I do not use an antivirus program. I never open any files, so assume I am safe. I just browse around. I DO use both hardware and software firewalls and am careful about IE settings (Win 98) and firewall settings. Of course there are a million settings, I try to disable everything and then ease off until the thing works ok.
My software firewall is constantly giving warnings about new (updated) DLL files being loaded. If these DLL files are corrupt, will an anti-virus program catch it? Thanks, DAve
That's flat out bad business on the root based Win 9'x O/S that you're not using a good AV application. The only real thing you have going for you is that no one is really coming after the out dated Win 9'x or ME O/S(s) like they are coming after the Win NT based O/S. A Win 9'x O/S can be infected too and you're lucky that has not happened or you don't know that it's happened, with using IE or OE.
Application Control in PFW solutions use time and date stamp, program version, checksums, etc to determine that an exe, dll or other program file types have been changed since the last known snap shot of those attributes were approved by you for the program execution. And of course the App Control is going to stop execution of a program that has had those attributes change when compared to the last know snap shot.
Of course AV have signature files with file name in it like johndoe.dll to detect a malware program file type. But on the other hand, johndoe.dll may not be in the AV signature file at the time of the exploit. Some AV(s) use heuristic technology for malware detection as well.
The NAT router you have does it have logging whare you can use a logviewer like Wallwatcher or others so that you can review inbound and outbound traffic to and from the router for possible dubious connections to remote IP(s)?
I would say that you need an anti-virus program. I use Avast (freeware) and I'm happy with it. Updates are automatic. There is also AVG (also freeware) and IIRC the updates are automatic for that as well.
Yeah, I would say you need one. But that's up to you as to what your needs are concering this.
I use NOD32 and Eset stays on top of the update of the signature and with the AV program itself at the site. I don't have a concern with it the AV program doing its updates have never caused my any issues on the machines.
Hey, that's good that you have that. But wouldn't it be better to be safe than sorry? But again, the choice is yours.
I gave the OP the information he requested. I am not going to sugar coat it to please others. You know you yourself can come up with something better and present it. I got no problem with it. But I don't see that happening.
Duane, anybody- I installed Norton AV so that delayed my reply. Also I promise not too drink so much before making posts in technical ng's. YOU are NOT the pain in the ass, all this software is, oh well. This is an example of what I don't understand. Shortly after loading my new AV, I start IE and do a search at yahoo and I get this warning from firewall:
Well it's back to the last known snap shot of all known dll(s) that you have approved to access the Internet or execute with the FW'S App Control.
And it sees that the Notron AV install has laid down MSSIP32.dll and the files's date and time stamp, version number or checksum is not the same has for the file that the FW's Application Control knew about it and stopped it and you must tell App Control yes or no.
The second one ccvrtrst.dll is a Norton AV dll and since Norton was just installed, again the FW'S App Control has stopped it and you must respond yes or no.
Everytime you install something on the machine that lays down new or differnet versions of exe(s), dll(s) or whatever program file type. App Control on the PFW solution will know about it and you must make the determination if it's ok or not ok to execute and communicate with the Internet.
If you did a Windows security update and new or different exe(s) or dll(s) or whatnot program file types laid down on the machine, then guess what you need to do?
I you don't want the FW'S App Control to do any checking, then you disable it and it won't check anymore.
What's yahoo have to do with this? It has nothing to do with it. It looks like IE started and somehow the above dll(s) linked or tied to IE in someway are being accessed and run with IE when IE is running and the dll(s) have changed or are new when IE is using them and the FW's APP Control knows about this change and is stopping their execution and Internet access, until you indicate yes or no.
Here use this it's called Process Explorer and go checkout IE while it's running and see all the hidden processes that are running when you tell IE or anyother EXE you see in the list is running.
You can right-click IE in the upper-pane and select Properties and it will tell you everything.
You can select menu View at the top *Show Lower Pane* and Show All DLL(s) it show you everything that running with the process/program and you can right-click there too.
formatting link
It should give you a *clue* as to what is happening. If the APP Control sounds off and it's not due to some install you have done, then you should investigate as it could be malware -- thats the reasoning behind App Control in a PFW solution.
I don't like App Control in PFW solutions as they can be circumvented and defeated. So I suggest that you don't use the snake oil like a crutch.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.