-{ Quote: "Then it is the "SecureAnywhere/Suite" version you are using ;)" }-
webroot cloud antivirus :thumb:

How the heck do you get on the beta for webroot cloud?

trying NoVirusThanks EXE Radar Pro
;D

-{ Quote: "How the heck do you get on the beta for webroot cloud?" }-
Sorry, too late ;D...http://info.webrootcloudav.com/betasignup.asp

-{ Quote: "webroot cloud antivirus :thumb:" }-

Same here, gotta git off my horse and update my signature...:o :D

Security setup changelog:
replaced Spyshelter FREE with Trusteer Rapport (Rapport supports firefox 5.0.1 now)
removed GesWall FREE
upgraded Returnil from FREE to PRO (Thanks, Coldmoon (http://www.wilderssecurity.com/member.php?u=55770))

-{ Quote: "Security setup changelog:
replaced Spyshelter FREE with Trusteer Rapport (Rapport supports firefox 5.0.1 now)
removed GesWall FREE
upgraded Returnil from FREE to PRO (Thanks, Coldmoon (http://www.wilderssecurity.com/member.php?u=55770))" }-
Konata thats a good setup man:thumb:

-{ Quote: "Konata thats a good setup man:thumb:" }-

indeed and is light. all of it running in my 1GB RAM PC :)
at least I can play Team Fortress 2 in Steam

August 4, 2011 (http://www.wilderssecurity.com/showpost.php?p=1894916&postcount=16295) - Updated , Added , Removed

Windows 7 Ultimate SP1 x64 - SUA & Applocker (MrBrian Ruleset)

(UAC: MAX , WD: OFF, FW: OFF, DEP: ON, SEHOP: ON, EMET: MAX)

Network
Three Linksys WRT54G Routers (DD-WRT Firmware)
Netgear PowerLine AV 500 Adapters
Wired Cat5e Connection between all 3 Routers
WPA2-PSK AES Encryption
SPI Firewall Enabled
OpenDNS Configuration
Resident
Shadow Defender 1.1.0.325* (Paid)
Online Armor ++ 5.0.1.1273 Beta (Paid)
Sandboxie 3.57.03 Beta (Paid)
On-Demand
Active@ Disk Image 5.0.2* (Paid)
VMWare Workstation 7.1.4 Build 385536 (Paid)
Emsisoft Emergency Kit 1.0.0.25
Browser, Immunization, Tweaks
Firefox 6.0 Beta (Fanboy's Blocking Lists via ABP, WOT, BetterPrivacy)
Opera 11.50 (Fanboy's Main List+Tracking List)
KeyScrambler Professional 2.8.1.0
LastPass 1.73.0 (FireFox)
Bluetack Safepeer SPLists (via OA for P2P Only)
Spyware Blaster 4.4 (All Protection Enabled + Customblocking.txt)
BlackViper's Services Registry Files (Safe W7 Ultimate 64 Start)
Ultimate Windows Tweaker 2.2 (Customized)
SpeedGuide.net Vista TcpIp Patch 1.5
*ShadowMode (Enabled) and Active Disk Image (Weekly)

dja2k

-{ Quote: "indeed and is light. all of it running in my 1GB RAM PC :)
at least I can play Team Fortress 2 in Steam" }-
wow man thats awesome:thumb: light and good security :)

Bit-defender 2010 internet security

Got it extremely cheap 3 months for 1$

-{ Quote: "Bit-defender 2010 internet security

Got it extremely cheap 3 months for 1$" }-

Don't you mean 2012 with 2010-edition license, or do they not work "logically"? :P

-{ Quote: "
upgraded Returnil from FREE to PRO (Thanks, Coldmoon (http://www.wilderssecurity.com/member.php?u=55770))" }-
Nice...I got in on the Returnil Pro freebie from Softpedia this past Christmas. It's nice being able to reboot and everything is gone. :thumb:

-{ Quote: "Nice...I got in on the Returnil Pro freebie from Softpedia this past Christmas. It's nice being able to reboot and everything is gone. :thumb:" }-
must be good. how you handle windows update? do u have to manually exist virtual mode and boot back in when done?:doubt:

-{ Quote: "must be good. how you handle windows update? do u have to manually exist virtual mode and boot back in when done?:doubt:" }-
Yeah you have to exit virtual mode.

Resident: Emsisoft Anti-Malware 6 (beta) & Online Armor Premium
On-demand: Hitman Pro

@ dja2k

Do you have any trouble running VMWare and Online Armor on the same PC? .

http://support.emsisoft.com/topic/3415-oa-conflicts-with-vmware-workstation-713/

I'm experiencing the same problem and have tried everything possible posted in that thread but nothing seems to work.

I won a free year subscription to Emsisoft's suite. Installing now to give it a try.

I'm currently testing CIS 5.8 beta. Wish me luck. ;D.

Thanks.

Good luck! =p I'm using it right now and I like it.

I'm putting Emsisoft on my mother's computer. I also have Comodo 5.5 on there and everything (just about) is turned off except that it's sandboxing Java.

Real-Time:
Norton Internet Security 2011
Ad Muncher Premium 4.92
Sandbox/Virtualization
Sandboxie Paid 3.56
Shadow Defender 1.1.0.325
On-Demand
Malwarebytes' Anti-Malware Pro 1.51
Emsisoft Emergency Kit 1.0.0.25
Image/Backup
Keriver 1-Click Restore Pro 3.0
Microsoft SyncToy 2.1

Windows 7 Home Premium 64-bit - Firefox

Sandboxie experimental for 64bit, PrevxSOL, and Mamutu.

