Hiding Program Software -- Need Suggestions!

Hey All -- Could really use some feedback/suggestions for software that can hide programs while they are being used by the system (currently taking a look at My Lockbox & Easy File Locker). A hacker changed registry keys on my Comodo Firewall to effectively disable it (as well as a few other programs) so I'd love to be able to hide some of my defense-related software (like Returnil, backup program, etc.) so if I'm ever hacked again it'll be harder to mess with what's not obviously being used to defend. Any suggestions along this route sincerely appreciated. Have a great weekend, and thanks. PS -- Don't mind paying a few bucks if anyone knows of a program that's worthwhile -- rather not relive being hacked!

 

consider protecting the registry for mods by Admins only
and then be user to use the LUA or UAC users for surfing

 

It might be wise to use a VM and VPN while consorting with hackers.

 

I am really curious to know how a hacker was able to get into your computer. How was he/she able to gain access?

 

Went to her/his website, perhaps?

 

No, I've never visited any hacker websites, don't use any P2P or anything like that. I had a very unsecured system because until recently I knew little about security -- 1st hack was using XP and I was very ignorant of these things. I believe it was someone from within my industry. 2nd hack was during a Win 7 64x clean install. I've been in touch with a CEH to figure out how this happened and best guess is I was targeted for cybercrime (I did a considerable amount of financial transactions online -- intrinsic to my business). I was setting up a system and the Admin acct was hacked -- I use LUA and while setting up had a short Admin password to make all of my program installation easy, after which I was planning on changing it. My CEH consultant guesses he/she used a hash cracker to get the password, possibly tunneling somehow through my router. So now I'm taking a good hard look at my security and wanted to know if there are programs that can hide a program (let's use Winpatrol as a simple example) while it's being used so a hacker would not see it and attempt to change the reg keys to disable defenses. Whoever this is (I doubt it's coincidental) is no "script kiddie," of that I'm sure. Any program ideas would really help. Thanks.

 

Not sure how effective file hiding programs would be.
The first line of defense is of course to make sure your clean install is really clean. Slipstream the install disk with service packs and latest hot fixes.
Bottom line is to install as much a possible before connecting the network cable. This means antivirus, firewalls, and applications are installed from CD's or flash drives and not the internet.
The next line of defense it to use an aggressive firewall.
Then you might want to look into sandbox browsing. (Sandboxie for example)
Finally, the most important thing is to have a full disk backup of the OS. This means you create a disk image of the OS before it has been plugged into a network. (use Acronis Trueimage or Norton Ghost)
Having a clean disk image allow you to wipe out any malicious files and start a clean system in just a few minutes. (much easier than installing an OS)

 

Universal Shield by Everstrike Software.

 

I USE IT, WORKS AS EXPECTED!


EASTER

 

Yes, I find it a great little program!

 

To protect against sophisticated malware, the only thing that would truly prevent anything would be the renaming of processes. I question if anything could truly be "hidden" from something like Sality.

 

Thanks guys -- I've done tons of reading about all this over the last few weeks/months. Have Acronis, make incremental backups every step of the way to an external drive. Was also thinking about returnil or DeepFreeze as added protection. Without a doubt LUA. Upon further investigation there were changes made to my Nvidea cards (I have 2 of the GeoForce 9 series) with protections enabled around these modifications. So, it looks like a program called "Lightning Hash Cracker" was installed on my Win 7 reinstall using my video cards. If you look this "Password Recovery" program up and read the vendor details, it amounts to marketing a very sophisticated password/hash cracking program capable of processing 688,000,000 hashes/second using one card, and the workload can be distributed linearly across something like 100 machines. I've done the calcs to determine how many characters on a keyboard it would take in a password to ensure a multi-year process on such a device if you care to compare notes. Anyway, its been a real hassle. I have the backups but I'm concerned about being targeted again (that's not my paranoia, thats the conservative advice of my CEH lieutenant)!

 

I would be interested in your calculations and their results.

 

Sure thing Klawdek -- The way I'd begin to get my arms around that is to say there are (looking now) about 93 or so characters I can use on my keyboard right now, including the ~ thing and others like it. So, the formula for possible total # of permutations where order doesn't matter and repetition is allowed is simply N^x, where N is the pool to draw from and x is the number of characters in your pswrd. I have no idea if 'hash' is the same as a single permutation, but I'll assume it amounts to the same thing. On average you would divide the result by 2 (he has on average to get through 1/2 of the combinations before hitting paydirt), but let's say luck is on his side and he gets it in the first 25% of all tries, so let's divide by 4 instead. Then let's say he's part of a well-funded organized crime group and strings together 100 computers, so the 680 MM/second becomes 60.8 B/sec (I think that's right so far). A 6 character password under this scenario would take 3 seconds to crack; a 12 character password would take 546 centuries. Gotta run, but I think that's correct. Not sure about the hash thing or how it works. Hey, does anyone know of a reference of what registry keys are commonly targeted by hackers and should be protected? Also looking for a guide on configuring Comodo to configure outgoing communications to trap the trojan from calling home if anyone has one anywhere (think I'm doing okay on incomings). Take Care, -- S

 

There is a theoretical limit to how fast a password can be guessed based on the laws of physics. For details, search "Von Neumann Limit"
The bottom line is that it would take longer than the age of the universe to test all character possibilities of a 20 character password. Now I mostly read about this limit in discussions about symmetric encryption so I don't know if pw hash complexity will scale all the way to 20 chars.
If I were you, I wouldn't use anything less than 16 though.