-{ Quote: "Hi, I used Avira Anntivir Premium and now I have just installed TrustPort 2011.
Is there a guide to configure it? I hope I have done a good choise
If I use its default, will TrustPort 2011work fine?
Thanks" }-
You should really create a new thread for this.

thanks

I'm not saying that i will use Returnil or light virtulization alone

But i need something to help when the disaster strike

as i'm being targted it's not parnoia but it's a fact

i use safe surf sandboxie , no script ,

i'm not saying i need something that will help against zero day attacks

i like hitman pro as it's easy to use fast and has a good detection rates

but the thing that annoy me that


all the scanner failed on the last system infection

and i mean All !!!!!

???

and also
the money is an issue i can't afford to buy programs and security packs

so i'm getting most of them off V_L List

:-*

the new setup will be :
Firefox : with the useual security addon and sandboxie

avast
comodo

some of on demand scanners
MBAM , SAS , Hitman

and Returnil

:-\

will be running LUA , EMET , and app guard

i really don't understand most of these stuff

but i see some experienced guys here and i copy them :P

and BTW i'm using win7 x64 ultimate

-{ Quote: "

will be running LUA , EMET , and app guard

i really don't understand most of these stuff

but i see some experienced guys here and i copy them :P

and BTW i'm using win7 x64 ultimate" }-



I'd suggest you add Microsoft Security Essentials on your setup. It will help alot. :thumb:

When i get my new DVD Writer, i'll do a new install.
Setup will be:
EAM v6.0 + OA v5 + HMP
EMET, SRP

All will be set to highest ;D

:thumb: :thumb:

trying DefenseWall HIPS + PF and Emsisoft Anti Malware a killer combo :thumb: :thumb:

Windows XP: Norton Antivirus and Online Armor Premium. Zemana Anti-Malware on-demand.
Fedora 14: SELinux on permissive mode, iptables enabled.

Installed ESET Smart Security 5.0.65.0 BETA and Sandboxie 3.54 on my netbook. Also changed the HIPS settings to 'Learning Mode'.

-{ Quote: "Could you explain how they are similar? The only similar thing they have are search engine ratings, and... as everything else... one may rate something red, and the other won't, because won't be in their blacklist." }-

Actually it would be better if you told me how they are different? Thanks.

I thought that the main function of both BD Traffic-light and AVG Linkscanner was to rate, and block infected websites?

Yes I know that the other might block what the other miss etc.., but IMO it's too much to have both of them anyway.

-{ Quote: "When i get my new DVD Writer, i'll do a new install.
Setup will be:
EAM v6.0 + OA v5 + HMP
EMET, SRP

All will be set to highest ;D" }-

LOL Noob you are laying it on thick ;D

-{ Quote: "LOL Noob you are laying it on thick ;D" }-
Yeah d00d.
And i will not remove LNK from the options on SRP. Will be default and probably might add a few more extensions. :thumb:

I want to do some sort of PC lockdown, a classical HIPS (I'm gonna try OA first on my current Windows to see if set at highest it works as a Classical HIPS if it does, then i will definitely keep it, if not i might replace it with Comodo D+ and Firewall which works in a similar fashion to OA HIPS and firewall)
HMP scans on every start and EAM as real time ;D ;D
So it should be:

Real Time Scanner: EAM
Real Time HIPS: OA
On Demand: EAM + HMP

Passive: SRP + EMET and the other generic tweaks.

noob OA will do good to ya;) :thumb:
just configure files/registry to block unknown and untrusted programs to be block and allow trusted vendors only
block untrusted or unkown programs or files will be block to modify/delete/create/read in real time

My current security setup:

Realtime:
- avast! 6 Internet Security (Disabled:Mail, IM, P2P, Behavior, Script Shields)
- Mamutu 3 (From the giveaway)

Firewall:
- avast! 6 Internet SEcurity
- Belkin Wireless Modem Router

On-Demand Scanners:
- MalwareBytes AntiMalware Free

Still the same setup as in my sig

-{ Quote: "noob OA will do good to ya;) :thumb:
just configure files/registry to block unknown and untrusted programs to be block and allow trusted vendors only
block untrusted or unkown programs or files will be block to modify/delete/create/read in real time" }-
Thanks for recommendations, haven't used OA for a long time :)
And the registry feature is a new feature i've never used ::)


-{ Quote: "Welcome back my friend good to see that your pc is finally fixed :)
" }-

Yeah man, finally fixed. But i still need a new DVD Writer to get a fresh Windows install, current one is just like a sandbox.

you can always play with this new feature it is fantastic like a dream for me:)dont need anti-executable anymore;) it protects your registry in real time and also files as system32 etc etc just dirty ur hands configuring and end up dumping your antivirus and just use a ondemand scaner;)

Online Armor ++ and MBAM Pro (but only as on-demand scanner) and Emsisoft Emergency Kit. Thinking about adding Mamutu (because I do have one year licence for it).

Setup for now

Realtime:
KIS 2012 (antispam and anti-banner disabled)
AdMuncher 4.92 build 32591 (beta)

On-demand:
Malwarebytes free
SAS 5 free

And that's it! Damn I love this setup and I really have fall in love to kaspersky 2012. They've done good work this time, really really good job! ;)

I tried nod32 v. 5 + outpost firewall pro 7.5 combo, it was good and light but IMO eset just don't have nuts enough more.. :ouch:

-{ Quote: "noob OA will do good to ya;) :thumb:
just configure files/registry to block unknown and untrusted programs to be block and allow trusted vendors only
block untrusted or unkown programs or files will be block to modify/delete/create/read in real time" }-

could u please tell me how to do that?

so did u add root drive such as c:? or specific folder?
and the same question for the registry protection

the c:\* is already there just change things around like instead of ask or allow i change to block for files and any untrusted or unknown programs can not delete modify create or within that location,it is simple just go to files/registry feature options and dirty your hands like dirty harry;D

you can add folders too for files rules if you want or eeven start up registry location to block untrusted or unknown programs in real time it is beautifull man;)

-{ Quote: "Yeah d00d.
And i will not remove LNK from the options on SRP. Will be default and probably might add a few more extensions. :thumb:

I want to do some sort of PC lockdown, a classical HIPS (I'm gonna try OA first on my current Windows to see if set at highest it works as a Classical HIPS if it does, then i will definitely keep it, if not i might replace it with Comodo D+ and Firewall which works in a similar fashion to OA HIPS and firewall)
HMP scans on every start and EAM as real time ;D ;D
So it should be:

Real Time Scanner: EAM
Real Time HIPS: OA
On Demand: EAM + HMP

Passive: SRP + EMET and the other generic tweaks." }-

Sounds good Noob :thumb:

i am waiting for geswall and defensewall 64 bit versions?:)

Windows 7 Professional 32-bit (Modem-Router NAT: enabled)

separate partitions for:
SYSTEM
PROGRAMS
DATA

Setup:
Disabled Windows System Restore and Windows Defender
User Account Control set to Highest
Microsoft Security Compliance Manager (MSCM) for downloading Baseline Security Templates from Microsoft that will harden Group Policy settings.
LocalGPO (included in MSCM) this tool is used to apply Security Templates.

Templates used: Merged copy of Win7SSLFComputer, Win7SSLFUser and IE8SSLFComputer, IE8SSLFUser
Do not allow legacy apps to run


Modified GPO thru 'gpedit.msc' also added some Safe-Admin tweaks
allowed Administrators to debug programs (Compatibility for EMET. see below)
1806 trick



Enhanced Mitigation Experience Toolkit (EMET) to apply the ff. and more:

Data Execution Prevention (DEP): Opt-out
Structured Exception Handling Overwrite Protection (SEHOP): Opt-out
Address Space Layout Randomization (ASLR): Opt-in


Returnil for system virtualization (antivirus disabled / trust programs from real disk only)
Peerblock
Outpost Security Suite FREE ( Firewall:Block Most / Antimalware:Scan on execution / Anti-leak:Low )
ClearCloud DNS
Hitman Pro (for fast scans)



Google Chrome --safe-plugins -incognito (Regular Browsing)

Clearcloud DNS
1806 Trick



JanusVM + Opera Browser (Anonymous Browsing)
javascript enabled for whitelisted sites only
plugins only on-demand.
disk cache off
never check cached documents and images
Turbo Mode: ON
Disabled Geolocation and mouse gestures.
Fanboy's Adblock list for Opera

@jmonge

ok I'll try it, normally I'd wash my hand, but if u say so... ;D

only Pontius Pilate wash his hands man;) :thumb:

Running ESET Cybersecurity for Mac. Works fast and light. :thumb:

Real-Time/Resident/On-Access
DefenseWall Personal Firewall v3.12 BETA
WinPatrol Cloud Edition Plus 20.0.2011.2
On-Demand
Avira AntiVir Rescue System
Malwarebytes' Anti-Malware Free 1.50.1100.1
SUPERAntiSpyware Free Edition 5.0.1078
Norton Power Eraser
Emsisoft Emergency Kit
Hitman Pro Paid 3.5.8 Build 119Network/Browser
TP-Link TL-WR340G 54M Wireless G Router (SPI Firewall)
Norton DNS
Mozilla Firefox 4 (Sandboxed by DefenseWall, NoScript)
Google Chrome 12 (Sandboxed by DefenseWall, ABP)
System Hardening
Autorun/Autoplay: Disabled
Windows Firewall: Disabled
Windows Defender: Disabled
Windows System Restore: Disabled
Administrator Account
User Account Control: Default
Enhanced Mitigation Experience Toolkit 2.0.3: Maximum settings
All Internet-facing applications + Microsoft Office 2010
Unsigned Drivers: Block
Detect Application Installations: OffInstant Recovery
Rollback Rx

Acer Aspire Netbook:

Sandboxie Paid 3.54

-{ Quote: "only Pontius Pilate wash his hands man;) :thumb:" }-

One good reminder ;) I'll try to make my hand dirty whenever I can from now on ;D :thumb:

-{ Quote: "Running ESET Cybersecurity for Mac. Works fast and light. :thumb:" }-

Have you ran Sophos for mac? If so Would you say it's better than Sophos?