BitDefender QuickScan is a pretty neat 3rd opinion scanner behind Hitman Pro.
Available as a Firefox and Chrome extension.
Very fast cloud scan.
FAQs (http://quickscan.bitdefender.com/faq)

-{ Quote: "I'm currently testing CIS 5.8 beta. Wish me luck. ;D.

Thanks." }-

I like the beta so far. It is working well. :thumb:

-{ Quote: "BitDefender QuickScan is a pretty neat 3rd opinion scanner behind Hitman Pro.
Available as a Firefox and Chrome extension.
Very fast cloud scan.
FAQs (http://quickscan.bitdefender.com/faq)" }-

Wish there was an anti-virus that only ran to automatically scan downloads. I think that would be the perfect companion with Sandboxie for people who don't want to run a full-time anti-virus.

hitman pro will do a start up quick scan auto-maticly;)

-{ Quote: "Wish there was an anti-virus that only ran to automatically scan downloads. I think that would be the perfect companion with Sandboxie for people who don't want to run a full-time anti-virus." }-

You can just download the AV of your choice (I have only tried with Avira) and exclude everything except your download directory/partition. In my case was easy, I excluded "C:" (my windows partition), "D:" (my games partition) but left "E:" in which I have all my downloads ;). Using sandboxie and protecting your downloads with this little trick you can be very safe. The only problem is that is a very boring setup ;D.

-{ Quote: "
Don't you mean 2012 with 2010-edition license, or do they not work "logically"? " }-
??? ???
Didn't understand ???


if they work :D i will by another three cheap License
I just found an extremely cheap security suite
i know that it's Old But i couldn't resist the price :lurking:

i have a trouble in the mean time Buying Online stuff
i found it on one of syria malls :shifty:
BTW if i found something that cheap i will buy it even if it was Zenok

Trying out the public beta of Online Armor (free version). Running nicely so far.

-{ Quote: "Trying out the public beta of Online Armor (free version). Running nicely so far." }-

Good to hear :thumb:

-{ Quote: "You can just download the AV of your choice (I have only tried with Avira) and exclude everything except your download directory/partition. In my case was easy, I excluded "C:" (my windows partition), "D:" (my games partition) but left "E:" in which I have all my downloads ;). Using sandboxie and protecting your downloads with this little trick you can be very safe. The only problem is that is a very boring setup ;D." }-

Wow, Cyrano2! I've been looking for something like this for a long time, I'm going to try and set this up now. Hope it works. Thanks.

NoVirusThanks EXE Radar Pro;) nice product and i can run my browser restricted ;) like spyshelter or OA:thumb:

Comodo 5.8's sandbox has not shown as much improvement as I had hoped. Black-Day still bypasses it.

Oh well, that's why I've got layers =p

-{ Quote: "Comodo 5.8's sandbox has not shown as much improvement as I had hoped. Black-Day still bypasses it.

Oh well, that's why I've got layers =p" }-

Yep layers is the way to go.

Plus in the test it was still blocked. The heuristics caught it and then it alerted me that it was known malware and should be blocked. So although the sandbox failed me in the real world I would not be infected.

Still, a 0day version would have gotten past the malware notice and I would be relying on heuristics... I think I'll be looking into some more ways to further secure this computer.

EDIT: Actually I just went ahead and ran Black-Day (thank goodness I wasn't infected lol) on my real computer to see how I'd fare. Comodo and Mamutu both jumped into action and that was it.

man what happen to PEGuard2?

One addition to my setup. I added Zemana alongside Panda Cloud...:o ;D

-{ Quote: "Wish there was an anti-virus that only ran to automatically scan downloads. I think that would be the perfect companion with Sandboxie for people who don't want to run a full-time anti-virus." }-

Wouldn't it be nice to have 1 program incorporate both features? Or imagine having Sandboxie collaborate with something like Hitman Pro and use that extensive cloud database to scan downloads after they've finished? This would keep the resource hit (CPU/RAM usage) off your machine. Add a router, 2 on demand only scanners for 2'nd/3'rd opinions (like MB & SAS), and use measures built into your OS (LUA, SRP). Throw in a VPN service for anonymity if desired. Viola... a very light, effective setup.

Right now I'm using quite a layered approach, but if a product like that existed I'd seriously consider putting all my eggs in that basket. And I'm considering doing something like Cyrano2 suggested.

-{ Quote: "One addition to my setup. I added Zemana alongside Panda Cloud...:o ;D" }-
lol Mongol..Keep us posted on ur findings:wacko:

-{ Quote: "Resident: Emsisoft Anti-Malware 6 (beta) & Online Armor Premium
On-demand: Hitman Pro" }-
Nice to see a comrade D00d! ;D :thumb: :thumb:

my pc's running real smooth. I like my 'lean and mean' setup.

