Katie DriveSentry

I went to the DriveSentry forum and found out that DriveSentry cannot be run on a limited user account unless the RUN AS command is used. Would DriveSentry work if I allowed the LUA full control of the DriveSentry folder in the Access Control List?

Thank You

 

Hate it when this thread goes dead -- wake up!!!

 

I hear you.
Unless I missed something, Katie nor anyone else from DS has posted here since Mar. 17th.

Stop in and say hi!

 

My bad then. Thanks for the info.

I don't mind then because i am probably one of the most outspoken supporters of local database sig programs around. It's just me i guess, but i don't feel completely safe knowing i must depend on a website for any sort of real time protection like community protection concepts.

It's my old inherent fear that internet websites of any type are just too easily exploited and attacked to depend on them for security untill they devise some way that they can't be compromised. In other words, we're still relying on websites that have to travel the circuit to reach our machines and that can be gamble when we least expect it IMO.

Maybe i'm wrong and the measures are solidly in place to prevent it, but..............

Someone can fill in the REMAINING blanks for me please, thanks and have a safe journey on the net.

EASTER

 

oH BOY, well here i try again DriveSentry.

I dunno what went wrong last time but it was probably not setting folders to be guarded and malware walked right past in my system. I'll pay more attention to set up this time.

Another matter. How will running NOD32 affect DriveSentry or will it at all? If they both gel together then Wallah! but is anyone teamed these two up together with no issues?

One more question since i no nothing of DS, is it a simple matter to restore a QUARANTINED file even if malware since i do plenty of research and i know this is not a research program, but curious if it offers that feature or not before i get started.

Many Thanks and wish me luck. I rather like the pop up alert personally, just like to read more data that i believe can be done by hovering over the alert indicator someplace.

EASTER

 

Easter,

What is a nice way of using DS with another Av is this: let DS check only your Windows directory and Programs directory, by

a) manually addng as protected folders Windows plus Program files plus manually add your important root files.
b) remove all the program extensions from the protected list of DS (Nod checks them anayway, to effectively reduce DS from protecting system wide, to only core Os + programs directories plus registry

This way DS is a file and registry guard (turn it down to where it started as an add-on for anti spyware/malware).

Blacklistings will be as follows:
a) Nod32 performs its normal blacklist check system wide
b) DS is a second safety net when missed malware accesses your registry or crucial files

I tested DS (have bought a lisence for fun) and its tickle download is pretty effective against the newest in the wild virusses (tickle download means instant download as soon as the DS servers have added a fingerprint)

See life time outline below:

Malware inception:
Malware launched: Your HIPS,
Malware first discovery : Tickle update of DS, DS now assisting your HIPS
Daily/4 hourly blacklist date base update of your AV: Nod also protects


Regards Kees

 

But how is this any different from getting auto updates from AV companies. Your still accessing their database of sigs. Your still connecting to their system....which cannot be fully 100% protected.

Wouldn't this be the same? I could be wrong as I am just guessing.

 

I can't thank you enough Kees.

This is one majorly heavily featured security program and i just spent my first initiation reading the HELP file and reviewing the screens. I will follow your advice because you have a much better handle on this for sure.

Since i'm on dial up i'm still sitting at 96% of the Synchronization and if it takes all night i want that completely full for starters of course.

I see your Logic plainly though in omitting the extensions you pointed out and such and allow NOD to perform as usual only have DS serving as a formidable file and registry guard to follow.

Thanks again for your assistance and guidelines and hopefully shortly this duo will be fully armed.

I take it theres no need to access the Wizard at all now though? LoL

EASTER

 

Easter,

You are welcome. On a 10 MB/s download the first DS db update took long, so good luck with your dial up

 

For some reason after a reboot the tray icon is now gone Anyway to get it back?

EDIT: Close explorer and restart it return DS tray icon again. GLITCH, no biggie!

One circumstance i would like to see change in the registry coverage. It;s not listed in this version of 3.3.0.4

Malware absolutely adores setting up shop un-noticed in CurrentControlSet\Enum\Root to add or hide Legacy registry keys with their supporting entries and empty the permissions making for a manual uninstall later when discovered. Would really like to see HKLM\System added to DS at some point.

Whats your opinion on this?

So far, working really well with both PG3.5 & NOD32, i owe you thanks for setting up some starter guidelines for DS + AV.

EASTER

 

Easter,

Please register and endorse my feature request, it is so simple they just have to remove the limitation of only adding custom keys in the software hive of HKU/HKLM.

Regards Kees

 

Hi Katie, I have used Drivesentry for a while and have already registered, but i have had to re-install my system as i had problems that i couldnt get over, but can you tell me how i can find out my license code as i cant seem to log on. My name is Paul Hudson but it does not recognise it but i am here and i do exist honest, can you help or do i need to re-register with my payment. Thanks Paul

 

I understand your concern but have you tried to contact them directly and got no answer?

 

It appears that Katie is out of the net -- no posts since 3/17.

 

Go to options, look for community center log on ID, when it says guest, change it to your registrated log-in name, reboot and DS will hopefully recognise you as a lisenced user.

It is a worry though, also the website (DS forum) shows very little action, this is the response I got

"Hi Kees,
Don't worry we haven't stopped development, we have some exciting features in the pipeline which will be part of a new Desktop Security Suite we plan to release in the next 4-6 weeks. Given how competitive the AV space is we are understandably cautious about releasing advance product information as it might give some of our competitors the edge!
Katie does still monitor Wilders and provides updates as appropriate but we are also very busy right now on building a distributor base for our products.
We will post more information on this (DS) forum as we have it."

So let's see

 

Can anyone tell me if they are using sandboxie with DS, when i was, there were a lot of conflicts.

 

I tried out drive sentry last week shortly and it never gave me any problems with sandboxie.

 

One feature I would like to see in future versions of Drive Sentry is a sandboxing feature to isolate untrusted applications by virtualizing file and registry reads and writes instead of just denying access. Adding a sandbox feature to DS will give Sandboxie some competition. Although simply denying access is a surefire way to avoid malware infections, a sandbox can allow you to play some downloaded game in a virtual, isolated environment, with possible malware infections confined to the sandbox. Please consider adding a sandbox feature to DS. Thanks in advance.

 

when i used DS i had snadboxie as well and never had an issue, if ur talking about the alert u get when ur installing DS, just ignore it

 

Actually i am not talking about that, i installed drivesentry with CIS, disabled drivesentry active protection.

Now everytime i started a browser sandboxed, i got a BSOD, other programs worked great with sandboxie, but only browsers resulted in crashes.

Any ideas why?

 

I only use Comodo's firewall with drivesentry's virus protection enabled and when I tried to run internet explorer 8 sandboxed, it worked fine but when I tried to delete all the sandboxed contents before exiting the software, I got a "BSOD"...

 

I get the BSOD as soon as i start any browser, with DS realtime disabled.

 

I also got the BSOD with using the latest version of DS and SBIE 3.34. What was strange is that it did not happen all the time. I had thought is was during the deletion of the sandbox on exit from the browser but it BSOD at other times also. I aslo had other smaller issues with DS like not registering correctly with the security center in Vista, sometimes a complete scan would stall on my XP pro machine and other times the program would not launch on either machine. If they could overcome these issues, they might have a winner on their hands.

Ice

 

Hello,

It's been a while...

DriveSenty should allow you to load the main program once the update has finished.

I can confirm we are looking into this.

I assume the files in question are quarantined items? DriveSentry gives you the option to remove these when you uninstall DriveSentry.

Has the email response from our support team resolved this issues for you?

Kind Regards,

Kate

 

Kate,

A sign of life at last

Regards Kees