Cheers for FREE Avast

[Slip Kid]

After using Zone Alarm as both a firewall and AV for years? I installed
the free Avast AV on an old machine (ZA wouldn't uninstall to accept an
update and I ditched it)

Well, it immediately found and eliminated several trojans with the first
scan with Avast which were around for nearly a year (I posted this a
while back)

For the past couple of weeks I've been baffled by popups in my Mozilla
Suite - I even ditched it and went with Firefox and Thunderbird - I
was still getting redirected (though Firebox still showed it was
blocking popups!?) Yeah, they were executing outside of the browser..

That's after running S&D and Webroot with consistant updates for well
over a year?

Well, the trojan also wacked my MS Taskmanager (I only have the center
portion, the list of process) so I tried the Sysinternal's task manager,
Processs Explorer and Hijack this...Nothing would eliminate the three
trojans. They were obvious in the Process Explorer and the Sysinternal
task manager - but both werre unable to eliminate the 'processs' (and
oddball .exe). I coudn't even terminate them, they'd bounce right back
on. One time it returned (the .exe) with an 'a' at the end of the name.

This morning I yanked ZA from the new machine - - , install the FREE
Avast and it immediately not only found the three trojans upon the
initial scan well, It couldn't remove them until a reboot scan. They
were in my System Restore files so they're history. (Like I needed an
infected 'restore'?!?)

I can't believe S&D, Webroot AND ZA has been missing these
[Win32:Qoologic-B and D].

So? I guess I'll stick with Avast. My only concers is whether the ZA
Firewall is any good!

 

[Mark Warner]

After using Zone Alarm as both a firewall and AV for years? I
installed the free Avast AV on an old machine (ZA wouldn't uninstall
to accept an update and I ditched it) [...]
I can't believe S&D, Webroot AND ZA has been missing these
[Win32:Qoologic-B and D].

None of the apps you've mentioned are anti-virus. Firewalls control
traffic. They don't detect malware. You've been running without an
antivirus, 'til now. Now you're running without a firewall. You need
both.

 

[elaich]

So? I guess I'll stick with Avast. My only concers is whether the ZA
Firewall is any good!

Do some research and learn what a firewall is for. It does NOT block
Trojans, since malware is installed by trusted apps.

If you were running Mozilla, how in the world did you get the Trojans to
begin with, unless you gave your permission for them to be installed.

There is no software in the world that can protect an uneducated user from
himself.

 

[ellis_jay]

After using Zone Alarm as both a firewall and AV for years? I
installed the free Avast AV on an old machine (ZA wouldn't uninstall
to accept an update and I ditched it)

Well, it immediately found and eliminated several trojans with the
first scan with Avast which were around for nearly a year (I posted
this a while back)

For the past couple of weeks I've been baffled by popups in my Mozilla
Suite - I even ditched it and went with Firefox and Thunderbird - I
was still getting redirected (though Firebox still showed it was
blocking popups!?) Yeah, they were executing outside of the browser..

That's after running S&D and Webroot with consistant updates for well
over a year?

Well, the trojan also wacked my MS Taskmanager (I only have the center
portion, the list of process) so I tried the Sysinternal's task
manager, Processs Explorer and Hijack this...Nothing would eliminate
the three trojans. They were obvious in the Process Explorer and the
Sysinternal task manager - but both werre unable to eliminate the
'processs' (and oddball .exe). I coudn't even terminate them, they'd
bounce right back on. One time it returned (the .exe) with an 'a' at
the end of the name.

This morning I yanked ZA from the new machine - - , install the FREE
Avast and it immediately not only found the three trojans upon the
initial scan well, It couldn't remove them until a reboot scan. They
were in my System Restore files so they're history. (Like I needed an
infected 'restore'?!?)

I can't believe S&D, Webroot AND ZA has been missing these
[Win32:Qoologic-B and D].

So? I guess I'll stick with Avast. My only concers is whether the ZA
Firewall is any good!

DOH!

