TDS, Spybot, Process Guard, ZoneAlarm & Anti Keylogger

Discussion in 'Trojan Defence Suite' started by KeyserSoze, Jul 17, 2004.

Thread Status:
Not open for further replies.
  1. KeyserSoze

    KeyserSoze Registered Member

    Joined:
    Jul 16, 2004
    Posts:
    3
    :-* :-* :-* :-* :-*
    Hello Everybody,

    I'm new to this forum.
    Let me first thank everyone who posts to this forum.
    It has been the most informative site I have found yet on PC security.
    I am very new to this, but I must admit, it is fascinating.
    From what I have read, I am inclined to get Process Gaurd, TDS-3 and Raytown's Anti Keylogger to add to my Spybot 1.3 and ZoneAlarm 5.0. From what I understand all these software are redundant and complimentry at the same time. I was just wondering if someone could explain where each of these programs uniquely protects my PC? How does Spybot compare to the DiamondCS products?
    Is there something else I should get, or something less I should get? Are there any suggestions as to which order I should install these programs or any installation tips? Are there any conflicts I should be aware of?
    I can't help but feel than I am going overboard with this, but it seems everyone in this forum is aware of more than I know. I feel I should take a lot of precautions.

    Thank you all for your knowledgeable help.
    :-* :-* :-* :-*
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi KeyserSoze, Can you give us a bit more information please.
    1 What operating system are you using?
    2. I s your computer stand alone or on a network.
    3. If networked do you use a router?
    4. What Anti-virus are you using

    Sorry about the questions but it will help us give a better answer - Pilli :D
     
  3. Arctic

    Arctic Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    46
    Hello KeyserSoze :) I would highly recommend all of the Diamonds products. Especially the TDS-3. TDS is undoubtedly the best program on the market. I helped a friend clean up her computer that her mom had been using. Her mom opens every email she gets, which as we all know is a stupid thing to do. I tried to load an antivirus on the computer and it would not load. It kept shutting down. So, then I download the TDS trial version on the system. Well after a deep 2 hours scan it found 526 virus and trojans. I was totally shocked. After TDS deleted the virus and trojans I was able to load an antivirus program and a firewall and the system is clean and now working great.

    Another friend called me this week having problems with his computer saying it kept shutting down every 10 minutes and I told him that he probably had a virus. I had him download the TDS-3 trojan program and it found a lot of virus also. Thanks to TDS his system is now clean. I am truly amazed that a virus will shut down any antivirus software you try to load but it does not shutdown TDS.

    Also, DiamondsCS has the best customer service of any software company I have ever dealt with. They are totally unbeatable. I have the TDS-3 and process guard. I am also considering the puchase of port explorer and wormguard. I downloaded the trial of wormguard and it actually saved me this morning when I clicked on a file sent by a friend and the wormguard stopped it from opening because it was a worm with double extension that I did not see. So I would say, yes, yes, yes. Anyone who is serious about computer safety should definitely purchase the DiamondCS products. ;)
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Thanks for your kind words Arctic, Proceess Guard is a definate must nowadays due to the ability of more malware being able to close down your security programs. Process Guard can prevent those closures by adding them to it's protected list.

    Cheers Pilli :)
     
  5. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Thanks for the great and wise words Arctic.
    526 infections and still running? Wow!
    Guess after the TDS cleansing you looked also with spybotS&D and Ad-Aware for all possible spyware and registry errors?
    In fact TDS is so really easy to start cleansing with and after you can make it as complicated as you want, even remote scan your mother's computer if you keep TDS installed there too (and you allow certain firewall openings for yourself :) )
    I really love Port Explorer in combination with that, WormGuard saved my computer various times as well, same kind of happenings like you experienced.
     
  6. KeyserSoze

    KeyserSoze Registered Member

    Joined:
    Jul 16, 2004
    Posts:
    3
    Sorry it took me so long to respond, but I've been playing a lot of catch up.
    Thank you for your advice Arctic, I most likely will be getting the software.
    My concern is how my laptop will handle all these security apps. I want to have the best security possible yet still have my computer run efficiently.

    Pilli here is the info plus:
    My OS is Win XP pro.
    It's hooked up to a wireless ADSL firewall router, but I don't connect to any other computers. So I believe I am stand alone.
    My anti-virus is the ZoneAlarm Security Suite 5.0.

    This may be outside the scope of things but I thought I'd ask anyways. Looking at the list below do you think this may be too much software on my PC? I have a Dell Inspiron 8600 w/Pentium M 1.7GHz and 1GB DDR, 333MHz RAM. I also provided the list incase there maybe some known conflicts with any of them.

    Thanks again,
    KS :) :)

    The following is a list of software in the order I installed on my PC:
    1. Windows XP Pro w/Service Pack 1 & updates
    2. Zone Alarm Sec. Suite 5.0.590.015
    3. Google Toolbar w/pop-up blocker
    4. Storm Codec Media Player Classic 6.4.8.2
    5. QuickTime Player 6.5.1
    6. InterVideo WinDVD 6.0 B 06.042
    7. MS Office Pro 2003
    8. SecurStar Drive Crypt 4.2
    9. SecurStar Drive Crypt Plus Pack 2.8
    10. Adobe Acrobat Pro & Distiller 6.0.0
    11. Ahead Nero Burning ROM 6.3.1.15
    12. WinRAR 3.3
    13. WinISO 5.3
    14. MS Office Add-ins
    15. Wireless ADSL firewall router
    16. Outlook setup
    17. Customize Start Menu, Taskbar, Folders,
    18. HP OfficeJet R80 driver
    19. Touchpad Driver & settings
    20. Disable 1 Click Maintenence, Messenger Services, Fast user switching
    21. Firewall setup
    22. Spybot 1.3
    23. Ghost.exe file added to C:
    24. DXDXCopy
    25. Ulead PhotoImpact & Plug-ins
    26. Audible & settings
    24. Fax Console settings
    25. ITunes
    26. Pointix & some settings
    27. Norton Ghost Explorer & Wipe Info
    28. Nero update to 6.3.1.17
    29. Musicmatch & add-ons
    30. Change .pst data location.
    31. EFax
    32. Palm handheld device
    33. Documents To Go Premium 6.0
    34. Beyond Contacts 3.05
    35. Franklin Covey Plan Plus 2.02 for Outlook & Palm

