greetings.......
i recently began using findnot.com to add privacy (and protection) while surfing. mcafee security luckily caught two trojans that attempted to jack my pc while i was using findnot. how is this possible? my ip did not show up on whatismyip.com so i know i was running through findnot's vpn 128 bit encryp. proxy tunnel. please note that i'm still educating myself with net terminolgy/technology, so if you're a techHead, dumb it down a bit :) thanks much
s.1.

Findnot.com won't keep you from catching the nasty drive-bys. The browser is still residing on YOUR pc. FindNot.com is a privacy service:

Anonymizes ALL your internet activity !
Your real IP address is never revealed !!!!

* Protects you from being nuked, hacked or tracked!
* Anonymizes ALL web browsing (including https)
* Anonymizes ALL email (Outlook, Hotmail, Yahoo, etc...)
* Anonymizes ALL P2P file sharing (Kazaa, Morpheus, etc...)
* Anonymizes ALL chatting (ICQ, IRC, Messenger, AIM, Yahoo etc...)
* Anonymizes newsgroups.
* Anonymous email account with 50 MB storage (you@findnot.com).
* Anonymous file storage.
* Anonymizes you at work or at school even behind restrictive firewalls!
* Anonymizes with 128bit Encryption so even your ISP can't spy on you!

They can't protect you from active-X nasties, trojans, etc.
Funny that you're trying them out. I am too! So far I am really impressed with the service. It's great for what they do. But they don't stop trojans. :(

thanks for the response............

1.) so my best option in fighting trojans is to simply keep my security software (mcaffee) updated and current?

2.) i also noted that findnot offers their own security suite but offer little detail on what it actually does. any details, anyone?

s.1

The "Security Suite" they speak of on their home page is the suite of security SERVICES. Anonymous FTP. newsgroups, browsing, email chat, etc....

I think you are looking for protection from malware. Findnot is a PRIVACY suite. This is one of those times when they are talking about "security" in a different way than what we usually talk about it here.

It seems to be a great service for what it is, but I'm not sure it's what you are looking for. To fight trojans you need a good AV and a designated AT (anti-trojan). Try Ewido or Trojanhunter which are both good for those new to all of this. Good luck!

-{ Quote: "
1.) so my best option in fighting trojans is to simply keep my security software (mcaffee) updated and current?" }-Use Process Guard 3 and Trojans become a thing of the past.

Hope this helps...

Cheers ;D

blackspear, help is on the way-thanks for the info.

i'm going to look into PG3.....from reading other posts, it appears to be a great program.

as far as AV progs go, where does mcafee (which is what i use) rate among other AVs?

thanks again

s.1

-{ Quote: "Use Process Guard 3 and Trojans become a thing of the past." }-
Blackspear I usually I agree with most things you post but this seems a bit hard to swallow. You mean to tell the thread starter that with processguard that he needs no anti-trojan software? Because with PG you say trojans are a thing of the past... I think this may be a little misleading to him. I would say PG is great protection to add to an anti-trojan application but not a standalone anti-trojan application the way it seemed in your post.

If I am misunderstanding your post please let me know...

Thanks,

Chris

chris....
even though you might not see eye-to-eye w/ spear's post, i would like to read what you recommend for blocking trojans. again, keep in mind that i'm a newbie to tech terms, so i apologize if some of my questions might be dumb, uninformed, etc.
one thing i dont understand (and i've read many posts and visited many sites to answer this question) is if findnot.com makes your surfing anonyms., then how can a trojan latch onto my pc if my ip is not known to the sites i'm visiting? my roommates pc has been ravaged by trojans so i want to make sure i'm providing the upmost protection for my pc.
and another thing (out of curiosity), when did trojans originate and why do they exist in the first place? i'm sure some of these questions belong in the trojan forum but since this thread started w/ trojans in connection to findnot, i guess i'll keep firing away in this forum.
again....thanks to everyone for the discussion........................

s.1

-{ Quote: "chris....even though you might not see eye-to-eye w/ spear's post, i would like to read what you recommend for blocking trojans." }-
First let me say that I am not trying to discredit Blackspear. He probably has way more knowledge of virii and trojan than me but I may be misunderstanding his post. I do agree that ProcessGuard is very good at helping to prevent trojans but I also think that a user needs to have a good anti-trojan as well. I would recommend Ewido or Trojan Hunter. Also to have products like RegDefend and Regrun which work great together are just another addition to the multiple layers of security one needs. There are more things you can add but depends on how secure you want to be. If you want more software ideas let me know.

-{ Quote: "one thing i dont understand (and i've read many posts and visited many sites to answer this question) is if findnot.com makes your surfing anonyms., then how can a trojan latch onto my pc if my ip is not known to the sites i'm visiting?" }-
Well just because your ip is hidden does not mean that you can't get a trojan. To put it simple. You are still able to download files from the net so trojan files are still able to download to your PC if they want. The only thing this type of anonymous surfing does is protect your PC identity. I am not that familiar with findnot.com but I would think that all it is doing is keeping your IP address hidden from the sites you visit.

Hope this helps,

Chris

chris.......
thanks for the info.
my new pc is nearly a week old and it came w/ mcafee security center. mcafee prevented the two trojan attacks but i'm afraid of future trojans slipping under the radar. will mcafee provide me good protection (assuming i keep updating mcafee) from trojans and assorted viruses?
when i started this thread i had no idea it would extend to these other issues but (as i'm becoming more informed) the net can be a minefield if you dont have adequate protection. i want to stress that i'm not a techHead so any software that you (or any other forum members) recommend needs to be on the user-friendly side.
once again, thanks for the input...........................

s.1

-{ Quote: "Use Process Guard 3 and Trojans become a thing of the past.

