Trillian and P2P virus scanner option

Discussion in 'NOD32 version 2 Forum' started by rdsu, Mar 10, 2005.

Thread Status:
Not open for further replies.
  1. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Hi,

    I'm thinking to put this command line in the virus checker option under Trillian (or Instant Messengers) and P2P programs:

    C:\Program Files\NOD32\nod32.exe /clean /ah /all /heur+ /scanfile+ /arch+ /pack+ /pattern+ /heurdeep /log+ /prompt /program /quit+

    What do you think?

    This could be useless or is good for prevent something like the HTTP Scanner feature?

    Regards
     
  2. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Can someone help or say something?

    Thanks
     
  3. swoop

    swoop Registered Member

    Joined:
    Feb 5, 2004
    Posts:
    44
    Location:
    The Netherlands
    Hi VaMPiRiC_CRoW!

    In terms of concept, the (proposed) set of cmd line switches looks nice and bulletproof. On the other hand, isn't it a bit redundant? If the transfers do go via ports 80, 8080, 3128 (IM); IMON will scan them anyway. Even more, during creation of files, these would be scaned by AMON as well. I'm not sure if there is not some kind of mutual exclusion rule (just a guess), though.

    Speaking of P2P, the specified-ports scanning will not be present, but the AMON part still holds. Maybe somebody can correct/contribute...

    Cheers
     
  4. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Hi swoop,

    About IM, these programs have their own protocols, so IMON will not scan the transfers...

    P2P, the same thing...

    Of course that AMON will scan the files, but I'm asking this because if we have a HTTP protection to prevent that the files arrives to our computer, we can protect us against IM and P2P transfers to prevent the same...

    Until now I never had a problem with this kind a programs, is only to prevent... :)

    Regards
     
    Last edited: Mar 12, 2005
  5. quexx88

    quexx88 Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    235
    Location:
    Radnor, Pennsylvania
    In my experience with various P2P programs, IMON has been able to catch incoming malware before they are fully downloaded. Just search for "crack", download pretty much any one as they are all nasties anyway, and you'll be able to test it out.
     
  6. swoop

    swoop Registered Member

    Joined:
    Feb 5, 2004
    Posts:
    44
    Location:
    The Netherlands
    VaMPiRiC_CRoW,

    quexx88 is right. If you download some vermin pretending to be a "nice tool", the red infiltration window of AMON appears. Immediately and guaranteed. What you can do is to set AMON to scan all files. You are done.

    Remember, "If it ain't broken, don't fix it."

    Cheers
     
  7. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    OK, thanks for yours advices... :)

    Regards
     
Thread Status:
Not open for further replies.