Norton's email warnings

[Geoff]

Anyway to stop the thing popping up on every single virus it finds in the
emails? Can't it show the summary page at the end - surely that would be
more appropriate. I've had to disable the whole thing, because it's just
too annoying.

Don't these people test their own products?

Geoff.

 

[David]

Anyway to stop the thing popping up on every single virus it finds in the
emails? Can't it show the summary page at the end - surely that would be
more appropriate. I've had to disable the whole thing, because it's just
too annoying.

Don't these people test their own products?

Geoff.

X-No-Archive: yes

In the E-mail options page you can check 'repair then silently delete if
unsuccessful', I think this will prevent the prompt box appearing.

 

[Melissa]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi David,

In the E-mail options page you can check 'repair then silently
delete if unsuccessful', I think this will prevent the prompt box
appearing.

That may prevent the prompt box, but it doesn't really seem an
adequate substitute for what Geoff was describing.

I don't use NAV, and haven't looked at it for a long time, so I'm not
sure if what Geoff is asking for is possible, but if I'm interpreting
his question correctly, he's not asking for an automatic, transparent
action on the part of NAV. I certainly don't want my AV "repairing"
and/or deleting anything without first consulting me. What if the
detection is a false positive?

Automatic quarantine and/or refusal to allow a suspected file to run
can be reasonable enough, but when it comes to repairing, cleaning,
or deleting, I'd rather my AV show me a warning, then let me decide
what to do from there. A potentially false positive detection,
followed by an automatic "repair" or deletion can be just as useless
and/or harmful as those virus hoax messages that try to convince
people to delete perfectly safe and quite possibly necessary system
or program files.

- --
Melissa

PGP Public Keys: http://www.freewebs.com/kuviahunnihautik/

-----BEGIN PGP SIGNATURE-----

iQCVAwUBQpoWRDEYqNTZBqoEAQPyUQQAlCUU8No8wuzwbTh8pjaUvebyHHKkJBvh
n+rKrveQF0Q8T9vh9rgkkrkK8tieQBdIWJD2+MPUlXS1FFGIiett/QrFyY3g5AYA
4vy/7F5trgMkPH03Gev/ijtn0rGXq+JbhG35QPmN9Q6GUXhO+GeUS+AVZnvRioMq
omhwCVJAxAU=
=X+D6
-----END PGP SIGNATURE-----

 

[David]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi David,



That may prevent the prompt box, but it doesn't really seem an
adequate substitute for what Geoff was describing.

I don't use NAV, and haven't looked at it for a long time, so I'm not
sure if what Geoff is asking for is possible, but if I'm interpreting
his question correctly, he's not asking for an automatic, transparent
action on the part of NAV. I certainly don't want my AV "repairing"
and/or deleting anything without first consulting me. What if the
detection is a false positive?

Automatic quarantine and/or refusal to allow a suspected file to run
can be reasonable enough, but when it comes to repairing, cleaning,
or deleting, I'd rather my AV show me a warning, then let me decide
what to do from there. A potentially false positive detection,
followed by an automatic "repair" or deletion can be just as useless
and/or harmful as those virus hoax messages that try to convince
people to delete perfectly safe and quite possibly necessary system
or program files.

- --
Melissa

Hi Melissa,

He said the issue was in regards to E-mail, so there is no risk of deleting
an essential system file.

I think the problem is the warning box appearing when E-mails contain a
Virus.

So I would try my solution.

Regards

David.

 

[Melissa]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi David,

He said the issue was in regards to E-mail, so there is no risk of
deleting an essential system file.

You're right, in the sense that I was thinking more generally when I
mentioned the system/program files. However, there's still the
possibility of a false positive detection causing a legitimate email
message and/or its attachment to be deleted without the user being
able to investigate and decide what to do with the *suspected*
message.

I think the problem is the warning box appearing when E-mails
contain a Virus.

Yes, but the "problem" Geoff was trying to address was the annoyance
of individual warning boxes popping up for each potentially infected
message, and he wanted to know if instead of each warning popping up
individually, the AV could just finish scanning all incoming
messages, then present a "summary" of all potentially infected
messages. This still requires user interaction and decision making,
and I still prefer this method over allowing the AV to just doing
everything transparently in the background; especially when it comes
to "repairing" or deleting anything.

- --
Melissa

PGP Public Keys: http://www.freewebs.com/kuviahunnihautik/

-----BEGIN PGP SIGNATURE-----

iQCVAwUBQpo9RDEYqNTZBqoEAQPruQP+N9rDHMVvOfBWc4FhUH5Zc5L9RqhYJxbP
LDg6EzmwagM9OPT8Dwe3qdwgxfQUtW5ZW/7fkc5m1eIoAVPgRQgansOUxAf9q8Ak
HEfuS5nHJ5fGXbClDz/sE6catpXQopC1pRnfW48DOYPbqFY5oAG6snMbABmCzT1h
usZfP4qAavc=
=qQXr
-----END PGP SIGNATURE-----

 

[David]

Hi Melissa,

I don't see how you can have it both ways.