Added Thief Capture (http://www.adiumxtras.com/index.php?a=xtras&xtra_id=5613) to Adium. Works pretty well :thumb: also using chormium OS in VBox as a sandboxed browser!

Online Armor Premium 5.0.0.1100
Sandboxie Paid 3.54
Shadow Defender 1.1.0.325
Macrium Reflect Full Edition 4.2/3141

-{ Quote: "only Pontius Pilate wash his hands man;) :thumb:" }-
good one
:thumb: :thumb:

Windows 7 Ultimate 64bit

User Account Control (UAC): max settings & standard account
Applocker
Enhanced Mitigation Experience Toolkit (EMET) 2.0.0.3: Maximum Security Settings
Data Execution Prevention (Opt Out);
Structured Exception Handling Overwrite Protection (Opt Out);
Address Space Layout Randomization (Opt In);

F-Secure Internet Security 2011
Sandboxie 3.55.06 64bit
KeyScrambler Personal 2.8.0.1
Secunia Personal Software Inspector (PSI)
Sandboxed Firefox 4: WOT, Adblock Plus (Pop-up Addon, Fanboy´s List, Malware Domains), LastPass, Search Engine Security
Norton DNS

-{ Quote: "KeyScrambler Personal 2.7.1" }-
KeyScrambler Personal has been updated to version 2.8.0.1 (http://www.qfxsoftware.com/download.htm)

-{ Quote: "KeyScrambler Personal has been updated to version 2.8.0.1 (http://www.qfxsoftware.com/download.htm)" }-

Thanks! I already have that version, I forgot to modify it here.

added Peerblock on my setup.

thinking of just running OA Premium and hitman pro as ondemand scaner or just get the OA++ version with scaner;)

@jmonge
I am using OA++ and I am very satisfied with it, so I can recommend it.

cool thanks pabloz for the recomendation and yes i may just run OA++ alone and save some money instead of buying 2 apps;)

Emsisoft Anti-Malware 5 plus Online Armor Firewall with free Hitman Pro 3 license at the SurfRight shop might interest you.

are these 3 apps cheaper than just buying OA++?how?

On the SurfRight shop the combination of Emsisoft Anti-Malware, Online Armor Premium and Hitman Pro 3.5 is €40,00. A great deal if you ask me.

and how much will be to upgrade from OA premium to OA++?thanks

-{ Quote: "and how much will be to upgrade from OA premium to OA++?thanks" }-

It's dirt cheap!

cool:thumb: i am becoming to like OA alot:thumb: thanks shadek

-{ Quote: "cool:thumb: i am becoming to like OA alot:thumb: thanks shadek" }-

Yeah, OA++ is a lot lighter than EAM as well, which is great. The two AV-engines included in OA++ and EAM are truly fantastic when it comes to detection, which is also great.

thanks my friend:thumb: and no i havent forgot about appguard;D

-{ Quote: "i am waiting for geswall and defensewall 64 bit versions?:)" }-

same here J. :)

-{ Quote: "same here J. :)" }-
did anyone hear about 64 bit version release date from geswall?

the developer send me an email and told me that is coming soon;) but dont know when even same for prevx it is taking long;D
it doesnt mather anymore as i felt in love with online armor it rocks

any one trying DriveSentry ProtectionPLUS?

-{ Quote: "any one trying DriveSentry ProtectionPLUS?" }-
I am using drivesentry for a while now J..:) its one heck of a program;D

added Hitman Pro on my setup.

-{ Quote: "Thanks! I already have that version, I forgot to modify it here." }-
No problem. :)

-{ Quote: "and how much will be to upgrade from OA premium to OA++?thanks" }-
And how to downgrade from OA++ to OA Premium??

got bored with my setup, it was on for so long i decided to switch out AIS and try FSecure IS

-{ Quote: "And how to downgrade from OA++ to OA Premium??" }-

Once the subscription for OA++ runs out, you'll be reverted back to OA Premium with outdated AV-signatures. You will not be able to update to new program versions.

So basically, even if your subscription runs out, you can enjoy OA Premium for life (but without program updates, just new cloud-based HIPS/firewall rules on a hourly basis)

-{ Quote: "Still the same setup as in my sig" }-
Maybe a stupid question, but what is "Eek"?

-{ Quote: "Maybe a stupid question, but what is "Eek"?" }-


Emsisoft Emergency Kit

Rules

-{ Quote: "Emsisoft Emergency Kit" }-
Aha, yes, now I remember - a nice supplementary tool as I recall :)

thanks!

Windows 7 Home Premium 32-bit

Firewall:
Linksys NAT Router
Look’n’Stop Firewall 2.07 (Phant0m’s Ruleset)

Anti-Virus:
Emsisoft Anti-Malware 5.1.0.10
Malwarebytes Anti-Malware Pro 1.50.1.1100

HIPS/IDS/Blocking/Hardening:
DefenseWall HIPS/Personal Firewall 3.12 Beta
EMET 2.0.0.3 (Internet facing applications & MS Office)
ClearCloud DNS
WinPatrol Plus 20.0.2011.2
SpywareBlaster 4.4 (Ad-Aware custom blocking)

Resident On Demand Scanners:
Hitman Pro 3.5.7 Build 121
Mischel TrojanHunter 5.3 (994)
Norton Power Eraser 1.7.0.3
Avast Anti-Rootkit 0.9.6
Kaspersky TDSSKiller 2.5.0.0

Added Outpost Security Suite in my setup (http://www.wilderssecurity.com/showpost.php?p=1869171&postcount=15408).

Online Arrnor Premium:thumb: i am very tempted to try SpyShelter Premium:thumb:ofcourse alone:)

ok i am currently trying SpyShelter Premium with prevx for this week to see hot they work together:thumb:
i am running all my apps those that use the internet like my browser,skype messenger to be restricted in restricted mode so far so good

Back to linux for now. Juice got spilled on my macbook air so waiting 2 days before turning it on again. crossing fingers it works still. Less than two weeks and already spilled on it :(

man that's nasty;D

-{ Quote: "Emsisoft Emergency Kit

Rules" }-
Yes Thats Eek :)

-{ Quote: "Juice got spilled on my macbook air so waiting 2 days before turning it on again. crossing fingers it works still. Less than two weeks and already spilled on it :(" }-
:ouch: you have to be more careful man!

-{ Quote: "did anyone hear about 64 bit version release date from geswall?" }-

Look who is my friend K. How's it going my friend? Yea we are still waiting on 64-bit sigh...

and geswall 64 bit version is taking long and also defensewall but maybe ilya is not planing to develop any 64 bit version of DW any sooner or maybe never;D

-{ Quote: "and geswall 64 bit version is taking long and also defensewall but maybe ilya is not planing to develop any 64 bit version of DW any sooner or maybe never;D" }-

Ilya is currently waiting to see if Microsoft patches the bypass of kernel patch protection that Sandboxie has done in their new x64 version (which is currently beta). What Sandboxie has done is revolution as it is now, providing virtually the same protection for 32-bit users and x64 users... but, as we all know, this could be patched with a regular Tuesday update...

man that will take long time;D

-{ Quote: "man that will take long time;D" }-

Hahaha J ;D

-{ Quote: "Look who is my friend K. How's it going my friend? Yea we are still waiting on 64-bit sigh..." }-
I am doing ok my good friend. Had an accident a month ago..so not that active here..But I am always lurking if you must know...:argh: Did you see our good ole friend J? is he still changing setup every 2 hours?rofl

Has anyone here ever used Comodo FW and D + with Mamutu?

Does anyone use Mamutu with Spyshelter free version or is there a lot of overlap there? Also, I'm interested to know if anyone uses PC Tools with mamutu. My OS is Windows 7 Ultimate, 32 bit

i am using prevx and spyshelter;)

-{ Quote: "Does anyone use Mamutu with Spyshelter free version or is there a lot of overlap there? Also, I'm interested to know if anyone uses PC Tools with mamutu. My OS is Windows 7 Ultimate, 32 bit" }-

Once I use EAM (emsisoft behaviour blcoker inside=mamutu) with spyshelter
I didn't notice any crash, but it did turn my cpu usage higher.