--
He released government from the restraint of law.
____Lord Acton on Niccolo Machiavelli (1469-1527), George W. Bush, and
the Straussian neocons

Ellis_Jay

 

[Slip Kid]

Do some research and learn what a firewall is for. It does NOT block
Trojans, since malware is installed by trusted apps.

If you were running Mozilla, how in the world did you get the Trojans to
begin with, unless you gave your permission for them to be installed.

There is no software in the world that can protect an uneducated user from
himself.

Um, where did I indicate a Firewall would have helped? Did I say that?
Did I write I expected a firewall to block trojans?

I recall writing that I used anti-virus (Zone Alarm AV?).

Yes, I wrote "After using Zone Alarm as both a firewall and AV for
years?" Perhaps you did not know Zone Alarm sells AV? I got daily
updates from them. Have you heard of Computer Associates
International, Inc.? They are more than a firewall company...

Yes, I did believe either S&D or ZA AV or Webroot or Xsoft would have
picked up that which their sights identified when I reported it?

Yep, type "Win32:Qoologic-D" in Google and see how many people are
willing to prevent, find and eradicate it. I had three versions...of
Win32:Qoologic. It was not found until...well, the Subject line explains
it...

In closing, I only expressed my concern that if Zone Alarm AV failed to
find (along with the other apps) that which Avast found upon install -
- well, I _wondered_ if their firewall is any better than the AV?

I'm running Outpost in another machine and it seems to be much more
cautious or suspicious than ZA. Yeah, I do know what a firewall should
do and what it cannot do.

As far as "how in the world..." - - easy! It appeared to be in an .exe
of some 'File Manager' clone. Near as I can tell it was opening casino
sites and tickle.com.

It 'escaped' when I executed the setup of the app. I doubt if Mozilla
would have been of much help if it was buried in the application which
was zipped?

No, I have no complaints about Mozilla and now that the buggers are gone
it is blocking popups, again. They weren't popups...it just seemed like
that as pages appeared as I was at a site. No, they were triggered
regardless at which I was at.

I may not be as expert as some? I tend to read for comprehension before
I insult.

So, I'm still curious...of all the apps I mentioned? Which should have
prevented or found or eliminated Win32:Qoologic-D? Is Avast the only
one? As it's anti-virus - - I thought I had that covered with ZA AV...

 

[ellis_jay]

So, I'm still curious...of all the apps I mentioned? Which should
have prevented or found or eliminated Win32:Qoologic-D? Is Avast the
only one? As it's anti-virus - - I thought I had that covered with
ZA AV...

It is said, "Ain't no one dog put on no show". Run one AV, but disable it
while you run others from on-line or you have in storage. McAfee Stinger is
a good one, so is Housecall and A-squared and Ewido and there are some
others as well.

--
He released government from the restraint of law.
____Lord Acton on Niccolo Machiavelli (1469-1527), George W. Bush, and
the Straussian neocons

Ellis_Jay

 

[elaich]

Yes, I wrote "After using Zone Alarm as both a firewall and AV for
years?"

After rereading your original post, I do see that.

Perhaps you did not know Zone Alarm sells AV?

No, I did not. I've never seen anybody refer to Zone Alarm AV in this
group, or any other. When someone says Zone Alarm, my first and only
thought is of a firewall. Not a very good one, either.

 

[Looker007]

After using Zone Alarm as both a firewall and AV for years? I installed
the free Avast AV on an old machine (ZA wouldn't uninstall to accept an
update and I ditched it)

Well, it immediately found and eliminated several trojans with the first
scan with Avast which were around for nearly a year (I posted this a
while back)

For the past couple of weeks I've been baffled by popups in my Mozilla
Suite - I even ditched it and went with Firefox and Thunderbird - I
was still getting redirected (though Firebox still showed it was
blocking popups!?) Yeah, they were executing outside of the browser..

That's after running S&D and Webroot with consistant updates for well
over a year?

