Firewall

[MFB]

I am crazy when it comes to a virus, spywares I don't really much worry cause they are very easy to remove as long as their in my temp files (And of course my antispyware).  When there is a virus I will try to remove immediately.

[Umath]

This thread is growing fast...   Anyway, thank you for your reply, David.

What was the URL of the svchost leak test?
What firewall were/are you using?

Didn't I expect you to know everything?

The URL and I'm using Kerio 4.1.3.  As long as I use svchost for DNS resloving for my router, I can't think of what I can do with my PC.

I tend to keep with firefox as my primary browser where ever possible because it doesn't use activeX, BHOs and isn't an integral part of the OS, this makes it (IMHO) less vulnerable than IE.

Me, too.  As a main browser, I am using a Mozilla alternative with java turned off although the default browser for OS is still IE, which is denied by Kerio's simple sandbox function called system security.

If you lessen the risk of attack (the program has to get in first), you lessen the risk of this type of outbound connection being initiated. Another thing I do is to restrict the rights of your browser so you are not browsing whilst logged on as a user with administrator rights 'MS Drop My Rights' can do this just for apps that connect to the internet so you can remain logged on with administrator rights.

Well, I'm just another sorry mortal who is on XP Home but I guess I can configure user rights by each app through safe mode.

[DavidR]

Thanks for the URL, there is no need to configure user rights manually MS have given us a tool to do the hard work all we have to do is create some desktop icons and modify some things in it.

DROPMYRIGHTS - DropMyRights
DropMyRights - Browsing the Web and Reading E-mail Safely as an Administrator

For ease of use I would suggest that you create a folder called DMR (on the C:\ drive) rather than the default location burried in the documents and settings folder. This makes the path in your shortcut much shorter, but this is your choice.
For each program (browser, email program, etc.) that you want to run with restricted rights you need to create an alternative desktop shortcut to launch it via DropMyRights.exe.
The target location in the alternative shortcut would look something like this - C:\DMR\DropMyRights.exe "C:\Program Files\Mozilla Firefox\firefox.exe". What this is doing is calling the DropMyRights.exe, which launches the program with restricted rights.
You will need to change the icon as it will look like a plain old MS DOS icon, rather than the original programs icon.

[Umath]

I see.  I didn't notice it was a proper noun.

Then, it's not for Trojans or intrusive attempts but for possible application exploitations when browsing or checking e-mail...I remembered my old days when I was using two profiles (one with high security and other with lower) for pre-AOL Netscape.  Now I am using an IE alternative (mainly for Windows Update) and a Mozilla alternative so I don't feel the needs of DropMyRights...for myself.

However, it is such a nice app and I put it in PC of one of my families as a well-intentioned "trojan" so that he can browse the net/check e-mail safely while I can update his PC by directly accessing IE (I replaced "real" shortcuts with DropMyRights ones).  In any case, thank you for introducing me the app.  I always envied "immortal" Linux users who are able to set user right for every single file.