-{ Quote: "I am doing ok my good friend. Had an accident a month ago..so not that active here..But I am always lurking if you must know...:argh: Did you see our good ole friend J? is he still changing setup every 2 hours?rofl" }-

Oh wow really. I was wondering what happened to you. Yea I see J still changing his setup every 2 hours, I still laugh at him ;D Changed my setup again :)

look at this one ;)
SpyShelter 5.20 beta 2 i recomend this one is very stable and rock solid:thumb:

-{ Quote: "look at this one ;)
SpyShelter 5.20 beta 2 i recomend this one is very stable and rock solid:thumb:" }-

LOL J trying SpyShelter again huh. Never tried it and won't until they have a trial x64 version.

but spyshelter 64bit do have 14 days trial period
at least when I first try em, it does have one

My new lean and mean laptop setup

Windows 7 home x32 bits
- Windows FW 2-way (1)
- UAC set to auto elevate (2), using Spyshelter instead
- UAC set to only allow signed programs to elevate (3)
- Internetzone set to deny downloaded executables to run (3)
- EMET2 internet facing software (4)

Using only Microsoft Office Professional and signed utilities (for backup and registry cleaning)

Spyshelter free set to auto allow Microsoft signed only

Set all Microsoft Internet nonsense stuff (messenger, windows live etcetera) to deny execute through icacls, (3)

Using Chrome with forced LOW rights only (5) with McFee siteAdvisor (and Sunbelt GFI clear cloud through wireless DNS)

HitmanPro on demand


Wonderfull Wilders Forum where I learned about security, credits go to:
1) Stem
2) Sully
3) Kees1958
4) AKO
5) Moonblood

Regards Newby

1chaoticadult i tell you it has a trial version for 64 bit version and it works very good:thumb: can have all application that can carry viruses can be run restricted:thumb: i really like the restricted mode alot:thumb:

Windows 7 Professional 32-bit (Modem-Router NAT: enabled)

separate partitions for:
SYSTEM
PROGRAMS
DATA

Setup:
Disabled Windows System Restore and Windows Defender
User Account Control set to Highest
Microsoft Security Compliance Manager (MSCM) for downloading Baseline Security Templates from Microsoft that will harden Group Policy settings.
LocalGPO (included in MSCM) this tool is used to apply Security Templates.

Templates used: Merged copy of Win7SSLFComputer, Win7SSLFUser and IE8SSLFComputer, IE8SSLFUser
Do not allow legacy apps to run


Modified GPO thru 'gpedit.msc' also added some Safe-Admin tweaks
allowed Administrators to debug programs (Compatibility for EMET. see below)
1806 trick



Enhanced Mitigation Experience Toolkit (EMET) to apply the ff. and more:

Data Execution Prevention (DEP): Opt-out
Structured Exception Handling Overwrite Protection (SEHOP): Opt-out
Address Space Layout Randomization (ASLR): Opt-in


Returnil for system virtualization (antivirus disabled / trust programs from real disk only)
Peerblock
Outpost Security Suite FREE ( Firewall:Block Most / Antimalware:Scan on execution / Anti-leak:Low )
ClearCloud DNS
Hitman Pro (for fast scans)



Google Chrome --safe-plugins -incognito (Regular Browsing)

Clearcloud DNS
1806 Trick



JanusVM + Opera Browser (Anonymous Browsing)
plugins only on-demand.
disk cache off
never check cached documents and images
Turbo Mode: ON
Disabled Geolocation and mouse gestures.
Fanboy's Adblock list for Opera


I need a FREE antikeylogger and I'm done.

For Windows 7 Only here's a tutorial how to apply Microsoft Baseline Security template (tools included)
http://www.mediafire.com/?a6oqyg7tvtyikva

Windows 7 x32 Ultimate
- Windows FW 2way
- GPO hardening (e.g autorun, some autostart locations)
- UAC set to elevate SILENTLY, elevate only SIGNED executables, no installer detection
- Everyone set to deny execute Download directory, public user, data drives, except an installer directory (X:\Install_here) through right click security tab
- SRP set to deny execute USB drives and intranet zone
- virtualising file + registry (Software hive) for Chromium, WMP, Mail (IE9 is all virtualised by default) through RUNASINVOKER trick

EMET2
- IE9, CHrome, WMP, Mail, Adobe progs

GeSWall Pro
- running IE9, WMP, Mail, Adobe, Chrome guarded (high)
- network as confidential (IE9, WMP, Chrome and Mail allowed)
- X:\Install_here as confidential (guarded aps not allowed to write to)
- Chrome set to redirect most (sort of SBIE application virtualisation), except bookmarks and download directory
(this way I can use UAC with GeSWall, and make a file trusted by moving it from C:\User\Kees\downloads to X:\Install_here)

Hitman Pro on demand

-{ Quote: "I need a FREE antikeylogger and I'm done." }-

KeyScrambler Personal

Microsoft Security Essentials for realtime AV.

Comodo Internet Security 2011 Pro for Hips, sandboxing, and firewall. AV turned off.

I use Comodo to sandbox pretty much anything that uses the internet such as java.

MVPS host file on my DDWRT router with firewall. Spybot S&D portable on my USB to update my local host file on my PC.

Chrome + security features.

-{ Quote: "I need a FREE antikeylogger and I'm done." }-
Outpost and Returnil already have you covered. It won't survive after a reboot, and while in Virtual Mode Outpost will monitor its behaviours and connections. You don't need one.

exactly with a firewall outbound protection will cover you for any suspicious outbound activities in real time so dont worry and plus returnil will erase any tracks that only keylogger but all kind of malware may be deleted after a reboot:thumb: you are good to go

now for me i have Spyshelter beta 2;) i think i will run a firewall for out bound protection maybe Private Firewall or even Prevx 4 FireWall;) :thumb:

-{ Quote: "Has anyone here ever used Comodo FW and D + with Mamutu?" }-
Currently using CIS v5, sandboxie and mamutu.
Everything seems to be getting along....at the moment.
Mamutu is very light and it doesn't conflict w/ D+.

-{ Quote: "Windows 7 Professional 32-bit (Modem-Router NAT: enabled)

separate partitions for:
SYSTEM
PROGRAMS
DATA

Setup:
Disabled Windows System Restore and Windows Defender
User Account Control set to Highest
Microsoft Security Compliance Manager (MSCM) for downloading Baseline Security Templates from Microsoft that will harden Group Policy settings.
LocalGPO (included in MSCM) this tool is used to apply Security Templates.

Templates used: Merged copy of Win7SSLFComputer, Win7SSLFUser and IE8SSLFComputer, IE8SSLFUser
Do not allow legacy apps to run


Modified GPO thru 'gpedit.msc' also added some Safe-Admin tweaks
allowed Administrators to debug programs (Compatibility for EMET. see below)
1806 trick



Enhanced Mitigation Experience Toolkit (EMET) to apply the ff. and more:

Data Execution Prevention (DEP): Opt-out
Structured Exception Handling Overwrite Protection (SEHOP): Opt-out
Address Space Layout Randomization (ASLR): Opt-in


Returnil for system virtualization (antivirus disabled / trust programs from real disk only)
Peerblock
Outpost Security Suite FREE ( Firewall:Block Most / Antimalware:Scan on execution / Anti-leak:Low )
ClearCloud DNS
Hitman Pro (for fast scans)



Google Chrome --safe-plugins -incognito (Regular Browsing)

Clearcloud DNS
1806 Trick



JanusVM + Opera Browser (Anonymous Browsing)
plugins only on-demand.
disk cache off
never check cached documents and images
Turbo Mode: ON
Disabled Geolocation and mouse gestures.
Fanboy's Adblock list for Opera


I need a FREE antikeylogger and I'm done." }-

PM me I have a keyscrambler Premium key if you want it!

New Macbook (warranty covered it). Now using firefox with same addons as before and Sophos for AV. Any mac security tools for any recommends? or ABE scripts for NoScript?

My sig...

DefenseWall Personal Firewall v3.12
Look'n'Stop 2.07 (Phantom ruleset)
BitDefender Free Edition 2009 (on-demand)
Malwarebytes' Anti-Malware (free)
Macrium Reflect (paid)

What's the 1806 trick?

it's a registry tweak for your browser to restrict software installation;)

-{ Quote: "it's a registry tweak for your browser to restrict software installation;)" }-

I'd be happy if you could provide a link for me. :D Would protect against drive-by downloads eh? :) Would it work with Chrome?

See picture of http://www.wilderssecurity.com/showpost.php?p=1869763&postcount=11

Here are the registry files http://www.wilderssecurity.com/showpost.php?p=1603237&postcount=1

Download the *.txt files, open them with notepad, save as ascii file with .reg extention and you are done

Works perfectly with chrome (chrome allows to download, but explorer does not execute these files unless the block is removed = unblock)

-{ Quote: "PM me I have a keyscrambler Premium key if you want it!
" }-

Wow! I'll take it
PM'd you

-{ Quote: "See picture of http://www.wilderssecurity.com/showpost.php?p=1869763&postcount=11

Here are the registry files http://www.wilderssecurity.com/showpost.php?p=1603237&postcount=1

Download the *.txt files, open them with notepad, save as ascii file with .reg extention and you are done

Works perfectly with chrome (chrome allows to download, but explorer does not execute these files unless the block is removed = unblock)" }-
Is it the guide that i have seen on forum, called "kees guide"?

-{ Quote: "See picture of http://www.wilderssecurity.com/showpost.php?p=1869763&postcount=11

Here are the registry files http://www.wilderssecurity.com/showpost.php?p=1603237&postcount=1

Download the *.txt files, open them with notepad, save as ascii file with .reg extention and you are done

Works perfectly with chrome (chrome allows to download, but explorer does not execute these files unless the block is removed = unblock)" }-


Cheers! Will try this when I get back from work! Is it fool-proof-safe against drive-by downloads?

-{ Quote: "Currently using CIS v5, sandboxie and mamutu.
Everything seems to be getting along....at the moment.
Mamutu is very light and it doesn't conflict w/ D+." }-

Thanks!

