LS SteveJ

  • Content Count

  • Joined

  • Last visited

Everything posted by LS SteveJ

  1. Go to the Lavasoft Personal Firewall installation folder, open file preset.lst and add the following preset definitions: [Generic Host Process] VisibleState: 0 Exe: Generic Host Process, svchost.exe DefaultState: 1 RuleName: DHCP Service Protocol: UDP LocalPort: 68 RemotePort: 67 Direction: Inbound AllowIt DefaultState: 1 RuleName: DNS Service Protocol: UDP LocalPort: 53 AllowIt DefaultState: 1 RuleName: DNS Service Protocol: TCP LocalPort: 53 AllowIt DefaultState: 1 RuleName: HTTP connection Protocol: TCP RemotePort: 80 Direction: Outbound AllowIt DefaultState: 1 RuleName: HTTPS connection Protocol: TCP RemotePort: 443 Direction: Outbound AllowIt DefaultState: 1 RuleName: Time Synchronizer connection Protocol: UDP RemotePort: 123 AllowIt DefaultState: 1 RuleName: "SSDP Discovery Service" and "UPnP device Host" services Protocol: UDP RemotePort: 1900 AllowIt DefaultState: 1 RuleName: "SSDP Discovery Service" and "UPnP device Host" services Protocol: UDP LocalHost: LocalPort: 1900 AllowIt DefaultState: 1 RuleName: "SSDP Discovery Service" and "UPnP device Host" services Protocol: TCP RemotePort: 5000 AllowIt DefaultState: 1 RuleName: Microsoft Remote Desktop TCP connection Protocol: TCP RemotePort: 3389 AllowIt Save the file and restart Lavasoft Personal Firewall; Switch the Firewall to the Rules Wizard mode; As svchost requests any connection, and the Rules Wizard appears, click Create rules using preset and select Generic Host Process from the list. All required rules will be created automatically.
  2. Do as follows: * Start the main window * Click on the Options menu at the top * Select Policy * Select the appropriate mode * Click OK
  3. Yes, Windows Explorer is practically just another instance of Internet Explorer. We recommend you to allow this activity.
  4. I selected "Block intruder for 5 minutes" in the Attack Detection feature and the Firewall blocks a host on my LAN. How can I reestablish connection to the host? You can unblock the address by right-clicking the attack in the right pane and selecting Unblock on the shortcut menu.
  5. Mail servers (as well as IRC and FTP servers) traditionally try to get your identification when you send e-mail, so they attempt to connect to TCP port 113 on your PC. Lavasoft Personal Firewall blocks this request by default and does not let your computer reply. Most mail servers wait a few seconds for a possible response and only then allow you to send the e-mail. To eliminate this delay open the Options dialog and select the System tab. Click Rules under Global System and Rawsocket Rules and select Allow inbound identification. This solves the delay problem, however please note that your port 113 will not be in "stealth" mode to any scanning sites. To revert to stealth mode you should allow inbound identifications only to specific remote hosts that you connect to using FTP, SSH, SMTP and Telnet protocols.
  6. The main window is your central control panel of Lavasoft Personal Firewall. It is used to monitor the network operations of the computer and to modify the firewall settings. To display the Firewall main window: * On the Start menu click Programs; * Click Lavasoft and then Lavasoft Personal Firewall; * Double-click Lavasoft Personal Firewall icon in the system tray.
  7. Yes, but we do not recommend it. The Lavasoft Personal Firewall was designed specifically to run on user workstations connected to a LAN (Local Area Network) or the Internet. Lavasoft Personal Firewall does not have several important features that a server firewall must have. All presets are configured for workstations while a server firewall would have very different application blocking settings. If you install the Firewall on a server with the default settings, much of the useful traffic to or from your server will be blocked by default.
  8. Do as follows: * Open Windows Control Panel. * Open System, select Advanced tab, then select Environment variables. * Look at the "TMP" folder name in the User variable field. * Check if this folder is present on your hard drive. * If it is absent, then create it. If the folder is present and you still get this error, please contact Lavasoft Support.
  9. If you are certain that the port is really open and the port scanning site has determined your correct IP address (contact us for information about how you can detect whether a port is open or closed), please follow these instructions to close the port: * Make sure the Firewall is not running in Disabled or Allow Most mode. * Open the Firewall main window and select View > Layout. Make sure that Open Ports is selected. Press OK. * Select View > Advanced and select the Number option in Display port as. * Expand the Open Ports category in the left pane to display the applications that are listed there. * Follow down the Local Port column of the right pane and search for the port number you want to close, for example "XYZ". * Right-click the line and select Create Rule on the shortcut menu to create the rule for the application that 'owns' the port (the one in the Process Name column on the same line). Lavasoft