Well, the trojan also wacked my MS Taskmanager (I only have the center
portion, the list of process) so I tried the Sysinternal's task manager,
Processs Explorer and Hijack this...Nothing would eliminate the three
trojans. They were obvious in the Process Explorer and the Sysinternal
task manager - but both werre unable to eliminate the 'processs' (and
oddball .exe). I coudn't even terminate them, they'd bounce right back
on. One time it returned (the .exe) with an 'a' at the end of the name.

This morning I yanked ZA from the new machine - - , install the FREE
Avast and it immediately not only found the three trojans upon the
initial scan well, It couldn't remove them until a reboot scan. They
were in my System Restore files so they're history. (Like I needed an
infected 'restore'?!?)

I can't believe S&D, Webroot AND ZA has been missing these
[Win32:Qoologic-B and D].

So? I guess I'll stick with Avast. My only concers is whether the ZA
Firewall is any good!

I use "Sygate Personal Firewall Pro" and "Avast Anti-virus".
Plus the usual: AdAware SE Pro, SpyBotSD, SpyWareBlaster, and HiJackThis.
All help to stop and prevent virus, trojan, malware, spyware, and
reportware infections.

--Looker007

 

[Slip Kid]

It is said, "Ain't no one dog put on no show". Run one AV, but disable it
while you run others from on-line or you have in storage. McAfee Stinger is
a good one, so is Housecall and A-squared and Ewido and there are some
others as well.

Ok, some confusion?

I run/ran one "AV". CA's EZ AV (The Zone Alarm FW/AV combo). Sorry, I
was confusing in calling it Zone Alarm, it is their AV combo with the
firewall. I now that that either was very good. It came free with an MS
SP. I'd run several stand alone firewall and AV apps for years, it seem
easier to go with this package - not good in retrospect.

I also kept/keep S&D for a resident anti hijacker, et al, and whatever
non *viral* guests it is supposed to protect against. In two decades I
was never a victim of a virus but began to see other intruders a few
years ago.

First, I thought S&D was *not* doing the same as an AV and was in fact
blicking and/or finding that which the AV was not. Are you suggesting
one should not run any defense at the same time one is running an AV app?

Plus, I like the notification S&D gave when my registry was changed.
(However, the trojan *did* change the registry without notice). Yes,
I've run a start-up monitor? But as I thought S&D was also catching
intruders an AV program would not, I didn't need a double-notification
each time my registry was changed.

So? There seems to be lack of clarity concerning *which* apps are
necessary and which are compatable. That is, I have not seen any
suggestion that S&D cannot be run in resident mode if one runs an AV?

No offense, but I tend to be suspect when one speaks in absolutes. OK,
I buy the "no one dog" line...then you seem to suggest limiting the use
of a single AV (with no mention which AV app is broad enough to protect
against various invasions) yet are quick to single out four AV apps?

What good is it to run a single app (and allow various invaders in?)
then shut it down and hope a scan can find and eliminate whatever the
sole defender missed?

I've done much research and it is far from clear that any single
resident app is sufficent to keep one protected. Again, it depends on
one's terminology and I agree and only use a single AV. But I'm not
certain your suggestion that a single app in (running in the background)
is wise.

My post was a compliment to Avast - - It seemed to be effective in
finding and eliminating more than several other applications did not.

 

[Slip Kid]

After using Zone Alarm as both a firewall and AV for years? I
installed the free Avast AV on an old machine (ZA wouldn't uninstall
to accept an update and I ditched it)

Well, it immediately found and eliminated several trojans with the
first scan with Avast which were around for nearly a year (I posted
this a while back)

For the past couple of weeks I've been baffled by popups in my Mozilla
Suite - I even ditched it and went with Firefox and Thunderbird - I
was still getting redirected (though Firebox still showed it was
blocking popups!?) Yeah, they were executing outside of the browser..

That's after running S&D and Webroot with consistant updates for well
over a year?

Well, the trojan also wacked my MS Taskmanager (I only have the center
portion, the list of process) so I tried the Sysinternal's task
manager, Processs Explorer and Hijack this...Nothing would eliminate
the three trojans. They were obvious in the Process Explorer and the
Sysinternal task manager - but both werre unable to eliminate the
'processs' (and oddball .exe). I coudn't even terminate them, they'd
bounce right back on. One time it returned (the .exe) with an 'a' at
the end of the name.

