What is your security setup these days?

See my original post.

Any suggestions or solutions to this problem?

Any help would be greatly appreciated.

 

any specific reason why you are still using NIS 2004

 

But Samurai isn't really a HIPS its just hardening tool which changes registry settings.

 

Do NOT apply the following options:

Those options will install (drop) something on your PC.
Which is flagged as High Risk and Medium Risk malware by Prevx.
Even if those files were false positives. It is outdated and useless and might as well pose other problems.


I have Comodo Time Machine and enabling just one of those 3 settings mentioned above gave me BSODs
so I got curious and installed Prevx which has good heuristics and I found out about the malware

by the way those 3 settings are providing Samurai its HIPS functionality
the rest of the settings are for system hardening by modifying registry keys, policies and restriction settings. This is good

 

yes it is cool just testing for the heck of it

 

I'm keepin' it

 

http://www.turbotramp.fre3.com/

 

Desktop #1
Windows 7 Ultimate, 32 bit-
Realtime-
Avast 5.0 free, Prevx paid, SpywareBlaster
Windows firewall

On demand-
MBAM, Hitman Pro

Desktop #2
XP Home, 32 bit
Realtime-
Twister Antivirustrojan, SpywareBlaster
Windows firewall
On demand-
MBAM, Hitman Pro


Laptop-
Vista Basic, 32 bit
Realtime-
Avast 5.0 free, MBAM Paid, SpywareBlaster
Windows firewall

On Demand-
Hitman Pro

 

Installed Quichkheal 2010 just for fun

 

Removed Avast! 5 Free.. Using CIS 4.1 now Defense+ and Sandbox disabled..

about 10 infected files came in my pc.. its weird that Avast! 5 never detected it.. which was initially detected by Prevx..

Had to use both MBAM and SAS to remove them..

I want to try out and see how would the Comodo AV work
Seems that heuristics are set to low should I leave it that way?

 

Oh yes. Leave it at low. I made the mistake of setting it to high. After I tried to install something. Even though I set it as an installer, the AV still had every dll, I mean every as a infection. Other than that, if you leave it at low it still works great. I would recommend using D+ and the sandbox. It really does work like a symphony. It works alot better when everything is enabled.

 

I guess I need time to get used to them then ..

 

Windows XP Pro SP3 Penta(5) Layer Execution Prevention setup.

1. Data Execution Prevention for All Programs
2. Limited User Account
3. Software Restriction Policy
4. Deny via Access Control List
5. Returnil Virtual System's Trust Programs from Real Disk Only

• Prevx SafeOnline FREE
• NAT Router Firewall
• Windows XP Firewall

 

I just disinfected my buddy's computer, was running Avast! 5 and had 24 infections on it also had to use both MalwareBytes and SuperAntiSpyware to clean the PC.

Hope your testing with Comodo Antivirus goes well mate, I tried it back in v3 and it seemed a bit buggy. Let us know how it goes

 

using avast internet security 5

 

Everything at its latest and greatest version.

Shared Network:
Linksys Router with SP1 Firewall
OpenDNS Free (Phishing and "Basic Malware/Botnet" protection enabled)

Real-time Protection:
Avast Home (Shields: File System + Web + Network + Behaviour) [Password Protected]
Comodo Internet Security Premium (Firewall+HIPS+Sandbox) [Password Protected]

System (Windows 7 Pro 64-bit):
No-prompt UAC, SEHOP enabled
Disallowed-by-default Software Restriction Policy
Disabled Windows Firewall, Windows Defender, Internet Explorer, and Autorun/Autoplay
Everything else (security-wise) on default

Firefox (Main Browser):
Adblock Plus (Malware Domains subscription)
LastPass (secure connection)
LinkExtend (checks website and google searches with multiple databases)
NoScript (whitelisting)
SandBoxie Free (+ DropRights and Internet Access Restrictions)

Opera (Work Browser):
Limited rights
Urlfilter.ini (http://my.opera.com/Tamil/blog/ad-block)
LastPass bookmarklets

On-demand Scanning:
Comodo AV
Malwarebytes' Anti-malware
Hitman Pro
Sophos Anti-Rootkit
SUPERAntispyware

Analyzers:
Anubis (http://anubis.iseclab.org/)
EULAlyzer Personal
HiJackThis (+ http://www.hijackthis.de/)
VirusTotalUploader
WinPatrol Free

Updates:
RSS Feeds - Freeware Guide, FileHippo.com, Freeware Files, MajorGeeks.
KC Softwares SUMo

Others:
Paragon Backup & Recovery Free
TrueCrypt (+ Hide in Picture)
VMware Player


Also got Ubuntu Netbook with Noscript and WOT.
It's being updated regularly. Sudo only, no root.

 

OA++
MBAM (Real-time)
Zemana
Returnil lux

 

Slightly modified my setup. I've removed MSE and installed MBAM to scan any files I think are suspect. I feel quite liberated running no real-time AV.

 

for now it is PE Guard v2.1

 

Zemana running great on this setup!!

 

Vista Ultimate32 SP2 (UAC on, WD off)

Look'n'Stop Firewall
Avira Premium10 (ProActiv off, Web and Mail Guard off)

Sandboxie
Shadow Defender
ShadowProtect Desktop

Google Chrome + Ad Muncher

 

You Sandbox Chrome with SBIE?

 

It is the main reason I'm using Sandboxie. Did you have any problems with it?

 

If you actually bothered to configure Sandboxie you would see why.

 

OA++
MBAM
Zemana