New Software Means New Combinations...

Discussion in 'other anti-malware software' started by dja2k, Oct 18, 2005.

Thread Status:
Not open for further replies.
  1. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    With new software that came out from other companies than the traditional recoomended regdefend\processguard combination of the past, what other combinations of software are you all using so there wont be a big overlap. I mean like do you need processguard if you have online armor or do you need prevx software as extra defense to processguard\regedefend when you are also running lets say online armor. I just want to know what sofware security software you are using and how they work together.

    Examples:
    Kaspersky, Nod32, Ewido, Boclean, TrojanHunter, A-squared, Unhackme, Anti-Keylogger, SnoopFree, Zonealarm, Outpost, Looknstop, Prevx Home, Prevx Pro, Prevx1, ProcessGuard, Regdefend, Antihook, Safe'n'Sec, Online Armor, Counterspy, Spysweeper, Microsoft Antispyware, Spyware Doctor, Winpatrol, Regrun, SafeXP, Samurai, Harden-it, Secure-it etc.

    dja2k
     
    Last edited: Oct 18, 2005
  2. Precious

    Precious Guest

    Real-time protection applications I am having are:
    NOD32 (far best AV with AT), SpywareBlaster (not a real-time application but places kill-bits instead), WinPatrol Pro, Prevx Home, ZoneAlarm Pro, ProcessGuard Full. I also have had SpywareGuard but I removed it since foregoing apps do the same plus more. All the mentioned co-exist well.

    I am keeping an eye out for Prevx1 and Online Armor but I think the both need to be yet honed to gain my confidence, especially Prevx1. But their direction looks good and I reckon such kind of protection has a future.

    Regards,
    Precious
     
  3. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    I use the following:

    Antivir PE
    MSAS
    Spyware Blaster
    PrevX Home
    Sandboxie
    Win XP SP2 Firewall

    I also do an occasional Kaspersky online scan, ewido free scan, spybot scan and adaware scan. Also, I clean up my registry and junk files with Ace Utilities.
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Somewhere between 2005.10.18 and 2005.12.31 my security setup will be :
    1. ZoneAlarm Free
    2. ShadowUser
    That's all.

    Of course, I will install/run/un-install occasionally the freewares and trial versions of the best scanners to verify how good or bad my security setup is doing during the year 2006. I did the same thing to verify my discipline on the internet in 2005 and that was quite successfull too, but also very boring.
    I want my freedom back on the internet and without too many security softwares.

    Consider it as an experiment. I have to know for sure if this security setup is possible or not and not only for myself.
    Guesses, opinions, discussions, lack of real proof, ... are just not good enough for me and keep in mind that the traditional security softwares have also their own serious/increasing problems.

    Let's see how good SU really is in practice, because I do NOT trust SU either, but I have nothing else with the very same unique advantages.
     
  5. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    I am running the following right now as Active after playing around with several combinations. I might have a lot of security, but this past week, they didn't protect me against some CoolWebSearch stuff that got passed them, don't know how though.

    KAV Pro 5.0.390 (Extended Database)
    Look 'n' Stop 2.05p2 (Phantom Rules)
    Script Sentry 2.7.1 (All Enabled)
    Regdefend 2.001 (Full)
    ProcessGuard 3.150 (Full)
    RegRun Gold 4.10 (Ultra High Level)
    Prevx1 (Trial Ends 01-18-05l)
    Online Armor 1.1 (Full)
    SpywareBlaster (All Active + Custom File)
    Spybot Search & Destroy (Immunized)
    SafeXP
    Harden-IT (Best Config)
    Samurai (Medium\High Security)
    Sandboxie (Using with Firefox)
    Firefox 1.0.7 (NoScript+Adblock)
    MVPS Host File + Host Toggle
    IE-SPYAD
     
    Last edited: Oct 20, 2005
  6. False positive i think. If it's real, you have some serious problems that cannot be solved merely by piling up security software.
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    dja2k,
    A CWS-infection with that kind of security setup ? That's impossible.
    Firefox prevents any CWS-infection, look at the Mozilla website.
    Firefox in Sandboxie is a double protection against any CWS-infection.
    Unless it's a new genetic mutation of CWS of course. :D
     
