11 replies to this topic

[Tipsi]

Why is it so that even if i have a firewall installed and running it still allowes some programs/trojans/viruses etc. to get into my PC allowes them to communicate with the outside world although all the tests say different?


Tipsi

Edited by Tipsi, 15 January 2005 - 02:30 PM.

[Paranoid]

Why is it so that even if i have a firewall installed and running it still allowes some programs/trojans/viruses etc. to get into my PC allowes them to communicate with the outside world although all the tests say different?


Tipsi

Anyone want to take this?

[ErikAlbert]

Tipsi,
Read this link :
http://www.scambuste...g/firewall.html
A simple explanation about
- what a firewall does
- why you need it
- what a firewall doesn't do.

[Tipsi]

Thank you! It says there aint such thing as "a prog for everything" and that i have to have at least 3 different apps running and constantly monitoring my PC. Yes, i new that...Right now i have a combination of these:

AVG antivirus v7.0 Professional
Sygate Personal Firewall Pro v5.5
Lavasoft Ad-aware SE Professional v1.05
Webroots Spysweeper v3.5.0

Is this a good set of apps or...? they doesn`t require much resources also, they are always up-to-date...but somehow...some thing...can get through...


best wishes
Tipsi

[ErikAlbert]

Tipsi,
The majority of the users (me too) want an all-in-one software, but unfortunately the anti-malware companies never succeeded in creating such a software. Don't ask me why.

So you need several softwares to protect your computer and you have to run and update them regularly.

You have a firewall already
Sygate Personal Firewall Pro v5.5

You have a AntiVirus already
AVG antivirus v7.0 Professional

You have two anti-spywares already
Lavasoft Ad-aware SE Professional v1.05
Webroots Spysweeper v3.5.0

There are still a few anti-spyware softwares missing
- Spybot S&D
- SpywareBlaster
- SpywareGuard
You can find these software at this link
http://www.spywarein...m/downloads.php

If you are using MS Internet Explorer, you better use Mozilla Firefox, which prevents alot of infections, but keep MS Internet Explorer for "Windows Update".

I would say this is the minimum protection.
-------------------------------------------------------------------
Firstly, none of these softwares offer a COMPLETE protection. That doesn't exist whatever you do.
So one day you might get infected with a malware, that was never detected by all these softwares.

Secondly, protecting your computer is a PERSONAL matter and alot has to do with how carefull you are on the internet. That's why each member has his own MIX of softwares.
That's why I'm reading this forum on a regular base to get a total picture of the MalWare World and what kind of softwares members are using/discussing and last but not least to evaluate the malware problems and the solutions.
I won't annoy you with my opinion about all this.
Just protect your computer, the best way you can.

Thirdly, always backup your personal files, especially when you don't want to lose them. If you don't have a backup system, store a copy of your personal files on a CD-RW.

Watch your topic at least for one week.
Other qualified members might give you additional advices.

Edited by ErikAlbert, 16 January 2005 - 04:52 PM.

[michaelbenson]

Get ProcessGuard and ProtectX Hacker Defense.
If you want to protect your identity by spoofing your IP then download Ghostsurf.

Also try installing some anti-trojan programs such as The Cleaner and Trojan Hunter 4.1

[Tipsi]

I have TDS-3 as antitrojan program.

I haven`t heard anything about "ProcessGuard" and "ProtectX Hacker Defense"...what do they do, are these the best?


Tipsi

[ErikAlbert]

Tipsi,
TDS-3 is an excellent trojan scanner.
As I said, everybody has his own mix of protection softwares.
I don't use the other softwares. I have my own philosophy about protection softwares.

If I count well you have already 13 softwares in total to protect your computer.
If you are complete paranoid, you will have even more softwares. Where does it end ? Is that even normal ?

I didn't buy a computer to learn, run and update all these protection softwares, I bought a computer to do some REAL work.
I have a minimum protection and that's more than enough for me, anything else is ballast.

Now you have a pretty good idea about one of the problems in the Malware World : TOO MANY SOFTWARES and the worst is, they don't even offer a FULLPROOF protection and that's the second problem.

