Welcome to SecurityForumz.com!
FAQFAQ      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Ping: Art - Some Help Needed - F-Prot

  
   Security Forums (Home) -> F-PROT RSS
Next:  F-Prot & WinXP Home multiple User problems  
Author Message
Add Subtract

External


Since: Jul 16, 2003
Posts: 7



(Msg. 1) Posted: Fri Jun 27, 2003 11:48 pm
Post subject: Ping: Art - Some Help Needed - F-Prot
Archived from groups: alt>comp>anti-virus (more info?)
Hi Art or Frederic or whoever LOL!

I am having a problem with F-Prot for DOS finding infected files within
the latest (6/25 and 6/26) Norton Anti Virus 2001 virus definitions.

I'm using the latest version of F-Prot for DOS (3.13) with updated macro
and def files. Set to scan compressed, archives and heuristic...

The files being flagged as being infected with a "new or modified
variant of Trivial" are these:

C:\Program Files\Common Files\Symantec\Virus
Def\20030625.19/HH-/pocketpcdefs1.zip\savce.def

And


C:\Program Files\Common Files\Symantec\Virus
Def\20030626.19/HH-/pocketpcdefs1.zip/savce.def

This is happening on both my WinME desktop and Win9SE laptop. Same 2
Norton AV files being flagged.

My Norton 2001 scan shows clean
TrendMicro Housecall scan shows clean
PandaScan shows clean
TrojanHunter 3.5 shows clean

F-prot is also flagging a file on my WinME desktop:

C:\Windows\System\Restore\Temp\A0045114.cpy

Says it "could be a boot sector virus dropper"

I cleared all my restore points and rebooted a few times, ran F-Prot
and I got another message about the same problem in a new restore .cpy
file.

Any help, advice or ideas?

Thank you,

+-

--

 >> Stay informed about: Ping: Art - Some Help Needed - F-Prot 
Back to top
Login to vote
Frederic Bonroy

External


Since: Jul 09, 2003
Posts: 6



(Msg. 2) Posted: Sat Jun 28, 2003 12:08 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Add Subtract wrote:

> I am having a problem with F-Prot for DOS finding infected files within
> the latest (6/25 and 6/26) Norton Anti Virus 2001 virus definitions.
>
> I'm using the latest version of F-Prot for DOS (3.13) with updated macro
> and def files. Set to scan compressed, archives and heuristic...

The latest version is 3.13a though it will probably be replaced by
3.14 soon.

> The files being flagged as being infected with a "new or modified
> variant of Trivial" are these:
>
> C:\Program Files\Common Files\Symantec\Virus
> Def\20030625.19/HH-/pocketpcdefs1.zip\savce.def
>
> And
>
> C:\Program Files\Common Files\Symantec\Virus
> Def\20030626.19/HH-/pocketpcdefs1.zip/savce.def

Trivial is a family of extremely simple DOS viruses. These are
false alerts.

> This is happening on both my WinME desktop and Win9SE laptop. Same 2
> Norton AV files being flagged.
>
> My Norton 2001 scan shows clean
> TrendMicro Housecall scan shows clean
> PandaScan shows clean
> TrojanHunter 3.5 shows clean

I suggest you contact f-prot.RemoveThis@f-prot.com.

> F-prot is also flagging a file on my WinME desktop:
>
> C:\Windows\System\Restore\Temp\A0045114.cpy
>
> Says it "could be a boot sector virus dropper"
>
> I cleared all my restore points and rebooted a few times, ran F-Prot
> and I got another message about the same problem in a new restore .cpy
> file.

Hmmm... I can't help you with that. If you write to Frisk, you could
send them this .cpy file at the same time.

 >> Stay informed about: Ping: Art - Some Help Needed - F-Prot 
Back to top
Login to vote
Bart Bailey

External


Since: Jul 30, 2003
Posts: 85



(Msg. 3) Posted: Sat Jun 28, 2003 12:08 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Imported from groups: per prev. post (more info?)
Back to top
Login to vote
Frederic Bonroy

External


Since: Jul 09, 2003
Posts: 6



(Msg. 4) Posted: Sat Jun 28, 2003 12:59 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Bart Bailey wrote:

> I extracted the 314 executable from the windows version, and plugged it
> into my DOS folder, runs just fine.

You have a fast connection, right? Smile
 >> Stay informed about: Ping: Art - Some Help Needed - F-Prot 
Back to top
Login to vote
Bart Bailey

External


Since: Jul 30, 2003
Posts: 85



(Msg. 5) Posted: Sat Jun 28, 2003 12:59 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Imported from groups: per prev. post (more info?)
Back to top
Login to vote
me

External


Since: Dec 27, 2004
Posts: 198



(Msg. 6) Posted: Sat Jun 28, 2003 4:28 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Imported from groups: per prev. post (more info?)
Back to top
Login to vote
David W. Hodgins

External


Since: Jun 28, 2003
Posts: 26



(Msg. 7) Posted: Sat Jun 28, 2003 5:30 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
On Fri, 27 Jun 2003 23:48:23 -0700 (PDT), Add Subtract <AddSubtract RemoveThis @webtv.net> wrote:

> I am having a problem with F-Prot for DOS finding infected files within
> the latest (6/25 and 6/26) Norton Anti Virus 2001 virus definitions.
> I'm using the latest version of F-Prot for DOS (3.13) with updated macro
> and def files. Set to scan compressed, archives and heuristic...