-{ Quote: "Cheers! Will try this when I get back from work! Is it fool-proof-safe against drive-by downloads?" }-
The 1806 is a registry key that you set a value for. It is a dword value, with the following results
0 = off
1 = prompt to execute a file that originated from the internet
3 = deny execution of file that originated from internet, but show user it was denied
5 = deny execution of file that originated from internet, and do NOT show user it was denied

On NTFS file systems, a file can have what is called an Alternate Data Stream (ADS). In this case IE and Chrome both create a value in the ADS of the file downloaded which identifies it as originating from the internet. When you have set the 1806 registry key to 1, 3 or 5, windows explorer actually looks for this ADS and will prompt for or deny execution. So it does not prevent downloading, it only creates the identification of where it came from. If you set the 1806 value to 0, the ADS is not created I believe.

Either way, it gives the benefit of allowing you to either be prompted for execution or to deny execution. It may not be foolproof, but it is a nice feature that is ready to go, all you need to do is set the 1806 value.

Sul.

Well I think I finally convinced my parents to switch to FireFox. Well I don't think I did but the malware that infected their machine through ads this morning while they were checking their email did. Gladly it was a simple infection, the fakeav would come up a couple times of hours but I could simply kill it with task manager.

Windows 7 64bit
Firefox 4.1
ClearCloud
SandboxIE - Free
VirusTotal Uploader
Hitman Pro - Free
MBAM - Free
Common Sense - Still working on this one

Pretty light setup I think.

SourMilk out8)

restored from a clean image backup with all the safe-admin tweaks.
installed Opera Browser and changed it to run low integrity.
installed Privoxy
Clearcloud DNS
Returnil


Not installing Google Chrome for now as I'm liking Opera very much

-{ Quote: "New Macbook (warranty covered it)" }-

That's great for you. Now, you know what not to do ;).

-{ Quote: "That's great for you. Now, you know what not to do ;)." }-

Haha. Yeah no liquid is coming within a 20 foot radius of this thing from now on! I am also buying a case JUST incase ;)

-{ Quote: "Haha. Yeah no liquid is coming within a 20 foot radius of this thing from now on! I am also buying a case JUST incase ;)" }-
Good to hear :thumb:

Regarding the case Speck offers some really nice ones IMO
http://www.speckproducts.com/macbook-cases.html

-{ Quote: "Haha. Yeah no liquid is coming within a 20 foot radius of this thing from now on! I am also buying a case JUST incase ;)" }-

Good, now no more accidents on the precious macbook hehe ;D

Realtime:
OA++ (HIPS, 'runsafer', firewall and dual virus engines from the world's best vendors)
Mamutu

On demand:
Hitman Pro
MBAM
Shadow Defender .325

Browser:

Chrome (runsafer = on) with 1806 trick.

shadek nice you have OA++:thumb: :thumb:

-{ Quote: "shadek nice you have OA++:thumb: :thumb:" }-
Want to exchange your Prevx licence for my OA++ (330 days)?

Get bored with it and right now don't have $$ for Prevx.

New setup below in my signature.

Haven't posted for quite a while. A long time now with my set-up: Avira (guard only), Prevx 3.0 paid (no SO) and Sandboxie.
Applocker with LUA and Windows firewall with outbound on. It's so glitch-free and light, starts to get a bit boring.
Do you think I need HIPS with this set-up? And if yes, could you recommend any as I really like Malware Defender but it won't work properly with LUA and I'm dubious - should I run Admin with Applocker, UAC maxed out and add Malware Defender or simply leave it as it is.
Will really appreciate experience shared.

-{ Quote: "Haven't posted for quite a while. A long time now with my set-up: Avira (guard only), Prevx 3.0 paid (no SO) and Sandboxie.
Applocker with LUA and Windows firewall with outbound on. It's so glitch-free and light, starts to get a bit boring.
Do you think I need HIPS with this set-up? And if yes, could you recommend any as I really like Malware Defender but it won't work properly with LUA and I'm dubious - should I run Admin with Applocker, UAC maxed out and add Malware Defender or simply leave it as it is.
Will really appreciate experience shared." }-

Your good :thumb: No need to keep changing a setup all the time.

-{ Quote: "Your good :thumb: No need to keep changing a setup all the time." }-

Well, on the contrary, I haven't changed anything for quite a while. Just trying to make it better without radical changes.

-{ Quote: "Well, on the contrary, I haven't changed anything for quite a while. Just trying to make it better without radical changes." }-

Sandboxie with an AV is a strong enough setup for about 90% of people.
Like I said,your good.

:thumb: agree boost agree:thumb:

A HIPS isn't necessary since you have Applocker.

Shared Network:
Actiontec Modem with SPI Firewall
Sunbelt ClearCloud (Norton DNS alternate)

Real-time Protection:
Avast! Free Antivirus (w/ Network, WebRep, Web Shield) [Password Protected]
Comodo Firewall (w/o Antivirus) [Password Protected]
Malwarebytes' Anti-Malware Pro (w/ IP Blocking)
Microsoft Security Essentials (Monitor only Incoming) [UAC Protected]
WinPatrol Free Cloud Edition

System (Windows 7 Pro 64-bit SP1):
Enabled DEP, SEHOP, Default-Deny SRP, Silent UAC
Disabled Windows Firewall, System Restore, Internet Explorer, Autorun/Autoplay
Enhanced Mitigation Experience Toolkit
Spybot - Search & Destroy (Immunize)

Firefox 4.0.1:
Adblock Plus (Malware Domains subscription)
BitDefender TrafficLight
LastPass
LinkExtend
SandBoxie Free (+ DropRights & Internet Access Restrictions) [Lock Configuration]

On-demand Scanning:
ArcaVir MicroScan
BugBopper
Comodo Cleaning Essentials
Hitman Pro
Norton Power Eraser
Ultimate Boot CD for Windows

Analyzers:
http://camas.comodo.com/
Sysinternals Autoruns
http://www.urlvoid.com/
VirusTotalUploader

Updates:
Freeware Files RSS, Freeware Guide
KC Softwares SUMo

Backup:
Paragon Backup & Recovery Home Special Edition


Ubuntu Natty Netbook:
Firefox: AppArmor Default, Adblock Plus, LastPass, TrafficLight, WOT
BitDefender Free, ClamAV, rkhunter
Regularly updated. Sudo only, no root. Prey active.

Why UAC in silent?

J_L

IF you don't mind

what is you computer specs

you use alot of realtime protection wich consume a massive cpu

i installed avast + prevex and felt the computer going to die :dry:

-{ Quote: "Shared Network:
Actiontec Modem with SPI Firewall
Sunbelt ClearCloud (Norton DNS alternate)
" }-

Any reason for using different DNS services of GFI Sunbelt and Norton?

-{ Quote: "Any reason for using different DNS services of GFI Sunbelt and Norton?" }-
To avoid what happened here (http://www.wilderssecurity.com/showthread.php?p=1850839#post1850839). :)

Windows 7 SP1 64 bit:

Standard Account w/UAC on max
SRP via Parental Controls
Avast free
Windows Firewall
Router firewall
Firefox 4.0.1 w/Adblock plus, flash block, Quick Image

@Hungry Man: Far less annoying that way, and keeps UAC functioning. It just auto-elevates though, which Comodo monitors.

@Ranget: AMD Dual Core 2.30 GHz
4.00 GB RAM
NVIDIA RAID 0 (1 TB 7200RPM)
It isn't as heavy as you think. Idle CPU 0%, No Disk I/O.

@Kees1958: To ensure internet connection if one fails.

Actually i am using setup mentioned in my signature.
Probably I will add Mamutu or Sandboxie.

SpyShelter Beta 2 and HitMan Pro:thumb: :thumb:

-{ Quote: "SpyShelter Beta 2 and HitMan Pro:thumb: :thumb:" }-
thats a good setup..what u using for ur firewall J:)

Switched to Kaspersky 2011 for 90 days;)

Real-Time/Resident/On-Access
DefenseWall Personal Firewall + HIPS v3.12
WinPatrol Cloud Edition Plus 20.5.2011On-Demand
Avira AntiVir Rescue System
Malwarebytes' Anti-Malware Free 1.50.1100.1
SUPERAntiSpyware Free Edition 5.0.1078
Norton Power Eraser
Emsisoft Emergency Kit
Hitman Pro Paid 3.5.8 Build 121Network/Browser
TP-Link TL-WR340G 54M Wireless G Router (SPI Firewall)
Norton DNS
Mozilla Firefox 4 (Sandboxed by DefenseWall, ABP, NoScript)
Google Chrome 13 (Sandboxed by DefenseWall, ABP)System Hardening
Autorun/Autoplay: Disabled
Windows Firewall: Disabled
Windows Defender: Disabled
Windows System Restore: Disabled
Administrator Account
User Account Control: Default
Enhanced Mitigation Experience Toolkit 2.1: Maximum settings
All Internet-facing applications + Microsoft Office 2010
Unsigned Drivers: Block
Detect Application Installations: OffInstant Recovery
Rollback Rx Acer Aspire Netbook (Windows XP SP3):
Sandboxie Paid 3.54
SpyShelter Premium 5.20 Beta 3

i use windows's own firewall for inbound protection;) and the one built in the router

Windows 7 Professional 32-bit (Modem-Router NAT: enabled)

separate partitions for:
SYSTEM
PROGRAMS
DATA

Setup:
Disabled Windows System Restore and Windows Defender
User Account Control set to Highest
Microsoft Security Compliance Manager (MSCM) for downloading Baseline Security Templates from Microsoft that will harden Group Policy settings.
LocalGPO (included in MSCM) this tool is used to apply Security Templates.