Personal Firewall fills in all the required data automatically; you only need to specify the connection direction and the action to be performed once the rule is triggered. * In the Rule description field click on the Undefined keyword next to Where the direction is and specify the Inbound connection direction. * Finally, in the Select Actions with which the rule will respond field, select Block it (and optionally Report it). * Name the rule appropriately (in the Rule name field) and click OK to save it. * You should now see the new rule in the list of the application rules (Options > Application, double-click the application in the list). IMPORTANT: If there are other rules for the same application, select the rule you have created and click the Move Up button until the rule appears at the top of the list. Click OK and then Apply. * Try to see whether the port scanner can now detect the port. Note: Having a port open does not mean that it should always be blocked. If you are operating a web/ftp server for public usage Having a port open does not mean that it should always be blocked. If you are operating a web/ftp server for public usage for example, a port scanner will detect these ports as open. You must not close these ports because users will not be able to "see" your web/ftp server.
  10. If you wish to run the Firewall in hidden mode (invisible to the user) perform the following actions: * Click Options on the toolbar. * Select Background in the Start-Up area of the General tab. * If you use the Rules Wizard policy, then select the Policy tab and specify the Background mode policy that Lavasoft Personal Firewall should apply when it runs in background mode. By default the Block most policy is used. * Reboot your computer. After the reboot Lavasoft Personal Firewall will run without the GUI.
  11. As such, Lavasoft Personal Firewall does not protect against spyware. However, if you bought your copy of the firewall bundled with the Lavasoft Ad-Aware SE antispyware, or if you already had Ad-Aware installed on your computer, you can start Ad-Aware from the Lavasoft Personal Firewall main menu. Next, scan your PC for spyware and unwanted adware, then remove whatever you wish to remove from the detected content. Lavasoft Personal Firewall does not detect or remove computer viruses. For that, you need a dedicated antivirus program. Lavasoft Personal Firewall does not detect rootkits as well. The primary purpose of a firewall is to control how your computer communicates with the Internet. Although the Lavasoft Personal Firewall does not remove viruses or spyware, it can be used to block them from communicating with the Internet. This works by using something called Application Control. You decide which applications are allowed to access the Internet and which are not. If an unknown application attempts to connect to the Internet, then the firewall will inform you, and you may take the appropriate action. The firewall can also prevent malicious software from entering the system by blocking open communication ports. Some viruses/worms will use open ports to infect your system, but the firewall will stop this from happening by blocking these ports.
  12. On some systems, you may receive this message when attempting to use the "?" in the Lavasoft Personal Firewall. If this occurs, do the following to correct the display issue: 1. Click START. 2. Click RUN. 3. Next, copy and past the following command: regsvr32 C:\WINDOWS\system32\itss.dll 4. Click OK. After clicking OK, the following message should appear: DllRegisterServer in C:\WINDOWS\system32\itss.dll succeeded 5. Reboot your computer.
  13. dmichael. The Language Editor Plugin is what you are looking for. You can download this at Install it, and then run ad-aware (you will find it in the add-ons) When you run it, create a new file and save it as "greek" Then you can do all your translations (the display screens are in the folders on the left, and inside each folder are all the captions) (This will take you some time of course) When you are finished, go into Settings -> Interface, and then choose your language file from the list of languages. good luck!
  14. Hello heretic, Ad-Aware is simply alerting you to the fact that the default values for these registry keys have been changed. This is potentially, but not always a security risk, as malwares may use these keys for malicious purposes. As it stands now, the modifications I see in your registry are safe, and you may ignore them (add to ignore list)... they have most probably have been changed by another security application on your computer. Thanks //STeve
  15. Hello Grubbymitts. Please post an ad-aware scan log so we may take a look at what is being detected here. Usually, this is a partial detection on a URL which we need to modify in our URL blacklist. Thanks //Steve
