RegDefend AppDefend Replacements

Discussion in 'other anti-malware software' started by NormanS, Jul 2, 2009.

Thread Status:
Not open for further replies.
  1. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Now that these two Ghost Security Suite programs are no longer supported, what can take their place?
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i advise Malware Defender and/or System Safety Monitor;) they are strong hips
     
  3. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Hi Jmonge,

    Many, many thanks for your quick response.

    Your two suggestions strike me as extraordinary. Are both, as I suspect, one or more steps beyond RegDefend and AppDefend?

    Note that an incautious search for MalWare Defender can result in deep trouble, as there seems to be malware that goes by the name MalWare Defender. The legitimate site for MalWare Defender is that of Torchsoft.com.

    Is it OK to install these programs while continuing to use RegDefend and AppDefend till I'm fully adapted to these new programs? The only adverse consequence I see to running all four programs at the same time is having to put up with a lot of popups.
     
  4. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    And a BSOD or two. I wouldn't.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    ofcourse one hips program is good to run alone;)
     
  6. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    You could also use Comodo Internet Security or Online Armor.

    Or you could switch to a behavioural blocker such as Prevx and ThreatFire.
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I agree with someone,

    Alternatives
    Behaviour blockers or combo's
    Go easy with freebie ThreatFire (behavioral blocker), or paid with PrevX (when you know your system is clean, set all sliders to medium AND apply heuristics AFTER age). A2 Malware with 'IDS' (=Mamutu) AV (Ikarus) and own AT/AS engine is also a good an easy option (also paid).

    Policy Management HIPS
    Have you considered policy management HIPS like GeSWall or DefenseWall? DW is really easy to use. It allows full functionality of your browser (and other internet facing apps) in a limited user environment. As such it does not prevent you to install Active-X, BHO, only cages them. For this old Winpatrol free (with services and host file protection disabled) is a nice add-on to warn you of these to happen, check this out (DefenseWall) http://www.av-comparatives.org/comparativesreviews/single-product-reviews

    HIPS
    Paid Online Armor is the easiest and the best. The freebie has some limitations. The free version does not protect at boot up (as far as I know, please correct me when this has changed), therefore when you are looking for an easy freebie use Outpost Free and set intrusion protection to max. When you have added your own Regdefend entries I would advise Comodo in its most aggressive setting (Pro-active), all other Comodo configurations are a lot weaker than OA free. Outpost free by default also has not enabled all protections out of the box, but this is much easier to change. As said Comodo is only an option when you have succefully added Regdefend entries AND you install it in its most aggressive configuration. By telling Comodo your system is clean this aggressive setup won't trigger a lot of pop-ups. This complaint of Comodo is story telling of the past (pitty they introduced so much user friendly configurations, D+ looks like a swiss cheese, in stead of a solid defense wall), so Comodo is great when you use pro-active setting, all other settings are fake security IMO (it looks like a ferrari, but has the engine of a Tata Nano).

    Regards Kees
     
  8. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Please define why "the best". I thought that MD is the best traditional hips.
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Well,

    OA has some intelligence woven into its HIPS, as such it is more than a traditional HIPS, MD is also a good HIPS, just comparerd the same in class meaning Heavy FW + HIPS (Comodo , OA, Outpost). Look at matousec intrusion protection, they cover the widest scope.

    On the other had: I have a lisence of MD, not of Outpost, Comodo or Online Armor, so . . .

    I think MD should have some rule inheritage option logic build in, something like:

    Two options needed:

    a) Inherit rules Yes/No
    b) Inherit overrules programs own rule Yes/No

    Note: rule inheritage can never be applied to system processes (due to system stability)



    Trigger Application A spawnes a process B,

    Case1: Does triggering application has rule inheritage
    YES:
    Case2 : Is the spawned process a system application (in the system group)
    YES: use spawned process rule set
    NO:
    Case3 : Is overrule specified?
    YES: Use triggering application rules set
    NO:
    Case 4: Does spawned application has a rule set of its own in application group
    Yes: Use spawned applications own rule set
    No: Use triggering process rule
    End Case 4
    End case 3
    End case 2
    No: Use normal highest priority rule
    End case 1
     
    Last edited: Jul 3, 2009
  10. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    No you agree with the usage agreements, so you have a contractual relationship with Comodo even when you have not paid for it, becasue Comodo has to keep all intellectual property rights.

    It is like a driving lisence, you are allowed to drive. A freeware lisence is you are allowed to drive in somebody's else car (using comodo's software), but this grant is a lisence of sorts.
     
  11. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Though I understand what you are writing, sorry but I do not agree.

    Inheritage was the reason that I switch away from kaspersky, since it introduced it, in its hips on version 8. Never regret it.

    I prefer to allow/deny each process regardless of how it started. Maybe the reason is that I use many launchers and things get messed up.
     
  12. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Is it OK to run Malware Defender at the same time with NOD32?
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Yep, I understood the first time :D


    Nice definition of free by the way: it also applies to surpression in any context (religion, sex, race, politics), it even applies to doing porridge in some countries (you do not need to pay money for that either).

    Are the jails in Australia free?
     
  14. mike21

    mike21 Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    416
    Best things in life are free :p
     
Loading...
Thread Status:
Not open for further replies.