Either you want a warning each time the AV detects a Virus, so you can make
an informed decision or you don't want the warning, which involves some form
of automation.

If you waited to check a compilation list before making a decision, your
system could become infected while you were still scratching your head,
working out if your AV made a mistake, or somebody just sent you a Virus
disguised as a legitimate E-mail attachment.

Regardless...

What was it like having a Virus named after you ??? LOL.

 

[Melissa]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi David,

Either you want a warning each time the AV detects a Virus, so you
can make an informed decision or you don't want the warning, which
involves some form of automation.

The only necessary "automation" here would be to perhaps quarantine or
otherwise disable any suspicious files. The AV can still offer the
user a choice regarding deletion, etc. This is certainly possible
with my AV (NOD32).

If you waited to check a compilation list before making a decision,
your system could become infected while you were still scratching
your head, working out if your AV made a mistake, or somebody just
sent you a Virus disguised as a legitimate E-mail attachment.

See mention of "quarantine", above. Also, unless someone is using an
email client so insecure that even just the act of downloading a
message can cause an infection, becoming infected while scratching
one's head is not of great concern (at least while you're scratching
your head and thinking, you're probably not clicking on
"click_me.scr" at the same time! ;-)).

I think that what Geoff was asking for was perfectly reasonable, as
long as the list of suspected messages/files was presented in such a
way as to make finding them in the message database easy enough.

Regardless...

What was it like having a Virus named after you ??? LOL.

It's a great and dubious honor, of course!

- --
Melissa

PGP Public Keys: http://www.freewebs.com/kuviahunnihautik/

-----BEGIN PGP SIGNATURE-----

iQCVAwUBQppQnjEYqNTZBqoEAQOjUAQAq6u+en4rVB0wl62jNhvOEiz4415X6Mu3
eoUlZfomG6UmZZCOW0KKG2Y/gH6S1kEsEIkRPUMSIYSOfOltkj32lS3K3+baXMLT
D5/obkyf4bIvfA86giPKKLEqy3uJRZsvfeRAOnceLUyTBKZrhK1ff0q04yfN/OD0
LtFjoaBg3q8=
=LFYc
-----END PGP SIGNATURE-----

 

[Frode]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, but the "problem" Geoff was trying to address was the annoyance
of individual warning boxes popping up for each potentially infected
message, and he wanted to know if instead of each warning popping up
individually, the AV could just finish scanning all incoming
messages, then present a "summary" of all potentially infected
messages.

Personally, I don't want the AV to do anything but flag the message as
infected and/or quarantine the attachment only. I've been able to do this in
the past with other AV programs (though not all) but since I switched to NOD
I've not been able to set it up. No matter what I do with the IMON settings
(those specifically stating they pertain to email) it still pops up that
infernal warning. Not once, but twice per message due to my spam filters
that cause an extra, local, port 110 access. I believe I can configure
myself around that one, but that still leaves one warning too much for me.

I'm still using the NOD beta, but as far as I can tell it's the same as the
released version at the moment. Not sure if they'll ignore a mail on the
issue or not, but contemplating giving that a shot as this could make or
break the purchase decision, which is a pity cause it otherwise seems like
the cream of the crop at the moment imo.



- --
Frode



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFCmrHmNx8IkioE8tMRApPXAKCk/spXvkbZNz8s6nU1YpzW1WHICgCfbE82
/UK0KrbElHyMBdmq0Ro88x0=
=xKi5
-----END PGP SIGNATURE-----

 

[Geoff]

In the E-mail options page you can check 'repair then silently delete if
unsuccessful', I think this will prevent the prompt box appearing.

Thanks David/Melissa. I've set that option, so I'll see how it works. I
assumed the automatic setting would have done what was required without a
pop-up each time - it's not like the popup seems to give any choice, it's
just telling me it's done it's job, and there's no need for that every
single time.

Geoff

 

[Melissa]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi Geoff,

...it's not like the popup seems to give any choice, it's just
telling me it's done it's job, and there's no need for that every
single time.

With my AV (NOD32), I have it set to quarantine any suspected file and
pop up a warning, but to allow me the choice of what to do with it (I
choose not to let it *automatically* delete/clean anything). I
thought this was what you were looking for. Since I don't have NAV
installed, I don't know what all your options are. Sorry if I
misunderstood what you were asking for.

