Re: Is there a risk with firewalls?

Dear Alf,

Other people with the same configuration may have the same problem and
not recognize it! It occured only once during the vulnerable period and
AntiVir Guard caught it. There were however some six of these files on
my PC from earlier unrecognized events. I am sorry I erased them all
and did not keep a copy.

I have observed with an earlier version of ZoneAlarm, that immediately
after booting up, a ping comes in. It is either from the IPS or from some
other scanner. So there is a way to find PC,s which have just booted
up. This could be the reason why I have been hit with that malware, rather
than by malware residing on my PC calling out for more malware.

Newer versions of ZoneAlarm have done away with this reporting be-
cause it led to very frequent reports which were apparently a nuisance
and not of concern.

To answer your question whether I am running a server: I do not.

Greetings and thanks
GR.


"@lf" <alf@xxxxxx> wrote in message news:f5dlv0$76m$1@xxxxxxxxxxxxxxxxx
NoSpam wrote:
...
I have scanned the systems several times and no reports of malware
have come up.
...

That is good, maybe you are lucky. But, let think, are you only one
persone on world using Win2000 with ZA? No. Does other people having
similar configuration like you have a same problem? (downloading of
malware during mentioned period)? I belive not, am I wrong? Why do you
have? What is the reason? It does not have to be malware, but
probability is high. Try to scan with some on-line scanner (Kaspersky is
OK). You can also try to download http://www.hijackthis.de/en rename it
for example _root_dummy.exe and submit log to mentioned site.
Best would be to ask somebody, who knows more than you, to check your
hijackthis log and system for misconfiguration. Something is definetly
wrong on your system. Are you running some server applicatons?
http://www.antirootkit.com/software/IceSword.htm this is interesting
utility, you may find it usefull. Check running processes and listening
ports.

NAT router will prevent dowloading of malware in future, but it will not
fix your system, you have to do that.


.

Relevant Pages

  • Re: are porn sites a huge security risk?
    ... I haven't coded any malware but I ... I've repeatedly listed the configuration of my system ... The bear went over the mountain to see what he could see. ... Hey! ...
    (alt.comp.anti-virus)
  • How (not) to create malware (TSPY-Agent.EA) with VC++ .Net?
    ... with release-build-configuration, the tool from trendmicro finds in the ... created exe-file the virus pattern from TSPY-Agent.EA. ... McAfee, Sophos, and Kaspersky do not find any malware both in the ... Here the configuration for the debug-version: ...
    (microsoft.public.security)
  • Re: Windows booting a loop into config screen
    ... Once at the Advanced Options menu with the ... Last Known Good Configuration and Start Normally ... Hey Rock, thanks for the reply. ... board so shoudl eb free of malware? ...
    (microsoft.public.windowsxp.general)
  • Re: computer slow then clicking on "my computer"
    ... Last good configuration? ... Malware scans? ... A farmat and reinstallation may be needed but without more information ...
    (microsoft.public.windowsxp.general)
  • Re: IE6 Stops Working After 10 Minutes
    ... No one program can remove all malware. ... you may have to post a HijackThis log ... It's a busy forum. ... I do this for a living and trust me DNS, ...
    (microsoft.public.windows.inetexplorer.ie6.browser)