-{ Quote: "Nice to see a comrade D00d! ;D :thumb: :thumb:" }-

That could change lol... ;D

I changed my on demand scanners. My new setup:

Resident:
Router with SPI Firewall
Windows 7 firewall
Sandboxie (for browsers)
Malware Defender
EMET (for internet facing apps and apps that open files)

On demand:
Hitman PRO
MBAM
Acronis True Image
Sysinspector
Autoruns

switched to Comodo Firewall Pro (Defense+ & SandBox). i like it so far

privateFirewall
Panda Cloud antivirus

OnDemand:
1-Superantispyware 5
2-MBAM
3-Hitmanpro Free + Manual Removal

Offline Machine
Bitdefender 2012 Internetsecurity

-{ Quote: "Wouldn't it be nice to have 1 program incorporate both features? Or imagine having Sandboxie collaborate with something like Hitman Pro and use that extensive cloud database to scan downloads after they've finished? This would keep the resource hit (CPU/RAM usage) off your machine. Add a router, 2 on demand only scanners for 2'nd/3'rd opinions (like MB & SAS), and use measures built into your OS (LUA, SRP). Throw in a VPN service for anonymity if desired. Viola... a very light, effective setup.

Right now I'm using quite a layered approach, but if a product like that existed I'd seriously consider putting all my eggs in that basket. And I'm considering doing something like Cyrano2 suggested." }-

luciddream, that's exactly the sort of program I wish we had. Or just Sandboxie with an on-demand program that was triggered by a download, or even some other condition you picked. Wonder why Hitman Pro doesn't make that an available option? I'd buy it in a second.

I tried setting things up with Avast the way Cyrano2 described, but checking the logs it looks like Avast wasn't automatically scanning the download folder after a download. Instead of fiddling with it, I just uninstalled Avast, since it wasn't really running as on-demand but real-time with limited focus, and if that's the case, I'd rather just have Prevx running. Since a lot of the AV's can be set up as on-demand, why haven't they thought to add a particular action as a trigger for a scan?

One other thought: can a script be written in Windows to program an AV to run when there's a download, and scan a particular folder, and then close?

trying out ProcessGuard;)

-{ Quote: "Or imagine having Sandboxie collaborate with something like Hitman Pro and use that extensive cloud database to scan downloads after they've finished?" }-
That's why I like Comodo haha though it's not nearly as powerful as Sandboxie it gives the same type of solution, sandbox and scan unknown/ downloaded files.

Jmonge, what does process guard do?

-{ Quote: "trying out ProcessGuard;)" }-

LOL J. I thought ProcessGuard development was stalled?

-{ Quote: "it's not nearly as powerful as Sandboxie" }-

not nearly as powerful yet ;)


Added Mamutu to my setup.

-{ Quote: "not nearly as powerful yet" }-
In terms of customization the two really aren't even comparable -- Sandboxie wins hands down.

Thankfully Comodo's CIS 6.0 will give automatic sandboxes full virtualization (only available for manual right now) and that'll help a ton.

Still, between the sandboxing and cloud signatures/heuristics it's very powerful for dealing with malware (and it's automatic.)

The manual sandbox is also very very powerful, I've tested it on dozens of exploits/ malware.

How are you liking Mamutu? I love it. I might actually pay for it once my one year free is up.

-{ Quote: "In terms of customization the two really aren't even comparable -- Sandboxie wins hands down.

Thankfully Comodo's CIS 6.0 will give automatic sandboxes full virtualization (only available for manual right now) and that'll help a ton.

Still, between the sandboxing and cloud signatures/heuristics it's very powerful for dealing with malware (and it's automatic.)

The manual sandbox is also very very powerful, I've tested it on dozens of exploits/ malware.

How are you liking Mamutu? I love it. I might actually pay for it once my one year free is up." }-

Yes I know all that but you never know what the future could hold ;D. I've used Mamutu before, standalone and EAM's BB, I've always liked it. Mamutu is pretty cheap too so it shouldn't hurt your pockets, if you decide to buy.

-{ Quote: "you never know what the future could hold" }-
Definitely. I hope to see improvements in both Sandboxie and Comodo. They're two wonderful products. I just find that Comodo's other features + being free puts it ahead of Sandboxie for me. Though I'd love to use both of them.


I just dislike paying for 3rd party security software. I believe security should be built into the kernel right from the start.

-{ Quote: "Definitely. I hope to see improvements in both Sandboxie and Comodo. They're two wonderful products. I just find that Comodo's other features + being free puts it ahead of Sandboxie for me. Though I'd love to use both of them.


I just dislike paying for 3rd party security software. I believe security should be built into the kernel right from the start." }-

That's understandable. I definitely want both to improve as well.

-{ Quote: "That's why I like Comodo haha though it's not nearly as powerful as Sandboxie it gives the same type of solution, sandbox and scan unknown/ downloaded files.

Jmonge, what does process guard do?" }-

Yes but the goal here is to have the setup incredibly light by eliminating real-time protection and "only" having it scan files after download. Having a product that did this+sandboxing all in 1 would be a really light, effective solution that could eliminate the need for real-time monitoring for many.

I actually have cloud scanning in Comodo disabled. I just don't like the idea of things on my PC making random connections. I run a very static setup and know what's on my computer already, and trust it. On that note, every time the auto-sandbox comes up it's just an inconvenience. I always click "don't sandbox this again", or whatever. So I could easily do without auto-sandboxing and the cloud. Plus it may cause conflicts with Proactive in Avira. For people regularly introducing new apps to their computers though, some that may not be completely trustworthy, it's certainly useful.

But a sandbox that connected to a cloud just to scan new files after they've downloaded... I'd be all about that.

And on your point: "Security should be built right into the kernel"... absolutely. It'd be wonderful if such a solution (Sandbox+cloud scan after downloads) were built right into the OS.

On that note... I think "justenough" asked an excellent question: "can a script be written in Windows to program an AV to run when there's a download, and scan a particular folder, and then close?