Templates used: Merged copy of Win7SSLFComputer, Win7SSLFUser and IE8SSLFComputer, IE8SSLFUser
Do not allow legacy apps to run


Modified GPO thru 'gpedit.msc' also added some Safe-Admin tweaks
allowed Administrators to debug programs (Compatibility for EMET. see below)
1806 trick



Enhanced Mitigation Experience Toolkit (EMET) to apply the ff. and more:

Data Execution Prevention (DEP): Opt-out
Structured Exception Handling Overwrite Protection (SEHOP): Opt-out
Address Space Layout Randomization (ASLR): Opt-in


Returnil for system virtualization (antivirus disabled / trust programs from real disk only)
Peerblock
Privoxy
ClearCloud DNS
Hitman Pro (for fast scans)


Opera Browser (Protected Mode via icacls + EMET + Privoxy + UAC Virtualised )


Clearcloud DNS
plugins only on-demand.
disk cache off.
never check cached documents and images
Disabled Geolocation and mouse gestures.
Fanboy's Adblock list for Opera urlfilter + stylesheet
Privoxy settings:
change-x-forwarded-for{block}
client-header-tagger{image-requests}
client-header-tagger{css-requests}
crunch-if-none-match
filter{html-annoyances}
filter{content-cookies}
filter{refresh-tags}
filter{img-reorder}
filter{banners-by-size}
filter{banners-by-link}
filter{webbugs}
filter{jumping-windows}
filter{frameset-borders}
hide-from-header{block}
hide-if-modified-since{-60}
hide-referrer{conditional-block}
limit-connect{,}
overwrite-last-modified{randomize}
session-cookies-only
set-image-blocker{pattern}
1806 Trick
On-demand use of JanusVM + Enable Opera Turbo during Anonymous/Private session.




I need a FREE antikeylogger and I'm done.

[For Windows 7 Only] here's a tutorial how to apply Microsoft Baseline Security template (tools included)
http://www.mediafire.com/?a6oqyg7tvtyikva

Keylogger blockers aren't really useful. If you have a proper prevention setup, why bother with programs that assume you're infected?

-{ Quote: "Keylogger blockers aren't really useful. If you have a proper prevention setup, why bother with programs that assume you're infected?" }-

I don't trust even the most legitimate programs, yes, including my security apps. ;D

Trying out Emsisoft Anti-Malware + Online Armor Premium :)

good combo man:thumb:

-{ Quote: "I don't trust even the most legitimate programs, yes, including my security apps. ;D" }-
:ouch: Who do you have out to get you?

-{ Quote: "I don't trust even the most legitimate programs, yes, including my security apps. ;D" }-
Why do you trust another security app then?

i think a solid firewall software will do the job as to control for outbound trafic;) in real time:thumb:

-{ Quote: ":ouch: Who do you have out to get you?" }-
I don't know...

-{ Quote: "Why do you trust another security app then?" }-
I don't know this as well... ;D

A lot of the security software (Comodo has a lot of features like this) are really not anti-malware but antihacker. Unless you frequent sketchy forums or are a target for some other reason... they're kind of useless to most people. And yet I see most people implement these security features on here (I'm one of them.) I just feel that there's a point where you should look at your setup and say "What can I take away?"

Well, we are all paranoids here man ;D :thumb:

Just to reiterate :-

Sandboxie Free, AVG 2011 Free and ZA Free, plus SpywareBlaster.

Anybody who uses Sandboxie or Returnil makes this thread irrelevant, over 15,500 posts become just uninteresting reading matter.

With these two programs, security is absolute. Endgame.

-{ Quote: "Just to reiterate :-

Sandboxie Free, AVG 2011 Free and ZA Free, plus SpywareBlaster.

Anybody who uses Sandboxie or Returnil makes this thread irrelevant, over 15,500 posts become just uninteresting reading matter.

With these two programs, security is absolute. Endgame." }-

Odd, I use Sandboxie and yet still enjoy reading this thread all the time (except for maybe one very recent irritatingly self-important post:dry: ).

Tried Look 'n' Stop but had a few issues, went back to the simple Windows 7 firewall. Probably enough since I'm using a router.

re-installed Sandboxie for more protection for Firefox 4.

DefenseWall FW+HIPS 3.12
Shadow Defender 1.1.0.325
Macrium Reflect Full Edition 4.2/3141

Tried OA++ yesterday...it was much much lighter than i had expected...even lighter than avast maybe...
but there are very few almost nil options for the antivirus part of the suite so uninstalled it and back to AIS

-{ Quote: "
but there are very few almost nil options for the antivirus part of the suite" }-

That is to say, the number of the option does not do any useful work, it's a code that does it :)

Changed Main/Default browser from Opera to Internet Explorer 9 :thumb:

I'm wondering why CCleaner took longer to clean IE9 compared to other browsers. ???

-{ Quote: "That is to say, the number of the option does not do any useful work, it's a code that does it :)" }-

code...what code ?

Just used EMET and set it to maximum security.

SpyShelter Premium Beta 3:thumb:

-uninstalled Sandboxie
-re-installed Geswall Pro.

hopefully i don't get BSOD's like last time i tried Geswall.
maybe this 2.91 version will do the trick.

Using Spyshelter Premium

Look n stop firewall (still learning rules, thx to stem)
Sandboxie (for all easy to exploit app, using sully's idea)
Emsisoft Anti Malware (heuristic on->haven't produce any false positive yet)
Spyshelter beta 3 (restricted mode for any suspicious downloaded file, and also Internet explorer 9)
EMET : max UAC : max (I never use UAC before kees1958 suggested it ;D)

Very happy with my set up, it's light and strong enough for my needs.
The only changes would occur when EAM 6 is on open beta.

-{ Quote: "Using Spyshelter Premium" }-

Changing setups again K? LOL are you pulling moves like J now? ;D

Hi.
My security setup:

1.Comodo firewall with defense plus
2.Avast free antivirus
3.Malwarebytes antimalware free
4.Superantispyware free
5.Prevx free
6.Hitman pro free
7.Panda usb vaccine
8.Secunia psi
9.Firefox-adblock plus, betterprivacy, bitdefender quick scan, bitdefender full scan (as backup) and various other online scanners free
10.Backup software-paragon backup advanced free or easeus todo backup (not decided yet,can anyone help me decide?)

-{ Quote: "Hi.
My security setup:" }-
Some suggestions
Scanners - Emsisoft Emergency Toolkit (http://www.emsisoft.com/en/software/eek/)
Visualization - Sandboxie (http://www.sandboxie.com/) or Geswall (http://www.gentlesecurity.com/geswall.html)
Backup - Keriver 1-Click Restore Free (http://www.keriver.com/)

dja2k

Thanks for your suggestion.
Do you think sandboxie is really needed in my security brigade?
I would really appreciate if you help me choose between easeus todo and paragon advanced.

-{ Quote: "Changing setups again K? LOL are you pulling moves like J now? ;D" }-
yea going back to what used to work for me..I cannot pull moves like him..He changes with every boot...ends up frying his pc all smoked and everything;D

-{ Quote: "code...what code ?" }-

Code is what makes a program to do anything (including useful work).

still running SpyShelter Premium and happy with it;)

I'm back to ESET Smart Security (Beta) again now, Emsisoft products are very impressive but slowed down my laptop quite a bit and blocked a little bit too much, maybe I'm back to it at a later moment again ;)

-{ Quote: "yea going back to what used to work for me..I cannot pull moves like him..He changes with every boot...ends up frying his pc all smoked and everything;D" }-

Yea I hear ya. I'm doing the same. J has some smoked bacon ready for you hahaha. ;D

;D ;D

Using DefenseWall HIPS + PF & SpyShelter Premium 5.20 beta 3... working very well ;D

LUA
Avast Free
ClearCloud DNS
Secunia Psi
Hitman Pro&Mbam on demand
Windows 7 Backup and Restore

-{ Quote: "Thanks for your suggestion.
Do you think sandboxie is really needed in my security brigade?
I would really appreciate if you help me choose between easeus todo and paragon advanced." }-
Not really, but SBIE would be another layer of protection. Also remember that scanners aren't 100% and sneaky malware can bypass them.

If I had to choose between the two, I'd go with Easeus Todo Backup Home.

dja2k

My setup is pretty overkill. I've never had a virus and I've gone for a long time with firewall off and no antivirus.

currently using Mvps Host File;) :thumb:

ESET Smart Security 5 Beta
MBAM Pro/CCleaner

(Sometimes hold my breath & close my eyes)

uninstalled Geswall after a BSOD (for some reason Geswall hates my computer) and hardened Firefox with icalcs instead.

Added hitman pro

good choice my friend:thumb:

-{ Quote: "Added hitman pro" }-

Rut oh K is on the rampage again lol.. Maybe I should add a program to my setup since K added something so I won't fill left out hehe..

