Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Greatis Software

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion
View previous topic :: View next topic  
Author Message
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Fri Mar 10, 2006 2:58 am    Post subject: Greatis Software Reply with quote

Does anybody use any products from these guys? especially Regrun and Unhackme. http://www.greatis.com

i have the free on demand scanner of Unhack me and wondered if anyone has the paid, resident version and whether its worth it.

Are there any other resident toolkit tools out there?
Back to top
View user's profile Send private message Send e-mail
Mrkvonic
Warrior


Joined: 27 Sep 2004
Last Visit: 01 Feb 2007
Posts: 209

PostPosted: Fri Mar 10, 2006 3:12 am    Post subject: Reply with quote

Hello,
Solid software. Tried them on a few occasions.
Do you need them? Depends on you.
I did have a few bsod issues with unhackme, though, but it's a nice scanner nonetheless.
Mrk
Back to top
View user's profile Send private message
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Fri Mar 10, 2006 3:46 am    Post subject: Reply with quote

No, i dont really need it, but is it advisable regarding toolkits? Will the on demand scanners work just as well, as the resident doesnt seem to be able to stop them being installed as far as i can tell.
Back to top
View user's profile Send private message Send e-mail
Moore
Moderator


Joined: 31 May 2004
Last Visit: 16 Jun 2014
Posts: 758
Location: 같.MooreLand.같

PostPosted: Fri Mar 10, 2006 5:39 am    Post subject: Reply with quote

Hi chrisr1uk Very Happy

I've used Regrun for maybe the last two years or so..

It's certainly a one of a kind toolkit, great for maintaning control over registry and file changes, offers custom file protection and the best registry backup system you can get in my opinon.. the list just goes on and on.. I would recommend it to anyone wanting to increase the protection on their pc.

Plus it can detect and help remove worms, trojans or whatever tries to get in to your system. It's not completely realtime protection, but I have found it to be quite effective.

Here's a few pics of Regrun in action I took today:





I rate it highly in my layer of defense right behind Processguard / System Safety Monitor & Outpost.

I've tried Unhackme it's more of a specialised tool for certain kinds of threats,
if you want to actually prevent rootkits installing you should look towards using Processguard.

http://www.diamondcs.com.au/processguard/
http://www.wilderssecurity.com/forumdisplay.php?f=13



Personally I dont think there is anything that matches it's power to prevent malicious or unwanted installations.

System Saftey Monitor would be a good alternative if you would prefer freeware , but with a little less protection than PG.

http://www.syssafety.com/
_________________
| Stop Malvertising | Outpost | Blocklist Pro | Hosts |
Back to top
View user's profile Send private message Visit poster's website
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Fri Mar 10, 2006 2:23 pm    Post subject: Reply with quote

Hi Moore. thanks for that.

I currently use the free version on processguard, but i think I will look into the paid version.

Regrun also looked interesting when I came across it, think i might give it a whirl see how it performs. cheers.
Back to top
View user's profile Send private message Send e-mail
bigos
Warrior Guru


Joined: 04 Apr 2005
Last Visit: 02 Nov 2009
Posts: 365
Location: Upstairs, be afraid, be very afraid

PostPosted: Fri Mar 10, 2006 5:26 pm    Post subject: Reply with quote

Wow! I like the `Attention! Trojan Alert!` report you get with RegRun, do you get as detailed a report with ProcessGuard free or SSM? Also do you get the same amount of options as to the action you can take?
Thanks Smile
_________________


Life is for living not just for prolonging!
B uzzz
Back to top
View user's profile Send private message
Moore
Moderator


Joined: 31 May 2004
Last Visit: 16 Jun 2014
Posts: 758
Location: 같.MooreLand.같

PostPosted: Fri Mar 10, 2006 9:02 pm    Post subject: Reply with quote

Chris1uk , I'm sure you'll like Regrun

Bigos, RR complements other programs like Processguard or SystemSafety Monitor but it cant replace them. No you dont get a report telling you if a file is bad or not with PG or SSM , as only Regrun has an application database which is updated every week to keep up with new threats.