Edited by ErikAlbert, 18 January 2005 - 07:15 PM.

[Tipsi]

I have a minimum protection and that's more than enough for me, anything else is ballast.

LMAO, ErikAlbert - thnx for the reply, i like your style. About a year ago i installed about 12 different protection softwares. I did every online scan just to see how well protected i am - and i was. But the negative side of it was - they ate almost all the recourses, some of them didn`t like eachother running and i couldn`t use some of the normal programs like Picture viewer etc. And it slowed down the internet speed. I rearranged my PC and now all is working fine.

TOO MANY SOFTWARES and the worst is, they don't even offer a FULLPROOF protection and that's the second problem.

You know what - you are absolutely right about this and you should pin this sentence. Or use it as a banner on Main page for everyone to see LOL.



Tipsi

Edited by Tipsi, 19 January 2005 - 02:17 AM.

[ErikAlbert]

Tipsi,
I'm glad I'm not the only one who thinks that way .

All these softwares work with a signature database, which means that UNdiscovered malwares don't exist in that database.
That's why these signature databases have regular updatings and that goes on forever.
If one of these undiscovered malwares hits you, all your scanners won't even find the malware and that's why the protection isn't fullproof and it will never be unless they discover a total new method of protection.
I don't need to tell you, that some undiscovered malwares damaged alot of computers world-wide.
Even MS AntiSpyware won't solve the problem and is just another scanner in the long row.

That's why I reformat my harddisk at least twice a year, to get rid of EVERYTHING.
That way I have at least two times per year a clean computer (I'm not even sure about that LOL).

All these companies created a BIG MESS of softwares and total CONFUSION amongst the typical users.
On top of that bad companies created alot of rogue softwares to make the confusion even bigger.

Ask 50 people how to protect your computer and you will get 50 different answers and all of them are absolutely convinced they found the right software-mix and it's up to you to find out who is wrong, wrong-right or almost right.

That's the actual situation and we poor users are in fact DOUBLE victims.

Edited by ErikAlbert, 19 January 2005 - 07:48 AM.

[Paranoid]

Tipsi,
The majority of the users (me too) want an all-in-one software, but unfortunately the anti-malware companies never succeeded in creating such a software. Don't ask me why.

Actually, not sure what your definition of "Succeed" , since it's a common practice these days to offer security suites of firewall + AV + antispyware. Whether you would want to trust them is another matter. Don't put all your eggs in a basket!

[Paranoid]

I have TDS-3 as antitrojan program.

I haven`t heard anything about "ProcessGuard" and "ProtectX Hacker Defense"...what do they do, are these the best?


Tipsi

Basically as Erik as mentioned, scanners depend hugely on signatures to detect malware. If a new malware is released it is likely to be missed unless it's signature database is updated or if it's caught by heuristics.

Processguard, PrevX, Systems afety monitor etc, offer a different approach to solving the problem of preventing malware. Instead of targetting specific software code, these "sandboxes" attempt to prevent certain common behaviours that malware exhibit.

For example, most malware need a way to restart themselves, so sandbox like software will alert the user whenever a program tries to register itself to autostart (via registry, startup folder, whatevers), and you have a chance to prevent that from occuring.

The problem of course is that many legimate programs do this as well, so such software will require a lot on the user knowing what to block and what not to block ,so the burden lies with the user.

Another example would be attempts to intercept changes to critical windows files , eg hosts.

In general for beginners, using sandboxes like PrevX , Systen safety monitor and to a lesser extend Processguard might be a bit too much, since they might be bewildered by the popups and dont have the experience to handle them.

If you are not afraid , then give them a try.

In the hands of someone competent , such tools can be very powerful , as they can monitor each and every process that is running, and ask for your permission before they can run. This will prevent any sneaky processes from running behind your back (and there are many).

It can be a hassle though , so there is a trade off.

BTW the line is not as distinct as I have described, since many tools thess days incorporate both a scanner based on signatures as well as heuristic behaviour monitoring.

For example MS's antispyware software's realtime protection offers not only protection based on a scan of processes, but also real time scanning of various critical files and portions of registry. Spybot's teatimer also does similar to a lesser extent.