-{ Quote: "Rut oh K is on the rampage again lol.. Maybe I should add a program to my setup since K added something so I won't fill left out hehe.." }-
dont add the snake back..lol ;D

-{ Quote: "dont add the snake back..lol ;D" }-

Why not? I thought you liked the snake? ;D

i think vipre antivirus is a good choice:)

-{ Quote: "Why not? I thought you liked the snake? ;D" }-
lol I used to..but its firewall and HIPS is one of a kind..i dont like that much excitement..too much to handle:argh:

guys just wait when prevx deliever its own in house cook firewall you will dump all firewalls;)

Using panda cloud free for the time being.... very light :thumb:

J, your signature are spyshelter 5.20.
Did u get the final version?

it's beta man;D

-{ Quote: "Using panda cloud free for the time being.... very light :thumb:" }-
Doesn't panda cloud free not include heuristics? I remember there being features that I simply could not do without.

-{ Quote: "Doesn't panda cloud free not include heuristics? I remember there being features that I simply could not do without." }-
Panda Cloud does include heuristics. Also, the scanning engine is the same as Panda's paid products.

Hm. I could have sworn it was missing some critical feature for me.

Windows 7 64 bit:

1 Standard Account/UAC on max
2 SRP via Parental Controls (added)
3 EMET (added)
4 Windows Firewall
5 Firefox
6 Router
7 Windows Defender
* Avast (removed)

-{ Quote: "Windows 7 64 bit:

1 Standard Account/UAC on max
2 SRP via Parental Controls (added)
3 EMET (added)
4 Windows Firewall
5 Firefox
6 Router
7 Windows Defender
* Avast (removed)" }-

nice and lean! :thumb:

the way i like my setup! :)

I agree. No need to go crazy with security programs, use what you need and leave it at that.

-{ Quote: "Windows 7 64 bit:

1 Standard Account/UAC on max
2 SRP via Parental Controls (added)
3 EMET (added)
4 Windows Firewall
5 Firefox
6 Router
7 Windows Defender
* Avast (removed)" }-

Nice setup :thumb: Light & powerful

Setup A vipre av - clearcloud dns - router - k9 webfilter - keyscrambler
Setup B ( for when i get fidgety ) MSE - spyshelter free ( replaces vipre in Setup A)
MBAM free
SAS free
Windows xp firewall

-{ Quote: "Setup A vipre av - clearcloud dns - router - k9 webfilter - keyscrambler
Setup B ( for when i get fidgety ) MSE - spyshelter free ( replaces vipre in Setup A)
MBAM free
SAS free
Windows xp firewall" }-


Great setup but if it was me.. I would use norton dns instead of clearcloud.. Because VIPRE has the same detection list of clearcloud.

-{ Quote: "I agree. No need to go crazy with security programs, use what you need and leave it at that." }-

:thumb:

:thumb:

-{ Quote: "Great setup but if it was me.. I would use norton dns instead of clearcloud.. Because VIPRE has the same detection list of clearcloud." }-

thank you - good point . i will do so . cheers .

Back to avast :D

Question for those of you who use Applocker...Are MrBrian rules still good as is since they date back to mid 2010.

dja2k

On the road at the moment. Dusted off the old laptop to take along with me.
Running Windows XP Pro, Zemana Antilogger, Sandboxie and Malwarebytes Anti-malware free.

still same for 1 week with spyshelter premium beta 3 and hitman pro

-{ Quote: "Question for those of you who use Applocker...Are MrBrian rules still good as is since they date back to mid 2010.

dja2k" }-


of course they are even though i don't use them ;D

May 19, 2011 (http://www.wilderssecurity.com/showpost.php?p=1855576&postcount=14965) - Updated , Added , Removed

Windows 7 Ultimate SP1 x64 - LUA w\ Applocker (MrBrian Ruleset)

(UAC: ON, WD: OFF, FW: OFF, DEP: ON, SEHOP: ON, EMET: MAX)

Network
Three Linksys WRT54G Routers (DD-WRT Firmware)
Netgear PowerLine AV 500 Adapters
Wired Cat5e Connection between all 3 Routers
WPA2-PSK AES Encryption
SPI Firewall Enabled
Norton & ClearCloud DNS Configuration
Resident
Shadow Defender 1.1.0.326* (Paid)
Online Armor ++ 5.0 Beta (Paid)
Sandboxie 3.55.06 Beta (Paid)
Mamutu 3.0.0.19 (Paid)
On-Demand
Active@ Disk Image 5.0.2* (Paid)
VMWare Workstation 7.1.4 Build 385536 (Paid)
Emsisoft Emergency Kit 1.0.0.25
Malwarebytes' Anti-Malware 1.50 (Paid)
Browser, Immunization, Tweaks
Firefox 5.0 Beta (Ad-Block Plus, WOT, BetterPrivacy)
Internet Explorer 9.0
KeyScrambler Professional 2.8.0.1
LastPass 1.73.0 (IE & FF)
Bluetack Safepeer SPLists (via OA for P2P Only)
Spybot Search & Destroy 1.6.2 (Full Immunization w/o Global Hooks)
Spyware Blaster 4.4 (All Protection Enabled + Customblocking.txt)
BlackViper's Services Registry Files (Safe W7 Ultimate 64 Start)
Ultimate Windows Tweaker 2.2 (Customized)
SpeedGuide.net Vista TcpIp Patch 1.5
*ShadowMode (Enabled) and Active Disk Image (Weekly)

dja2k

-{ Quote: "May 19, 2011 (http://www.wilderssecurity.com/showpost.php?p=1855576&postcount=14965) - Updated , Added , Removed

Windows 7 Ultimate SP1 x64 - LUA w\ Applocker (MrBrian Ruleset)

(UAC: ON, WD: OFF, FW: OFF, DEP: ON, SEHOP: ON, EMET: MAX)

Network
Three Linksys WRT54G Routers (DD-WRT Firmware)
Netgear PowerLine AV 500 Adapters
Wired Cat5e Connection between all 3 Routers
WPA2-PSK AES Encryption
SPI Firewall Enabled
Norton & ClearCloud DNS Configuration
Resident
Shadow Defender 1.1.0.326* (Paid)
Online Armor ++ 5.0 Beta (Paid)
Sandboxie 3.55.06 Beta (Paid)
Mamutu 3.0.0.19 (Paid)
On-Demand
Active@ Disk Image 5.0.2* (Paid)
VMWare Workstation 7.1.4 Build 385536 (Paid)
Emsisoft Emergency Kit 1.0.0.25
Malwarebytes' Anti-Malware 1.50 (Paid)
Browser, Immunization, Tweaks
Firefox 5.0 Beta (Ad-Block Plus, WOT, BetterPrivacy)
Internet Explorer 9.0
KeyScrambler Professional 2.8.0.1
LastPass 1.73.0 (IE & FF)
Bluetack Safepeer SPLists (via OA for P2P Only)
Spybot Search & Destroy 1.6.2 (Full Immunization w/o Global Hooks)
Spyware Blaster 4.4 (All Protection Enabled + Customblocking.txt)
BlackViper's Services Registry Files (Safe W7 Ultimate 64 Start)
Ultimate Windows Tweaker 2.2 (Customized)
SpeedGuide.net Vista TcpIp Patch 1.5
*ShadowMode (Enabled) and Active Disk Image (Weekly)

dja2k" }-

It is virtually impossible to infect you something. Great setup!

-{ Quote: "It is virtually impossible to infect you something. Great setup!" }-
:D Thanks!

dja2k

-{ Quote: "Nice setup :thumb: Light & powerful" }-

Thanks much. Sure has taken a good while to find a light/powerful combo.

-{ Quote: "nice and lean! :thumb:

the way i like my setup! :)" }-

Thanks moontan. I'm just not a believer in bogging down an OS especially if the OS provides the "bug spray" to neutralize the bugs. ;D

My setup:

OS: WIN XP SP3(32bit)
RAM: 1GB

Antivirus- Avast antivirus free
Firewall- Comodo firewall with defense plus
Antimalware/Antispyware- Malwarebytes antimalware free and Superantispyware free
Browser- Firefox (adblock plus,betterprivacy and bitdefender quickscan)
Other- secunia PSI, Prevx free, Hitman PRO free, HiJackThis and Panda USB vaccine
Backup- Easeus Todo backup home free

My pc is running smoothly and no infection so far with continuous learning from great forums and ways to stay out of trouble.

I've tried bufferzone. Browser started acting funny and pc got slow and sluggish. So removed bufferzone.

Did not try sandboxie(not enough positive reviews, possible unresolved incompatibility with comodo defense plus sandbox and avast auto sandbox,etc) or returnil(not sure of the necessity of a virtual environment when I have my solid setup,possible clash of the realtime antivirus and antimalware protection component of free returnil with avast and when asked in forum I was advised to install returnil first and then avast or any other antivirus which I did not find convincing).


Any changes to the setup or suggestion is heartily welcome.

-{ Quote: "
Did not try sandboxie(not enough positive reviews" }-
I suggest you try some different sources for reviews ;D

Of all the applications that are geared towards security, Sandboxie would rank as a likely #1 tool in terms of usability, stability and performance. At least it would in mine and maybe one or two others ;)

Sul.

Not enough positive reviews for Sandboxie? This forum is full of them (along with much of the Internet)!
It's not necessary if you're using Avast's and Comodo's sandbox correctly though.

@ Sully
I think you misunderstood me. I'm sorry I couldn't make myself more clear.
I was not trying to mean that I found few positive review on sandboxie and that its usability and performance is somewhat lower in comparison with others.

What I meant was I now have a security setup which I plan to keep for some months if not years. And I don't want to change more than two programs(Comodo firewall with defense plus and Avast free antivirus) to make way for one(Sandboxie).
So I meant I did not found enough reviews suggesting or rather ensuring me that I could add sandboxie without any changes to the setup and that it would definitely make a good additional layer of protection(not that its bad or no.2 or something) to my already good protection(Avast autosanbox,Comodo auto and ondemand sandbox).