Regrun is a polling app which means it wont stop a hijack head on like Processguard or SSM but will let you reverse the changes.. most of the time anyway.I have found the file protection to be a very good early warning system though and life saver when something nails an important system file.
_________________
| Stop Malvertising | Outpost | Blocklist Pro | Hosts |
Back to top
View user's profile Send private message Visit poster's website
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Sat Mar 11, 2006 1:05 am    Post subject: Reply with quote

thanks. whats it like resource wise?

Im currently running Win Defender, Spyware Doc., Teatimer, Attack Shield WS (Sana Security), Spyware Guard, process guard, cyberhawk, snoopfree privacy shield and win patrol

is it worth me ditching any of these for RR in your opinion?
Back to top
View user's profile Send private message Send e-mail
bigos
Warrior Guru


Joined: 04 Apr 2005
Last Visit: 02 Nov 2009
Posts: 365
Location: Upstairs, be afraid, be very afraid

PostPosted: Sat Mar 11, 2006 2:17 am    Post subject: Reply with quote

Thanks Moore. I wanted to know what`s being changed more for self education rather than protection, as the information that RR gives you looks great for learing what happens when you a trojan, worm etc.
_________________


Life is for living not just for prolonging!
B uzzz
Back to top
View user's profile Send private message
bigos
Warrior Guru


Joined: 04 Apr 2005
Last Visit: 02 Nov 2009
Posts: 365
Location: Upstairs, be afraid, be very afraid

PostPosted: Sat Mar 11, 2006 2:25 am    Post subject: Reply with quote

........get a trojan, worm etc.
What happend to the EDIT button that used to be on your final post when you made one?
_________________


Life is for living not just for prolonging!
B uzzz
Back to top
View user's profile Send private message
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Sat Mar 11, 2006 3:21 am    Post subject: Reply with quote

Have a look at cyberhawk bigos. Its cutom rule setting is quite interesting for educational purposes. They recommend only knowledgable users create rules though.

http://www.novatix.com/cyberhawk

and as moore said, SystemSafety Monitor is worth having a look at.
Back to top
View user's profile Send private message Send e-mail
Moore
Moderator


Joined: 31 May 2004
Last Visit: 16 Jun 2014
Posts: 758
Location: 같.MooreLand.같

PostPosted: Sat Mar 11, 2006 3:54 am    Post subject: Reply with quote

Oh yeah , Regrun is perfect for that Bigos. There are so many tools to help you dig out information on a file or just help you get to know your system like the back of your hand.. Cool

Chris , I use Regrun watchdog that sits in the sys tray and monitors your system , that basically covers the same features as winpatrol and tea timer, and a lot more as well , it uses very few resources. Thats the only part of Regrun that is running until you activate one of the other features yourself..


The best registry monitor comparison here will give you a good idea just how far ahead Regrun is over most other apps:
http://www.wilderssecurity.com/showthread.php?t=32823


About 2 years ago I did a post on the 3.9 version, with screenshots of some of my favourite features, could easily write a book to cover everything it can do.
http://www.bluetack.co.uk/forums/index.php?showtopic=1464

There is a trojan analyser which you can use to run a file and track the changes it makes to your system ..I've had mixed success with that , unfortunately it tends to give me bsods with many malware files when I try to stop it , but works good when it works.

Sorry about the edit thing , needed to be disabled I think..because of some naughty people . Razz


Cyberhawk sounds very good and you cant beat free , although still beta, could be why its still free.. I'll probably give that a test out one day.. Regrun though has proved it's worth over many years of testing and just continues to improve with each update...
_________________
| Stop Malvertising | Outpost | Blocklist Pro | Hosts |


Last edited by Moore on Sat Mar 11, 2006 6:21 am; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Sat Mar 11, 2006 4:41 am    Post subject: Reply with quote

I do have to admit it does look very impressive. I think I'm going to have to give it a try. Cheers Moore!
Back to top
View user's profile Send private message Send e-mail
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Sat Mar 11, 2006 5:04 am    Post subject: Reply with quote

chrisr1uk wrote:

Im currently running Win Defender, Spyware Doc., Teatimer, Attack Shield WS (Sana Security), Spyware Guard, process guard, cyberhawk, snoopfree privacy shield and win patrol


Shocked OMG that is far too much security software being run,the overlap is crazy and worst case is the possibility that they will not do their job properly because their fighting over the same stuff Shocked

I won't give you IMO what needs to be dropped but oh boy you need to lose quite a few Wink


There is such a thing as too much protection,you have way to many kernel hooking appointments on the go Shocked

FWIW My current security set up Very Happy
Kerio 2.1.5 Firewall
Processguard process control
Winpatrol system change monitor(poller)

FWIW iIve executed 273 and counting assorted malware files on my Pc and not one yet has bypassed ProcessGuard Cool

but FWIW *never say never*,Scotty is there awaiting new startup entries/services in realtime(IDS) and if something tries to phone home/open ports then Kerio got the bases covered there.

