hi, i just installed XP. i haven't used it for nearly 2 years and i'm not sure which software to get. i want to get a scanner, or scanners, for AV, AS and AT and i think i need a HIPS too.

in the past i used AntiVir, process guard, regdefend, spybot or MS defender, script defender and ewido on demand as an AT, something like that.

has avast and ewido become one scanner now? i'd like to use antivir, but if there's a free scanner that's an AV and AT all-in-one i suppose i'll use it if it's good.

there's superantispyware that i've never used, i did read about 6 months ago that there were alot of FPs with it, should i use it? i saw a HIPS called c*hawk, or something like that, is it good?

i don't really know anything about MS security atm, so can someone recommend a setup, or show me a good thread that talks about it, i haven't read this part of the forum ever really :ouch:

I am using Prevx and Boclean realtime with weekly scan from AVGAS and SuperantiSpyware (plus NOD, FW etc). They all play nicely together for me

thanks, Boclean isn't free, is it? i don't want to pay for anything, i just need to find some programs that are free. i forgot about the FW, i'll get that old kerio one if it's still ok to use.

It's free now :)

Hi Iceni, U r an advanced user so I don,t think u need a lot of scanner. Use any free AV( Avira is best or Avast, AVG, AVS) and if u insist more add BOClean( free now).
Use a free FW( anyone u like). I assume u have a router.
Ur main defence will be a HIPS, SSM free or PS free. That,s enough.
Still more, consider GeSWall or DefnceWall.

{QUOTE-> can someone recommend a setup, or show me a good thread that talks about it <-QUOTE}There are way too many threads that talk about security setups to recommend just one thread. Perhaps you should take some time looking through the Security Software section. I can however recommend some programs of each type. Although layering is important for securing your computer, the traditional method of simply choosing a signature scanner in each category of malware is increasingly less necessary and many would argue increasingly less sufficient. Most AVs already include other types of malware such as trojans and spyware in there signatures and continue to expand their protection in these areas. Furthermore, malware is no longer easily categorized into particular types of malware, much of it incorporates techniques that transcend the traditional malware categories. Given all of this, an AV in tandem with a sandbox and/or HIPS, when used properly, should suffice. There are of course other setups that completely forgo use of signature scanners, but these setups typically require fairly extensive know-how, time, and effort. Only you can determine for yourself what type of setup is right for you.

Anti-Virus:
Avira AntiVir
Kaspersky Anti-Virus
Eset NOD32

Anti-Spyware:
SUPERAntiSpyware
AVGAS
SpySweeper (excellent real-time protection and removal of spyware, but it's bloated and conflicts with many programs)

Anti-Trojan:
BOClean
AVGAS

Sandbox:
SandboxIE

Firewall:
Depends on whether you simply want inbound protection for which the Windows XP firewall should suffice, or whether you want outbound protection as well, for which Comodo and Jetico are both good.

HIPS:
All depends on how much time and effort you are able and willing to put into it and on your level of computer security know-how.

For quiet programs with minimal user intervention required try Cyberhawk, DefenseWall, and perhaps PrevX.

For more user intensive programs try SSM.

I am in the same boat as i am about to format both my pc's and reinstall xp .

TypicallyOffbeat i use most of the programs you recommend but not sure on hips. Do i really need a hips if i have snoopfree, winpatrol and zonealarm pro or would it be ok replacing winpatrol and snoopfree with SSM. will also will be trying out fdsir so i,m guessing i wont need a sandboxie when browsing internet. mostly going to use snapshots for other users of my pc.

would this setup be fine:

real time: linksys router, Zapro, boclean, avgantispyware, ssm (replacing snoopfree & winpatrol), nod32, spyware blaster, fdsir

on demand: trendmicro as, trojan hunter, rootkit unhooker, ad-aware, superantispyware, cureit

anything i,m missing?

If u use SSM Pro, u can ditch WP and SnoopFree. If SSM free, u can keep SnoopFree but it,s not updated so I don,t use it.

thanks for the help. i've got everything apart from a HIPS and maybe a real-time AS, i got the free superantispyware, do most people use something else as well as sas for AS, or is sas by it self OK?

Iceni, consider SandboxIE, and AV: Antivir, Avast! or AVG.
Firewalls, you have for example CHX-I (:o ), Jetico 1, Comodo, Sygate, Kerio.

If you're running HIPS, you don't need real time anti-trojan or anti-spyware apps. Keeping some as on-demand scanners is fine, especially if the HIPS you choose lets you integrate a scanner. For most people, I'd suggest keeping a resident AV. HIPS can prevent viruses, worms, etc, from installing or executing as long as it's very tightly configured. HIPS will enforce the decisions you make, but if you're not using any other resident protection, a bad decision can allow you to compromise your system. HIPS will prevent adware, spyware, trojans, etc from installing unless you specifically allow it.