This morning I yanked ZA from the new machine - - , install the FREE
Avast and it immediately not only found the three trojans upon the
initial scan well, It couldn't remove them until a reboot scan. They
were in my System Restore files so they're history. (Like I needed an
infected 'restore'?!?)

I can't believe S&D, Webroot AND ZA has been missing these
[Win32:Qoologic-B and D].

So? I guess I'll stick with Avast. My only concers is whether the ZA
Firewall is any good!

DOH!

Concise but a bit less than profound.

You might have a bit a trouble now that the SAT's went to the essay
format. Could you explain yourself in a sentence or four?

 

[Slip Kid]

After using Zone Alarm as both a firewall and AV for years? I
installed the free Avast AV on an old machine (ZA wouldn't uninstall
to accept an update and I ditched it)

Well, it immediately found and eliminated several trojans with the
first scan with Avast which were around for nearly a year (I posted
this a while back)

For the past couple of weeks I've been baffled by popups in my Mozilla
Suite - I even ditched it and went with Firefox and Thunderbird - I
was still getting redirected (though Firebox still showed it was
blocking popups!?) Yeah, they were executing outside of the browser..

That's after running S&D and Webroot with consistant updates for well
over a year?

Well, the trojan also wacked my MS Taskmanager (I only have the center
portion, the list of process) so I tried the Sysinternal's task
manager, Processs Explorer and Hijack this...Nothing would eliminate
the three trojans. They were obvious in the Process Explorer and the
Sysinternal task manager - but both werre unable to eliminate the
'processs' (and oddball .exe). I coudn't even terminate them, they'd
bounce right back on. One time it returned (the .exe) with an 'a' at
the end of the name.

This morning I yanked ZA from the new machine - - , install the FREE
Avast and it immediately not only found the three trojans upon the
initial scan well, It couldn't remove them until a reboot scan. They
were in my System Restore files so they're history. (Like I needed an
infected 'restore'?!?)

I can't believe S&D, Webroot AND ZA has been missing these
[Win32:Qoologic-B and D].

So? I guess I'll stick with Avast. My only concers is whether the ZA
Firewall is any good!

I use "Sygate Personal Firewall Pro" and "Avast Anti-virus".
Plus the usual: AdAware SE Pro, SpyBotSD, SpyWareBlaster, and HiJackThis.
All help to stop and prevent virus, trojan, malware, spyware, and
reportware infections.

--Looker007

You may have an issue with e_j, if I understand? (Unless you *only* run
one of those apps at one time.) Yes, I believed "more was better". I'm
not comfortable in running an AV only and shutting it down to perform
the other tasks.

Your line concerning "virus, trojan, malware, spyware, and reportware
infections" is but an indication how many dangers there are yet adds to
the confusion as to the proper way to protect against all of them.

As I had the full compliment you mentioned? You might understand why I
was surprised to find my guests were missed by all of them, and Avast
found them in a single sweep.

Regarding a firewall? My rule of thumb has been " It is less important
what you use than how you use it." The most complex firewalls are no
good if they aren't configured correctly -- while a simple firewall
might provide for sufficient default settings that are more efficient
than trying to second guess what is friend of foe.

After trying to configure a firewall for a server I'm not certain that a
$500 firewall left it better protected or not?!? It was either so
sensitive that any activity was setting off alarms or when it was
'quiet' I wondered if it was doing any good at all.

 

[David]

After using Zone Alarm as both a firewall and AV for years? I installed
the free Avast AV on an old machine (ZA wouldn't uninstall to accept an
update and I ditched it)

Zone Alarm has not had an Anti-Virus section for years. It is only
within the last twelve months, or so, that they even considered
including an AV so you cannot blame ZA for not finding the trojans. It
would have stopped the trojans from communicating with the outside
except for normal browser traffic and or e-mail.

