Securing my system

I have only 256 RAM...hence, I cant run just about everything. Need to optimize between security and resources!

 

Here is my current setup. All of them are free.

1. antivirus---antivir personal classic 6.31
2. firewall---jetico 1.0.1.61, with its process attack table, it could fill most of the gaps between PG free and full
3. process monitor---process guard 3.15 free
4. registry monitor----MJ registry watcher 1.2.4.2
5. critical files(such as win.ini) and system area protection---prvex home 2.1, disable all other options.
6. system immunization---spybot 1.4 and spywareblaster 3.4
7. host file protection----hostman 2.1 with all the host files it provides
8. on-demand antivirus----drweb cureit and mcafee command line scanner with GUI from Bart's PE
9. on-demand trojan scanner---ewido 3.5
10. on-demand adware/spyware scanner--- ad-aware se personal 1.6 + spybot 1.4
11. web browser--opera 8.0 + firefox 1.06

 

How can I do this?? Looks like this option can minimize popups by prevx!

Where can I find this?

 

in prevx, each setting should have a few options: block, alert, and disable. just disable every setting except for those two.

also u have to setup a bartpe disk and download optional AV plugins. u can then boot off that disk and run the AV scan.

 

abhi_mittal---
1. In antivirus and temp area, choose startup menu and vulernable files in the query mode. In windows system areas, choose everything under query mode. all the other options are off.

2. for drweb cureit, you could get it from www.drweb.com or ftp://ftp.drweb.com
for mcafee command line scanner, you could find it from http://vil.nai.com/vil/virus-4d.asp and choose win_betaengdat.zip
for its gui, you can get it from bart's pe

 

Thanks a lot for your help!

 

In view of the problems described on https://www.wilderssecurity.com/showthread.php?t=96862, I am running minimal security setup.

I am currently using minimal security- Avast Pro, Antivir PE(Ondemand), WinXP SP2 Firewall, Wormguard, Spybot, MSAS, Spyware Blaster and Adaware free.
I ran a Kaspersky Online scan and found that my system is infected by TROJANS...DAMN!!!
None of my current security applications detect them.

I need strong (and FREE ) proactive solutions to this problem of being infected by Trojans and Spyware. Please suggest what can I add to my arsenal.

Also comment on whther programs like Prevx home, Snoopfree, Arovax Shield etc. can help me in any way and how....

I will appreciate all the help offered in resolving my concerns and SECURING MY SYSTEM.

 

mcafee virusscan enterprise 8.0i+antispyware module, (select perpetual for home users)
and bitdefender free edition on the background.
also ad-aware will protect you against all..

 

Please suggest free products ONLY...and something that can offer proactive protection.

 

if that was for me, mcafee 8.0i is free for home users, during installation select perpetual subscription..
And also it is a very good proactive defence tool

 

Please help me guys...comment

 

Maybe what you should look at here is what kind of infections you are getting, and how they got on your system in the first place. Are they coming in through your browser, email, or in things that you're downloading?

 

How can I check that>?

 

I have got the following infections using the KASPERSKY Online Scanner:

Infected Object Name - Virus Name
C:\System Volume Information\_restore{32B66A29-9C2F-4BE3-A439-D494B9B7EBA7}\RP116\A0036932.exe Infected: Trojan-Spy.Win32.WinSpy.a
C:\System Volume Information\_restore{32B66A29-9C2F-4BE3-A439-D494B9B7EBA7}\RP116\A0036935.exe Infected: Trojan-Spy.Win32.WinSpy.a
C:\WINDOWS\system32\WinHandler.dll Infected: Trojan-Spy.Win32.WinSpy.c

 

I was hoping there would be some more clues, like a detection in your browser cache, email attachments folder, or downloads folder. Detecting one DLL alone, however, looks to me like it is a remnant from a previously removed infection. The first two are just in your system restore folder, you can delete your previous restore points to get rid of those. Did the KAV online scan delete WinHandler.dll (I don't know if it would or not)? If not, you could delete it yourself.

Do you remember any details of previous scans, such as whether there were any detected malware files in the folders I mentioned in the beginning of this post?

 

I deleted the infections manually,

Earlier too Antivir PE had detected infections in my cache and java folders.

 

And my browsing habits are very safe!

 

Is this a full-featured AV Product with Real-time protection...or is it a ondemand scanner? Can I replace Avast with this free product?

 

If that is the only thing. Should it really be a cause of concern?

 

Well yes, it is a concern if your current security setup is not proving very effective in proactively blocking infections.

That is the whole reason why I want to understand what changes should I make to it.

I want to know a setup that can cure the problems I am facing...

Q1. Is Mcafee 8.0i a complete AV program with real-time capabilities? And should I replcae my Avast with it?
Q2. What apps would you suggest to mitigate risks from Trojans and Spyware?

 

What I mean is. If there are inert in your cache, and don't run should you be concerned?

My real time AV picks up all these stuff routinely or in some cases when my real time AV is off, i find them only after on demand scans. Sometimes they pick up exploits that work only on IE and I'm not for example.

If it doesnt cause infection, does it really matter? Same for if you are getting infected attachments.

 

Yes its is a concern...since i have very very sensitive data on my HDD...I work for the world's largest enterprise software company and the data that I carry is extremely valueable...
So I need proactive solutions

 

Comment

 

Hi Abhi

I hope you don't me commenting, but if they are allowing you to take home extremely valuable data without providing you with security software, then that's a bit silly of them.

I would have expected that they at least supply encryption software to allow you to keep the information encrypted when you are not working on it.

Anyway, as for freeware software, I'd consider :

(I know most of these have probably been named, but too lazy to go back over the posts to check them just at this moment)

Firefox browser with extensions (or Opera)
Thunderbird for emails
Proxomitron (local proxy/web filter)
MSAS (slows my computer a bit)
Antihook
ScriptDefender
Sandboxie

Avast
AVG
AntiVir

IE-SpyAd
SpywareBlaster
Hosts file from MVPS

Ewido
Kaspersky online scanner (and other online scanners)
A2
Rootkitrevealer
Winpatrol
Hijackthis
CWShredder
SpywareDoctor (there's a freeware version)
Spybot S&D
Adaware SE
Arovax Shield
Abtrusion Protector

Using a limited user account in windows
or Windows limited user accounts tool (somewhere on their site)
or the fairly lengthy free AV trials here http://www.microsoft.com/athome/security/downloads/default.mspx

And I know it's payware, but have you considered using a combination of limited user account; then also partitioning your harddrive, installing Deepfreeze C:\ and storing all your work files on D:\ .

To my way of thinking it'd certainly be worth the $30. Combine that with Firefox and Thunderbird, and you're doing pretty well.

edit : just found an excellent post by Mrkvonic with links to a lot of freeware
http://spywarewarrior.com/viewtopic.php?p=98671#98671

 

abhi_mittal,

If you need good protection and if it is for commercially important data, the company should already have a preset policy of required software and have outfitted you with it.. If they have not, you really should not be trying to fit a free solution to this task. Free options have an important role to serve, but this is not one of them.

Blue