On my system, SSM, Kerio and Proxomitron are my primary software defenses. AV scanners (not resident AVs) and file/file system integrity checkers fill supporting roles. The package I recommend to most of my clients is a firewall, AV, and SSM free, along with an alternate browser. I try to get most of them to use NoScript as most of them wouldn't be able to use Proxomitron effectively. Some of my clients weren't comfortable without an adware/spyware program and use a few different ones as on-demand scanners. The only things the AS apps are finding are items they allowed when SSM prompted them. In that regard, the combination is a good teacher.

No matter what combination of apps you end up running, make sure it includes a good system backup utility. Besides being able to restore your system to a clean state in the event it does get infected, it also makes it easier to try out different security apps. Uninstallers often don't remove everything and might not restore the registry or system settings to their previous condition. With good backup software, this is no longer a problem. Acronis True Image has worked well for me.
Rick

Antivir PE and Prevx.

thanks for all the help. i'm going to spend tomorrow finishing this off. i'll read though everything again then and say what i ended up doing. i'd love to use SSM, i did download it when that free offer was on, but you had to run it to get the code. i tried to run it using wine because i didn't have windows then, but it didn't work lol. is there still somewhere around that has the SSM registration code?

You might want to try the free version of SSM and see what you think of it before you install the pro version. The free version doesn't have as many features as the pro but it's not weak by any means. I've found it to be quite adequate on 98 thru XP. If you like it and still want more options than it gives you, then try the pro version.

I don't know of anywhere else you could get that code, or even if it would still be valid.
Rick

The paid version of SSM has a trial period. I believe (though not sure) that if you decide not to pay that SSM will revert to the free version. It also has a competitive upgrade discoount.

http://www.syssafety.com/

Also, not sure which browser you are using but many would probably suggest Opera or Firefox as opposed to IE7. But if you choose to use IE7 there are a few useful add-ons to have-

IEspell for spell checking-

http://www.iespell.com/

IE7pro for tweaking and some ad block features-

http://www.ie7pro.com/

inline search

http://www.ieforge.com/InlineSearch/HomePage

{QUOTE-> so can someone recommend a setup, or show me a good thread that talks about it, i haven't read this part of the forum ever really :ouch: <-QUOTE}


try this this (http://www.wilderssecurity.com/showthread.php?t=111264&page=48) , though it is little more than a bragging thread really.

I.e "Everyone look at how secure I am with my 4x HIPS, 2x antivirus, 2x harding plus a zillion other tweaks setup! You can tell I'm really serious about security because I change my setup every couple of days"

Unless you like to play around with betas &/or with GUIs in non-English languages, I suggest the following freebie/minimalist set-up...

A) HIPS: Cyberhawk (http://www.novatix.com/) + Dynamic Security Agent (DSA) (http://www.privacyware.com/dynamic_security_agent.html) -- they get along just fine together, and (used in concert) they give very strong protection.

B) Firewall -- With DSA & a router, you really don't need a firewall -- unless you are a control-freak like moi. In which case, gettum Kerio 2.1.5 (http://www.321download.com/LastFreeware/page7.html#Kerio%20Personal%20Firewall)

C) AntiVirus Avast (http://www.avast.com/eng/avast_4_home.html) - Avira Classic is also free & offers *slightly better* protection statistics, but lacks antispyware. Avast gives bloody great protection, across a far broader spectrum of threats, than any other freebie that I know of.

Hi all,

Mostly paid : NOD32 and Comodo BOClean + OA 2 with Firewall

Free : Antivir classic and Comodo BOClean + Neoava Guard Beta 2

Regards,

MaB

Hello,
Ice, all you need is a firewall and Firefox.
Everything else is for fun.
Mrk

{QUOTE->
Also, not sure which browser you are using but many would probably suggest Opera or Firefox as opposed to IE7. But if you choose to use IE7 there are a few useful add-ons to have-
<-QUOTE}
I think you'll find out that Iceni is an Opera user, ocasional FF, never IE.:)

{QUOTE-> Hello,
Ice, all you need is a firewall and Firefox.
Everything else is for fun.
Mrk <-QUOTE}
Ohh, u came in ultimately.;D BTW he is a linux user too.;D

Spyware Terminator and Comodo BOClean are a recommendation from me.

thanks for all the help. i'd forgotten how long it takes to setup XP :ouch:

atm, i've just got a basic setup, i ran some hardening programs and secured my browsers and have antivir, boclean and spybot running. i haven't installed a HIPS yet because i thought it's best to run one when i have set eveything up, maybe tomorrow, then i might think about disabling spybot and boclean and just have it running with antivir and a FW.

i forgot about a FW, i bet half the programs i've installed can't believe their luck lol, linux programs never sneak off behind your back and contact people. i installed konfabulator, but uninstalled it when it wanted to install a hactivex and change my ie home page to yahoo. i'll get kerio now i think.