Well, it immediately found and eliminated several trojans with the first
scan with Avast which were around for nearly a year (I posted this a
while back)

For the past couple of weeks I've been baffled by popups in my Mozilla
Suite - I even ditched it and went with Firefox and Thunderbird - I
was still getting redirected (though Firebox still showed it was
blocking popups!?) Yeah, they were executing outside of the browser..

That's after running S&D and Webroot with consistant updates for well
over a year?

Well, the trojan also wacked my MS Taskmanager (I only have the center
portion, the list of process) so I tried the Sysinternal's task manager,
Processs Explorer and Hijack this...Nothing would eliminate the three
trojans. They were obvious in the Process Explorer and the Sysinternal
task manager - but both werre unable to eliminate the 'processs' (and
oddball .exe). I coudn't even terminate them, they'd bounce right back
on. One time it returned (the .exe) with an 'a' at the end of the name.

This morning I yanked ZA from the new machine - - , install the FREE
Avast and it immediately not only found the three trojans upon the
initial scan well, It couldn't remove them until a reboot scan. They
were in my System Restore files so they're history. (Like I needed an
infected 'restore'?!?)

I can't believe S&D, Webroot AND ZA has been missing these
[Win32:Qoologic-B and D].

So? I guess I'll stick with Avast. My only concers is whether the ZA
Firewall is any good!

The ZA FIREWALL is, in my opinion, at least as good as, if not better
than, any of the other offerings that are available. I do not use the
Pro version but stick consistently with the free version. I'll be
disappointed if they finally withdraw the free offering.

 

[elaich]

You might have a bit a trouble now that the SAT's went to the essay
format. Could you explain yourself in a sentence or four?

I think you're asking too much of him. He talks about how much research he
has done, but doesn't know that Zone Alarm is not an AV, and somehow
managed to get Trojans while using Mozilla as a browser.

 

[ellis_jay]

All of the AV's will miss something from time to time. That is why there
are updates.

First, I thought S&D was *not* doing the same as an AV and was in fact
blicking and/or finding that which the AV was not. Are you suggesting
one should not run any defense at the same time one is running an AV
app?

No. I did not intend to imply that.

So? There seems to be lack of clarity concerning *which* apps are
necessary and which are compatable. That is, I have not seen any
suggestion that S&D cannot be run in resident mode if one runs an AV?

S&D can be run in sessions, at least with AVG from Grisoft.

No offense, but I tend to be suspect when one speaks in absolutes.
OK, I buy the "no one dog" line...then you seem to suggest limiting
the use of a single AV (with no mention which AV app is broad enough
to protect against various invasions) yet are quick to single out
four AV apps?

What I am talking about it is some folks will run Norton with McAfee or
Panda with AVG or mix and match them at the same time while on line. It is
not wise to have more than one Virus program set as default and running that
one and another one as they could interfere with each other.

What good is it to run a single app (and allow various invaders in?)
then shut it down and hope a scan can find and eliminate whatever the
sole defender missed?

I've done much research and it is far from clear that any single
resident app is sufficent to keep one protected. Again, it depends on
one's terminology and I agree and only use a single AV. But I'm not
certain your suggestion that a single app in (running in the
background) is wise.

I was talking about virus programs, and not things like winpatrol, Spybot
S&d.


--
He released government from the restraint of law.
____Lord Acton on Niccolo Machiavelli (1469-1527), George W. Bush, and
the Straussian neocons

Ellis_Jay

 

[Aaron]

Personally I would say given the nature of win32:Qoologic-D (adware that
generates popups) Spybot should have detected it. Nowadays most AVs are
detecting such stuff as well of course, so most AVs should have a shot at
detecting this.

Ok, some confusion?

I run/ran one "AV". CA's EZ AV (The Zone Alarm FW/AV combo). Sorry, I
was confusing in calling it Zone Alarm, it is their AV combo with the
firewall. I now that that either was very good. It came free with an
MS SP. I'd run several stand alone firewall and AV apps for years, it
seem easier to go with this package - not good in retrospect.

I personally don't think CA's AV is very good thse days.