I'd love to know this as well.

I don't understand... Comodo does only scan them after they're downloaded. I don't think it scans them again.

Most of you will never achieve the brilliance of my award winning set-up below, because you are unable to realize - and unconditionally embrace - the concept of primarily harnessing what's already built-in to the O/S, instead relying on 3rd party protection to fulfil your pc security needs. Too bad you can't see the forest through the trees :(

-{ Quote: "Win 7 x64 Ultimate Desktop:


Using LUA account as default
UAC at highest
AppLocker with all rules, including DLL, enforced
Windows Firewall with advanced security, inbound and outbound blocked by default, my own rules used in Public profile
EMET, with mainly web-facing apps configured
MBAM on-demand free (used sparingly)
SuRun, v1.2.1 beta 9
Routine images of system using ShadowProtect RE disk
All sensitive data kept on a TrueCrypt volume on h/drive and USB pendrive, and also a Bit Locker-encrypted partition.
" }-

-{ Quote: "EMET, with mainly web-facing apps configured
MBAM on-demand free (used sparingly)
SuRun, v1.2.1 beta 9
Routine images of system using ShadowProtect RE disk
All sensitive data kept on a TrueCrypt volume on h/drive and USB pendrive, and also a Bit Locker-encrypted partition." }-
-{ Quote: "the concept of primarily harnessing what's already built-in to the O/S, instead relying on 3rd party protection to fulfil your pc security needs." }-

Well now I'm confused =p

No need to be confused. "primarily" I stated, and please note that MBAm here is "on-demand" only, used sparingly, while EMET is MS produced to integrate nicely with Windows. ShadowProtect images are created with a boot disk, so no impact on real-time O/S resources, while TrueCrypt also has no real-time impact on resources. SuRun is basically a convenience tool as opposed to a security tool, so maybe I should not have included it, but, again, most people don't realize the brilliance of it either. Hope this makes sense.

lol ok

By the by I don't believe in 3rd party security.

-{ Quote: "lol ok

By the by I don't believe in 3rd party security." }-

I've seen that in your posts. You're one of the few who have a grasp on applying pc security in a sensible manner. And yes, while I'm serious, I'm also trying to convey a smattering of facetiousness in my ramblings ;D

-{ Quote: "Most of you will never achieve the brilliance of my award winning set-up below, because you are unable to realize - and unconditionally embrace - the concept of primarily harnessing what's already built-in to the O/S, instead relying on 3rd party protection to fulfil your pc security needs. Too bad you can't see the forest through the trees :(" }-

Been there done that wat. I used the majority of award winning setup months ago. I even spend lots of time reading about applocker and LUA. Used LUA and didn't like it, so I ran applocker with an admin account. The setup is very inconvenient to me, as a person who makes constant changes to his system, but its also very light and secure.

-{ Quote: "I've seen that in your posts. You're one of the few who have a grasp on applying pc security in a sensible manner. And yes, while I'm serious, I'm also trying to convey a smattering of facetiousness in my ramblings ;D" }-
Oh well it's just sooo suble I didn't pick up on it ::) haha

KIS 2012 with Patch D
Hitman Pro

-{ Quote: "@ dja2k

Do you have any trouble running VMWare and Online Armor on the same PC? .

http://support.emsisoft.com/topic/3415-oa-conflicts-with-vmware-workstation-713/

I'm experiencing the same problem and have tried everything possible posted in that thread but nothing seems to work." }-
Yes VMWare won't run with OA enabled.

dja2k

-{ Quote: "I don't understand... Comodo does only scan them after they're downloaded. I don't think it scans them again." }-

Point is that that's far from the only thing CIS does. And while I'd hardly call it heavy, it is kind of bulky, with a lot of things under 1 roof. And my goal there was to have the lightest+most effective possible solution without the need for such things as bulky suites and/or real-time AV monitoring.

I'm not sure I could personally live without Comodo FW/HIPS now, but if they made something like I mentioned I sure might try.

Hungry Man processguard is a hips program but it is old and development died already:)

-{ Quote: "Hungry Man processguard is a hips program but it is old and development died already:)" }-

Thats what I though J..I was wondering why you were trying it again ;D

i want to try a a feature for drivers and services blocking to see if it works still and yes it does;D

Ah, I see. Thanks.

-{ Quote: "i want to try a a feature for drivers and services blocking to see if it works still and yes it does;D" }-

Ahh gotcha J.

-{ Quote: "One addition to my setup. I added Zemana alongside Panda Cloud...:o ;D" }-

My brief Zemana trial was interesting but with Panda's behavior blocking and using Google chrome it seemed pretty unnecessary. Just one more gadget running on my computer.

-{ Quote: "My brief Zemana trial was interesting but with Panda's behavior blocking and using Google chrome it seemed pretty unnecessary. Just one more gadget running on my computer." }-

So basically Zemana got dominated by the dancing panda ;D :argh:

-{ Quote: "My brief Zemana trial was interesting but with Panda's behavior blocking and using Google chrome it seemed pretty unnecessary. Just one more gadget running on my computer." }-
Yeah at this point it just feels like anything I can add to my computer is "fluff" and unnecessary. The only weak point in my system will be fixed in V6 of Comodo and other than that I can't think of any attack vectors that aren't covered.

Chaotic adult, how's trusteer raport? What does it do?

We have very similar setups =p I use Hitman Pro for scanning as well.

