I just happen to live in a country where internet connectivity is probably only available to less than 10% of all operating PCs. Even then, the most common connection method is by modem - and quite slow and unreliable at that. This means that very few PCs EVER get Windows updates or anti-virus updates. Often PCs will have installed AV software only (not being on a network at all) and signatures up to 2 years out of date.
This really is a sneaker-net world with the USB stick as everyone’s network. And of course, every PC is set (by default) to autoplay and autorun. Viruses and malware are rife. But what is happening lately is a lot of worms, trojans etc. are slipping past what AV protection there is because AV software alone does not promise to handle spyware.
I have the latest CPF3 and have been running CPF since moving from the Kerio firewall a while back. I have had no problems at all apart from (perhaps) being annoyed by having to re-do my firewall rules each upgrade. I am lucky enough to have access to an internet connection that keeps me up-to-date.
I have been involved in a lot of virus removal of late, partly because I can actually get AV updates for people who otherwise can not. But the spyware is slipping through.
My specific CPF question is “how extensive is the CPF spyware protection?” and how effective is it in handling spyware injected by auto-running USB sticks? Does it include the features of BOClean or should I consider running that as well ?
From a normal user’s perspective, one don’t understand why one has to talk about firewalls, intrusion detection, viruses, spyware, worms, trojans. And I am not 100% clear on how many of these I need. Do I need real-time spyware detection on top of CPF along with the AV software ? I am considering “Threatfire” but is this duplication ? Personally I use Spywareblaster which prevents me from getting internet-sourced spyware - I check regularly with Spybot and never have a problem.
This all came about when a friend got a bit of spyware that the AV did not detect (and specifically says it does it) so he installed a 2nd AV software on top of the 2 anti-spyware programs he was already running. And he still can not get rid of this particular spyware. I now know how to get rid of it and have lost a lot of confidence in my knowledge of what malware software actually does what. I am seeing the detection rates of different software AND the capabilities of each to undo the damage done. None of them actually do the 100% cleanup job.
Yes, I have a USB stick with the spyware on it and am wondering what I should do before plugging it into my CPF3 protected PC. I do have autorun turned off on the USB port concerned. This new world of running multiple bits of software just to keep one’s PC ticking over is getting difficult for your average Joe who is responding by doing nothing or throwing the kitchen sink at it. How much of the kitchen sink is in the new smarter CPF3 ?
Sorry if this should have been posted elsewhere. I hope Melih is listening. Tesekkur ederim.