My computer is secured by all freeware applications, and has been since I realised that Norton wasn't the bee's knees that I had thought it was.
Played around a bit with several setups, probably too many applications running at times (more must be better, right?) and the current setup seems to offer a balance between very good protection and resource use, though it's probably still a little overkill.
Spyware Blaster, Spyware Guard and MVPS hostsfile,Avast antivirus Home, Comodo firewall, SpywareTerminator with HIPS enabled (this one is free and resident, and I think, a beauty.), Boclean, Firefox with noscript.
The demand scanners never seem to find anything these days but don't use up much space, so I keep 'em. The best seem to be Superantispyware, Asquared, DrWeb Cureit (Standalone virus scanner) and AVG AS. AVG also put out a free rootkit scanner which is very easy to use but if you're advanced you might want something different.
Also use Ccleaner routinely, and have the bad download blocker in Spybot active (but not the teatimer).

{QUOTE-> Spyware Terminator and Comodo BOClean are a recommendation from me. <-QUOTE}

Don't these two overlap?

{QUOTE-> My computer is secured by all freeware applications, and has been since I realised that Norton wasn't the bee's knees that I had thought it was.
Played around a bit with several setups, probably too many applications running at times (more must be better, right?) and the current setup seems to offer a balance between very good protection and resource use, though it's probably still a little overkill.
Spyware Blaster, Spyware Guard and MVPS hostsfile,Avast antivirus Home, Comodo firewall, SpywareTerminator with HIPS enabled (this one is free and resident, and I think, a beauty.), Boclean, Firefox with noscript.
The demand scanners never seem to find anything these days but don't use up much space, so I keep 'em. The best seem to be Superantispyware, Asquared, DrWeb Cureit (Standalone virus scanner) and AVG AS. AVG also put out a free rootkit scanner which is very easy to use but if you're advanced you might want something different.
Also use Ccleaner routinely, and have the bad download blocker in Spybot active (but not the teatimer). <-QUOTE}


Wow! You must have that new Intel octocorex2 processor to run that 2nd paragraph in resident startup! ;D

Don't you think running Boclean, Spyware Terminator, and Spyware Guard in addition to the Avast shields is a little bit much? I know the Avast shields alone used to slow down page rendering on my computer. I also thought Spyware Guard, because it hasn't been updated in several years, is somewhat
obsolete.

Hi quadrophonic.
Yeah, it possibly is more than required, some of 'em almost certainly overlap, by how much, and they're relative abilities/definitions I've no idea. (Which is partly why I do it.) (On the other hand, if ST and Boclean get into a tussle over something that might not be so great :ouch: )
(Anyone's thoughts on that appreciated!)
SpywareGuard doesn't use much.Hasn't been updated in over a year either, might uninstall it. Never noticed any significant slowdown with Avast, 5 shields (out of seven) enabled.
The machine is XP home, and AMD64 3500+, with a gig of RAM. A few unnecessary services disabled. Runs pretty darn good.

Thinking about it a bit more, I think I will turn Boclean off, and ditch SG. Been free of malware ever since installing ST.

antivir or AVS , + prevx1 or SSM

{QUOTE-> Hi quadrophonic.Thinking about it a bit more, I think I will turn Boclean off, and ditch SG. Been free of malware ever since installing ST. <-QUOTE}

I've been running Spyware Terminator, although it hasn't caught anything other than new programs I've installed. That could be partly because I mainly use Firefox and watch Site Advisor's warnings very closely.

I'm not exactly clear whether Boclean is closer to Spyware Terminator or WinPatrol as a security add-on. The goes for SSM. SSM's site really doesn't explain that much and I still can't find a comparison on there regarding SSM free vs. SSM Pay. Site Advisor doesn't even have a rating for this yet:

http://www.syssafety.com/

You might compare the signatures of BOClean with the signatures of Spyware Terminator one by one.
Each time you find a signature of BOClean in the signature list of Spyware Terminator, you remove it from the signature list of BOClean.
Once you are finished, you know exactly which signatures of BOClean aren't detected by Spyware Terminator.

There are only two possibilites :
1. The signature list of BOClean is empty by removal and that means you can ditch BOClean and keep Spyware Terminator.
2. The signature list of BOClean is not empty by removal and that means you have to keep BOClean AND Spyware Terminator.

It's the only way to be sure and it's better than guessing. :)

Talking about SSM all the time, and we forget a good HIPS program right next door, GSS: AppDefend and RegDefend. Much more intuitive than SSM, i tried the other day, and appreciated it. AppDefend is more like PG than SSM, in that you actually get it.

May be you can try the EQ a free hips software comes from china.If you have any questions.Please report it to the website,the author will reply you quickly.

I was using BOClean and AntiVir but I have been testing the latest beta of DriveSentry v3 which has HIPS, whitelisting and signature based detection for over 150,000 viruses.

More info here -> http://www.drivesentry.com/news.php?view_id=21

~interact