I also kept/keep S&D for a resident anti hijacker, et al, and whatever
non *viral* guests it is supposed to protect against. In two decades I
was never a victim of a virus but began to see other intruders a few
years ago.

First, I thought S&D was *not* doing the same as an AV and was in fact
blicking and/or finding that which the AV was not. Are you suggesting
one should not run any defense at the same time one is running an AV
app?

I suspect the poster was sugguesting that no scanner is perfect and you
should run several as backup scanners. In particular, the spyware/adware
area is particularly difficult to handle as compared to viruses and
worms.

Plus, I like the notification S&D gave when my registry was changed.
(However, the trojan *did* change the registry without notice).

There are dozens more ways to insert entries in the registry to autostart
that are not detected by winpatrol, teatimer, Mikelin's startupmanager
etc, and many malware are using them these days.

Yes,

I've run a start-up monitor? But as I thought S&D was also catching
intruders an AV program would not, I didn't need a double-notification
each time my registry was changed.

I'm not a big fan of teatimer (that's another story), that's why i run
another startup monitor.

So? There seems to be lack of clarity concerning *which* apps are
necessary and which are compatable. That is, I have not seen any
suggestion that S&D cannot be run in resident mode if one runs an AV?

I don't think there is a conflict for most brands of AV.

No offense, but I tend to be suspect when one speaks in absolutes.
OK, I buy the "no one dog" line...then you seem to suggest limiting
the use of a single AV (with no mention which AV app is broad enough
to protect against various invasions) yet are quick to single out four
AV apps?

I don't see any conflict, he recommended running the secondary AVs as
backups on demand.

What good is it to run a single app (and allow various invaders in?)
then shut it down and hope a scan can find and eliminate whatever the
sole defender missed?

Well, for starters it sure beats runing one sole app that missed the
instruder and continuing with a false sense of security. If the stuff it
missed is something instruive like popup generating software than it's no
biggie since you will notice eventually, but what if it missed a keyloger
that sits quietly in the background while logging passwords.... The
earlier you find this out the better.

 

[Mel]

What I am talking about it is some folks will run Norton with McAfee or
Panda with AVG or mix and match them at the same time while on line. It is
not wise to have more than one Virus program set as default and running that
one and another one as they could interfere with each other.

In theory that may be true, but in practice no such conflict exists.
Anyone considering running two AV programs concurrently should do so
instead of being discouraged by the theory mongers that don't run more
than one.

(NAV & AVG co-exist with no problems for many years)
(Panda & AVG co-exist with no problems for many years)

 

[Aaron]

I've done much research and it is far from clear that any single
resident app is sufficent to keep one protected. Again, it depends on
one's terminology and I agree and only use a single AV. But I'm not
certain your suggestion that a single app in (running in the
background) is wise.

I've done research myself and experimented with software that overlap in
some functions. Eg 3 software that monitor registry keys, in most cases,
they still work, though it gets irriating approving 3 times for each change
detected. Even multiple AVs on access might work, but they tend to be
unstable and make unpredictable effects when a real malware is found.

The trick I think when deciding among similar products is to decide which
one does the job better, or if they are all equal, then either pick one, or
try to mix and match while reducing overlap.

Let me share with you my experience with registry monitors/startup
monitors.

There are various software that monitor the registry, but if you test them,
you will notice they vary in terms of flexibility (some allow you to add
new registry keys to monitor , others are fixed), range covered (some cover
only a minimal set of registry keys, others come out of the box with
several dozen exotic registry keys ), as well as different methods of
detection (polling versus others).

It came down to 3 products for me.

Systemsafetymonitor , Prevx and MJ registry watcher.

All 3 detect not only registry keys of changes to files,folders related to
startups (startup folder,autoexe.bat etc) unlike say registryprot.

Of the three, the first and the last are more flexible than prevx and
allows you to add to the list of registry key monitored, so you can always
add new startup methods to the list.

