Securing my system

Discussion in 'other anti-trojan software' started by abhi_mittal, Aug 28, 2005.

Thread Status:
Not open for further replies.
  1. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    My laptop had a HDD failure some days back due to security issues. Luckily, it was replaced by the vendor as it was under warranty
    .
    I dont want it to be compromised any more since data loss is an issue.

    For securing it, I use Avast Prof, PrevX Home, ZA free, spybot, adaware. I want solid protection against trojans, rootkits, spywares and key loggers. My PC regularly gets infected by spywares despite prevx and ZA. o_O :mad:

    I have a licenced copy of ProcessGuard, which I am not using. Its a little confusing for me.
    I am busted :oops: , so I can go for free programs only. What kind of a setup would you guys suggest to maximise real-time protection against malware, trojans and rootkits?

    Thanks
     
  2. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Suggest you get tutoring on ProcessGuard in the Diamond CS Forum as you have a licenced copy.
     
  3. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    I agree, you should try to understand PG. You might also want to do the following:

    1) Review your surfing habits and modify those practices that make you more vulnerable to malware.
    2) Possibly install the free version of Ewido and run on-demand scans on a regular basis.
    3) Get the free version of WinPatrol to monitor some key system files.
    4) Scan your system regulary using one of the free online virus scanners - e.g. McAfee, BitDefender.
    5) Install the free version of MS Anti-Spyware

    Rich
     
  4. Get

    Get Guest

    In case you're using Internet Explorer(unsafe) use the Firefox browser (also install the extensions Adblock and Tabbrowser preferences ). Make it even safer with Spywareblaster , Spywareguard (spywareguard only when you're not using Spybot's Teatimer) and last but not least XP-Antispy (read very well the descriptions (mousearrow on name->description on bottom of the screen) of the things you can disable with it before you do so).
     
  5. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore

    Using all of these except XP-antispy.
    Do you think that something like Winpatrol or system safety monitor or Processguard has SIGNIFICANT advantages over PrevX Homeo_O
     
  6. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Based on this thread
    https://www.wilderssecurity.com/showthread.php?t=93736
    I removed WinPatrol, because the combination MSAS (realtime) + SpywareGuard seems to offer more protection, while "MSAS+SG" and WinPatrol overlap eachother.
     
    Last edited: Aug 28, 2005
  7. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    Cant afford spyware guard!!!!
    Tell meabout free potection
     
  8. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    No, they both offer very strong protection, although in different areas. If you're still getting infected with Prevx, I doubt ProcessGuard will do you that much better.

    SpywareGuard is free, however I don't know that it would do you that much better than Prevx, although it is very possible that you may find it easier to use.

    Really, if you can scrape together the pennies, I would really recommend something like Ewido. I know you said you can't afford those things, but it would really be worth it if you could save up the money. Another thing you could do is jump into a couple betas. For the time taken to report bugs, you can get some pretty good software for free. Prevx 1 may suit you better than Prevx Home.

    For free stuff I have agree, go with Microsoft AntiSpyware, along with some other free scanners. Do some hardening and use Firefox either way you go, those will help quite a bit.
     
  9. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    OK
    What is the best protection against trojan/rootkit protection?
    Do you think ProceeGuard and MSAS will do me good?
     
  10. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,041
  11. Wake2

    Wake2 Registered Member

    Joined:
    Apr 30, 2005
    Posts:
    205
    MSAS and SpywareGuard both are free, both excellent programs,
    Ewido has I think a 14 day trial which after that reverts to free
    also a excellent program, one I liked enough to purchase, and
    nope dont believe MSAS prevents against rootkits, PG says it
    does, it needs some time on setting it up right, and if you say
    you arent comfortable with it, it is up to you to make the time
    to learn it, isnt that hard, and if as you say you are constantly
    being affected with trojans etc.. would be wise to change your
    online surfing habits to eliminate the risks.

    Good Luck,

    Wake
     
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
  13. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    The thing is that you have to be comfortable using programs like Prevx and ProcessGuard, and know how to react to it's alerts. If you're getting infected with Prevx running (assuming you're getting real spyware, and not false positives or just tracking cookies), then I don't know that ProcessGuard would be much better for you. You would also need to get the paid version of ProcessGuard to protect against rootkit installation. If you're allowing things to infect your system with Prevx (which is also good against rootkits), then you'd probably be better off getting Ewido or BOClean.. they may not be able to stop as many, but (again) if you're just allowing things then it's still better. Just remember that a rootkit is just another trojan, the difference is what it does once it's infected your system. Getting a defense that will prevent trojans from getting on your system in the first place is really the best way to go. Online Armor is one that's very good for this with it's Web Shield, although it's not free.

