Safe Admin for XP

Discussion in 'other anti-malware software' started by Kees1958, Aug 27, 2011.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    A got a question to port some of the ideas of Safe-Admin to XP. With the explicit question to make it as noob friendly as possible, okay so here is the easy version for XP

    1. Install Chrome (safe and fast), make sure you download the offline installer who installs in Program Files
    download from http://www.google.com/support/installer/bin/answer.py?answer=126299
    choose the version "Alternate installer for all user accounts" (second bullet)
    *** THIS ALTERNATE INSTALLER IS ESSENTIAL TO RUN EDGEGUARD SOLO freebie***

    2. Install extensons
    - Bitdefender traffic light https://chrome.google.com/webstore/...pgihekkeednfoenal?hl=en-US&hc=search&hcp=main
    - Mcfee Site Advisor
    https://chrome.google.com/webstore/...dmmmghbgkcdebhhae?hl=en-US&hc=search&hcp=main

    Set up Bitdefender as outlined in picture
     

    Attached Files:

    Last edited: Aug 27, 2011
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Now search for Trusteer Rapport, direct download (without needing email)

    http://home.ingdirect.com/privacy/privacy.asp?s=Promotions

    adding websites to this protection (e.g. your banking etc)

    http://www.trusteer.com/demo-protecting-website-using-rapport

    Maximise protection of this privacy program (thanks Dark_Start) https://www.wilderssecurity.com/showthread.php?t=283236

    Now you have a pretty solid browser which helps to keep you out of trouble (staying away from risky places is also a security mitigation)
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Now we are going to make sure that all your Internet facing programs run as LIMITED USER, by downloading and installing EdgeGuard_Solo freebie


    Note: EdgeGuard Solo gives simular protection as Spyshelter Restricted Option (of the paid version, when you have Spyshelter premium and know how to use restricted mode, you can omit EdgeGuard).

    For people having no Spyshelter Premium lisence install EdgeGuard (EdgeGuard works perfectly on XP )

    Download http://www.blueridgenetworks.com/support/products/edgeguardsolo/download.php

    Explanation
    http://www.blueridgenetworks.com/support/products/edgeguardsolo/

    Make sure you add chrome.exe. Allthough it mentioned incompability with Chrome, it is compatible with the offline installer see https://www.wilderssecurity.com/showthread.php?t=234443 (tested myself)
     
    Last edited: Aug 27, 2011
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    now we are going to add UAC like protection with another freebie

    a) Install Spyshelter FREE and select ONLY system protection option
    b) choose or set medium level protection

    This will give you less prompts than UAC on Vista or Windows 7 with simular protection
     

    Attached Files:

    Last edited: Aug 27, 2011
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Now we are going to add drive by protection

    explanation http://blogs.technet.com/b/askperf/...ng-applications-and-unsafe-files-setting.aspx

    Use this registry file, safe th etext file as SAFE_BLOCK.reg in your Windows Directory, run it once (set and forget).

    When you want to run a downloaded program you will get a warning message (orange"These files can't be opened")

    When you want to remove the block just
    1) right click file
    2) click properties
    3) choose General tab and remove block (located at security)


    With the reg file DEFAULT_WARN.reg you set everything back to windows standard (also one time action).
     

    Attached Files:

  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    When you run MBAM and HITMAN PRO freebies on demand and scan programs before installing with Jotti and Virus Total, you can run without realtime AV
     
  7. clubhouse

    clubhouse Registered Member

    Joined:
    Apr 14, 2009
    Posts:
    180
    Excellent thread....this is what is needed here at wilders...a thread that is noob friendly....I hope it doesn't get bogged down now by 'experts' smothering it with tech jargon and put us noobs off!:mad: :)
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Got a question "I have an old Graphics card, so I do not need Chrome for GPU acceleration, does this also work on IE8 with XP.

    Procedure for IE8

    1. Install Trusteer (https://www.wilderssecurity.com/showpost.php?p=1926580&postcount=2) Make sure you enable smart screen on IE8

    2. Install EdgeGuard ( https://www.wilderssecurity.com/showpost.php?p=1926585&postcount=3)

    3. Install Spyshelter free (https://www.wilderssecurity.com/showpost.php?p=1926593&postcount=4)

    4. Download the regfiles of this post https://www.wilderssecurity.com/showpost.php?p=1926600&postcount=5 Save them as .reg in Windows, make shortcuts of both SAFE_BLOCK and DEFAULT_WARN and add them to desktop/start menu


    5. Drive by protection with IE

    When SAFE_BLOCK is on you will get this message when you (or malicious software) tries to download an executable see pic.

    So before you download a program from the internet you have to click on DEFAULT_WARN to be able to download programs. Don't forget to switch it back on when you have installed the program (click SAFE_BLOCK again).

    Regards Kees
     

    Attached Files:

    • IE.png
      IE.png
      File size:
      6.9 KB
      Views:
      469
  9. Newby

    Newby Registered Member

    Joined:
    Jan 12, 2007
    Posts:
    153
    Ehhh, Some questions :D

    1. Why install Trusteer Rapport when Spyshelter also is anti-keylogger?

    2. Do I need to disable Edgeguard Sole when updating windows?

    3. Why so much third party software (safe admin on Windows7 is almost OS-only)

    Thx
     
  10. clubhouse

    clubhouse Registered Member

    Joined:
    Apr 14, 2009
    Posts:
    180
    Just want to make sure I've grasped this edgeguard...is it a kind of free or similar in purpose to appguard? And would it also make a HIPS program unnecessary?
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Ad1
    Trusteer is silent. With drive by protection of the 1806 trick in place most likely point of malware entry is the browser itself. MRG test show Trusteer does well against this attack vector, so a quiet narrow protection is chosen over a more chatty broader protection.

    Enabling only system protection also tackles possible rants and crtique against number of hooks spyshelter sets to make its anti keylogging so strong.
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Ad2
    Good point. No when using windows updater, yes whhen updating with IE internet explorer
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Its free and it helps to use the user friendly mode of spyshelter HIPS (auto allowing signed programs and trusted vendors off it's internal white list data base). Edgeguard will stop the programs which are auto allowed by spyshelter. Each of them is silent (edgeguard dead silent, spyshelter will throw only 20% of the pop ups compared to standard UAC on default Vista or Windows7).

    Spyshelter system protection is a quiet HIPS which provides system wide protection against unsigned programs from unknown vendors. Edgeguard provides limie er protection for the guarded programs with no exception. So the are a perfect match due to the complementory protection.
     
    Last edited: Aug 27, 2011
  14. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Ad 3.

    See previous post
     
  15. soccerfan

    soccerfan Registered Member

    Joined:
    Oct 15, 2007
    Posts:
    167
    @Kees: Thanks. Will this approach work for XP HOME also?
     
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    YES:D
     
  17. clubhouse

    clubhouse Registered Member

    Joined:
    Apr 14, 2009
    Posts:
    180
    Great stuff, fully understand now...thanks kees:)
     
  18. soccerfan

    soccerfan Registered Member

    Joined:
    Oct 15, 2007
    Posts:
    167
    Great :D One more question:
    Will it also work if we replace chrome by the portable version of srware iron?
     
  19. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    No edge guard solo works well with the chrome offline installer, because this is installed in your program files directory. The normal iron installs also in program files,so this should work with edgeguard solo.

    You can try installing the portable version into C:\Program Files see whether this works with EdgeGuard.

    Trusteer does not recognise iron. Without Trusteer you should enable all protection in spyshelter.
     
    Last edited: Aug 27, 2011
Loading...
Thread Status:
Not open for further replies.