Hi,

I am looking at various options wrt AT software only problem is I have limited funds and don't want to be paying for two licenses every year as I have two pc's (you may have read my threads in the other forums). I see PG can be used on all home computers, would it make more sense to supplement an AV programme with PG rather than a realtime AT defence? Bearing in mind there are very good on demand AT scanners available for free.

PG looks a little more difficult to follow for a non-techie, in that it won't tell you if something is a trojan but from what I gather it defends better than most anything else assuming the user can make sense of what's going on.

This is the defence layout of both my pc's

Main PC

McAfee VS 8
eScan Utility kit
ZA free
Ewido free
MS Anti-spyware
Spybot S&D
Adaware

Family PC

Avast! Free
Ewido Free
ZA free
Spybot S&D
Spyware blaster
Spyware Guard
Adaware

As you can see the family pc is probably vulnerable to trojans in realtime. Would PG be a more cost-effective solution than an AT programme?

Hi AShaR, ProcessGuard is without a doubt the strongest form of defence against many of the latest threats such as rootkits and personally it would be the last security program I would remove from my systems.
You can learn a lot about ProcessGuard by reading the help file which is available as a seperate DL from the DCS site.

You do not show a firewall for your machines, there are some very good free ones available, please look at the friewall forums here on Wilders for more information.

Also spend some time looking through the PG forums for additional information :)

HTH Pilli.

Hi Pilli,

Quite a diplomatic answer there...LOL. I guess you guys also have a top-rated AT product so maybe not a great question :)

I have spent quite some time looking through this forum and have learned quite a lot. I have listed the free firewalls, ZA free refers to ZoneAlarm.

Is PG compatible with my AV programmes there? (McAfee and Avast!)

Thanks.

-{ Quote: "Is PG compatible with my AV programmes there? (McAfee and Avast!)" }- Yes, When you first run the full version of ProcessGuard make sure you are in learning mode with the four general tabs enabled. run your security and internet enabled programs and then reboot. This will allow ProcessGuard to make the necessary adjustments to it's lists.

HTH Pilli :)

When you say "run your security and internet enabled programs and then reboot" I assume you mean just load them up rather than run an actual scan, yes?

BTW, well done on making this usable on more than one pc. For a family man it makes a big difference :)

AShaR,
Something else to consider is RegDefend because that also has an 'unlimited' home pc license and it defends another somewhat important part of a windows system, it has a forum on wilders as well...

There is a good thread on what security programs people use (and why) that you might find helpful

Often its more important to question the "why" for security tools, because a tool by itself in the hands of the wrong person may provide no more than a false sense of security (and still cost money)...

See Security that you use and its purpose (http://www.wilderssecurity.com/showthread.php?t=62972)

There are times when a dedicated AT can be useful and practices you can follow to minimise the need for a dedicated AT

One thing to *always* remember is backup your personal data !!!!
Its easy to not get around to it, but once its gone ....

Edit: This doesn't meet the criteria for being cheap, but as Paranoid2000 points out, it does a similar job to ProcessGuard and Regdefend combined
See post about Tiny Firewall Pro 6.5 (http://www.wilderssecurity.com/showthread.php?t=68568#post387719)

-{ Quote: "I assume you mean just load them up rather than run an actual scan, yes? " }- Yes run the processes first. By all means scan new programs with whatever you have available before installing them, especially if they come from questionable sources.

Pilli

-{ Quote: "AShaR,
Something else to consider is RegDefend because that also has an 'unlimited' home pc license and it defends another somewhat important part of a windows system, it has a forum on wilders as well...

There is a good thread on what security programs people use (and why) that you might find helpful

Often its more important to question the "why" for security tools, because a tool by itself in the hands of the wrong person may provide no more than a false sense of security (and still cost money)...

See Security that you use and its purpose (http://www.wilderssecurity.com/showthread.php?t=62972)

There are times when a dedicated AT can be useful and practices you can follow to minimise the need for a dedicated AT

One thing to *always* remember is backup your personal data !!!!
Its easy to not get around to it, but once its gone ....

Edit: This doesn't meet the criteria for being cheap, but as Paranoid2000 points out, it does a similar job to ProcessGuard and Regdefend combined
See post about Tiny Firewall Pro 6.5 (http://www.wilderssecurity.com/showthread.php?t=68568#post387719)" }-

There are different ways of being cost-effective. I don't mind paying a high premium once only, but when you add yearly licenses for two differnt pc's even $20 isn't cheap :)

My main pc which has important documents is backed up online btw paid for by my company. I am looking through that thread you linked now.

Pilli, thanks.

