Unfortunately it always takes Two or more to tango.
I prefer the foxtrot.
An interesting point fro the recent review of anti-virus software. One AV running with Windows firewall missed a Trojan which was able to disable the firewall:
It ignored several Trojans, one of which successfully disabled the Windows firewall, allowing potential attackers remote control of the system.
http://www.computershopper.co.uk/labs/220/anti-virus-exposed/products.htmlZone Alarm AV also missed some Trojans, but as it includes ZA firewall the story was different:
The anti-virus scanner missed four of our Trojans. But when one tried to contact the internet the firewall stopped it.
http://www.computershopper.co.uk/labs/220/anti-virus-exposed/products.htmlThis sort of result leads me to recommend a third party firewall,and I'll continue to do so on the forum. Whether anybody takes my advice is up to them.
As stated in the SpywareInfo newsletter, a good firewall should encrypt its settings so that they cannot be altered by malicious programs. This is very different to having settings stored in the registry. The fix for the problem mentioned seems to be forcing the display of exceptions in Windows firewall.
These sort of past (and present) weaknesses make me suspect that once an infection has occurred, it may never be possible to clean out every registry change made that might affect Windows firewall. I'm going to continue recommending a third-party firewall. Again, whether anybody takes my advice is up to them.
Now if you'll excuse me, I've got a fare waiting in the cab.
Where to gov'nor?