However Prevx uses a non-polling method and detects changes immediately as
compared to using a polling method which checks the registry for changes
every x seconds. So prevx is my first line, while I use one of the others
to cover the other registry keys (after removing the registry keys
monitored by Prevx).

I settled for MJ registry watcher over SSM, because the former came with
more registry keys out of the box, though you could of course configure SSM
to monitor the same set as MJ registry watcher.

Of course, SSM does a lot more than mere registry monitoring, and the fact
you can turn this aspect off, means that it can still be used if you have
already decided on another registry monitor.

I prefer software that allows you to selectively turn off functions so you
can mix and match. Eg Prevx, SSM both allow you to turn off functiosn that
you dont need. Teatimer unfortunately does not. But I consider teatimer
close to useless anyway.

It takes a lot of tweaking and guesswork to get all your security gear to
run together smmothly, most people don't have the time to do that.

My post was a compliment to Avast - - It seemed to be effective in
finding and eliminating more than several other applications did not.

Luck of the draw, no scanner is 100% perfect, even the best can
occasionally miss stuff, picked up by other scanners.

 

[Aaron]

I think you're asking too much of him. He talks about how much
research he has done, but doesn't know that Zone Alarm is not an AV,
and somehow managed to get Trojans while using Mozilla as a browser.

It's common for firewalls to bundle/intergrete AVs and vice versa. I read
even AVG had done it in the past with Kerio and is now spotting a beta
version with a firewall. I admit though it was confusing since to most
people ZA is just a firewall.

I might be wrong, but you seem to be thinking the OP is bashing mozilla. He
doesn't seem to be, since we all know that there are multiple avenues to
get infected by malware

 

[Slip Kid]

To anyone who is not seeing the forest for a couple of trees:

I admit, I made a mistake. I admit I confused Zone Alarm (the firewall,
with e-trust, the firewall). I don't know if (or why) that confusion
matters?

Again, the reason for confusing the two: I had run ZA for years -- The
e-trust firewall and AV came on a disc with an W2k SP4 disc. The GUI
for the firewall is identical to that of ZA. It sure looked like ZA!
Further, when I attempted to upgrade to "ZA" it said I already had it on
my machine? So, I called e-trust, ZA - Sorry!

Regardless, I was running a firewll, an AV, S&D, Webroot - as resident
scanners and did system scans every day with one of the apps.

I also ran Xsoftspy (free) as a sweep and none of them even hinted as to
why I was having 'new sites pop-up' for the past several weeks. _I knew
it was not the fault of Firefox as it was still 'blocking'!_

It wasn't until Sysinternals task manager indicated I had an .exe
running that I had a clue to what my problem was. No, Hijackthis failed
to eliminate the trojan, I understand that is not it's "job". They were
helpful, but their advise suggested the solution to eradicate it might
demand a re-install.

So? Several 'security' apps failed me and I doubt if the it is fair to
expect the average user to analyze their system with a more
sophisticated task manager or Hijackthis.

----> Face it, not using IE or OE, --- running AV and a few anti-weird
stuff apps is being done by ---- Oh, less than 5% of the users?

----> I did not hint it was a fault of Mozilla. I have absolute
confidence in Firefox and Thunderbird. Why would my header reflect I am
using app I still don't trust. In fact I have been a big booster of
Mozilla and my main selling point is the security aspect. (I've beefed
up both with additional extensions.)

----> Nor did I infer that a firewall should have helped me.

_Read:_ My question concerned the inability of the firewall to act as
a 'good firewall' (made by the same outfit that made the AV). Yes, I
erred in accusing ZA when it was e-trust. I believe I have good reason
for confusing the two. Regardless, I had been getting updates and was
current to the moment with all my apps.

---
My point:

_It is all well and good to speak of how there is no single method to be
secure?_
_How many people are *not* using IE or OE, plus using a firewall, AV and
two or three anti-spy/anti-trojan,hijack, malware....?_

My guess of 5% is probably much to high.

Then, a single, AV scan from another app on another machine (I have a
tiny network and let Avast take a shot at this machine) finds several
instances of two pests!

It seems as though people are falling over each other covering their
asses.