@J_L

Yes I have read many reviews recommending sandboxie in this forum but I did not get what I was looking for.
As stated above I hope there will be no more misunderstanding.
You guys love Sandboxie because you use it. Maybe I'll do that when I'll also use it. I'm not degrading Sandboxie as an effective program but just need some strong assurance on my issue as stated above.
I agree with you that if I use those two correctly then sandboxie is not needed.

That is why I've come here. You guys are experienced and knowledgeable and so should help and guide silly people like me, don't you think so?

Please suggest or recommend any change, addition or removal of items(including Sandboxie) in my setup.

Thank you.

"You can prove Einstein a fool if you make yourself funny enough"

-{ Quote: "
Please suggest or recommend any change, addition or removal of items(including Sandboxie) in my setup.
" }-

If I'm the only person using the computer, I'd use Sandboxie alone + some tweaking.
learn the attack vectors and try to mitigate them using least computer resources possible. it's fun. that's how I build my setup below (see sig.)

Yeah, the one of the product that I'll continue to use whenever I can

Sandboxie definitely is one of the best sandbox and I hope it will never die ;D

-{ Quote: "I suggest you try some different sources for reviews ;D

Of all the applications that are geared towards security, Sandboxie would rank as a likely #1 tool in terms of usability, stability and performance. At least it would in mine and maybe one or two others ;)

Sul." }-

I fully agree here :thumb: Sandboxie is #1 security tool with plenty of possible combinations with stable and fast operations. A must have tool for me :)

@Konata Izumi
I see you use clearcloud dns in your sig. I also wanted to use but then I read users complaining on how it slowed their browsing session that is it took long time in loading pages.Even in their own forum clearcloud dns users posted their concerns. So how is your experience with it? Are you having the same problem? And do you recommend it to add to my setup?

@blasev and @boyfriend
Do you guys recommend me sandboxie to add to my setup which already includes comodo sanbox and avast autosanbox? Do you two really think sanboxie can give me a great extra layer of protection?

Thanks.

-{ Quote: "@Konata Izumi
I see you use clearcloud dns in your sig. I also wanted to use but then I read users complaining on how it slowed their browsing session that is it took long time in loading pages.Even in their own forum clearcloud dns users posted their concerns. So how is your experience with it? Are you having the same problem? And do you recommend it to add to my setup?

@blasev and @boyfriend
Do you guys recommend me sandboxie to add to my setup which already includes comodo sanbox and avast autosanbox? Do you two really think sanboxie can give me a great extra layer of protection?

Thanks." }-
you can also try Norton DNS which is pretty good.

you already have enough sandboxes as it is.
if i had to use only 1 sandbox i'd chose SBie.

-{ Quote: "May 19, 2011 (http://www.wilderssecurity.com/showpost.php?p=1855576&postcount=14965) - Updated , Added , Removed

Windows 7 Ultimate SP1 x64 - LUA w\ Applocker (MrBrian Ruleset)

(UAC: ON, WD: OFF, FW: OFF, DEP: ON, SEHOP: ON, EMET: MAX)

Network
Three Linksys WRT54G Routers (DD-WRT Firmware)
Netgear PowerLine AV 500 Adapters
Wired Cat5e Connection between all 3 Routers
WPA2-PSK AES Encryption
SPI Firewall Enabled
Norton & ClearCloud DNS Configuration
Resident
Shadow Defender 1.1.0.326* (Paid)
Online Armor ++ 5.0 Beta (Paid)
Sandboxie 3.55.06 Beta (Paid)
Mamutu 3.0.0.19 (Paid)
On-Demand
Active@ Disk Image 5.0.2* (Paid)
VMWare Workstation 7.1.4 Build 385536 (Paid)
Emsisoft Emergency Kit 1.0.0.25
Malwarebytes' Anti-Malware 1.50 (Paid)
Browser, Immunization, Tweaks
Firefox 5.0 Beta (Ad-Block Plus, WOT, BetterPrivacy)
Internet Explorer 9.0
KeyScrambler Professional 2.8.0.1
LastPass 1.73.0 (IE & FF)
Bluetack Safepeer SPLists (via OA for P2P Only)
Spybot Search & Destroy 1.6.2 (Full Immunization w/o Global Hooks)
Spyware Blaster 4.4 (All Protection Enabled + Customblocking.txt)
BlackViper's Services Registry Files (Safe W7 Ultimate 64 Start)
Ultimate Windows Tweaker 2.2 (Customized)
SpeedGuide.net Vista TcpIp Patch 1.5
*ShadowMode (Enabled) and Active Disk Image (Weekly)

dja2k" }-

Do you really need both OA++ and Mamutu if you using Applocker? Just a thought. Great setup though.

-{ Quote: "@Konata Izumi
I see you use clearcloud dns in your sig. I also wanted to use but then I read users complaining on how it slowed their browsing session that is it took long time in loading pages.Even in their own forum clearcloud dns users posted their concerns. So how is your experience with it? Are you having the same problem? And do you recommend it to add to my setup?

@blasev and @boyfriend
Do you guys recommend me sandboxie to add to my setup which already includes comodo sanbox and avast autosanbox? Do you two really think sanboxie can give me a great extra layer of protection?

Thanks." }-

not necessary, If you're already comfortable and secure
u can use what u like (maybe in this case comodo sandbox)
and that should be enough protection

but in term of sanbox protection, I'll bet my 2 cent on sandboxie quality
why don't u try the free version? its free and easy to uninstall if u change your mind

my security setup update:
added Chromium browser for regular browsing.
added Avast Antivirus FREE
Avast File Shield: Unchecked: scan when opening and writing. only scan scripts and libraries when executing. (sometimes I disable this completely)
Web Shield: to scan Privoxy Traffic.
Network Shield: Enabled
Script Shield: Enabled
Behavior Shield: Enabled

-{ Quote: "@Konata Izumi
I see you use clearcloud dns in your sig. I also wanted to use but then I read users complaining on how it slowed their browsing session that is it took long time in loading pages.Even in their own forum clearcloud dns users posted their concerns. So how is your experience with it? Are you having the same problem? And do you recommend it to add to my setup?

@blasev and @boyfriend
Do you guys recommend me sandboxie to add to my setup which already includes comodo sanbox and avast autosanbox? Do you two really think sanboxie can give me a great extra layer of protection?

Thanks." }-

I did not encounter any problems from clearcloud dns yet.


make a clean image backup of your system so you can experiment creating different setups and then pick the setup you like.

@moontan
Are you sure norton dns is effective and does not slow browsing sessions?
And thanks for advice. I also think I do not need sandboxie with the other sandbox programs that I have.
I don't understand your last post. What do you mean by UAC?
@blasev
Thanks buddy. I'll try it later.Like you said I do not need it now, maybe later.
Any suggestion or advice on my setup is much appreciated. Please suggest me anything to add like moontan did about norton dns.

my setup: avast free, comodo fw/d+, mbam free, sas free, hitman pro free, prevx free, secunia psi, panda usb vaccine, hijackthis, firefox(adblock plus,betterprivacy and bitdefender quickscan), easeus todo backup home free.

OS: win xp sp3(32bit)
RAM: 1gb

no, nothing else. u'r setup is more than enough for me.
but like konata said, if u want to experiment. just use clean image backup

@konata izumi
Okay. I'll give clearcloud dns a try.
You asked me to make a clean image of my system. I have easeus todo backup home free.
Do you think it will get the job done or do you suggest anything better. If you do please keep it free.

I have planned to buy a software just for that job and I've already posted it in another thread and got the specific recommendation.
In the meantime I'll go with the free ones.

Thanks again for your help.

@blasev
Same question as to konata. You think todo backup free is good enough for that purpose momentarily?

-{ Quote: "I suggest you try some different sources for reviews ;D

Of all the applications that are geared towards security, Sandboxie would rank as a likely #1 tool in terms of usability, stability and performance. At least it would in mine and maybe one or two others ;)

Sul." }-

+1. Sully told me about Sandboxie a year ago and helped me set it up and I've been grateful ever since. It is the core of my security plan.

-{ Quote: "@moontan
Are you sure norton dns is effective and does not slow browsing sessions?
And thanks for advice. I also think I do not need sandboxie with the other sandbox programs that I have.
I don't understand your last post. What do you mean by UAC? " }-

there was no major changes for me after setting up Norton DNS.
if anything, my browing felt a little faster.

UAC = User Account Control.
i deleted that post because it was in the wrong thread...

@moontan
Oh....... Okay.

-{ Quote: "@konata izumi
Okay. I'll give clearcloud dns a try.
You asked me to make a clean image of my system. I have easeus todo backup home free.
Do you think it will get the job done or do you suggest anything better. If you do please keep it free.

I have planned to buy a software just for that job and I've already posted it in another thread and got the specific recommendation.
In the meantime I'll go with the free ones.

Thanks again for your help.
" }-

the only imaging program I've tried in XP is Macrium Reflect FREE.
http://www.macrium.com/reflectfree.asp

If you're scared go to church :)

-{ Quote: "Do you really need both OA++ and Mamutu if you using Applocker? Just a thought. Great setup though." }-
Thanks! Mamutu was removed that's why it was highlighted in Red :D . OA++ (though HIPS not needed) is there to stay, but I am reviewing the ability of built in Win7 Firewall with Advanced Security rules.

dja2k

Hello, I just joined forums but this isn't the first time to being at WSF anyhow had random visits for a while and I like it here, this is my security setup. your advice is appreciated.