  8. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    I know ! But it tends to happen that sometimes I forget to run firefox with sandboxie on, though that is rarely. I do think they are false positives because sometimes xoftspy finds them sometimes it doesn't, sometimes cwshredder finds them, sometimes not. So I don't really know what they were and how they got in my system. I did start seeing a wierd behavior of ProcessGuard , which I posted here in the forums, but that is another story.

    dja2k
     
  9. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    XoftSpy can NOT be trusted and has too many false positives.
    I had also a bad experience with XoftSpy. Get rid of it.
    The rest remains a mystery of course.

    EDIT:
    XoftSpy was once listed as rogue AS software, not anymore, but once a thief always a thief.
     
    Last edited: Oct 18, 2005
  10. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I wouldn't trust XoftSpy either. Even if it's not rogue, I don't see it as being as reliable as the big hitters. I certianly wouldn't trust it over them. If, however, you really do have a CWS infection, it could also very well be that it's an old infection that was never completely cleaned.
     
  11. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Windows XP Home SP2 (automatic updates set to prompt)
    Linksys Router RT31P2 (hardware firewall)
    Outpost Pro Firewall 3.0.543.5722 (431) (software firewall)

    Kaspersky Anti-Virus Personal 5.0.390 (Extended Database enabled)
    UnHackMe 2.5 (anti-rootkit)

    DiamondCS ProcessGuard 3.150
    DiamondCS WormGuard 3
    RegDefend 2.001 (with custom Ghost Files from Kent and Tony Klein)
    WinPatrol 9.7.4.0

    SpyBot Search & Destroy 1.4 (Immunize enabled)
    SpywareBlaster 3.4 (and Custom Blocking List: http://koti.mbnet.fi/pattaya1/swb3.htm 10/14/05)
    MVPS Hosts File (10/10/05)(Hosts File Manager Version 1.0.1.2 & HostsMan 1.2)
    IE-SPYAD (10/12/05)

    FraudEliminator 2.3 anti-phishing toolbar (for IE6)
    CoreStreet Spoofstick 1.05 (Mozilla Firefox anti-phishing toolbar)
    C/Cleaner 1.24.180
    MRU-Blaster 1.5

    Resident Scanners
    Ad-Aware SE Personal 1.06
    Kephyr Bazooka 1.13.03
    InterMute CWShredder Version 2.16
    F-Secure Blacklight Rootkit Elimination 2.1.1019
    HijackThis 1.99.1
    DllCompare
    Mischel TrojanHunter 4.2
    A-squared scanner 1.6

    Online Scanners
    CounterSpy spyware scan
    Ewido malware scan
    Help2Go Detective, HijackThis log file analysis, HJT log analyzer (HijackThis Analyzers)
    InterMute (Trend Micro) anti-spyware for the web
    Jotti's malware scan
    McAfee online virus scan
    Trend Micro Housecall online virus scan
    Webroot Spy Audit
    X-Clean Micro (XBlock.com) spyware scanning
    Zone Labs online spyware detector
     
  12. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    About RegDefend 2.001 and extra ghost files from Kent and Tony - DIdn't they say most of those are already included in the RegDefend 2.001 and that there were problems adding them to RegDefend 2.001 with something to do with the wild card and were awaiting new files from both Kent and Tony?

    dja2k
     
    Last edited: Oct 18, 2005
  13. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Yes - Most (but not all) are included in 2.001. I have these in order (following the standard files that are included) so it will search the standard files first. I have had no problem thus far. One person has edited to exclude the duplicates. See:
    https://www.wilderssecurity.com/showpost.php?p=586080&postcount=6
     
  14. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Thanks for the regdefend info.

