For example filename m.exe.
At risk of sounding like a computer bimbo, how the heck do I know what to allow?? So far I've only been allowing things I know (firefox, avast, etc.).
Any suggestions?
Thanks =)
Full Version: Question About Sygate Personal Firewall
Hello. I just dl Sygate personal firewall, as recommended by this site. Problem is, I'm not too computer savvy (to say the least) so when it asks about whether or not to allow some programs to access the Internet, I don't know whether to allow or refuse.
For example filename m.exe.
At risk of sounding like a computer bimbo, how the heck do I know what to allow?? So far I've only been allowing things I know (firefox, avast, etc.).
Any suggestions?
Thanks =)
For example filename m.exe.
At risk of sounding like a computer bimbo, how the heck do I know what to allow?? So far I've only been allowing things I know (firefox, avast, etc.).
Any suggestions?
Thanks =)
Usually the firewall pop-up will say weather it is legit (not all the time though, most times it will say unknown)
One way to tell if it is legit it to look where the file is located and see if it is part of a program that is legit. Another way is to use Google or CastleCops. (Since you said your not too computer savy, CastleCops may be a bit to complicated for you so Google is your best shot
.
Do you have any other security programs installed and do those programs have real-time protection enabled?
Regards,
David.
One way to tell if it is legit it to look where the file is located and see if it is part of a program that is legit. Another way is to use Google or CastleCops. (Since you said your not too computer savy, CastleCops may be a bit to complicated for you so Google is your best shot
.Do you have any other security programs installed and do those programs have real-time protection enabled?
Regards,
David.
When I don't know what something is when my firewall pops up and asks me what action to take, I google it.
Thanks for the replies. I have Avast with real time protection.
I tried googling, but nothing helpful came up.
It seems the main apps trying to access the net are:
C:\WINDOWS\system32\m.exe
C:\WINDOWS\system32\DRIVERS\ndisuio.sys
C:\WINDOWS\system32\ntoskrnl.exe
Btw, I'm super paranoid cuz I have a virus and my computer has been giving me all sorts of grief lately =/
I tried googling, but nothing helpful came up.
It seems the main apps trying to access the net are:
C:\WINDOWS\system32\m.exe
C:\WINDOWS\system32\DRIVERS\ndisuio.sys
C:\WINDOWS\system32\ntoskrnl.exe
Btw, I'm super paranoid cuz I have a virus and my computer has been giving me all sorts of grief lately =/
C:\WINDOWS\system32\ntoskrnl.exe is a critical process in the boot up cycle but I have no idea why the heck it would want internet access
C:\WINDOWS\system32\m.exe is a torjan file (from the google research I did)
C:\WINDOWS\system32\DRIVERS\ndisuio.sys, a very mysterious system file is present in Windows XP and is a driver for wireless things such as wi-fi and bluetooth.
ARe you by any chance infected with a downloader?
C:\WINDOWS\system32\m.exe is a torjan file (from the google research I did)
C:\WINDOWS\system32\DRIVERS\ndisuio.sys, a very mysterious system file is present in Windows XP and is a driver for wireless things such as wi-fi and bluetooth.
ARe you by any chance infected with a downloader?
Thanks. I have no clue what I'm infected with. i uploaded my HJthis log on the site, so hopefully I'll find out soon. =P
Well from what I've found m.exe is part of a downloader so I woud NOT let it access the internet.
However, I wish you luck with your virus removal as I myself am having what could be virus issues.
However, I wish you luck with your virus removal as I myself am having what could be virus issues.
Thanks so much =) I definitely will NOT be allowing m.exe to access the net.
good luck with your virus problems.
This site is awesome
good luck with your virus problems.
This site is awesome
In general, a good rule of the thumb about whether to allow internet access is to ask yourself:
1. Do I know that is requesting access? If you cannot identify the application, then do some research and teach Comodo whether to allow or not.
2. Does it make sense that the application would want access at that time? If you launch a IM , for example, it would need access; but if you did not launch it and it was not already open, then a sudden request would be suspicious.
Hope this helps,
John
1. Do I know that is requesting access? If you cannot identify the application, then do some research and teach Comodo whether to allow or not.
2. Does it make sense that the application would want access at that time? If you launch a IM , for example, it would need access; but if you did not launch it and it was not already open, then a sudden request would be suspicious.
Hope this helps,
John
Several years ago when I went searching for a firewall, this was the question that was most confusing to me. How do I know when to allow or block something? I literally searched for weeks, installing this firewall and that firewall to read the complete help files. It was all so technical...the talk about ports, packets, TCP, UDP, special rules etc.
Finally in Sygate's manual it said, if don't think you did anything (clicked to open a website or do something else online) then say "NO", at least temporarily.
That automatically puts that action in "Ask" mode so if it ever comes up again and you realize yes, I did need this after all, you can say 'yes' the next time and tick the "remember this from now on button" Or... if it's something bad and keeps bugging the heck out of you, then you can say "no" and "remember".
Sygate won't bother you about that one anymore, either way. It'll just do its job.
You can also go in the Applications list and make changes there. And if you've totally forgotten why an application is in the Sygate list, you can always delete it. Sygate will catch it again the next time around (if there is one) so you can figure out what it was. That's particularly helpful if some Windows Services are a bit confusing, or you find yourself unable to do something online you know you should be able to do.
This site might help clear up some things about how to use Sygate:
http://www.kotiposti.net/string/SPF_eng/SPFGuide.html
Finally in Sygate's manual it said, if don't think you did anything (clicked to open a website or do something else online) then say "NO", at least temporarily.
That automatically puts that action in "Ask" mode so if it ever comes up again and you realize yes, I did need this after all, you can say 'yes' the next time and tick the "remember this from now on button" Or... if it's something bad and keeps bugging the heck out of you, then you can say "no" and "remember".
Sygate won't bother you about that one anymore, either way. It'll just do its job.
You can also go in the Applications list and make changes there. And if you've totally forgotten why an application is in the Sygate list, you can always delete it. Sygate will catch it again the next time around (if there is one) so you can figure out what it was. That's particularly helpful if some Windows Services are a bit confusing, or you find yourself unable to do something online you know you should be able to do.
This site might help clear up some things about how to use Sygate:
http://www.kotiposti.net/string/SPF_eng/SPFGuide.html
thank you all for your advice. it's been helpful =)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.