Anti-Executable

Lack of checksum verification is the main weakness. An exe can easily be replaced by another and exelockdown won't detect it unfortunately.

 

Thankful,
Anti-Executable does a quintuple verification :
* File Size
* File Type
* File Location
* Creation Date
* Code Sample
Plus a number of HIGH security settings to make it even stronger.

ExeLockdown is finished without a future, that's why it's freeware or better abandonware. I don't waste my time on such softwares.

Anti-Executable works with a whitelist and that's why it doesn't need daily updatings. I call that an evergreen in security.
My whole security is mainly based on whitelists, my harddisk is completely whitelisted, because Anti-Executable wasn't enough for me.
- each object that was removed, is added again by the whitelist
- each object that was added, is removed again by the whitelist
- each object that was changed, is replaced again by the whitelist.
and that happens during EACH reboot.
That's the right way to keep your harddisk clean and has a much longer future, than all these blacklist softwares, which fail all the time.

All malwares have one WEAKNESS in common, they CHANGE your harddisk, once you have a tool to remove these changes you are CLEAN forever.

 

System Safety Monitor alerts me to "ANY" executable that has a changed checksum or been modified in any way so they make it so i am in complete control of the whitelist AND blacklist. Otherwise, it silently runs in the background awaiting to alert to such changes and many many more including registry etc.

 

I just deleted on purpose :
- the folder "Microsoft Office 2000 Pro "
- the folder "Thunderbird"
- the folder "Firefox"
I only rebooted my computer and everything was back and working fine in 2 minutes.
That's the way I like it.

 

Without doing anything ? Can a housewife do what you do ?

 

Only if she wanted to.

I'm not an advocate of trusting automatic monitors like Prevx1 and others that do the thinking for you, i prefer to be COMPLETELY INFORMED instantly and execise CONTROL over those decisions and then storing my decisions in the programs database for future guidelines to carry out unattended.

Otherwise a housewife would more likely trust a Norton's AV and a Prevx1 to make all those decisions for her irregardless of potential consequences.

If she can be trained to Reboot her PC after each internet session of use she can depend on POWER SHADOW to do the dusting & cleaning for her.

 

I've seen SSM myself, that's not for average users or housewives. SSM is a nightmare and dangerous for these users. SSM is for people at Wilders.

 

For my wife, any Software is dangereous. Even Minesweeper and Freecell.

 

That won't change my approach. I can do anything with my system partition : remove, replace, add any possible good or bad object until nothing works anymore.
I only have to reboot to get my healthy system back.

 

I fell out my chair on that one Antarctica. My girlfriend is the same way, when using my machine she is awarded the Limited Guest account only.

 

I noticed a slight annoyance while testing AE. Some applications create files as part of their normal functioning (Anti virus, for example). These new file are not included as part of the AE database. When I do a full system scan with an anti-malware program such as a-squared free, AE prevents these newly created files from being opened. So a-squared is forced to skip these files.

 

If you note the folder these files are created in, you can exclude those folders from AE's list, to overcome the annoyance.

 

Thank you.

 

With drivesentry now free, that combined with exelockdown would be a great free solution. EL can prevent unwanted executions and DS can prevent an exe from being overwritten so checksum verification isn't a problem no more.

 

Not a problem for me, I don't use scanners anymore.
If you disable AE and run your scanners and enable AE again. My guess is that AE will accept them during the next run.
Using 3-10 scanners daily is a bigger annoyance for me.

 

I still use scanners (only the proven ones)(and some new betas) for strickly research purposes only, but when i go about normal website surfing i've radically scaled back to just these.

System Safety Monitor: "OR" EQSecure: for HIPS!

Absolutely NO antivirus at all save on-line scans only.

Kerio 2.15: (Old and outdated as they come but Xtremely dependable nonetheless)

FD-ISR: for immediate rollback purposes (if needed) I maintain it for more practical uses but is readily available in event of major malfuntion) I scramble my selected ARCHIVES to various drives/partitions. If the partition is in an Active bootable drive i set it to "hide". Malware and my own mistakes are blind to it's existence at all.

Power Shadow: This one is my Bread & Butter cover. Nothing escapse it to date, not even notorious KillDisk virus.

Paragon: Duplicates and mirror images my entire system programs/settings.

Hard Drives: Forget externals except maybe USBThumb Drives: I pull plugs & jockey various fixed HD's by first making certain they boot as Primary Master then if inclined set as a Secondary or otherwise they are physically no where near my active unit. Probably my best technique ever for 100% saftey from potential compromise.

 

Just curious - why forget externals - I find them very useful and very cheap.

 

Simply a matter of geography Long View

Where i live i have free access to choose whatever BRAND of (Internal) Hard Drive that happens to be available at the time in various sizes/speeds etc.

Cheap also and perhaps more so than a brand new external, plus more modular. No Cords. No Cases. Raw form.

 

Easter,

Yes no cords/cables etc is the convienance of additional internal harddrives, combined iwth RAID it even gives higher performance and more reliability.

We have one external harddisk to serve as backup for two computers. Also we have the external harddisk stored on a different place. Friends of ours got their computer stolen and they lost three years of digital photo's. We hope the 2 different places tactic will give us additional protection against real world theft.

So for a convienance and virtual world I agree. For real world data theft (just because it is on your computer) I do not agree with you.

Regards Kees

 

Easter.2010 I take your point but agree with Kees1958.

Although I have never had an office fire nor had any machines stolen I do like to
have off site externals. My most valuable data is always with me on a small Freecom FHD-2 Pro 120 gig pocket drive. Real world data theft concerns me far more than potential virus or malware issues. In my view you can not have enough copies of data in enough different places preferably on different media.

 

And is exactly why a wise and diligent computer buff also knows after going thru all this trouble to store away at least some of those internal drives physically away from the active unit.

That also brings to light another point of interest too. If your PC did happen to turn up missing by some unfortunate chance or physically stolen, then you can't just plug in your "hidden" stored away backup drives due to $M hardware branding method so far as i know, BUT, all your data & programs are still safely preserved and can be easily accessed which gives you confidence to start things all over again with another unit.

 

Also, ExeLockdown doesn't have an exclude list. AE does (exempted folders tab).
Please correct me if I'm wrong.

 

Both have exclude list.

 

Where's the exclude list for ExeLockdown?

 

The access(exclude) list is up top, the deny list is directly underneath. You can allow/deny entire folders or individual files.