IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Windows vX.X Forum / Just a follow-up on the original post.
Post #104,193
by Andrew Grygus
Picture of Andrew Grygus
5/30/03 6:45:09 PM
Reply
New Just a follow-up on the original post.
The program that blew out the partition table and boot data wasn't Partition Magic, it was Symantec's Norton AntiVirus - and it did it again in another week (but I had all the details written down and fixed it in a couple minutes).

It appears NAV wakes up every week or so and looks at the boot info and partition table. It see's they're different from something it has stored somewhere and says, "EEEEEEEK! A Virus must have done this", and restores the old boot data and partition table.

Needless to say, I unistalled Norton and removed every trace of it I could find. Told the client he could reinstall it at his own risk.
[link|http://www.aaxnet.com|AAx]
Post #104,267
by deSitter
Picture of deSitter
5/31/03 2:34:41 PM
Reply
New Re: Just a follow-up on the original post.
With some regularity, a co-worker or friend will ask me to fix a PC. Almost always, NAV is installed. The first thing I do is remove it. The users are astonised at the performance boost. I tell them about removing NAV, and strongly urge them to avoid ALL anti-virus programs, since they are all useless. A little instruction on safe use and floppies is enough protection. I usually point out that Windows is the real culprit, and that virus attacks against Linux are virtually impossible.

NAV is surely the worst of a bad lot. What a despicable program.
-drl
Post #104,275
by Andrew Grygus
Picture of Andrew Grygus
5/31/03 3:17:20 PM
Reply
New Safe use and floppies?
I haven't seen a floppy based virus for five years. Everything is email and network now, and some are very sneaky. Many will infect just by appearing in the Outlook email preview window. They can even be implated by visiting a hostile Web site.

Expecting normal Windows users to not get infected is futile. I seldom see a computer that doesn't have at least a few infected files on it these days. Some antivirus program is needed.

I agree that Norton is the worst of the lot. Any product that's "Norton" anything, I avoid like the plague. They are all designed to be "smarter than the user", and put their hooks deep into the operating system. If something actually does go wrong, they can be highly destructive.
[link|http://www.aaxnet.com|AAx]
Post #104,276
by deSitter
Picture of deSitter
5/31/03 3:19:13 PM
Reply
New Missing word
Safe email use. Including disabling the preview pane.

Floppy virii can still be a plague in schools - so kids bring them home.

I usually download the "safe mode" scanners for particular families. They do as good a job as the full products.

I would be nice to acutally have a working virus program. I haven't found one that's worth the performance hit.
-drl
     Well, isn't that a fine how-di-do? - (Andrew Grygus) - (21) - Dec. 18, 2002, 01:09:01 AM EST
         Couple details, please - - (Ashton) - (6) - Dec. 18, 2002, 03:38:09 AM EST
             The objective is . . . - (Andrew Grygus) - (4) - Dec. 18, 2002, 12:15:49 PM EST
                 Re: The objective is . . . - (deSitter) - (2) - Dec. 18, 2002, 12:29:07 PM EST
                     You mean delete all devices, don't you? - (static) - (1) - Dec. 18, 2002, 06:23:38 PM EST
                         Re: You mean delete all devices, don't you? - (deSitter) - Dec. 18, 2002, 09:19:46 PM EST
                 Dunno if this will help. - (inthane-chan) - Dec. 18, 2002, 12:29:47 PM EST
             Thanks all for nostrums - added to tool kit. -NT - (Ashton) - Dec. 21, 2002, 07:08:46 AM EST
         Good Ideas are timeless! + >P1-166 search< question - (Ashton) - (9) - May 29, 2003, 04:52:20 AM EDT
             P166 is it. - (Steve Lowe) - May 29, 2003, 10:39:19 AM EDT
             Lemme check tonight - (jbrabeck) - May 29, 2003, 10:48:40 AM EDT
             XCOPY vs. XCOPY32 - (deSitter) - (1) - May 29, 2003, 10:58:43 AM EDT
                 Thanks - clearer. -NT - (Ashton) - May 30, 2003, 04:54:24 PM EDT
             Used P1-166 CPU - (orion) - (1) - May 29, 2003, 11:18:11 AM EDT
                 Thanks, Norman.. gotta get tuit. Eventually. -NT - (Ashton) - May 30, 2003, 04:50:24 PM EDT
             .. but gang aft aglee - (Ashton) - May 30, 2003, 04:48:33 PM EDT
             Ashton, are you still looking for the P-166? - (scoenye) - (1) - June 2, 2003, 02:34:51 PM EDT
                 Thanks, yes. Note in the \ufffdther - -NT - (Ashton) - June 3, 2003, 12:11:38 AM EDT
         Just a follow-up on the original post. - (Andrew Grygus) - (3) - May 30, 2003, 06:45:09 PM EDT
             Re: Just a follow-up on the original post. - (deSitter) - (2) - May 31, 2003, 02:34:41 PM EDT
                 Safe use and floppies? - (Andrew Grygus) - (1) - May 31, 2003, 03:17:20 PM EDT
                     Missing word - (deSitter) - May 31, 2003, 03:19:13 PM EDT

Certainly mighty proud to say, I'm always mighty proud to say it.
58 ms