-{ Quote: "Chaotic adult, how's trusteer raport? What does it do?

We have very similar setups =p I use Hitman Pro for scanning as well." }-

Keylogging protection, screen capturing protection, browser alternation protection, etc. lol.. Yea I know we got similar setup lol. I kind of copied u a little bit lol :P

Free?

-{ Quote: "Free?" }-

Yep. They are partners with banks.

Good stuff. I don't do any online banking but I may try it out for a friend.

-{ Quote: "Good stuff. I don't do any online banking but I may try it out for a friend." }-

Yea it seems to be a good tool. I do a little online banking so.

-{ Quote: "Yea it seems to be a good tool. I do a little online banking so." }-
rapport is very good did u try prevx safeonline? heard good things about that too:)

I may disable automatic sandboxing by Comodo and instead right click and run items in Sandboxie...

Not sure if it's really worth it. But until Comodo gets full virtualization I don't trust the sandbox enough.

Hungry man howz mamutu keeping up with the mighty comodo D+:)

I like it because if something bypasses Comodo it'll be caught by Mamutu. I also have a lot of .exe's and files protected with Mamutu from being patched, which is the feature I like the most.

I'd feel really safe with just Comodo and my other system hardening but Mamutu was free and it's so damn light I can easily justify having it installed.

-{ Quote: "I like it because if something bypasses Comodo it'll be caught by Mamutu. I also have a lot of .exe's and files protected with Mamutu from being patched, which is the feature I like the most.

I'd feel really safe with just Comodo and my other system hardening but Mamutu was free and it's so damn light I can easily justify having it installed." }-
good setup man :)

Thanks. Always looking to improve it though.

Hungry what you use for backup and restore if you need?:)

I used to have an external hard drive with a disk image. Can't find it though.

So at the moment I have system restore and that's it.

-{ Quote: "I used to have an external hard drive with a disk image. Can't find it though.

So at the moment I have system restore and that's it." }-
eh :) u better find that hard drive boy..if you need chaotic and J can go over and help you find it..lol:argh: :argh: JK

Haha, yeah well I could use the help =p

I don't really need a backup image that badly but the drive has a lot of stuff on it that I want.

I think I'll give PCAV a go on my netbook.

I tried the latest version of zeus (very new version, only a few hours old I believe) and it was sandboxed as Limited. Comodo's heuristics did not pick it up. Mamutu on Paranoid did not pick it up. I had 3 files, zeustracker.abuse.ch on my system after.

Not sure if it was a proper infection or not. I would have hoped that Mamutu would have stopped it since that's basically why I have it.

Network
DDWRT Router running recommended build
DDWRT firewall turned on
MVPS Host File stored on router for network wide adblocking
Google DNS

Realtime Protection
Mamutu Behavioral Blocker
Beta updates
Paranoid Mode On
Multiple applications gaurded
Allow program if 92% of community members allowed it.
Deny program if 85% of community members allowed it.

Comodo Firewall and Defense+ 5.8 Beta
(Password Protected)

Comodo Firewall: Safe Mode, Alert Settings Low
-- Ports Stealthed
-- Enable IPv6 filtering
-- Do Protocol Analysis
-- Block Fragmented IP datagrams
-- no monitoring NDIS protocols other than TCP/IP

Comodo Defense+: Safe Mode
-- Autosandbox as Limited
-- Force Java into Restricted Sandbox, clean it out once in a while
-- Force Digsby into Partially Limited sandbox
-- Force Vaio Event Service/ Battery Manager and IE9 into Partially Limited sandboxes

System Hardening -- Windows 7 64bit Ultimate
UAC on Max
EMET: DEP Opt Out, SEHOP Opt Out, ASLR Opt In. All internet facing applications forced to run with EMET.dll and a few others as well.
Downloads folder and all contents forced at Low Integrity
NiNite for updating
Disabled some services
As few programs installed as possible. Only what I need and when I'm done with something it gets uninstalled and I make sure that everything is gone.
Digsby and MiPony's .exe's set to LowIL.

Browser -- Chrome Beta
Block 3rd Party Cookies
Built in malware protection/ download scans
Default PDF reader -- no adobe necessary

Backup Browser -- IE9
Max security settings via IE9's default options

Portable On Demand Scanners/ Tools -- USB Drive
TDSS Killer
JavaRa
RKILL.com
AVZ4
Dr Web Cureit
SuperAntiSpyware Portable
Hitman Pro
Emsisoft Emergency

-{ Quote: "
System Hardening -- Windows 7 64bit Ultimate
UAC on Max
EMET: DEP Opt Out, SEHOP Opt Out, ASLR Opt In. All internet facing applications forced to run with EMET.dll and a few others as well.
Downloads folder and all contents forced at Low Integrity
NiNite for updating
Disabled some services
As few programs installed as possible. Only what I need and when I'm done with something it gets uninstalled and I make sure that everything is gone.
Digsby and MiPony's .exe's set to LowIL.
" }-

@ Hungry Man,

All you need to do is ditch all that 3rd party Comododo and other 3rd party real-time "protection", and instead enable and configure the built-in Win firewall and AppLocker, then you'll have, combined with your above defences, outstanding security, and you'll impose far fewer resource and potential conflict impact on your machine.

Shameless =p

I wish I could do that. One day soon I hope Windows will have enough built in protection for me to rely on it. Integrity levels are great but I want to see further restrictions on applications.

