Zone Alarm Pro (but a general rant too)

Started by sinsi, May 11, 2010, 12:27:32 PM

Previous topic - Next topic

sinsi

Just had to clean up a computer with the paid version of zone alarm installed - anti-virus, anti-spyware as well as the firewall.
The computer is a laptop, turion at 800, with a gig of ram running xp home sp2 (because apparently sp3 stopped the internet).
It was running like a dog, went to system information and looked at the loaded modules.
Three-quarters of the dlls loaded were zone alarm, 3x more than the windows dlls.

Now the laptop is a lot faster (went from 52 processes to 21 by uninstalling crap (hear me google?)).
Uninstalling zone alarm first made the never-ending uninstalling of everything else so much quicker (been there, done that)

Next step is to put on the microsoft one and scan. This is one move by microsoft that I agree with, get rid of the proliferation of AV companies :bdg

Light travels faster than sound, that's why some people seem bright until you hear them.

dedndave

it's not just all the crap they have to run to hook the system
they are continually downloading updated databases
at the end of the day - they don't stop anything
a waste of time and money (and internet bandwidth)
the MS one won't be much different - although, it may not be such a resource hog (they have it dialed in better - lol)
the best AV is no AV and make a disk image that can be quickly restored
oh - and make a backup copy of the clean MBR so you can restore that, as well

sinsi

I run a copy of win2000 in a virtual machine (virtualpc) and just revert to the previous snapshot when I'm finished.
That's for porn (heh) and questionable sites, I still do internet banking via my normal xp home and ie8 with no av, since I am lazy (and not rich).
My computer is a gaming machine, don't need some steenking av slowing it down.

Anyway, the ms scan so far has found a couple of reg keys and a dll or eight that zone alarm must have missed  :lol
Light travels faster than sound, that's why some people seem bright until you hear them.

dedndave

i don't think zone alarm tries to claim to be an AV - more of a firewall
they are useless as tits on a bore hog also - lol
the problem is - anything the firewalls/AVs do - the virus authors find a work-around for it
it's like watching a game of championship Pong - lol

sinsi

Zone Alarm Pro TM is anti-virus and anti-spyware as well as the free firewall! It has anti-phishing as well!! They make money from it!!!

Firewalls went out when everyone went from dial-up (direct IP address) to using a router (private IP address).
Funny how even the free version of za bloated up.
Light travels faster than sound, that's why some people seem bright until you hear them.

MichaelW

Zone Alarm was a good product for the first few years of its life. I started using the free version after I learned the hard way that a firewall was a necessity even for a dialup. I eventually moved to the paid version, but it soon became apparent that the developers/marketers didn't know where enough ended and too much started.
eschew obfuscation

hutch--

NAT in routers knackered a lot of the stuff that was around 10 years ago. On IRC you could not survive without a manually configurable firewall, my favourite was Conseal PC Firewall and no-one ever got through it although many tried on IRC. ZoneAlarm was a lemon even back then alongside a real firewall, it was aimed at the idiot fringe, auto protection from a range of known internet hacks in the dialup days.

For me last night's effort with the TDSS rootkit made the point in that nothing detected it and while I knackered it spreading or downloading more junk, it did enough damage to warrant a disk image overwrite. I think Dave's approach would have been worthwhile but I did not know enough about what it was. AV scanners are becoming less and less effective over time and I think its the wrong approach as it generates more problems than its worth and it does not provide the protection it claims.

I am still basically of the view that you secure a machine as best you can, don't develop bad habits and have a disk image ready if it gets damaged. I think it was Kaspersky that had a toy around a while ago where you set the permissions on what could access the internet and simply block the rest, I know people who have used it and it apparently works well.

As Sinsi said, a VM is another good way to live dangerously then just shut it down and overwrite the VHD file. Much the same effect as whacking the real machine with a disk image but with less hassle.  :bg
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php

BlackVortex

Quote from: hutch-- on May 11, 2010, 02:50:46 PM
As Sinsi said, a VM is another good way to live dangerously then just shut it down and overwrite the VHD file. Much the same effect as whacking the real machine with a disk image but with less hassle.  :bg
Oh, man, there is the snapshot functionality for that, you don't have to overwrite the virtual disk image file.   :bg
(mainly talking about Virtualbox here)

You can also use the Returnil package to virtualize changes to the real machine and avoid using a VM, it's fool-proof.