Bullet Proof XP from Malware and Changes

Discussion in 'other security issues & news' started by ZOverLord, Feb 14, 2006.

Thread Status:
Not open for further replies.
  1. ZOverLord

    ZOverLord Registered Member

    Joined:
    Jul 17, 2005
    Posts:
    11
    Windows Shared Computer Toolkit and Help

    This FREE Windows Utility works on both XP Home and XP Pro and XP Tablet PC editions, other versions of XP and windows are not supported.

    Basically you can read the documentation for in depth information but I will do my best to explain the advantages and disadvantages I have found using and installing this for clients as well as helping others use this at home.

    The very first thing that needs to be explained is that this is an excellent tool even for home use. The documentation makes it seems like only very public systems like a library or school can benefit by the use of this tool, which is not really true.

    The core of this tool is the windows disk protection which requires 1 Gig ("Or 10 percent of actual disk or partition size, whichever is greater") of use in unallocated disk space, what this unallocated area does is keep 2 disk images ("One to revert back to, much like one would use a system restore point for") in the event of problems, or change of mind on a modified setting.

    This may at first seem like one is giving up a ton of disk space to use this product, however the results in safety and recovery under almost any malware or accidental change or deletion soon prove to be worth the space.

    The actual space of the toolkit itself is only about 5 Megabytes, you will need to be using a Genuine version of Windows XP and may be prompted to install the User Profile Hive Cleanup Service before being allowed to install the toolkit.

    If needed you can set a multitude of user restrictions based on user id, however you could just run as you are now and even with having Admin privileges once you restart your Windows drive is as it was before you logged on. This is because any changes of any kind are actually cached and not really written to your windows partition unless you authorize it.

    So, you can do anything as Admin and have peace of mind that no matter what malware you encounter or accidental changes or deletions are done, you will be as you were before whatever happened happened.

    Say you want to add software, because it would not normally be saved after the next restart ("Using this tool") it is as simple as changing the Windows Disk Protection to "Save Changes at Next Restart". Now say you go OMG what I installed had malware, I never noticed. Not a problem because you can always revert back to one disk image prior, by using F8.

    If you have extensive tests or changes to do for new software that may require multiple restarts, you can set "Retain Changes Indefinitely".

    The restrictions on a per user basis are extensive and very selective. You are not required to use them, but you may have a need.

    So far I have seen nothing easier to use, that protects a system with rock solid logic of not allowing anything to change anything on the drive that windows is installed on, without permission. Since any and all changes to the windows drive during any logon are cached once the system is restarted there is no overhead, the only overhead of this beside the 1 Gig ("Or 10 Percent rule") initial overhead is when you save changes.

    Persistence of user data can be done by selectively keeping user profiles on a disk or partition which is not located where Windows is installed. This allows the entire drive or partition where Windows is located to remain protected while allowing users to retain changes and without the need to save changes at restart. This could cause malware to be placed on that partition or drive, however since it has no launch ability it would remain dormant. I of course would still suggest using an A/V to be safe.

    Users can also be allowed to run and install programs outside of the protected area where Windows is located and even if they installed malware doing this Windows would still remain protected for all other users because said malware could never embed anywhere for other users.

    I have installed this in many client sites, and also for friends and family, and all I can say is there is nothing more user friendly and protective which provides this kind of flexibility.

    I would like to keep this thread going for people that would like to take a crack at installing this and trying it. I will answer any questions and may be able to save some others some time about configuring and using this.

    Pros

    1. Complete protection of the entire partition or disk where Windows is located. It's like doing a total system restore in 2 seconds every restart, back to a known clean image of an entire partition or drive.

    2. Awesome per user restrictions if needed, too many to list here.

    3. A Malware testers dream, go anywhere even as Admin and have no fear. Because the entire partition or disk where Windows is located is copied to an un-allocated area on disk, would be very hard to infect.

    4. Can be easily changed, including user changes as well as other features.

    5. Lets you basically install anything, test it, and if you decide you don't want it, re-boot, and it's gone.

    6. Even if you screw up and save an image, you can revert back to one image prior, so there is some forgiveness on that.

    7. System Restore can still be used, but...you will need to do a "Save changes on next re-boot" the saved image retains your changes.

    Cons

    1. The required disk space of 1 Gig ("Or 10 percent of the disk size where Windows is located") at first is hard to stomach, even if one decided not to keep using this toolkit, you can always reclaim that space back. But it is a large chunk of disk for some. If you are a DVD/CD burner kind of person, you would want to increase this space to about 2 Gig larger if you store Lots of CD and or DVD data.

    2. When you change an image it takes about 20 seconds to complete. This can be even longer if you don't move the Windows paging file to a partition or disk other than the one Windows is located on.

    3. Anytime you make a change to Windows, of any kind, or install new software ("A/V Updates are handled automatically, and you can add scripts to handle other updates if needed") you will need to remember to set Windows Disk Protection to "Save Changes On Next Restart" otherwise any changes will not stick after restarts.

    4. The documentation at times can be confusing, however the User Interface is very easy to use.

    If anyone has any questions or needs help with setting this up just shout, if you want a FREE bullet-proof way to fortify your XP Home or XP Pro system, or need very selective user restrictions this rocks, both for corporate and home use.

    Instant recovery without even a mouse click, it all goes back as it was on the next re-boot.

    For more documentation about the toolkit please go here:

    Click Here For More Information:

    http://www.microsoft.com/windowsxp/sharedaccess/default.mspx

    Don't let the Public places documentation on this fool you. It's a great protection method period and ....it's Free!
     
  2. trickyricky

    trickyricky Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    475
    Location:
    London, UK
    Thanks for the informative and useful review. Definitely one to consider. ;)
     
  3. ZOverLord

    ZOverLord Registered Member

    Joined:
    Jul 17, 2005
    Posts:
    11
    Your very welcome, if you get a chance to play with it you will find it even easy to use to test malware with no risk to your system.
     
  4. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    I give this toolkit a rating of 10/10. :cool::thumb:
     
Loading...
Thread Status:
Not open for further replies.