With new software that came out from other companies than the traditional recoomended regdefend\processguard combination of the past, what other combinations of software are you all using so there wont be a big overlap. I mean like do you need processguard if you have online armor or do you need prevx software as extra defense to processguard\regedefend when you are also running lets say online armor. I just want to know what sofware security software you are using and how they work together.

Examples:
Kaspersky, Nod32, Ewido, Boclean, TrojanHunter, A-squared, Unhackme, Anti-Keylogger, SnoopFree, Zonealarm, Outpost, Looknstop, Prevx Home, Prevx Pro, Prevx1, ProcessGuard, Regdefend, Antihook, Safe'n'Sec, Online Armor, Counterspy, Spysweeper, Microsoft Antispyware, Spyware Doctor, Winpatrol, Regrun, SafeXP, Samurai, Harden-it, Secure-it etc.

dja2k

Real-time protection applications I am having are:
NOD32 (far best AV with AT), SpywareBlaster (not a real-time application but places kill-bits instead), WinPatrol Pro, Prevx Home, ZoneAlarm Pro, ProcessGuard Full. I also have had SpywareGuard but I removed it since foregoing apps do the same plus more. All the mentioned co-exist well.

I am keeping an eye out for Prevx1 and Online Armor but I think the both need to be yet honed to gain my confidence, especially Prevx1. But their direction looks good and I reckon such kind of protection has a future.

Regards,
Precious

I use the following:

Antivir PE
MSAS
Spyware Blaster
PrevX Home
Sandboxie
Win XP SP2 Firewall

I also do an occasional Kaspersky online scan, ewido free scan, spybot scan and adaware scan. Also, I clean up my registry and junk files with Ace Utilities.

Somewhere between 2005.10.18 and 2005.12.31 my security setup will be :
1. ZoneAlarm Free
2. ShadowUser
That's all.

Of course, I will install/run/un-install occasionally the freewares and trial versions of the best scanners to verify how good or bad my security setup is doing during the year 2006. I did the same thing to verify my discipline on the internet in 2005 and that was quite successfull too, but also very boring.
I want my freedom back on the internet and without too many security softwares.

Consider it as an experiment. I have to know for sure if this security setup is possible or not and not only for myself.
Guesses, opinions, discussions, lack of real proof, ... are just not good enough for me and keep in mind that the traditional security softwares have also their own serious/increasing problems.

Let's see how good SU really is in practice, because I do NOT trust SU either, but I have nothing else with the very same unique advantages.

I am running the following right now as Active after playing around with several combinations. I might have a lot of security, but this past week, they didn't protect me against some CoolWebSearch stuff that got passed them, don't know how though.

KAV Pro 5.0.390 (Extended Database)
Look 'n' Stop 2.05p2 (Phantom Rules)
Script Sentry 2.7.1 (All Enabled)
Regdefend 2.001 (Full)
ProcessGuard 3.150 (Full)
RegRun Gold 4.10 (Ultra High Level)
Prevx1 (Trial Ends 01-18-05l)
Online Armor 1.1 (Full)
SpywareBlaster (All Active + Custom File)
Spybot Search & Destroy (Immunized)
SafeXP
Harden-IT (Best Config)
Samurai (Medium\High Security)
Sandboxie (Using with Firefox)
Firefox 1.0.7 (NoScript+Adblock)
MVPS Host File + Host Toggle
IE-SPYAD

-{ Quote: "I am running the following right now as Active after playing around with several combinations. I might have a lot of security, but this past week, they didn't protect me against some CoolWebSearch stuff that got passed them, don't know how though.
" }-

False positive i think. If it's real, you have some serious problems that cannot be solved merely by piling up security software.

dja2k,
A CWS-infection with that kind of security setup ? That's impossible.
Firefox prevents any CWS-infection, look at the Mozilla website.
Firefox in Sandboxie is a double protection against any CWS-infection.
Unless it's a new genetic mutation of CWS of course. ;D

I know ! But it tends to happen that sometimes I forget to run firefox with sandboxie on, though that is rarely. I do think they are false positives because sometimes xoftspy finds them sometimes it doesn't, sometimes cwshredder finds them, sometimes not. So I don't really know what they were and how they got in my system. I did start seeing a wierd behavior of ProcessGuard , which I posted here in the forums, but that is another story.

dja2k

-{ Quote: "I know ! But it tends to happen that sometimes I forget to run firefox with sandboxie on, though that is rarely. I do think they are false positives because sometimes xoftspy finds them sometimes it doesn't, sometimes cwshredder finds them, sometimes not. So I don't really know what they were and how they got in my system. I did start seeing a wierd behavior of ProcessGuard , which I posted here in the forums, but that is another story.

dja2k" }-
XoftSpy can NOT be trusted and has too many false positives.
I had also a bad experience with XoftSpy. Get rid of it.
The rest remains a mystery of course.