    Anyways, is it safe to turn off Execution Protection in ProcessGuard since Online Armor and Prevx1 protect that section? Since that Execution Protection is off, I wont see a list under the security tab right?

    dja2k
     
    Last edited: Oct 19, 2005
  15. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Do not know. Tried Prevx (free) before ProcessGuard and dumped it. Prevx slowed my system too much. I like the combination of ProcessGuard, Regdefend amd WormGuard because they are light on resources. I consider my main defense to be Kaspersky AV and Outpost. Also my block lists that consist of SpyBot S&D (immunize), Spywareblaster, Hosts File and IE-SPYAD. The other security would react if something got on my system and tried to run.
     
  16. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Does anyone know if ShadowUser Pro 2.5 works good with the software list I posted above. I have a paid version of it and used it for a while , then gave up on it because of all these changes I was doing to my system. Since I just did a clean install of everything, including windows, security programs, and hardening , now ShadowUser would be great to use again.

    dja2k
     
  17. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    In theory you don't need all these protection softwares, because ShadowUser protects your harddisk from any threat, even the NEW ones.
    BUT when you like to keep those other security softwares, no problem.
    I don't know why you are changing your harddisk all the time.
    If these changes are related to improve your security, then you don't need those changes when you use SU.

    I'm planning to use "Firewall and ShadowUser" as protection and nothing else.
    Of course I don't change my harddisk all the time and I only use softwares, when I really need them and those softwares are reliable.

    I like to TRY other (unreliable) softwares without any risks.
    I like to SURF on the internet and visit ANY website without any risks.
    ShadowUser makes that possible and that's enough for me.

    It seems to me that you don't understand what kind of freedom ShadowUser offers on the internet.
    Do you know any security software that offers the same freedom and protection ? I don't. :)
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Dja2k,
    In theory you don't need all these protection softwares, because ShadowUser protects your harddisk from any threat, even the NEW ones.
    BUT when you like to keep those other security softwares, no problem.
    I don't know why you are changing your harddisk all the time.
    If these changes are related to improve your security, then you don't need those changes when you use SU.

    I'm planning to use "Firewall and ShadowUser" as protection and nothing else.
    Of course I don't change my harddisk all the time and I only use softwares, when I really need them and those softwares are reliable.

    I like to TRY other (unreliable) softwares without any risks.
    I like to SURF on the internet and visit ANY website without any risks.
    ShadowUser makes that possible and that's enough for me.

    It seems to me that you don't understand what kind of freedom ShadowUser offers on the internet.
    Do you know any security software that offers the same freedom and protection ? I don't. :)
     
  19. Mysterion

    Mysterion Guest

    You can say that again.
     
  20. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Well you can say that again, but with this in mind. I said I had shadow user before I did a clean install of windows. I haven't added it yet! And yes I know what the software does, if not I wouldn't have purchased it. Basically I can screw up the hell out of windows and restart it and it will be back to normal if I don't commit on any changes. Furthermore I know that Deep Freeze is similar in theory, but Shadow User has more ways to include and exclude files or something like that, never used Deep Freeze. But thanks for the reply, I too would just want to use that, a firewall, and something to hide my IP, that would really make me a shadow wouldn't you think.

    dja2k
     
  21. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Dja2k,
    OK. If you fully understand the possibilities of ShadowUser, we don't have any problem.
    I would use a Firewall and ShadowUser only and use all your other security softwares to check how good (or bad) SU really is.
    That's IMO a very interesting experiment and we know all about the traditional softwares, but not much about SU.

    I have read that DeepFreeze doesn't work with a virtual environment and I didn't read much about DeepFreeze either. So I can't compare both.

    Cheers.
     
  22. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,057
    Only one and that is Raxco's First Defense - ISR. Basically it offers the same kind of protection that SU does. Just for me has certain advantages, and now also can act as an additional backup.

    Pete
     
  23. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Any one of you still use RegRun Gold ? If so, what overlap does it have with my security list mentioned above in post #5. I mean I run it with Ultra High Level Security, but don't know if I should since I have regdefend, prevx1, online armor, processguard etc. Like for instance, there was a post saying that with prevx1 and online armor, there shouldn't be any problem turning execution protection off in processguard due to the extra overlapping popups. So with that , I am looking to see if I should lower the security level in RegRun or can it be left like that.

    dja2k
     
Loading...
Thread Status:
Not open for further replies.