Worms ,trojan,diallers,keyloggers,dos tools,hack tools,RK's,Dll injection in the words of MC Hammer "you can't touch this!"

b-x-r teh malware Laughing

Fwiw i'm the weakest part of my layered security package but a healthy dose of paranoia and exploration of rule decisions/choices and following current threats gives my security package teh big "W"
over malware Very Happy
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
bigos
Warrior Guru


Joined: 04 Apr 2005
Last Visit: 02 Nov 2009
Posts: 365
Location: Upstairs, be afraid, be very afraid

PostPosted: Sat Mar 11, 2006 5:40 am    Post subject: Reply with quote

I downloaded RR Platinum 4.5 & all I can say is that it would take a month to look at everything in detail with this program! There`s just so much information that it can show you. I liked the NT services section because it gave good info on all the things listed here, very educational.

Tlen & Gadu Gadu
Can someone who Knows please tell me if this program is spying. I have Tlen with Gadu Gadu in it as an Instant message program, RR showed me that it has index.dat common file, C:\Documents and Settings\me\Cookies\index.dat & also Temp\Cookies + Temp\History\IE5. This program comes with a spy hook & other spy files, but I know which they are & so removed them, luckily the program still works if you do this, unlike the stand alone version of Gadu Gadu which doesn`t work if you remove the hook.
Gadu Gadu is the most popular message program in Poland.

Sad For all the things I want & need to learn so I can do all the things that I want to, like seeing how things work & testing programs, there just isn`t enough time in the day, especialy when you want to have a life as well Laughing
mmmm maybe I should uninstall MS shared computer tookit & go back to being frightend of everything again Laughing Laughing Laughing Laughing
_________________


Life is for living not just for prolonging!
B uzzz
Back to top
View user's profile Send private message
bigos
Warrior Guru


Joined: 04 Apr 2005
Last Visit: 02 Nov 2009
Posts: 365
Location: Upstairs, be afraid, be very afraid

PostPosted: Sat Mar 11, 2006 5:41 am    Post subject: Reply with quote

PS How do you post pictures?
_________________


Life is for living not just for prolonging!
B uzzz
Back to top
View user's profile Send private message
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Sat Mar 11, 2006 5:47 am    Post subject: Reply with quote

bigos wrote:
PS How do you post pictures?


My methodology Wink
Image capture software
http://www.mirekw.com/winfreeware/mwsnap.html

Hosting site
http://imageshack.us/

Then uwhen writing PM/post reply use [img] [/img] to post a link to the hosted image.Link needs to be C&P between img tabs.

HTH Smile

Ade
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Sat Mar 11, 2006 7:14 am    Post subject: Reply with quote

[quote="fcukdat"]
chrisr1uk wrote:

Shocked OMG that is far too much security software being run,the overlap is crazy and worst case is the possibility that they will not do their job properly because their fighting over the same stuff Shocked


Yeh, it was quite a lot. I just got bored and fancied trying a few things out. Permanantly I've got Spyware Doc, Process Guard, Peer Guardian, Zone Alarm and now RegRun. HAHA im a sucker for seeing and trying new software
Back to top
View user's profile Send private message Send e-mail
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Sat Mar 11, 2006 7:17 am    Post subject: Reply with quote

oh, and cyberhawk beta too, looks pretty good from what iv'e sen so far
Back to top
View user's profile Send private message Send e-mail
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Sat Mar 11, 2006 8:28 am    Post subject: Reply with quote

chrisr1uk wrote:

Yeh, it was quite a lot. I just got bored and fancied trying a few things out. Permanantly I've got Spyware Doc, Process Guard, Peer Guardian, Zone Alarm and now RegRun. HAHA im a sucker for seeing and trying new software


