PC AUDIT

If you know a program is suspicious then yes, you could block it from running with SSM. But what if it was part of a supposedly legitimate application? The test here is whether SSM can alert you to suspicious behaviour - if a screensaver tries injecting a DLL into your browser and terminating your firewall (which SSM will detect in most cases) then that is the point at which most people's suspicions would be raised. Not all malware will be called evil-exploit.exe.

With Execution Protection enabled, yes.

If you use Internet Explorer and have not been keeping up to date with patches, it sure can. Even if you are up to date patch-wise, you could still get burnt by someone using an exploit not yet discovered, acknowledged or fixed by Microsoft.

In essence you are saying don't download anything - because without disassembling and analyzing every program beforehand, you can't be sure of whether they have malicious code or not. Hence the use of signature scanners (AV's and AT's) for "known" malware and behaviour monitors (firewalls, process monitors, registry trackers) for the "unknown".

 

Paranoid. Most people get a computer get online and not have an AV or firewall. They go and see these cool things like take themexp.com or a site like it that offers themes, wallpaper and such. Someone new to the internet can stumble on these sites and download stuff that eill put ads on their computer. Next they get a slowdown and start to panic and next you see them posting help anywhere and I mean anywhere. They get HJT run it and their computer is filled with bad junk. Now my post was refering to people that don't have computer knowledge. I mean They don't know what they are downloading and where it came from and who made it.

As you said SSM will catch most if not all the DLL injection. I think Sygate will catch most also.

If people would have a well rounded security setup they should be ok. I mean like AV, AT, Anti Spyware program, browser that isn't IE and a firewall. Thats the basic to start with. I wouldn't suggest them to go out and download HJT and mess with that being that it could mess up their computer if they do something shouldn't

But back to the topic at hand. PcAudit is just another program there to pretty much scare you into beleiving that everyone is out to get you (not you persay, anyone). If you know security or hand around forums like these you should get a good feeling of what to do in cases like this. I'm not going to download and run PcAudit because I have nothing to prove to myself. I feel safe.