Re: Do Antivirus Programs catch DLL files?
From: John Doe (xxx_at_yyy.zzz)
Date: Wed, 15 Jun 2005 04:17:13 GMT
your\'re blowing my mind, but thanks for the reply I get it. So do I need
anti virus program? I would get one, they are a apain to keep up with the
updates. Have put them in but nothing ever happens. This is a pain in the
ass, what's up with that?
"Duane Arnold" <Notme@notme.com> wrote in message
> John Doe wrote:
> > I do not use an antivirus program. I never open any files, so assume I
> > safe. I just browse around. I DO use both hardware and software
> > firewalls
> > and am careful about IE settings (Win 98) and firewall settings. Of
> > course there are a million settings, I try to disable everything and
> > ease off until the thing works ok.
> That's flat out bad business on the root based Win 9'x O/S that you're not
> using a good AV application. The only real thing you have going for you is
> that no one is really coming after the out dated Win 9'x or ME O/S(s) like
> they are coming after the Win NT based O/S. A Win 9'x O/S can be infected
> too and you're lucky that has not happened or you don't know that it's
> happened, with using IE or OE.
> > My software firewall is constantly giving warnings about new (updated)
> > files being loaded. If these DLL files are corrupt, will an anti-virus
> > program catch it?
> Application Control in PFW solutions use time and date stamp, program
> version, checksums, etc to determine that an exe, dll or other program
> types have been changed since the last known snap shot of those attributes
> were approved by you for the program execution. And of course the App
> Control is going to stop execution of a program that has had those
> attributes change when compared to the last know snap shot.
> Of course AV have signature files with file name in it like johndoe.dll to
> detect a malware program file type. But on the other hand, johndoe.dll may
> not be in the AV signature file at the time of the exploit. Some AV(s) use
> heuristic technology for malware detection as well.
> The NAT router you have does it have logging whare you can use a logviewer
> like Wallwatcher or others so that you can review inbound and outbound
> traffic to and from the router for possible dubious connections to remote
> Duane :)