- --
Melissa

PGP Public Keys: http://www.freewebs.com/kuviahunnihautik/

-----BEGIN PGP SIGNATURE-----

iQCVAwUBQps9iDEYqNTZBqoEAQMLYwQAt9cGrUqGAuWVLHozqVVC9oADrrgJlls4
fV3vWjZTF/t1l7TTYbMI4/LKb0mSu3aB+aHrW9Fe4LChPerNEBbPSPpxi2OjYxDi
0dRR4fXGb0gfj0lQOWFA/EsNg9CSOeWRZ+zF+SUxmJTvkmyMQ1xRlrEW0/OGdFT5
S0x+KLJQjP8=
=en7R
-----END PGP SIGNATURE-----

 

[RH710]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi Geoff,



With my AV (NOD32), I have it set to quarantine any suspected file and
pop up a warning, but to allow me the choice of what to do with it (I
choose not to let it *automatically* delete/clean anything). I
thought this was what you were looking for. Since I don't have NAV
installed, I don't know what all your options are. Sorry if I
misunderstood what you were asking for.

- --
Melissa

PGP Public Keys: http://www.freewebs.com/kuviahunnihautik/

-----BEGIN PGP SIGNATURE-----

iQCVAwUBQps9iDEYqNTZBqoEAQMLYwQAt9cGrUqGAuWVLHozqVVC9oADrrgJlls4
fV3vWjZTF/t1l7TTYbMI4/LKb0mSu3aB+aHrW9Fe4LChPerNEBbPSPpxi2OjYxDi
0dRR4fXGb0gfj0lQOWFA/EsNg9CSOeWRZ+zF+SUxmJTvkmyMQ1xRlrEW0/OGdFT5
S0x+KLJQjP8=
=en7R
-----END PGP SIGNATURE-----

My Advice:Shitcan Norton

 

[Melissa]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi Frode,

Personally, I don't want the AV to do anything but flag the message
as infected and/or quarantine the attachment only. I've been able
to do this in the past with other AV programs (though not all) but
since I switched to NOD I've not been able to set it up. No matter
what I do with the IMON settings (those specifically stating they
pertain to email) it still pops up that infernal warning.

The following is with respect to NOD32 v2.5 (non-beta)...

In the IMON settings, you can set it to add a virus identification to
the subject line of infected incoming email and/or to append a tag to
the end of an incoming message, yet not pop up a warning. It is
"AMON" that will pop up a warning; if that's what you want. For
this, you have to configure the AMON/Actions settings.

- --
Melissa

PGP Public Keys: http://www.freewebs.com/kuviahunnihautik/

-----BEGIN PGP SIGNATURE-----

iQCVAwUBQpt2SDEYqNTZBqoEAQM+1AP9HsFESSe3PQ7MuiJz4J3ZfOTcMTZB5oIO
PHurxg7da83YmBmNR2OIieSD/ptWZezc9F9NQTSFScbDlNG+DRFBo+XKLIirdR8d
rFP0uiaw5UnNZ1yscl+7fuCw06Uq5nPbrnSdNz8toNAdHFSpCWuMLRwOJfKFbqD9
HYjvxB4FkzU=
=gbBC
-----END PGP SIGNATURE-----

 

[Frode]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The following is with respect to NOD32 v2.5 (non-beta)...

It could be a beta problem I guess. I'll give the trial version a testrun
soon and see if that behaves any different.

In the IMON settings, you can set it to add a virus identification to
the subject line of infected incoming email and/or to append a tag to
the end of an incoming message, yet not pop up a warning.

Tried that. IMON - Setup - Misc - Setup - Actions - Email I have it set to
no action, yet IMON (the window identifies itself as such) pops up every
time an infected email arrives. Actually twice, as mentioned. Once for each
port 110 access.

I was wondering if it could be AMON that was reacting to some temp file
while downloading, but I verified that the window really is IMON.

Unless I've completely misunderstood something, and in that case I'd
appreciate being corrected, the setup described above should logically lead
to the behaviour I want. But doesn't.


- --
Frode


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFCm3+RNx8IkioE8tMRAv7QAKCB4DDKU6xobU/U8zlRbjSMRdL+vACfUL6C
7cUzPGtZQiMKPKC/hDJ+K3Y=
=6yhK
-----END PGP SIGNATURE-----

 

[Buffalo]

Anyway to stop the thing popping up on every single virus it finds in the
emails? Can't it show the summary page at the end - surely that would be
more appropriate. I've had to disable the whole thing, because it's just
too annoying.

Don't these people test their own products?

Sure they do, that is why the option to Repair then silently ----------- ( two
choices) is available in the email section.

Geoff.

Quick to blame, slow to read.