AShaR,

Given that you are running Ewido, you already have an anti-trojan scanner. The main facility lacking in the free version is scanning memory for active trojans. As long as you are using it to check all incoming files, the chance of being hit by a trojan is small, especially if you avoid "anonymous" download sources (e.g. IRC, Usenet, P2P). Even if one slipped through, PG would greatly restrict the amount of mischief it could do.

If however you feel that a memory-scanner is needed, BOClean (http://www.nsclean.com/boclean.html) does allow for unlimited installations for home use, and requires no further payments for database updates (most other anti-trojans do not require payments for database updates either, unlike anti-virus software - though they do require individual licences).

-{ Quote: "When you say "run your security and internet enabled programs and then reboot" I assume you mean just load them up rather than run an actual scan, yes?

BTW, well done on making this usable on more than one pc. For a family man it makes a big difference :)" }-

Very good page on Process Guard written by Andreas:

http://www.commontology.de/andreas/win_secure_pg3.html

Take care and have fun! :D

-{ Quote: "AShaR,

Given that you are running Ewido, you already have an anti-trojan scanner. The main facility lacking in the free version is scanning memory for active trojans. As long as you are using it to check all incoming files, the chance of being hit by a trojan is small, especially if you avoid "anonymous" download sources (e.g. IRC, Usenet, P2P). Even if one slipped through, PG would greatly restrict the amount of mischief it could do.

If however you feel that a memory-scanner is needed, BOClean (http://www.nsclean.com/boclean.html) does allow for unlimited installations for home use, and requires no further payments for database updates (most other anti-trojans do not require payments for database updates either, unlike anti-virus software - though they do require individual licences)." }-

Thanks, that's exactly the answer I was looking for and pretty much what I suspected as the title of the thread indicates. I know about the BOClean option but I would probably pick PG as a better option as they allow more than one user per purchase, and of course there's avery good on demand scanner available for free in Ewido. My only concern would be that my kids aren't likely to be as dilligent as me in scanning incoming files but I guess as long as no damage can be done it's not really a worry. Thanks :)

-{ Quote: "Very good page on Process Guard written by Andreas:

http://www.commontology.de/andreas/win_secure_pg3.html

Take care and have fun! :D" }-

I skimmed through it yesterday. Very impressive! :)

Well if it's a choice between PG and BOClean, both cost $39.95 for unlimited home use (PG Unlimited licence and BOClean's standard price) but BOClean can be purchased for less with some caveats (see Support problems with BOClean CompUSA Purchase (http://www.wilderssecurity.com/showthread.php?t=51576) for more details).

As long as your other users have non-Admin access and are not allowed to alter PG's settings, then PG would be the better option in my view. If they are given full Admin access (asking for trouble, IMHO) then BOClean (which automatically terminates malware and can have its configuration locked down) backed up with the protection offered by the free version of PG may be better.

Basically PG blocks activities without making any judgement on whether they are harmful or not, so can require more user intervention (e.g. disabling it for major upgrades/installs, setting permissions for certain programs). A scanner like BOClean will only act on malware and is more "set-and-forget" but, like any scanner, cannot be guaranteed to be 100% effective.

Hi,

I have paid licenses to all of the major ATs including TDS-3, BOClean, Ewido, and TrojanHunter. I also have licenses for ProcessGuard and RegDefend. This is my current configuration, though from time to time a change it or run on-demands for verification"

Firefox
ZoneAlarm Pro
Kaspersky 4.5 Pro with extended databases (I hate 5.0)
ProcessGuard
Ewido (full license)
RegDefend

I continue to run certain programs on -demand such as Giant Anti-spy (the precursor to MS AS) which I run only on-demand and rarely. Ad-aware seems to be better. Spybot, and Hijackthis.

I also use Image For DOS and a Maxtor external 80 MB HD for full image backups. It has helped me a couple of times, when I was in doubt about the security state of my system.

From your configuration, I would recommend purchasing these products in the following order for your own PC:

1) PG (proactive AT defense)
2) RegDefend (proactive registry defense)
3 Ewido full (or BOClean)

I would recommend upgrading the AV on your Family PC since this is the first line of defense. Either McAfee or KAV. I would also add Ewido Full or BOClean or leave it at Ewido free.

AShaR, your Famliy PC is fine as is and the addition of Process Guard would be a major plus :)

-{ Quote: "AShaR, your Famliy PC is fine as is and the addition of Process Guard would be a major plus :)" }-

I upgraded the Ewido to the full version, am still contemplating on Process Guard for the simple reason the family pc will have pop-ups and I am going to have kids dragging me into their room every time to give or deny permission every time it happens. I may trial it on my pc to see how it pans out first, but FP's on a kids pc could turn out to be the biggest trial of the lot :P

Kerio Personal Firewall 4.x is now taking steps to secure also process manupulation etc ... latests beta shows promising improvements in stability ... so as free / cheap solution it's maybe good choice ...