  16. Hello Ggc, Welcome to the support forums. To answer your questions. 1. It is entirely up to you whether or not you delete the items that come up as spyware. When you select the items and click next, they will be quarantined / deleted. However, if you are unsure about these "critical items", you should ask in the forum before deleting something. Some users are prepared to accept the risk level of certain objects, such as the ones bundled with Kazaa. This is something you have to decide by yourself or ask in the forums. 2. You can choose to delete or quarantine. Putting things in quarantine can be good if you wish to later restore them. It can also protect against inadvertently removing something that is important to a software on your system, as you can easily restore it from quarantine. 3. Quarantined items are not entirely deleted (but they will not be active). They are saved in a special file on your hard drive, should you wish to restore them.
  17. Hello. This was a false positive detection on the Win32 python libraries. However, this should be corrected with the latest release. Please perform a webupdate, and a system scan again. If you are still having problems, let us know... Thanks //Steve
  18. Hello. This is something that we are aware of, and is being dealt with between Lavasoft and NoAdware. Thanks for the reports //Steve
  19. Hello. This is most likely caused by the use of an older version of oleaut32.dll which can be fixed by upgrading the DCOM libraries on the system This article explains in detail the problem you are encountering. Let us know how you get on! Thanks //Steve
  20. Rodney. Do you have the paid version or the free version? The paid version will require you to have your registration details at hand so that you may retrieve your copy. Thanks //Steve
  21. Hello Casey Please try running the beta version of our Virtumonde remover to see if this remedies the problem. Remember, this is beta software, so please use at your own risk.... Thanks //Steve
  22. Hello BobG.... are you sure it is definately Ad-Aware from Lavasoft that is popping up? Please make a screenshot if you can, and post it here.... thanks //Steve
  23. Alex. Compared to some of the spywares that are floating around there these days, Tracking Cookies arent exactly the biggest fish in the pond., but they can still be used to track your internet usage using non-personal data, building up a an anonymous online profile. However, should one of the sites that you do give your personal data to decide to trade away that information to third-parties (something which can be authorized unintentionally if not reading the sites Privacy Policy or by receiving a confusing one), then your personal data can actually be connnected to the online profile aswell. Suddenly sites know who you are, what sites you have visited (if those sites are a part of their tracking-cookie network).. The best example I can give you for tracking-cookies is Doubleclick. They place cookies on many sites (placing cookies on other sites than their own = "third party cookies" ) and this enables them to track your activity across these sites. The cookies will usually be received through pop-up banner ads or other means when you visit a site. After you have visited enough sites with Doubleclick cookies, their database will have build up a profile of you and the banner ads will start to display targeted advertising. I read a quote somewhere one time that was a very good analogy to this whole process. It was something like "You are walking through a shopping mall, and without knowing who you are, each shop places a sign on your back, so that the next shop may see where you have just been" It is also important to note though, that Cookies themselves are actually quite a useful invention, and are used for many legitimate purposes. Counting visitors to your website, keeping website preferences, shopping carts etc - however these cookies usually only exist on the publisher's site and therefore constitute no risk to a user's privacy. When Lavasoft add a tracking cookie to its database, we do it because that particular cookie has been indentified as being a potential risk. We do not add cookies for sites like for example, as these are not third party tracking cookies. You basically have to decide. Do I want to take the risk of sending anonymous information that could be used to violate my privacy and I dont mind some targeted advertising? or do I want to be as safe as I can be, and make sure that no-one could ever connect me to this profile? Personally, I would be very cautious... if you decide to accept the risk, be very very careful when you intentionally give away personal information.. as it may state in the EULA or Privacy Policy of the site, that they distribute your personal details to third party sites. If this is the case, then suddenly your anonymous profile is not so anonymous... Hope this made it all clear Thanks //Steve
  24. Marc.. Are you checking the checkbox next to the object, and then right-clicking to add it... or just right clicking? To correctly add something to the ignore list, you must select the checkbox first, then right click before adding it...
  25. Superc. The DNS servers do not seem to have come into sync yet. We have recently moved our main website to a new server, and some of the domains do not seemed to have synced yet. The new site is hosted on, and there you can find the latest info. We will investigate why has not changed. Thanks for reporting this... //Steve