    I also intend to install:
    PGP 8.1
    Omni Page Pro 14 Office
    IBM ViaVoice Advanced v.10
    TDS
    Process Guard
    Anti Keylogger
     
  7. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Welcome to Wilders, KeyserSoze! :)

    As you can tell from my security arsenal (see signature), I completely agree with Arctic. She knows what she's talking about. ;)

    P.S. Welcome to Wilders to you too, Arctic. :D Not bad for your first post!
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi KeyserSoze, Your laptop is quite modern and fast and does not appear to have too much on it.
    I also have a laptop connected through a wireless router and run most of DCS's products, TDS3, Port Explorer, CryptoSuite and Process Guard.
    I use the old version of Kerio firewall 2.15 as it is light on resources and is really just to protect outbound operations the router protecting inbound.
    KAV 5 is my Anti Virus and I have SpyBot, AdAware and Javacools tools and Firefox as my browser, IE is locked down and only used for Windows update.

    Proces Guard uses very little resources, cpu usage is negligible and about 2MB of memory.

    TDS3 uses very low resources except when you do a full in depth scan, best to shutdown your work and have a cup of coffee :) you probably only need to do full scan once a week anyway.

    Try them all before you purchase - Pilli
     
  9. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    You definitely should have Port Explorer in addition to TDS and ProcessGuard for all the trojan detection and protection, WormGuard and CryptoSuite for the functionality not available in PGP.
     
  10. KeyserSoze

    KeyserSoze Registered Member

    Joined:
    Jul 16, 2004
    Posts:
    3
    Well, I went and bought the whole package.
    I'm creating an image with a clean install.
    I loaded WinXPro and got all their updates and loaded Process Guard.
    I really like the level of control Process Guard gives me and I'm looking forward to having my PC run without all that background junk.
    I figure I would install and run one program at a time; creating an image after each successful install. I'm swapping images so that I don't have to do it all at once. When I need to work I load my fully programmed image and work till I have time to work on the clean image. Does anybody see any potential problems with this?
    I'll be installing Process Guard, TDS-3, Worm Guard, Port Explorer, Zone Alarm Security Suite 5, Spybot 1.3, Drive Crypt Plus Pack 2.8 which encrypts the whole drive and maybe Anti-Keylogger 5.1 and AdAware Pro 6.
    Is there any order in which I should install these?
    Are there any recommendations as to how I should set these up so that they run in harmony?

    Also I had some questions specifically about Process Guard:
    Configuration:
    In the Help file, it is suggested that "all system and security processes be added to Process Guard's list of protected processes."
    I found 336 .exe files in Windows\system32 on a clean install of Win XP Pro with Process Guard being the only other software installed.
    How should I determine which of these executables I should grant Read, Write, Terminate, Suspend,GetInfo and SetInfo "Allowable Privalege" to?
    Are there other folders I should be looking in as well?
    On the first run of Process Guard, it added some programs to the "Program Prtection" area. Some programs had Read, Write, Terminate, Suspend,GetInfo and SetInfo "Allowable Privalege" while others had None. How did it determine which programs got their settings?
    My Process Guard first run set svchost.exe to Read, Write, Terminate, Suspend,GetInfo and SetInfo "Allowable Privalege." Why does your "Example Configuration" in the help file show it set to None?
    Is there anywhere I can get information about all these different executables and maybe what settings I should give each?
    I noticed in my Process Guard Log window that svchost is always trying to write to different programs. Should I let it?

    General Protection Option: Block EndTask from Terminating Applications
    Could someone please explain to me why I would enable this feature if the Write, Terminate, Suspend, SetInfo "Blocked Privilage" for taskmgr.exe is set?

    Global Hooks:
    Where can I get more info?
    I hope these questions aren't silly, I really have no idea.
    Thanks again to everyone, I really appreciate the time everyone takes to school a newby like me.
    KS :D o_O :D
    By the way, I could of sworn I put smily faces on my first posting at the top, not the kissing ones. Did someone switch that on me?
     
  11. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi KeyserSoze, I'll try and answer you questions in a general way.

    Regarding PG the default programs are all you really need from the Windows folders. :) 336 ,exe's from there would probably drive you nuts and cripple your machine :)
    Add any programs that connect to the internet + all your security programs.
    Do it slowly and watch the logging.
    Regarding end session, malware could also send an End Task command and if correctly aimed these could be used to disable your firewall AV etc Though not ZA as it does have protection against this.
    General tabs should be enabled slowly and the logging watched to ascertain any individual options that my be necessary.
    I can see no harm in your imaging idea though I would probanly do one after getting all the basic security programs are loaded then another when all my programs were loaded. Then incremental backups on my daily work etc

    HTH Pilli
     
Thread Status:
Not open for further replies.