Help for a noob

You're absolutely right Ilya, I was just wondering. That's all.

 

DefenceWall:

Looks good for my XP drive. Am currently using DropMyRights for
some internet accessing applications. Would I need to remove
DropMyRights form these apps. with DefenceWall - I think so
as DMR will become totally redundant ?

"Rollback to: Will remove an item or set of items that were created after the item selected and erase files and registry entries from your hard drive."

What exactly does 'after the item selected' mean ? Couldn't I just restore
registry to what it was before the attack using my favourite
registry restorer ERUNT ? Rollback also removes files created by malware ?

 

DW is perfectly working with restricted rights policy as its defense doesn't rely on it. So, if you have some work configuration you used to use- why to drop them?

It mean that you select the item you want to rollback to and all the files and registry keys were created after the selected one (in time, naturally) will be erased.

No, it is impossible- this 'rollback' functionality is only for a professional users who clearly understand what are they doing with their files and registry.

In fact, 'rollback' function have been made to allow professional user remove malware files from their hard drives manually, without signature scanners. For all the other user categories I always suggest on-demand anti-virus scanners using to remove malware from the hard drive- any case, inactive malware (or potentially active, but with no chance to break through a sandbox) is harmless.

 

Thanks for reply Ilya.

I will try DefenceWall shortly.

 

Thanks everyone!

Slowly coming down to the specifics.

Decided:
ZASS 7 (as I already bought it) with AV turned off, Superantispyware free(on demand), NOD32 2.7 resident.

Unsure:
Paragon Drive Backup/Drive Snapshot/ Acronis TI (seems heavy at first look with added stuff that I have no need for)/FirstDefense-ISR Rescue

Researching to finalize:
For HIPS and virtualization planning to have Prosecurity/EQSecure (with custom rules from Kees and others) with Defensewall/GeSWall/Sandboxie + Shadowdefender/Returnil.

Now the part.
I am thinking out loud for suggestions, comments.
Also question:
Has anyone faced any conflicts between ZASS (AV, AS turned ON) and SAS free (on demand) with Defensewall? Had shutdown twice yesterday. Defensewall recovered from serious error.

 

Try to keep minimum or u will get annoying slow downs.

 

dont know what minimum is. looking at your signature too I see that you use 3 HIPS!

 

Minimum is what u can manage easily and it doesn,t slow down ur system. I know to manage my sytem and like to play with them. If you can do the same, go ahead.

On my system:

CFP- FW with classical HIPS
GW- Sandbox
ThreatFire- Behav blocker

There is nothing like AV, AT, AS, neither real time or on demand. EQS will go soon as well. If CFP get a proper sandbox sometime in future( that I don,t expect), I will remove GesWall.