I don't believe in EMET either by the way... nor MSE. It should be packaged into the kernel. Security should not be handled by kernel and userspace, just kernelspace. If something exploits a vulnerability I don't want an application to crash I want the system to crash.

I also think it's wise to harden your OS as much as possible. If you eliminate the vulnerability at the OS level first, your security software doesn't need to do much. In fact, mine pretty much never do anything. It's been 5 years since I got an alert from my AV. Since I trust everything on my computer, the HIPS isn't doing much good.

That's why a light footprint is such a priority for me, because I know it'll probably never be needed anyway, it's just there for peace of mind pretty much.

I do like having an outbound firewall though, and since I'm still running XP I have no built-in solution for that. If I were running Win7, I'd probably ditch Comodo and just use Sandboxie and scan with HMP/MB/SAS before moving things to data. That and an imaging/backup plan, and that'd be pretty much it.

I could run my computer with absolutely no 3rd party security software and still feel completely safe. But where's the fun in that?

-{ Quote: "I may disable automatic sandboxing by Comodo and instead right click and run items in Sandboxie...

Not sure if it's really worth it. But until Comodo gets full virtualization I don't trust the sandbox enough." }-

I think you've got the right idea here personally. And a lifetime subscription for Sandboxie can be had for $43 last I looked. That's a steal. I'm thinking about doing this now myself.

I hate the auto-sandbox feature of Comodo. All it ever does is break installs for me, as it sandboxes files as the program is trying to install itself. This can create problems worse than any malware. I think it's really poor judgment to now allow users to turn this feature off. I won't let something onto my computer in the first place unless I know it can be trusted, and I scan the installer with 3-4 different things before it gets out of the sandbox. I only want the manual sandbox feature.

I hope that Sandboxie doesn't work the same way in regards to auto-sandboxing. If I can control this aspect of it, then I'm buying it like right now.

Not willing to pay for 3rd party security.

I like the autosandbox for certain things. But I often just end up disabling it because without full virtualization it just ends up breaking most things.

Well I used to think that the "detect installers and run them outside of the sandbox" tick-box prevented this from happening. But I guess this only applies to manually sandboxed programs?

It doesn't even work then though anyway. My Firefox updates never stick when I'm running Sandboxed, even though I hear they're supposed to by ticking that box. Some people claim it works for them... not me.

The more I think about it the more I'm leaning toward getting Sandboxie and just using the FW of Comodo. What would be another good, light program to add to the mix?

Should apply to automatic ones. I usually just start the installation and then if it's sandboxed I'll cancel it and restart it.

I don't sandbox my browser. Breaks sandboxed plugins if I do and Chrome sandboxes itself.

I'd use Comodo to sandbox your plugins/ other programs. You can disable the autosandboxing and have it instead just run cloud-based heuristics/ scans on unknown files and check for buffer overflow.

If you get Sandboxie there's not a ton of use for Comodo. But sandboxie doesn't offer the scanning.

Avira Guard/Proactive will take care of the scanning. I don't use the cloud in Comodo anyway. I've done that too with installations (unsandbox, cancel, then start again)... but then it starts sandboxing individual files while the thing's installing and breaks it.

You say you can disable the autosandboxing. How? Do you just mean by setting "Sandboxing Security Level" to "disabled" altogether? Or is there a way to allow yourself to manually sandbox programs but disable it from auto-sandboxing things? That's what I'd like to do.

I haven't had issues with installing software thankfully.


Under Execution Control Settings just uncheck "Treat unrecognized files as _____"

After this you can continue to manually sandbox whatever you like.

Once V6 comes out this hopefully won't be necessary.

-{ Quote: "
I hate the auto-sandbox feature of Comodo. All it ever does is break installs for me, as it sandboxes files as the program is trying to install itself. This can create problems worse than any malware. I think it's really poor judgment to now allow users to turn this feature off. I won't let something onto my computer in the first place unless I know it can be trusted, and I scan the installer with 3-4 different things before it gets out of the sandbox. I only want the manual sandbox feature.

I hope that Sandboxie doesn't work the same way in regards to auto-sandboxing. If I can control this aspect of it, then I'm buying it like right now." }-
Sandboxie does not work like Comodo when you are installing something. If
you are running an installer and you don't want it sandboxed, it will install
normally and nothing will be auto sandboxed. With SBIE you have complete
control of what gets sandboxed at all times and the only programs and
folders that get auto sanboxed/forced sandboxed are chosen by you.

Sandboxie does not sandbox anything unless you want to do so.

Bo

You always have the option in Comodo to disable autosandboxing and simply right click and sandbox. But I would suggest sandboxie for that -- it's sandbox is superior in terms of compatibility.

Added --safe-plugins to Chrome.

Removed Online Armor beta. Worked fine, I'm just too used to my router/Windows Firewall combination.

-{ Quote: "Shameless =p
" }-

Ha ha ha...yes very much so ;D but alas I'm only trying to help.

-{ Quote: "Removed Online Armor beta. Worked fine, I'm just too used to my router/Windows Firewall combination." }-

LOL Seeker. Hard to break the habit huh :P

-{ Quote: "Ha ha ha...yes very much so ;D but alas I'm only trying to help." }-
Please continue to educate the ignorant masses.

