Switching to an all freeware setup

(I couldn't find a general forum to post since they all seem to be dedicated to a particular program)

I've tried out a lot of paid security solutions over the years - Norton (before I found alternatives), Kaspersky, McAfee, Outpost firewall and a few spyware programs. This is for my pc as well as friends and family.

Now I'm finally running all free programs. Part of what prompted the change was I got tired of the forced yearly upgrades by all the major vendors, and I also wanted to evaluate just how much you can achieve for free. I have -

-Avira antivirus (with trick to disable nag screen)
- Comodo firewall
- Spyware Terminator with HIPS enabled
- Spywareblaster for immunization

There are no other active or on-demand programs. I really like this setup so far! The resource usage is very light and it seems to be the right mix of power and not too many prompts to bother me. I'm even considering making this (along with Firefox) as my suggested setup for others.

What do you think? Am I missing anything by not running advanced programs such as a dedicated HIPS, the various Process/Hook/Registry guards?

 

Your setup looks great. You are doing fine in the HIPS area with Comodo and with Spyware terminator. I also am a strong advocate of freeware(everything I use is free).

Cheers,
Alphalutra1

 

What do you think? Am I missing anything by not running advanced programs such as a dedicated HIPS, the various Process/Hook/Registry guards?

Yes you most certainly are missing. As I also like free stuff. Totally recommend you add either Ghost Security Suite, Prevx-1, or System Safety Monitor to your current setup.

Speaking from actuall experience Spyware Terminators HIPS can be breeched, although you shouldnt complain cause its free. The only thing that has been able to stop BAD things from happening to my system so far due to my intentional "Suicidal" surfing habits, Ghost Security Suite. Check below at my current security set up, these programs play very nicely together.

 

Here is my free setup.

av---antivir classic
as---spywareterminator
fw---jetico (process attack table disabled)
hips---ssm free
registry protection---registry watcher
system immunization---spywareblaster + spybot s&d
hosts file---hostsman with mvps
on-demand scanner---superantispyware, ewido, sophos anti-rookit, icesword, hijackthis
browser---opera
email---read/write email using plain text

 

Ur set up is great.
I have Antivir, SnoopFree, Comodo and GesWall( I was using SSM but removed it as I don,t like so many pop ups now and then). I rely on GesWall for this purpose and it gives a solid protection without pop ups( another such option is BufferZone but it slows down application launch a little bit). My current set up is almost install and forget. I don,t use on-access antspyware as I don,t need it. I use Opera and FF with java script disabled partially plus Spyware blaster immunization. I don,t run on-deamnd scanners but Ewido, W Defender and Super AS are good.
For imaging( I take it as last security resort) I use EAZ-Clone and DriveImageXML, these are free and do the job well.

BTW, I have one Q, how you modify the HIPS rules is ST?

 

I can't say anything bad about avira but why ditch Kaspersky

 

Where can I find free SSM. The website (http://syssafety.com/product.html) does not list any freeware.

Thanks for those suggestions! Did not know about the free drive cloning programs and GESwall. I'm trying it out now. Its interesting, if I try the test on the GESWall demo page, AnitVir catches the virus in the vbs file as soon as I try to download it. This is very good

I don't think its possible to configure the HIPS in ST too much. At least I don't see the option. The most I can see is add apps to the allow or block list in the Settings screen.

Do you run ALL those programs at t he same time ?! Part of the reason for my experiment is I want to find a setup that I can recommend to non techies. In all honesty I cannot see them understanding prompts from apps like RegDefend, or most HIPS (including the one in ST) for that matter. I know that I understand them and even spend a lot of time tweaking settings (and browsing sites like this) but in the end, I wonder if there isn't a simpler easier way. I think its much more important to develop safe browing habits and use good judgement, coupled with adequate protection.

Nothing against Kaspersky, I liked the trial of KIS and might even try the free AOL version. Just don't want to pay for it!

I've added Hostsman. Which is the best hosts file - mvps, hphosts or mike's which are supported in it? Is it recommended to use multiple host files and merge? Right now I have it set to Mvps hosts and always overwrite, as recommended on the IE-spyad page.

I also run Admuncher, which I gladly paid for and is worth every cent. Tried many other ad blockers but none come close, and most refuse to work with Maxthon.

Final question - I think it would be a good idea to have a kind of compatibility matrix for all these products, so one can see at a glance which ones conflict and which can coexist peacefully. Right now its a matter of trial and error and when dealing with system level software, the error can be crippling and require reimaging which is not a pleasant thought.

 

http://syssafety.com/

see the pic.

DriveImageXML via BartPE CD
EAZ-Clone
GesWall

I really like them.

Ya, HIPS are for advanced users mainly. I really like SSM but can go along with pop ups with every new execution on my system, esp windows and software updates. I have set Comodo firewall to least pop up mode as well.

If u really want HIPS function, I will suggest to disable ST,s HIPS and add SSM free. U need to learn with it a bit.

 

HI, Just seen the post from Defcon, and saw the comment....



Avira antivirus (with trick to disable nag screen)

As I am thinking of trying Avira, can any one please tell me how to
do ....( with trick to disable nag screen ) ...?


Thanks .... Mypenry

 

You need to enable a Windows security setting for avnotify.exe and the method varies with WinXP-Pro/Win2k and WinXP-Home, search the "Other Anti-Virus Software" Board for examples.

http://forum.antivir-pe.de/board.php?boardid=17 AntiVir Forum also has info on the subject.

 

Do you run ALL those programs at t he same time ?! Part of the reason for my experiment is I want to find a setup that I can recommend to non techies. In all honesty I cannot see them understanding prompts from apps like RegDefend, or most HIPS (including the one in ST) for that matter. I know that I understand them and even spend a lot of time tweaking settings (and browsing sites like this) but in the end, I wonder if there isn't a simpler easier way. I think its much more important to develop safe browing habits and use good judgement, coupled with adequate protection.


Well its just my opinion but I think you should be able to surf any where and not have to watch where you go, having safe browsing habits and good judgement shouldnt even be an issue to hold you back from going to whatever site you choose to. I don't have everything running at once, some stuff is for scanning, however Ghost Security Suite is always running, if anything gets past my set up while browsing, GSS usually catches it and prompts me whether or not I want to allow it. The main thing I use in my set up thats active all the time is Comodo Firewall, GSS, Snoopfree, everything else I keep as on demand when needed. Worst case scenario I got RollBackRx and Ghost 2003 with with previously saved clean state snapshots and backups for restoring, never had to so far.

 

nice one Defcon. It's a good configuration.

 

Excellent Choices!

I can't really find fault with your selections. It's a close call between AntiVir (Avira) and Avast Home for your free Antivirus. AntiVir has better detection rates and runs a little lighter; Avast is more full-featured, especially in the area of filtering e-mail (both ways). I opted for Avast.

Concerning spyware, running a stand-alone browser (no ActiveX) from a limited-user account goes a long way toward keeping a machine clean and safe.

And Comodo rules (pun intended)!

 

I came across a message thread that indicates the Comodo was easily penetrated. Don't know if the comment was referring to an earlier or current version of the program?

http://www.bluetack.co.uk/forums/index.php?showtopic=15485

 

BTW, a bit OT, dose Ghost makes images for all RollBack snapshots as well?