EDIT:
XoftSpy was once listed as rogue AS software, not anymore, but once a thief always a thief.

I wouldn't trust XoftSpy either. Even if it's not rogue, I don't see it as being as reliable as the big hitters. I certianly wouldn't trust it over them. If, however, you really do have a CWS infection, it could also very well be that it's an old infection that was never completely cleaned.

Windows XP Home SP2 (automatic updates set to prompt)
Linksys Router RT31P2 (hardware firewall)
Outpost Pro Firewall 3.0.543.5722 (431) (software firewall)

Kaspersky Anti-Virus Personal 5.0.390 (Extended Database enabled)
UnHackMe 2.5 (anti-rootkit)

DiamondCS ProcessGuard 3.150
DiamondCS WormGuard 3
RegDefend 2.001 (with custom Ghost Files from Kent and Tony Klein)
WinPatrol 9.7.4.0

SpyBot Search & Destroy 1.4 (Immunize enabled)
SpywareBlaster 3.4 (and Custom Blocking List: http://koti.mbnet.fi/pattaya1/swb3.htm 10/14/05)
MVPS Hosts File (10/10/05)(Hosts File Manager Version 1.0.1.2 & HostsMan 1.2)
IE-SPYAD (10/12/05)

FraudEliminator 2.3 anti-phishing toolbar (for IE6)
CoreStreet Spoofstick 1.05 (Mozilla Firefox anti-phishing toolbar)
C/Cleaner 1.24.180
MRU-Blaster 1.5

Resident Scanners
Ad-Aware SE Personal 1.06
Kephyr Bazooka 1.13.03
InterMute CWShredder Version 2.16
F-Secure Blacklight Rootkit Elimination 2.1.1019
HijackThis 1.99.1
DllCompare
Mischel TrojanHunter 4.2
A-squared scanner 1.6

Online Scanners
CounterSpy spyware scan
Ewido malware scan
Help2Go Detective, HijackThis log file analysis, HJT log analyzer (HijackThis Analyzers)
InterMute (Trend Micro) anti-spyware for the web
Jotti's malware scan
McAfee online virus scan
Trend Micro Housecall online virus scan
Webroot Spy Audit
X-Clean Micro (XBlock.com) spyware scanning
Zone Labs online spyware detector

-{ Quote: "

RegDefend 2.001 (with custom Ghost Files from Kent and Tony Klein)

" }-

About RegDefend 2.001 and extra ghost files from Kent and Tony - DIdn't they say most of those are already included in the RegDefend 2.001 and that there were problems adding them to RegDefend 2.001 with something to do with the wild card and were awaiting new files from both Kent and Tony?

dja2k

-{ Quote: "About RegDefend 2.001 and extra ghost files from Kent and Tony - DIdn't they say most of those are already included in the RegDefend 2.001 and that there were problems adding them to RegDefend 2.001 with something to do with the wild card and were awaiting new files from both Kent and Tony?

dja2k" }-

Yes - Most (but not all) are included in 2.001. I have these in order (following the standard files that are included) so it will search the standard files first. I have had no problem thus far. One person has edited to exclude the duplicates. See:
http://www.wilderssecurity.com/showpost.php?p=586080&postcount=6

Thanks for the regdefend info.

Anyways, is it safe to turn off Execution Protection in ProcessGuard since Online Armor and Prevx1 protect that section? Since that Execution Protection is off, I wont see a list under the security tab right?

dja2k

-{ Quote: "Thanks for the regdefend info.