Finally updated to "Platinum" status:

My security setup
Win 7 x64 Ultimate Desktop:

Using LUA account as default
UAC at highest level
AppLocker with all rules, including DLL, enforced
Windows Firewall with advanced security, inbound and outbound blocked by default, restricting web-facing applications to specific remote ports and in some cases to remote ip addresses.
EMET, with mainly web-facing and MS Office apps configured
MBAM on-demand free (used sparingly)
Routine images of system using ShadowProtect RE disk, saving the images to two separate physical locations.
All sensitive data kept on a TrueCrypt volume on h/drive and USB pendrive, and also a bitlocker encrypted volume.

the following services are disabled: Secure Socket Tunneling service IP Helper Remote Access Connection Manager SSDP Discovery service TCP/IP NetBIOS Helper Workstation Function Discovery Resource Publication WinHTTP Web Proxy Auto-Discovery service

SuRun, v1.2.1 B9 – used only for convenience to easily launch some programs and Windows functionality with administrative priviledges.

Note the use of free MBAM for on-demand only. I despise realtime antivirus programs. They are mostly a resource-sucking leech on the system.

My security setup:

Desktop (Vista 64 bit):

Panda cloud and opendns.

Laptop:

Dual boot (vista and scientific linux)

On Vista 32bit:

Trustport Total Protection 2012
Two standard user accounts - one for general browsing and the other for online banking. For both accounts SRP is implemented via parental controls

On Scientific Linux 6.1:

Eset NOD32 Antivirus for Linux 4

Dyndns Internet Guide

-{ Quote: "LOL Seeker. Hard to break the habit huh :P" }-

Very hard!

We were talking about how to get an on-demand AV to scan downloads automatically in order to plug a vulnerability when mainly relying on Sandboxie and no real-time AV, and I've been working on figuring out how to set up such a thing, without much success. Internet Download Manager has a setting to pick an on-demand AV to do an automatic scan, but I couldn't get it working with Hitman Pro. Instead of spending time figuring it out, I just uninstalled it, and from the Revo Uninstaller process, it looks like IDM hooks into a lot of stuff in Windows.

Anyway, I might already have a solution installed and not realized it. Internet Explorer 9's Download Manager now automatically scans downloads. As to what sort of security program it is using and how good it is, I haven't found out yet.

-{ Quote: "You always have the option in Comodo to disable autosandboxing and simply right click and sandbox. But I would suggest sandboxie for that -- it's sandbox is superior in terms of compatibility." }-

That doesn't work for me. When I right-click things the context menu for Comodo sandbox isn't there. It's only there when I'm in Safe Mode, for some reason.

That's another one of my dilemmas.

I think I'm just going to go with Sandboxie and wash my hands of it altogether.

NoVirusThanks EXE Radar Pro is working just fine nice litle toy and powerfull:)

-{ Quote: "Anyway, I might already have a solution installed and not realized it. Internet Explorer 9's Download Manager now automatically scans downloads. As to what sort of security program it is using and how good it is, I haven't found out yet." }-
Could it be MSE?
(And is MSE what is referenced as "Microsoft" in the MRG Flash Tests?)

Edit in: I'm wondering (after reading the following) if IE9's DLM isn't using the AV you have onboard?
Read this (http://answers.microsoft.com/en-us/ie/forum/ie9-windows_vista/ie9-download-security-scan-problem/3b50b76a-f55a-e011-8dfc-68b599b31bf5?msgId=cff98f11-d25b-e011-8dfc-68b) -->
Q: Download manager started a security scan about two hours ago and is still going.
A: The security scan is using your antivirus program which may not be compatible with Internet Explorer 9 yet.

Aha, see this (http://blogs.msdn.com/b/ie/archive/2011/03/10/safer-and-faster-downloads-in-ie9.aspx) -->
-{ Quote: "In addition to the enhanced SmartScreen feature, IE9 continues to provide protection from malware using Microsoft SmartScreen, scan downloaded files for viruses using your virus scanner, and check for a valid Authenticode digital signature. " }-

@Page42, yes that's what they're calling Microsoft.

-{ Quote: "Could it be MSE?
(And is MSE what is referenced as "Microsoft" in the MRG Flash Tests?)" }-

I'm guessing it's Defender.

As far as the MRG tests, yes they are testing MSE, it's on their list of over-all results: "12. Microsoft Security Essentials". And MSE did really badly, 59 fails out of 68 samples.

-{ Quote: "The security scan is using your antivirus program which may not be compatible with Internet Explorer 9 yet." }-

Why would it use an installed antivirus, since that would check downloads anyway. And I wonder what it is using if I only have Prevx running, or what it would use if I uninstalled Prevx, since that is what I would do if I could figure out how to have downloads trigger on-demand scans.

IE9 checks a blacklist as well as reputation.

-{ Quote: "Why would it use an installed antivirus, since that would check downloads anyway. And I wonder what it is using if I only have Prevx running, or what it would use if I uninstalled Prevx, since that is what I would do if I could figure out how to have downloads trigger on-demand scans." }-
Beats the heck out of me, justenough.
I'm just trying to help you get to the root of it all.
:)

-{ Quote: "I think I'll give PCAV a go on my netbook." }-
proud of you man:argh: :thumb:

-{ Quote: "Beats the heck out of me, justenough.
I'm just trying to help you get to the root of it all.
:)" }-

Yes, I know. Thanks.

-{ Quote: "Yes, I know. Thanks." }-
Maybe you could search the IE blogger and see if you can find an email addy.
Ritika Virmani, Program Manager, Internet Explorer
:)

My Eset license is good till 2014 and I might as well use it as the suite is proving to be very light and solid.

trjam good choice buddy did i spell your name correctly this time?

