Secure

Page 1 of 3 123 LastLast

  1. Posts : 84
    Windows 7
       #1

    Secure


    Hi,

    Is anyone able to help me, take a look at my configurations please. system services as well as comodo firewall set rules? Reason I'm asking is because I think theres a security flaw which i hope you may be able to help me with.

    For those able to help, could you please advise me meaning how to upload my sys config file, comodo config file and anything else you may need.

    I'm running W7, no file sharing as far as I know, stand alone system, wired up to a modem, with one firewall running which is comodo, its set to basically be invisible but I don't think it is.
      My Computer


  2. whs
    Posts : 26,210
    Vista, Windows7, Mint Mate, Zorin, Windows 8
       #2

    I can't find anything in your configuration that hints to a "security flaw". What makes you believe that there is a problem?
      My Computer

  3.    #3

    It's probably not a security flaw, but if you want to upload the system config file and the comodo config file, you'll have to use winzip or 7zip to create a zip file, then upload using the paperclip icon.
    I use the Comodo firewall too, but I think for some reason Microsoft doesn't like Comodo because I get a lot of alerts for normal internal connections in my computers that wouldn't happen if Comodo and Microsoft had even the slightest collaboration. The latest version of comodo is constantly connected to the internet, to check running processes against a list of malware. A lot of the firewall and defense plus alerts are for legitimate system services. Comodo does lock down all connections when you select block all.. I've verified that using port scans from another computer I have at home.
      My Computer


  4. Posts : 84
    Windows 7
    Thread Starter
       #4

    I think the attached zipped file below has my system services configurations in it. I exported list in windows services if that correct, I've tried to disable everything that could lead to a possible hack. could you please have a look at it and let me know if anything else should be disabled for increased security.

    again i have no wireless, no router, no file sharing or network sharing. its a stand alone system wired up to a modem (Virgin Media)
    Secure Attached Files
      My Computer

  5.    #5

    The best way to further secure your system would be to disconnect from the internet whenever you're not actively surfing the web, and turn the computer off completely when you walk away. The comodo defense plus has a good feature as well, just set it to block all unknown requests when the application is closed, whenever you're not using the internet
      My Computer


  6. Posts : 84
    Windows 7
    Thread Starter
       #6

    thats currently disabled, not ticked as I don't know whether or not that will mess up anything while I'm using the net. Should I enable it and leave it enabled?

    Also would you be able to look at my comodo configurations if I uploaded the *.cfgx file or will you find it hard with you having to import it into your own comodo which may mess up your system? If you do wish for me to upload the file, I have the following...

    COMODO - Internet Security
    COMODO - Proactive Security ACTIVE
    COMODO - Firewall Security

    Will you only need the ACTIVE proactive file or should I upload all?

    Also regarding the system services log file above, is that ok?



    -------------------------------------------------------------------



    heres my hijack this report if its any use,

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 06:38:22, on 02/10/2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\SOUNDMAN.EXE
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Windows\system32\taskmgr.exe
    C:\Program Files\Opera\opera.exe
    C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
    C:\Program Files\Java\jre6\bin\java.exe
    C:\Windows\system32\conhost.exe
    C:\Users\mh\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O15 - Trusted Zone: http://asia.msi.com.tw
    O15 - Trusted Zone: http://global.msi.com.tw
    O15 - Trusted Zone: http://www.msi.com.tw
    O15 - ESC Trusted Zone: http://*.update.microsoft.com
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O20 - AppInit_DLLs:
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\Windows\System32\ati2sgag.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 5780 bytes
      My Computer

  7.    #7

    I can read it without applying it to my system.. but I've found the default firewall security setting to be adequate. also don't apply the "block all unknown requests" option unless you've ran your current software configuration with comodo set to training mode for about a week, and run every installed program at least once
      My Computer


  8. Posts : 84
    Windows 7
    Thread Starter
       #8

    files are attached, as said above the proactive security file is the one which is marked active in my configurations.

    please advise
    Secure Attached Files
      My Computer

  9.    #9

    Looks ok to me.. only thing I would suggest, make sure the following folders are given exceptions program files/eset, program files/common files/eset, users/appdata/local/eset, users/appdata/roaming/eset and so on. Defense plus doesn't play nice with other antivirus apps. Also, if you haven't already done so, disable autoplay.. which is one of the biggest security flaws in windows
      My Computer


  10. Posts : 84
    Windows 7
    Thread Starter
       #10

    how do I disable autoplay, is it in windows services?
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:10.
Find Us