Well the problem being that most people would be deceived by the thinking that more security software equates to better security but FWIW it dose'nt always work that way since if the installed software interact&cancel each other out then the nasty has bypassed them onto the computer Rolling Eyes

The basic must haves for beginners being Firewall,realtime AV,realtime anti Spyware/trojan

As someone's security learning curve progress's then in come the process monitors / system monitors/rule based firewall etc and out the window goes the definition based softwares IMO
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
bigos
Warrior Guru


Joined: 04 Apr 2005
Last Visit: 02 Nov 2009
Posts: 365
Location: Upstairs, be afraid, be very afraid

PostPosted: Sat Mar 11, 2006 9:19 am    Post subject: Reply with quote



Thanks fcukdat! Smile
_________________


Life is for living not just for prolonging!
B uzzz
Back to top
View user's profile Send private message
chrisr1uk
Warrior


Joined: 21 Sep 2004
Last Visit: 14 Oct 2006
Posts: 68

PostPosted: Sat Mar 11, 2006 9:31 am    Post subject: Reply with quote

i agree with you fcukdat. the ones i was trying didnt seem to interfere with each other.

One example is that Regrun appeared to try and disable Spyware Doctor. You can re-allow it, but should i take it that these two interefere and overlap with each other?
Back to top
View user's profile Send private message Send e-mail
Moore
Moderator


Joined: 31 May 2004
Last Visit: 16 Jun 2014
Posts: 758
Location: 같.MooreLand.같

PostPosted: Tue Mar 14, 2006 2:10 am    Post subject: Reply with quote

chrisr1uk wrote:

One example is that Regrun appeared to try and disable Spyware Doctor. You can re-allow it, but should i take it that these two interefere and overlap with each other?


You just need to teach Regrun that SpywareDoctor is ok and that it doesnt need to stop SpywareDoctor from doing what it needs to do.. It needs to hook into the system to be able to protect you, and Regrun just wants to do its job.

There may be some overlap but its very small, Regrun offers more features than any other program so it's bound to have something similar.

What alerts did you get from Regrun..You can check the history log if you arent sure. Go to Regrun start control -> file -> history log

You can also add any programs you trust to the exclusions list and Regrun will allow them to do what they need to do. I have had Spyware Doctor and Regrun installed with no conflicts. I can go through it with you if like.


One of the best features that really impresses me about Regrun is it will activate before windows fully loads , so it gives you time to take care of any malware before it has a chance to load and overtake your system..

You can see here that I have a few hijackers loaded into the registry auto run from a spambot hijack I ran yesterday:



All I have to do here is delete the registry values through Regrun and they wont start up ,



Files that have been replaced with a malware version will be picked up by the substitution detector :



You can set up the file protection to protect any file on your computer , as well as repair the file back to the original when something like this has been detected , which requires a reboot :



This kind of protection is worth the price.. Very Happy

I depend on Processguard as the sentry to prevent file execution, with Regrun to cover his back..

Keylogger file - >

_________________
| Stop Malvertising | Outpost | Blocklist Pro | Hosts |


Last edited by Moore on Sat Aug 05, 2006 1:05 pm; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
muf
Warrior


Joined: 22 Apr 2004
Last Visit: 09 Mar 2008
Posts: 73

PostPosted: Fri Mar 17, 2006 2:12 pm    Post subject: Reply with quote

Moore, I must admit i really like your demonstration of Regrun's abilites. I have been using it for a couple of years(or more - no pun intended Smile ) and started life using Regrun Standard. I then upgraded to Gold and now use the latest top of the line Platinum edition. It's my favourite Application. Wouldn't be without it. The first 12 months are spent going from overawed of what to do, then hestitant use of some of it's features, then to using over half it's features to using most. Even now, two years down the line there are things i've only touched upon. The word indispensible is used sometimes too often only to exaggerate how useful an application is, but that isn't the case with Regrun. It really is one of those apps that once you use, you find that more and more of it's abilities become apparent. And in due course, anyone will realise it is money well spent.

Oh, and i am not affiliated with Greatis in any way. I just honestly believe this is one of the best apps a security conscious person can own.

muf
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group