    One thing you might also consider doing is running in a limited user account. If you don't install many programs or constantly tweak the system, then this can be an effective and plausible solution for you. Drivers and services can't install from a limited user account, for example, unless it uses an exploit (which is why you would want to do some hardening). Nothing is 100%, but it's a good start.
     
  14. Mucker

    Mucker Registered Member

    Joined:
    Apr 20, 2005
    Posts:
    42
    Adding No Script Extension to Firefox may help--very nice tool for me. Another Program I use is Arovax Shield(free) Although it might be duplicating MSAS Real Time protection somewhat. Trend Micro is offering a 30 day trial on their Antispyware 3.0--I am trialing now.

    Mucker
     
  15. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    Does MSAS offer protection from TROJANS??
     
  16. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    No, only selected trojans, but nothing like a anti-trojan or even your AV does.
     
  17. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    Is there any anti-trojan that provides FREE real-time protection??
     
  18. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    No, not to my knowledge, not anyone any good at least and the real-time monitor is the most important part. :)
     
  19. FatalChaos

    FatalChaos Registered Member

    Joined:
    Aug 6, 2005
    Posts:
    98
    Please forgive me if i am reposting what anyone said, i only read the first post.
    Anyway, a list of software to use.

    Firewalls (pick one)
    Zone alarm - if you are a beginner, you might want to choose this. Pretty good protection, but can run a bit heavy and give internet/bootup slowdowns (rareish)

    Kerio 2.1.5 - MAKE SURE TO USE WITH PROCESS GUARD. that being said, its a very good firewall. Make sure to use it with BZ ruleset. Very light, a little more advanced than zone alarm.

    Kerio 4.2 free - During the trial period, the HIPS might conflict with MS OFFICE 2003. if so, just turn the hips off. Pretty good firewall, slightly heavier than kerio 2.1.5 but lighter than ZA. If you only use free program, try to learn to use processguard.

    Other Software to run
    Proccessguard
    Spyware Guardian
    Spyware Guard
    Windows Worm Door cleaner (WARNING: MAY DISABLE INTERNET IN SOME CASES. BE CAREFUL)
    Socket Lock
    File Checker
    Safe XP (just make sure you know what you are doing, i have heard some ppl have problems with this program)
    Mozilla Firefox with Javascript control pluggin (forget exact name). Many malware gain access through Javascript, this blocks javascript unless you say it can be run (only say yes when you can't do something you need on the site)
    Multiple Spyware Scanners (Spybot, Spyware Doctor. etc)

    If data loss is an extrememly bad problem, consider partitioning your hardrive and doing a duel os install (linux, something like Fedora Core 4, Ubuntu, or Xandros is probably best). That way, if one os goes down, you can still access the data (it is possible to access the windows drive from linux and vice versa if you know what you are doing).
     
  20. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    Thanks a ton!
     
  21. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    So...going thru all this I have zeroed in on two security configurations. Please advice which is better:

    1) Avast Prof, Ewido Full, Spywre guard, Process guard ful, Arovax Shield, Spybot, Adaware, Spyware Blaster.

    2) BD Standard 8/9, Ewido Full, Arovax shield, Spybot, Adaware, Spywre blaster.

    Which is the better one? What changes di you think I should make?
     
  22. abhi_mittal

    abhi_mittal Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    887
    Location:
    Bangalore
    Any comments on these security configs??
     
  23. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    I would probably choose the second config, i have no idea how good/bad Arovax shield is though. :)
     
  24. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I guess I'd nominally go with number 2).

    The only details that I would add are:
    • I'd probably look at paid alternatives to Arovax Shield just to make sure I had good coverage of (mainly) registry protection and application blocking. Like Don, I really don't know Arovax's strengths or weaknesses. There are lots of alternatives out there, I'd just look at this area in more detail. Arovax may be fine and it is free at the moment.
    • With Ewido full, Spybot and AdAware may be duplicates. I'd have these installed but not implement any of the realtime components.
    Blue
     
  25. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    id also go with option 2, but why not keep pg full and spyware guard? as for avorax shield, ive never tried it but its free so if u like it, keep it. a similar program may be "All seeing eye"
     
Thread Status:
Not open for further replies.