I've answered your HJT log here:http://www.bleepingcomputer.com/forums/ind...38entry218638
Since Aluria and Earthlink have just come out with this firewall I thought it would be better to post about it in this thread and forum so anyone else with questions about it will know what's going on. Here are some pages that will give you some more information:http://home.businesswire.com/portal/site/g...323&newsLang=enhttp://www.earthlink.net/software/free/pcc/fw/http://www.aluriasoftware.com/homeproducts/firewall/
I looked around the Earthlink support pages yesterday and could find no FAQ's or how-to articles about the firewall--I imagine it's so new they haven't had time to do that yet.
If you still want to remove any Aluria from your system I would suggest contacting Earthlink support. It's unclear to me whether or not you can just uninstall the firewall by itself or if you would have to uninstall the EarthLink Protection Control Center, if that can even be uninstalled seperately.
If it were me, I would uninstall Eartlink's entire software package. It's not required for Earthlink's service and can be a real drag on your system. I know from experience as Total Access was installed on my system up until June of last year.
Their security tools are actually pretty good. SpyBlocker is their version of WebRoot SpySweeper, which is just about the best commercial anti-spyware out at this time. And it's free thru Earthlink.
VirusBlocker I believe is actually a Symantec/Norton product. I don't care much for Norton's bloat and I believe you have to pay an extra fee thru Earthlink for it, but it is an established anti-virus.
I would be leary of Aluria's Firewall. They make a pretty good anti-spyware app, but the firewall is so new I would imagine that it would be somewhat buggy, especially since this isn't their area of expertise. And as you pointed out their association with WhenU is somewhat questionable and I don't like that they don't offer a trail version of the firewall. If they did I could download it and check it out to see if it's worth having.
The other thing about these security tools Earthlink and other ISP's offer is that they don't give you much control over the program and what it is doing. You have to be on your toes with all that is out there today and keep an eye on your security tools to make sure they haven't been compromised. ISP software tends to lull one into a false sense of security by oversimplifying it and wanting you to think their tools can take care of it automatically. It's a selling point for them. But malware is very good at getting around automatic tools now.
So I would suggest uninstalling Total Acces completely and install independent security tools. Use this as a guide to what you need for your security:
Simple and easy ways to keep your computer safe and secure on the Internet
The list of firewalls is rather incomplete and it's getting harder to find good free ones that are easy to use--Symantec bought out Sygate, which is my favorite, and killed it--so here is the most current list:Kerio Personal FirewallOutPost Firewall FreeJetico Personal FreeZoneAlarmUnderstanding and Using Firewalls
I just tested Jetico, but find it's not very user friendly. ZoneAlarm is, but can cause some problems that are hard to diagnose and resolve. But you definitely need a firewall on your system.
Free antivirus:AntivirAvast FreeAVG FreeBitdefender Free
If you decide to uninstall Total Access, I would also suggest getting Earthlink support on the phone to walk you thru it. I didn't have the opportunity to do an uninstall myself--my mobo went down so I had to re install windows, so I don't have that experience.
Let us know hat you decide and if you need any help with it or have any other questions.
And if you could do us a favor, I would like to get those firewall files into our startups database after we take a closer look.
Please create a folder called c:\submit
. Now copy the following files into that directory:
F:\PROGRAM FILES\EARTHL~2\PROTEC~1\EFWPPS~1.EXE <--Windows has abbreviated this long file name with a tilde (~), but the name beegins with EFWPPS. The folder names are also abbreviated in this way.
To copy the files simply navigate to the directory they are in and right click on the file name, and then click Copy
. Now go back to the c:\submit
folder. Right click the folder and select Paste
Once the files are all copied zip the folder and rename submit.zip to paulboc.zip
. If you are not sure how to send the files to a zip folder click the following link for a tutorial: How to create and extract a Zip File in Windows ME/XP/2003How to create and extract a ZIP File in Windows 95/98/2000
When the files are zipped click this link to go to the BC submisions page:http://www.bleepingcomputer.com/submit-malware.php
1. Fill in the required fields and then click the Browse
2. Navigate to paulboc.zip
and click the Send File
If you have any problems copying the files, boot into Safe Mode
and try again.