Anyways, is it safe to turn off Execution Protection in ProcessGuard since Online Armor and Prevx1 protect that section? Since that Execution Protection is off, I wont see a list under the security tab right?

dja2k" }-

Do not know. Tried Prevx (free) before ProcessGuard and dumped it. Prevx slowed my system too much. I like the combination of ProcessGuard, Regdefend amd WormGuard because they are light on resources. I consider my main defense to be Kaspersky AV and Outpost. Also my block lists that consist of SpyBot S&D (immunize), Spywareblaster, Hosts File and IE-SPYAD. The other security would react if something got on my system and tried to run.

Does anyone know if ShadowUser Pro 2.5 works good with the software list I posted above. I have a paid version of it and used it for a while , then gave up on it because of all these changes I was doing to my system. Since I just did a clean install of everything, including windows, security programs, and hardening , now ShadowUser would be great to use again.

dja2k

In theory you don't need all these protection softwares, because ShadowUser protects your harddisk from any threat, even the NEW ones.
BUT when you like to keep those other security softwares, no problem.
I don't know why you are changing your harddisk all the time.
If these changes are related to improve your security, then you don't need those changes when you use SU.

I'm planning to use "Firewall and ShadowUser" as protection and nothing else.
Of course I don't change my harddisk all the time and I only use softwares, when I really need them and those softwares are reliable.

I like to TRY other (unreliable) softwares without any risks.
I like to SURF on the internet and visit ANY website without any risks.
ShadowUser makes that possible and that's enough for me.
It seems to me that you don't understand what kind of freedom ShadowUser offers on the internet.
Do you know any security software that offers the same freedom and protection ? I don't. :)

Dja2k,
In theory you don't need all these protection softwares, because ShadowUser protects your harddisk from any threat, even the NEW ones.
BUT when you like to keep those other security softwares, no problem.
I don't know why you are changing your harddisk all the time.
If these changes are related to improve your security, then you don't need those changes when you use SU.

I'm planning to use "Firewall and ShadowUser" as protection and nothing else.
Of course I don't change my harddisk all the time and I only use softwares, when I really need them and those softwares are reliable.

I like to TRY other (unreliable) softwares without any risks.
I like to SURF on the internet and visit ANY website without any risks.
ShadowUser makes that possible and that's enough for me.
It seems to me that you don't understand what kind of freedom ShadowUser offers on the internet.
Do you know any security software that offers the same freedom and protection ? I don't. :)

You can say that again.

Well you can say that again, but with this in mind. I said I had shadow user before I did a clean install of windows. I haven't added it yet! And yes I know what the software does, if not I wouldn't have purchased it. Basically I can screw up the hell out of windows and restart it and it will be back to normal if I don't commit on any changes. Furthermore I know that Deep Freeze is similar in theory, but Shadow User has more ways to include and exclude files or something like that, never used Deep Freeze. But thanks for the reply, I too would just want to use that, a firewall, and something to hide my IP, that would really make me a shadow wouldn't you think.

dja2k

Dja2k,
OK. If you fully understand the possibilities of ShadowUser, we don't have any problem.
I would use a Firewall and ShadowUser only and use all your other security softwares to check how good (or bad) SU really is.
That's IMO a very interesting experiment and we know all about the traditional softwares, but not much about SU.

I have read that DeepFreeze doesn't work with a virtual environment and I didn't read much about DeepFreeze either. So I can't compare both.

Cheers.

-{ Quote: "

I like to TRY other (unreliable) softwares without any risks.
I like to SURF on the internet and visit ANY website without any risks.
ShadowUser makes that possible and that's enough for me.
It seems to me that you don't understand what kind of freedom ShadowUser offers on the internet.
Do you know any security software that offers the same freedom and protection ? I don't. :)" }-

Only one and that is Raxco's First Defense - ISR. Basically it offers the same kind of protection that SU does. Just for me has certain advantages, and now also can act as an additional backup.

Pete

Any one of you still use RegRun Gold ? If so, what overlap does it have with my security list mentioned above in post #5. I mean I run it with Ultra High Level Security, but don't know if I should since I have regdefend, prevx1, online armor, processguard etc. Like for instance, there was a post saying that with prevx1 and online armor, there shouldn't be any problem turning execution protection off in processguard due to the extra overlapping popups. So with that , I am looking to see if I should lower the security level in RegRun or can it be left like that.

dja2k