Wouldn't it be unsafe for anyone to turn off "SystemRestore", for any reason, when it regards computer safety?*


----------



## dai (Jul 2, 2004)

when the computer gets infected so does system restore,the only way to clean restore is to turn it off before cleaning and back on again when you have finished.
if you do not do this and restore your computer at a later date,you also restore all of the infections that you have previously cleaned off


----------



## Music_Lover_Lyn (Dec 12, 2004)

dai said:


> when the computer gets infected so does system restore,the only way to clean restore is to turn it off before cleaning and back on again when you have finished.
> if you do not do this and restore your computer at a later date,you also restore all of the infections that you have previously cleaned off


*Oh, wow! I didn't even know that. Thanks for letting me know.:smile: Now, about A2 free, ewido free, and winpatrol free...what do they do and where can I donwload them? Thanks in advance.*


----------



## dai (Jul 2, 2004)

http://www.emsisoft.com/en/software/download/?
http://www.ewido.net/en/
http://www.winpatrol.com/news.html
the first 2 are trojan scanners
and winpatrol sits in the tray and pops up if anything tries to make a system change[spyware]ect.


----------



## Music_Lover_Lyn (Dec 12, 2004)

dai said:


> http://www.emsisoft.com/en/software/download/?
> http://www.ewido.net/en/
> http://www.winpatrol.com/news.html
> the first 2 are trojan scanners
> and winpatrol sits in the tray and pops up if anything tries to make a system change[spyware]ect.


*Thanks dai!:smile: I just downloaded WinPatrol a few hours ago and I like it. :sayyes: *


----------



## toy264 (Nov 16, 2004)

What do you mods think of the Diamond products TDS and Wormguard?

I read somewhere of a high-end virus scanner that didn't rely on signitures but rather a heruistic analysis. Anyone know about it?

Finally, would someone explain "statefull packet" examination as it relates to firewalls?


----------



## jgvernonco (Sep 13, 2003)

Here's a pretty good explanation of statefull packet tech:

http://list.cineca.it/cgi-bin/wa?A2=ind0104&L=security-archive&F=&S=&P=42989

Lot's of companies are working on heuristic virus scannng, but I don't think that anyone has released one, yet.


----------



## dai (Jul 2, 2004)

avg has a setting for heuristic you tick a box in the shell setting


----------



## ICFire (Oct 19, 2004)

On the firewall front Sygate also makes an excellent firewall, free also.


http://smb.sygate.com/products/spf_standard.htm


----------



## Music_Lover_Lyn (Dec 12, 2004)

dai said:


> avg has a setting for heuristic you tick a box in the shell setting


*What do you do after you click on the "Shell Extention" option in AVG, dai?? I'm looking at my AVG program thing and I see the "Shell Extention" option, and in it says the following: "The AVG Free Edition is active in the Windows Explorer."*


----------



## dai (Jul 2, 2004)

click on the shell box and down the bottom click on settings,on what pops up you will see a box to be ticked,i think it is ticked by default


----------



## Music_Lover_Lyn (Dec 12, 2004)

dai said:


> click on the shell box and down the bottom click on settings,on what pops up you will see a box to be ticked,i think it is ticked by default


*I did as you said and the things that are checked are the following:

Under "Scanning Parameters"

Scan files without interruption and
Automatically heal infected file

Under "Scanning Properties"

Use Heuristic Analysis
Scan inside archives

Under "File Extentions"

Scan all files

Is that what you have? Also, should I also check (under "Scanning Properties" should I also check "Scan System Areas" and "Use Integrity Check"? Please let me know because I want to make sure that AVG does a grand job at keeping my computer free of viruses.*


----------



## dai (Jul 2, 2004)

Scanning Properties
Scan System Areas
Use Integrity Check
i have not got these checked,i usually just run the default settings


----------



## Music_Lover_Lyn (Dec 12, 2004)

dai said:


> Scanning Properties
> Scan System Areas
> Use Integrity Check
> i have not got these checked,i usually just run the default settings


*Thanks so much for letting me know, dai! :grin:*


----------