OS;
Windos 7 sp1 x64
EMET hardening

backup;
windows/paragon backup & recovery 2011 advanced free

fire wall;
hardware/online armor free

hips;
online armor firewall
mamutu


real-time;
avast free/unistalled bb

on-demand scanner;
mbam free
hitman pro
sas

browsers;
firefox 4
ie 9

firefox add-ons;
adblock plus
betterprivacy
keyscrambler free
wot

ie add-ons;
tracking protection on
NAI
fanboy-adblock
abines
keyscrambler
wot

-{ Quote: "Of all the applications that are geared towards security, Sandboxie would rank as a likely #1 tool in terms of usability, stability and performance. At least it would in mine and maybe one or two others ;)" }-
-{ Quote: "+1. Sully told me about Sandboxie a year ago and helped me set it up and I've been grateful ever since. It is the core of my security plan." }-
+2. It's been almost 5 months for me with Sandboxie, and Sul has been a great help!
I agree 100% with justenough... SBIE is the core of my security plan.
The way I see it, my computers should be measuring time as BS and AS... Before Sandboxie and After Sandboxie. ;)

I really dig native security solutions primarily because in the days of yester-year the options were either fairly resource intensive (bogged you down) or really chatty ("click yes or no"), or both, and native solutions can be very effective and are certainly lightweight! Some of the newer solutions are light-years ahead of thier predecessors in these areas, for sure.

Sandboxie has really been the one tool that no matter what new half-baked security scheme I am toying with, is always there and always does exactly what I want it to. For people using LUA/SUA/UAC, they have a leg up on the whole affair, and Sandboxie might not bring as much to the table as it used to. For those who go further and implement a default deny policy, even more so. But even in those situations, there is nothing quite like it in terms of how quiet it is, in how robust it can be, in how secure you can make it, and IMHO how it can really change how and what you do, especially in terms of online banking and the like.

For myself, I will never be a User on my machine, as I am not a User but an Admin, and all that I do, literally 90% of the time, is Admin related activities. So for me, Sandboxie is my literal sandbox to tinker in with almost all new programs and often settings. It has supplanted vmWare as my test environment because it takes no resources, costs next to nothing compared to vmWare, and is always loaded. vmWare still gets used, but for fewer and more specific purposes than it used to.

I cannot and will not go back to being online without it. I could manage to stay infection free I am sure, but it isn't only the security for me that makes me praise it, it is the whole package.

Sul.

I've always wonder, sully did u use anything else real time? (Besides sandboxie)

-{ Quote: "Please suggest or recommend any change, addition or removal of items(including Sandboxie) in my setup. " }-
You're set to go. Nothing more is necessary, but you can add internet safety checkers like ClearCloud DNS and BitDefender TrafficLight.

The first checks websites against their database of known malicious sites. Once detected, you are prevented entry and the site won't affect you. For false positives, you can submit them to get it fixed within hours. It is updated automatically on their servers. That, and its excellent detection rate, are why I chose it over several other options. You can apply it on your router as well.

The second scans websites in real-time. Therefore, it's very effective against zero-days. You can go to the website anyways, so that takes care of false positives. I prefer the extension version over install, because it's far lighter and more compatible.

My probable future security setup...

System restrictions: SUA+SRP(whitelist via parental controls)+UAC
System Restore: Keriver 1 Click Restore
Browser protection: Sandboxie+Keyscrambler
AV: (?)+Hitman Pro
Windows Firewall


About the AV (?), considering:
- Avast[file shield only, on-execution]
- Panda cloud AV free
- Emisoft AM free [on-demand only]

i think i am going to settle down with SpyShelter and hitman pro:thumb:

My current setup :

Resident :
KIS 2011 (everything ON)
NIS 2011 (w/o spam filter)
Mamutu
OA++
Sandboxie
Threatfire
Prevx (w/o Safeonline)

Hardening:
It's a long list but everything is ON (DEP, SEHOP etc.) , UAC on maximum.
EMET of course.

Backup (Images and snapshots are created hourly) :
Ashampoo Backup
Windows Internal Backup System

On demand scanners (daily full scans) :
Hitman
MBAM
Super AntiFighter
Ultra Killer
Giant malware destroyer
Norton power eraser

Firewall is hardware on isolated subnet , using OA firewall along with it just in case.
For DNS protection I'm not sure yet, still testing ... but currently I'm on ClearCloud solution (it's good so far IMO)

Browser isolated all the time via different solutions (Sandboxie, OA Run Safer, KIS)
Various browser addons, mostly privacy, security and malware related.

Machine is running nice and smooth, I think I'm good to go :)

I'm considering adding Avast to the mix, any suggestions ?

-{ Quote: "My current setup :

Resident :
KIS 2011 (everything ON)
NIS 2011 (w/o spam filter)
Mamutu
OA++
Sandboxie
Threatfire
Prevx (w/o Safeonline)

Hardening:
It's a long list but everything is ON (DEP, SEHOP etc.) , UAC on maximum.
EMET of course.

Backup (Images and snapshots are created hourly) :
Ashampoo Backup
Windows Internal Backup System

On demand scanners (daily full scans) :
Hitman
MBAM
Super AntiFighter
Ultra Killer
Giant malware destroyer
Norton power eraser

Firewall is hardware on isolated subnet , using OA firewall along with it just in case.
For DNS protection I'm not sure yet, still testing ... but currently I'm on ClearCloud solution (it's good so far IMO)

Browser isolated all the time via different solutions (Sandboxie, OA Run Safer, KIS)
Various browser addons, mostly privacy, security and malware related.

Machine is running nice and smooth, I think I'm good to go :)

I'm considering adding Avast to the mix, any suggestions ?" }-
Stupid question time. Are you using more than one machine?

2 Internet Security and 2 behaviour blockers?! OMG, and you're considering to add Avast...

By Super AntiFighter, do you mean SuperAntiSpyware? Also what is this Giant malware destroyer?

AppGuard 3.0.13.0
Sandboxie 3.54
Shadow Defender 1.1.0.325
Macrium Reflect Full Edition 4.2/3141

-{ Quote: "My current setup :

Resident :
KIS 2011 (everything ON)
NIS 2011 (w/o spam filter)
Mamutu
OA++
Sandboxie
Threatfire
Prevx (w/o Safeonline)

Hardening:
It's a long list but everything is ON (DEP, SEHOP etc.) , UAC on maximum.
EMET of course.

Backup (Images and snapshots are created hourly) :
Ashampoo Backup
Windows Internal Backup System

On demand scanners (daily full scans) :
Hitman
MBAM
Super AntiFighter
Ultra Killer
Giant malware destroyer
Norton power eraser

Firewall is hardware on isolated subnet , using OA firewall along with it just in case.
For DNS protection I'm not sure yet, still testing ... but currently I'm on ClearCloud solution (it's good so far IMO)

Browser isolated all the time via different solutions (Sandboxie, OA Run Safer, KIS)
Various browser addons, mostly privacy, security and malware related.

Machine is running nice and smooth, I think I'm good to go :)

I'm considering adding Avast to the mix, any suggestions ?" }-

Totally meaningless configuration. It is better to reveal it!

-{ Quote: "AppGuard 3.0.13.0
Sandboxie 3.54
Shadow Defender 1.1.0.325
Macrium Reflect Full Edition 4.2/3141" }-

Slim and cool!;D

:thumb: :thumb:simple is better

added sandboxie to a vista x32....:)

good K;)

Trying Vipre Premium and Sandboxie right now..


Slim and powerful :argh: :thumb:

-{ Quote: "Trying Vipre Premium and Sandboxie right now..
Slim and powerful :argh: :thumb:" }-
Great combo, LB.
VIPRE runs lighter for me than avast ever did.
And with SBIE, you're standing on very solid ground, man. 8) ;)

Trying out Vipre Antivirus with Zemana Antilogger and Look N Stop. So far pretty smooth going...8) :thumb: I'll probably reinstall OA 5 Premium with Vipre in a few days.

Win7 Pro 32-bit:

Sandboxie with internet and start/run restrictions and drop rights with Avira free (Nag screen stopped via Local Security Policy)

MBAM and Hitman Pro on-demand.

EMET at max and configured for all internet facing apps. All Autorun features disabled via Group Policy Editor.

-{ Quote: "I've always wonder, sully did u use anything else real time? (Besides sandboxie)" }-
No, I don't anymore.

All browsers start restricted via Integrity Levels (usually). All browsers are forced into a separate sandbox. All sandboxes are restricted. All browsers download all files to a common directory, which is itself forced into a separate sandbox with no outbound network access allowed. All media player have thier own sandbox. In short, all programs likely to be an entrance for malicious files are held with Sandboxie.

System hardening rounds out the security, whether using Integrity Levels or rights to files/folders. It is not the right approach for many, but for me, I do not have issues, ever. I like the lack of configuring a piece of software, which gives me more time to check out obscure settings in the OS and see how they might add/detract from my security.

If I am especially nervous about a file, I will upload it to an online scanner, but that is pretty rare. But then, I don't download a lot of stuff that could have malware etc. I primarily look for little tools that have been around awhile, or are open source, or I just search for code to see how it works, and sometimes try to build it myself ;)

Sul.