Each OP can find fault in a *part* of my dilemma? I think my bases were
covered by not using IE/OE, with a firewall, AV and a few resident apps
& daily scans that were updated as often as possible.

It has been admitted that one of the proggies should have stopped/found
the problem well before Avast.

Yes, the old adage that "a false sense of security is no better than
none at all" is fitting. I suspect there are some OP's that are
whistling past the graveyard right now. No, you can't prove the
negative and you can only claimer that you've been lucky - - so far.

The firewall issue aside, (I didn't expect much from it) I don't believe
many people went to the means I do and I not only ended up with a sick
machine? None of the apps (which let it in) found it, let alone got rid
of it?!

Feel free to find a problem with a tree or two in my forest? I don't
believe anyone is *not* as vulnerable as I was.

Of course you won't know till it happens -- To you.

 

[Aaron]

My point:

_It is all well and good to speak of how there is no single method to be

secure?_ _How many people are *not* using IE or OE, plus using a firewall,
AV and two or three anti-spy/anti-trojan,hijack, malware....?_

And what about those of us using more?

Heck even if you use 10 different AVS and antispyware you could still be
infected. Add on good user practises such as using only none-admin accounts
for ordinary use, and you can be pretty secure (say 99%), but never 100%.

Get used to it.

My guess of 5% is probably much to high.

Then, a single, AV scan from another app on another machine (I have a
tiny network and let Avast take a shot at this machine) finds several
instances of two pests!

Get over it, security software fails. There is way too much malware out
there to be covered by one. Using more than one, reduces the chances of
missing stuff, but isnt a 100% guarntee either.

Personally, I dont know why you were surprised , repeated unexpected
popups are a big giveaway that something is wrong.

It seems as though people are falling over each other covering their
asses.

What? AFAIK none of the posters in this thread are remotely connected with
any of the security apps you mention, "covering of asses" seems
unnecessary.

Each OP can find fault in a *part* of my dilemma? I think my bases were
covered by not using IE/OE, with a firewall, AV and a few resident apps
& daily scans that were updated as often as possible.

And yet you were infected. So this either means there was a lapse in your
user behaviour, or one of your apps fails or both. The former happens to
almost everyone and the latter happens to even the best apps.

My take is that you think you have done everything right ,and just want to
blame the security software you were using. Fair enough, that could even be
the truth, but on the other hand, user error also often plays a big role.
If you dont ever visit dubious sites, or download an install programs from
dubious sources, you need to rely less on security software to protect you.

Note, I'm not saying this is true in your case, since I dont even know you.

Yes, the old adage that "a false sense of security is no better than
none at all" is fitting. I suspect there are some OP's that are
whistling past the graveyard right now. No, you can't prove the
negative and you can only claimer that you've been lucky - - so far.

Welcome to the club. The rest of us already know that regardless of how
much security software you use, how knowledgable and smart you are, there
is always a chance you can get infected.

It seems something good as come out of this espiode , if you realise this.

The firewall issue aside, (I didn't expect much from it) I don't believe

many people went to the means I do and I not only ended up with a sick
machine? None of the apps (which let it in) found it, let alone got rid
of it?!

Actually there are quite a few paranoids like myself that go beyond what
you do, backed up with knowledge and experience,and there are many who do
less than you. And so far, so good.

Feel free to find a problem with a tree or two in my forest? I don't
believe anyone is *not* as vulnerable as I was.

Believe me, we are all vulnerable though some of us are less so.
I wouldnt be so arrogant though to think that because I run a couple of
security softwware and run alternative browsers, there isn't room for
improvement.

To be honest I dont know what your point is, other than to moan about how
your security software failed you. That is assuming if it wasnt a case of
PBKAC.

So? I guess I'll stick with Avast. My only concers is whether the ZA

Firewall is any good!

And when AVAST fails what will you do then? . As for your question
about ZA.. It's adequate though I think it lacks the component monitoring
of the pro version so it fails to recognise malware phoning home, when it
intergretes itself to IE as a BHO.