In f-prot, when you select options, and move the cursor to "Use heuristics",
the following shows at the bottom of the screen...

=========================
= Attempt to detect unknown viruses with the use of heuristics (rules that
= describe the behaviour and structure of viruses). This will increase the
= detection rate, at the cost of an increase in the chance of false alarms.
=========================

In other words, you should expect false alarms when the use of heuristics
is selected.

When a program is identified as infected, using heuristics, it just means
you should check the program very carefully, using other scanners, as you
have done, before running it.

I wouldn't worry about these false alarms, or bother reporting them.

Regards, Dave Hodgins
 >> Stay informed about: Ping: Art - Some Help Needed - F-Prot 
Back to top
Login to vote
Frederic Bonroy

External


Since: Jul 09, 2003
Posts: 6



(Msg. 8) Posted: Sat Jun 28, 2003 5:44 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Bart Bailey wrote:

> Somewhat.
> The file (7,429,632) takes under a minute from the European FTP:
> ftp://ftp-eu.f-prot.com/pub/windows/fp-win_trial.exe

That would take about 20 minutes on my connection. Sad

Plus I would have to run the installation program, and I have no
idea what it would do to my registry even if I chose to install
only the DOS part. I just don't trust Windows programs.
 >> Stay informed about: Ping: Art - Some Help Needed - F-Prot 
Back to top
Login to vote
Bart Bailey

External


Since: Jul 30, 2003
Posts: 85



(Msg. 9) Posted: Sat Jun 28, 2003 5:44 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Imported from groups: per prev. post (more info?)
Back to top
Login to vote
Add Subtract

External


Since: Jul 16, 2003
Posts: 7



(Msg. 10) Posted: Sat Jun 28, 2003 8:42 pm
Post subject: Re: Ping: Art - Some Help Needed - F-Prot [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Thank you very much you guys. I figured they were harmless but wanted
to follow up with some folks who have more experience with things like
this.

addsubtract.RemoveThis@webtv.net

+-

--


On Fri, 27 Jun 2003 23:48:23 -0700 (PDT), Add Subtract
<AddSubtract.RemoveThis@webtv.net> wrote:

I am having a problem with F-Prot for DOS finding infected files within
the latest (6/25 and 6/26) Norton Anti Virus 2001 virus definitions.

I'm using the latest version of F-Prot for DOS (3.13) with updated macro
and def files. Set to scan compressed, archives and heuristic...
In f-prot, when you select options, and move the cursor to "Use
heuristics", the following shows at the bottom of the screen...

=========================

= Attempt to detect unknown viruses with the use of heuristics (rules
that
= describe the behaviour and structure of viruses). This will increase
the
= detection rate, at the cost of an increase in the chance of false
alarms.

=========================

In other words, you should expect false alarms when the use of
heuristics is selected.
When a program is identified as infected, using heuristics, it just
means you should check the program very carefully, using other scanners,
as you have done, before running it.

I wouldn't worry about these false alarms, or bother reporting them.

Regards, Dave Hodgins
 >> Stay informed about: Ping: Art - Some Help Needed - F-Prot 
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Run F-PROT for DOS from CD? - Can I run F-PROT for DOS from a CD? ISTR that F-PROT for DOS filled 2 diskettes and probably now needs 3 diskettes. So I would prefer to burn a CD and run it from there. Does anyone know if this works?

F-Prot for Dos on XP - Hi, please forgive a possibly stupid Question. Before switching to WinXP I just got used to F-Prot for Dos. I think it's usefull to scan now and then before starting the OS. Now with WinXP I do miss this opportunity. Installing Win 98 just for F-Prot....

F-Prot for DOS - what are sign2.def and fssign2.def differ.. - Any F-Prot users out there who might be able to clear up some confusion for me about the files sign2.def and fssign2.def? I noticed some time ago that the file sign2.def no longer seemed to be updated on the fsecure site that I use for regular definitio...

F-PROT for DOS and WINXP - I understand WINXP only has a SIMULATED DOS mode. I do not run WINXP so I am asking for a friend who does use XP. Can F_PROT for DOS virus scanner be used on a PC running WINXP? Is F_PROT FOR DOS effective running from WINXP SIMULATED DOS mode? I find i...

NTFS, F-Prot like scanner - Is there a virsus scanner that anyone knows of that scans a NTFS volume before Windows loads?
   Security Forums (Home) -> F-PROT All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]