Hi everyone, I’m new to forums and comodo firewall so please be patient.
My first question is in relation to something that the firewall blocks on default settings. Agent.exe, it appears to be OK to me. The file path refers to Install shield but I just wanted advice before I gave it permission.
Secondly, any general advice on security I currently have the following running on XP using Firefox 2 as my browser.
My firewall security software tells me that that InstallShield's "Agent.exe is trying to access the Internet". Why does this happen?
Agent.exe is a part of the InstallShield Update Service. The InstallShield Update Service is a Web-based service that connects your software programs to their available updates. This requires it to use the Internet. Your software provider decides how often the agent will check for an update to your software. However, you may use the Update Manager control panel applet to reset how often these connections take place (or stop them entirely).
It looks just ok! It’s not necessary to have more than that Possible add HijackThis.
No sorry, I have no experience with either one of them.
That’s a good basic, often recommended, set of tools.
The only thing I’d add, is the context in which those tools get used: do as much as you can with a limited user account. If anything gets through, it would still have to do some kind of privilege escalation in order to install itself and make changes to your machine. That’s a fairly tall hurdle.
More specifically, I suggest: never ever handle email with an account that has admin privileges. As a email tool, I strongly suggest something other than Outlook or Outlook Express. Thunderbird is the common recommendation. I have a preference for Pegasus Mail, but that’s just me.
For general web surfing, you’ve already got Firefox. Use the Noscript add-on, and block as much scripting as you can. That will reduce your “attack surface area” tremendously. And do your general surfing from a limited user account. The admin account should only be used to download and install updates and patches.
And any kind of filesharing should never be done from an admin account. And files downloaded thru a p2p network should never be processed by an admin account. Don’t give malware any more opportunity to install itself than you have to.
Use as many accounts as you need. On the machine I’m using right now, I have one admin account, and 5 limited user accounts. Each is for a specific purpose, and makes use of the NTFS permissions and restrictions to keep things contained. And I’ve got pretty much the same set of tools as you list.
you might wanna add CMG (comodo memory guardian) or CBO (comodo BOClean) to the list (unfortunately we can’t use them both, compatibility issue >:( )… and a HAMMER, in case they can’t get the job done. ;D
welcome to the forum Jay1