Hope this helps...

Cheers ;D" }-

Is PG going to tell me that this hot new piece of security software I want to install and run is actually a trojan?

A well documented analysis of Process Guard 3 can be found HERE (http://www.commontology.de/andreas/win_secure_pg3.html) which was taken from this thread. (http://www.wilderssecurity.com/showthread.php?t=56848)

Why I said what I did, is that PG3 stops dll injections which are typically used by today’s Trojans, there is another thread HERE (http://www.wilderssecurity.com/showthread.php?t=45540&highlight=injections) on dll injection prevention.

On another point I ALWAYS recommend a layered defence as can be seen HERE (http://www.wilderssecurity.com/showthread.php?t=62972). As well there are discussions HERE (http://www.wilderssecurity.com/showthread.php?t=45284&page=1&pp=25) and even more HERE (http://www.wilderssecurity.com/showthread.php?t=43117).

Hope this helps...

Let us know how you go.

Cheers ;D

-{ Quote: "Is PG going to tell me that this hot new piece of security software I want to install and run is actually a trojan?" }-No, but use of imaging software that I recommend as part of a layered defence will, in that you can roll back to a previous image.

Cheers ;D

-{ Quote: "...where does mcafee (which is what i use) rate among other AVs?" }-It rates up there, see AV-Comparatives (http://www.av-comparatives.org/) and Virus Bulletin (http://www.virusbtn.com/vb100/archives/index.xml), both independent testers.

Cheers ;D

-{ Quote: " my new pc is nearly a week old and it came w/ mcafee security center. mcafee prevented the two trojan attacks but i'm afraid of future trojans slipping under the radar. will mcafee provide me good protection (assuming i keep updating mcafee) from trojans and assorted viruses?" }-
spice1, there is absolutely no reason to dump McAfee, they are constantly in the top 3 with regard to detection, 98,04% in the last AV-Comparative behind only Kaspersky 99,65% and Norton 98,31% (a first for them so high, i think) and have a strong trojan detection, so your decision should be if you like it or not.

Some free choices to add to your security:

Spyware/Adware

Spybot (http://www.safer-networking.org/en/index.html)
Ad-Aware (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5)
Spywareblaster (http://www.wilderssecurity.com/showpost.php?p=396946&postcount=1)
Microsoft AntiSpyware (http://www.microsoft.com/athome/security/spyware/software/default.mspx) still in beta, but has a residentprotection, unlike Spybot & Ad-Aware (pure scanners).

Trojan-scanners, who also have free versions:

Ewido (http://www.ewido.net/en/) it's a full version for 14 days.
A2 (http://www.a-2.org/en/)

Trojan-blocking:

Process Guard (http://www.diamondcs.com.au/processguard/) try the free version and see if it's something for you, not with all the options of course, but will give you an idea.

I noticed Virus Bulletin gave McAfee a FAILING grade. What a joke! AVG passed VB and wasn't even tested by AV Comparatives. AVG is fine, this "they don't have good detection rates" is just wrong. It seems to be said around here a lot, but very flimsy evidence. By the way, SC Magazine likes AVG a lot. They don't even advertise! Among major AVs there is not a dimes worth of difference. Six of one - half dozen of the other. The differences are in user interface, support and resource usage on your PC. For anyone to tell you otherwise is simply not true. The major AVs are all between 97-99.9% detection - and that includes Grisoft's AVG. The "which is better" argument is finished as all the majors are performing well.The differences are in what I mentioned above. God, this "X is better than Y and Z has weak detection rates" is getting old.

-{ Quote: "God, this "X is better than Y and Z has weak detection rates" is getting old." }-No one mentioned this except you.

Cheers ;D

-{ Quote: "No one mentioned this except you.

Cheers ;D" }-

You're right. I was cruising from thread to thread and I saw it i the thread before this. You must admit, it is said a lot and the "X is better than Y" is an old discussion STILL around here (if not in this thread....sorry).

-{ Quote: "You must admit, it is said a lot and the "X is better than Y" is an old discussion STILL around here (if not in this thread....sorry)." }-Sure, though I am biased being a Nod32 Reseller, and in my opinion, rightly so, I have been proven wrong twice in over 3 years of hundreds of people bringing their PC's into my shop with Norton or AVG installed and believing their systems are clean. Yet again last week we had another, this time there was a RemoteAdmin Trojan, he headed home with Nod32, additional security and advice to go a change all his passwords. This client had a fully up-to-date Norton scan saying it was clean, he had then downloaded and installed AVG and that too said he was clean. Nod32 picked up the Trojans and 2 old Kakworms.

Cheers ;D

The key thing here, in my view, is web-filtering - anonymity services will not (and should not, it is not their role) prevent browsers from being affected by malicious Java, Javascript or ActiveX. It is still necessary to lock down browser settings (especially if IE is being used!) and use web filtering, either with a firewall offering this feature (most do to some extent, though it is not their core function) or a specialised filter like Proxomitron (www.proxomitron.info) (the most powerful and completely free) or WebWasher Classic (http://www.webwasher.com/client/download/) (easier to use, free for personal use).

Process Guard is an excellent second/third line of defense, but a filter should be employed first. Anonymity services are there to provide privacy, not security.

anonymity services are kinda useless if you use a high anonymity proxy. (anyone want a tutorial on that? lol) well I use mcafee and it catches everything I have. after I use it and adaware and spybot I never have any ads or anything left.