Software is able to access internet even if blocked all access in my firewall

Discussion in 'other firewalls' started by Niels, Sep 7, 2008.

Thread Status:
Not open for further replies.
  1. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    Dear,

    Some time ago I got Infected with Internet Antivirus. I blocked all executable files in my firewall which is part of BitDefender Total Security 2008. I thought that it was now impossible for the program to update but it was able to do so. I could see it because the files that were putted inside the installation directory were indeed changed.

    I even opened the section of BitDefender firewall were you can see all open ports or processes which are sending or receiving packets. I couldn't find anything suspicious.

    How is that possible?

    Thanks in advance,
    Kind regards,
    Niels
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Niels,

    First I need to ask. If you have an infection that you can see, then why is it still there. Would you not be better to remove it.

    I would say to remove the infection, not attempt to control its internet access.

    From the point of its outbound/updating, there are many ways such as control of other applications already given internet access (as simple example: dll injection)



    - Stem
     
  3. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    Dear Stem,

    First I want to thank you for your prompt response. I really appreciate that.

    Sorry that I didn't mentioned in my opening post but Internet Antivirus is removed. I contacted BitDefender support and after an update Internet Antivirus was found and deleted. I can't say that it's completely removed but I couldn't see any pop-up's anymore also the installation directory wasn't there anymore. I denied access as a temporary measure so the program wasn't able to update itself because it wasn't yet detected by my antivirus.

    When this happened only iexplore.exe was connected to the internet. I couldn't find any other executable files that had access to the internet.


    Kind regards,
    Niels
     
Loading...
Thread Status:
Not open for further replies.