And I still got nailed.

ah good that all it's ok

 

Blue screen doesn't equal panic. It's just an annoying pain in the butt.

 

OK so Shadow Protect blocked it like it should have and Returnil would have as well if you had that running.

Avira and PC Tools Firewall I am not surprised that it bypassed these.

But what I do find a bit surprising is that it some how bypassed Both defense wall and Mamutu on Paranoid mode. you must have done something wrong for this to have happened.

 

Is it normal to have that many anti-malware apps running at the same time?

Wouldn't you suffer from compatibility or security issues caused by this scenario?

It just seems crazy to load all this, when you can take the time to use the various access control mechanisms to prevent malware from running in the first place. (Its all built-in to Windows, and doesn't cost you money or system performance; compared to loading your system up with anti-malware apps.)

 

It bypassed Avira because it was most likely a system/driver/conflict, not a virus.

But if it were a virus, Avira's the best there is at the moment, so if it gets past Avira, then you could say it'd get past most other security products.

 

Fellow aussie, we all have different internet-related behaviours, but I agree, sticking to the bare essentials, or a non-admin account, might not mean you're 100 per cent bulletproof, but at least your system has some zip/speed to it.

 

Is this true? No rootkits on XP64 or Vista64?

 

Vista64 doesn't allow unsigned kernel drivers. You can hide malware in 64 with virtualization but that's another story.

 

Yes Saraceno: Avira Rocks!

Hugger, your wheel rescue: GMER with all settings enabled; look here: https://www.wilderssecurity.com/showthread.php?t=233560&highlight=gmer

Grab it, I'll pass wheel rescue.

PROROOTECT

 

Then disable virt.

Since nt 6.x no more usual ring0 rootkits. Only ring3 and specific malware, likely ring -1 too (but you should be able to disable this vector) and ring1 if you access to internet with a infested vm os, naturally all commercial spy/malware but in that case someone has or you have to access your system to manually install it. We don´t talk about exploits, thats another story. Keep in mind that you should disable Ipv6 and stay with Ipv4 for security reasons to prevent sniffer evasion.

 

No it should not have. ShadowProtect is a backup/restore program.

 

Defensewall 2.49 is out with major update fixed

 

Because of what someone else said earlier, I did some more checking into what fssfltr_tdi.sys is.
My statement about it being a rootkit came from info given me on a different forum that deals more with os problems.
However, I think that what really happened is what I referred to earlier.
A problem with an update to Windows Live Messenger. The update was not successful.

Do I have too much protection running. Perhaps. But I have far less than many others. Some of my programs are on demand and not always running.
Thanks all for trying to help.
Hugger

 

Some of those running as on-demand is certainly a qualifier for having that number of programs. Also if they are not conflicting with one another, nor slowing down your machine or causing the bsod either directly or indirectly, then by all means it should be no problem. Sorry if I seemed blunt; I just saw the potential in that security setup to possibly cause system instability.

 

Nothing was bypassed,it was a signed MS file.

 

Effectively so outside of some of the more imaginative black-hat conference musings

 

Everything can be undermined.

 

That's What She Said....

 

Personally I think the easiest route would be to either run with some sort of LUA scheme, or go with Sandboxie for your surfing habits. All the security programs running will then compliment the main security, rather than trying to be the main security. Restricting or virtualizing are IMO the better security tool, leaving these 3rd party apps for 'just in case' events.

Sul.

 

agree

 

Love the Avatar jmonge

 

Oh, he is just copying Aigle.

 

It took me just over an hour to think of and create that avatar in PhotoFiltre. I'm flattered that someone else has decided it's good enough to use but I do feel that the credit is being directed, shall we say, towards the wrong person!!!

muf

 

hey nice avatar buddy i copy from your avatar

 

Love the avatar muf