Trojan trouble

ZA free firewall 4.5 fails pcaudit and other leak tests. The only defense seems to be ProcessGuard free which flags me and will not let it run without my permission. Can anyone explain in simple terms how these tests can slip through firewall when all progs are set to ask permission? Am I wasting my time trying to secure the PC with AV and several anti spy/ security progs?
As far as i understand these trojan/ mawlare need to inject themselves into genuine processes that have internet access through firewall. Is there any way to stop this. What is a sandbox and will it help?

If I get an extra external drive and place my personal data on that then connect it to computer when I want to use it and disconnect it when sufing will that protect me? Or will the fact that it was conneced to PC leave a record somewhere that a trojan can access

[Pilli]

Hi nospieshere, As this is not directly a TDS support question as TDS3 is no longer supported by DCS for some of the reasons you have described in your post, I thought it would be better placed in this forum as you are covering quite a big question regarding firewalls, AVs and ATs etc.

Personally I prefer proactive programs such as PG and RD for my protection, using these to protect my other security apps and stopping many of the current new wave of attacks such as rootkits.

Pilli

Quote:

Originally Posted by Pilli

Hi nospieshere, As this is not directly a TDS support question as TDS3 is no longer supported by DCS for some of the reasons you have described in your post, I thought it would be better placed in this forum as you are covering quite a big question regarding firewalls, AVs and ATs etc.

Personally I prefer proactive programs such as PG and RD for my protection, using these to protect my other security apps and stopping many of the current new wave of attacks such as rootkits.

Pilli

OK sorry if I posted in wrong place. You write" Personally I prefer proactive programs such as PG and RD for my protection" Is this good enough the firewall is vulnerable to leaktest BUT only if I allow it by PG. Is PG a sandbox program? I do not understand sandbox. I am googling as well

[Pilli]

Quote:

Is PG a sandbox program? I do not understand sandbox.

PG is a type of sandbox with regards to processes, once set up, no .exe can run without explicit permission of the user, this is done using PG's security list, on top of that is the process list which can give protected processes specific permissions, in addition there are several global protection methods for services, drivers, global hooks, physical memory, dynamic .dll injection and Close Message handling.

Go to www.diamoncs.com.au for further information about how PG deals with these attack vectors.

RegDefend protects specific areas within the registry which can be user defined, visit www.ghostsecurity.com for more in depth information and is a very capable program protecting areas not touched by PG.

HTH Pilli

I downloaded Sandboxie but am not sure how to use it . If I run IE in Sandbox does that mean it willl not be vulnerable to trojan/ DLL injection?