-{ Quote: "Maybe you could search the IE blogger and see if you can find an email addy.
Ritika Virmani, Program Manager, Internet Explorer
:)" }-

Good idea. I emailed to a link at the blog, not sure it is Ritika. I'll post if I hear anything back.

Excellent. Hope you hear back from Ritika.

Mi Sig

I'll be using Comodo's DNS soon. Once I can stop relying on a host file for adblocking.

-{ Quote: "I'll be using Comodo's DNS soon. Once I can stop relying on a host file for adblocking." }-
did you put it to test? interested in knowing how it does against malicious web sites..:)

How's Kingsoft PC Doctor my good friend? ;D

-{ Quote: "How's Kingsoft PC Doctor my good friend? ;D" }-
It is very good actually..It just came out of beta and I hope they continue to develop this software..as it got really good features and yes it runs very light ;D :thumb:

did some one put it to the test?

-{ Quote: "did you put it to test? interested in knowing how it does against malicious web sites..:)" }-
Chrome won't have proper adblocking for another 2 months. So, no. But I've seen it do alright.

-{ Quote: "Excellent. Hope you hear back from Ritika." }-

IEBlog wrote back, but only said this:

I’m told that “the virus scan component of the download phase consists of running all registered IOfficeAntivirus scanners against the downloaded file.”

I'm not sure what those are, still looking into it, but that would seem to make it possible to link an on-demand scanner to IE9 downloads.

-{ Quote: "I'll be using Comodo's DNS soon. Once I can stop relying on a host file for adblocking." }-

What does Comodo DNS do?:blink:

-{ Quote: "IEBlog wrote back, but only said this:

I’m told that “the virus scan component of the download phase consists of running all registered IOfficeAntivirus scanners against the downloaded file.”

I'm not sure what those are, still looking into it, but that would seem to make it possible to link an on-demand scanner to IE9 downloads." }-
I am also looking around for info on the IOfficeAntiVirus interface.
I thought I might find a registry value that could be changed or something.
So far, just a lot of information that is way beyond my comprehension.

Testing out Zemana, got a free 1year subscription.

EDIT: Easy setup. Simple settings. Not sure it's going to be useful for me personally but I like it.

-{ Quote: "Testing out Zemana, got a free 1year subscription.

EDIT: Easy setup. Simple settings. Not sure it's going to be useful for me personally but I like it." }-
yea I heard its good for peace lovers..:argh:

=p All I know is that it's light. I may test it out a bit.

Removed OA++ and add SpyShelter Premium8)

-{ Quote: "It is very good actually..It just came out of beta and I hope they continue to develop this software..as it got really good features and yes it runs very light ;D :thumb:" }-

Did you test it against some baddies? :P


-{ Quote: "Removed OA++ and add SpyShelter Premium8)" }-

Don't like OA++ anymore ;D

it blocks my internet conection always

Switching back and forth every couple of weeks between Norton DNS and Comodo Secure DNS.
KeePass is awesome. Wish I had started using it a long time ago. ;)

How are you liking Comodo and Norton DNS? Noticing any difference? Doing any tests?

-{ Quote: "it blocks my internet conection always" }-

I never had that issue J. Not sure why OA would be doing that. Oh well.

i know man;D

-{ Quote: "i know man;D" }-

Maybe your pc just doesn't like OA and made you remove it before the bacon gets cooked ;D

;D lol;D

-{ Quote: "How are you liking Comodo and Norton DNS? Noticing any difference? Doing any tests?" }-
Since I learned that ClearCloud (my preferred) was going by the wayside, I began using Norton, Google and Comodo.
Google, I learned, wasn't doing anything to block malicious sites.
I want blocking from a DNS service.
Norton quickly became my service of choice.
I have toyed with Comodo every now and then because of this very odd feeling that one service begins to get stale and slightly slower, and it feels like a bump in performance when I switch.
That's about as anecdotal as it gets, and a long way from any sort of empirical testing as can be, but it feels right. :)
How about you and Norton/Comodo DNS services?

Yeah, Google never blocks any sites (it doesn't believe in that I guess) but it focuses on server-side security to prevent DNS poisoning attacks.

I'm considering moving to Comodo/Norton once Chrome gets proper adblocking. I'll probably just go with Norton since I already use Comodo's Firewall and Defense+ and I like to spread out which products I use =p

I mean, if Comodo blocks something at the DNS level I'll assume they have the file blocked too. Best to use Norton to get a different take.

-{ Quote: "I'm considering moving to Comodo/Norton once Chrome gets proper adblocking." }-
I know you use a handful of Chrome extensions, but don't know if you'd tried AdBlock? I am very, very satisfied with it.

Adblock doesn't block in-video ads and it can't prevent http requests. Thankfully Chrome 14 and 15 will have this.

My ignorance here... what does that mean... "it can't prevent http requests"?

Your computer makes a request every time you enter a URL to the website. Ads are hosted on different websites.

So if I open a page for URL X and it has an add from URL Y I make an HTTP request for both URL X and URL Y.

I then download the X and Y information and the adblocker hides the ads afterwards. This isn't ideal.

So 14 & 15 prevent this? You mean it'll be a configurable setting? It's not by default, is it?

By the way, HM, which Chrome extensions (http://www.wilderssecurity.com/showthread.php?t=304819) do you have installed? :)

-{ Quote: "So 14 & 15 prevent this? You mean it'll be a configurable setting? It's not by default, is it?" }-


It means AdBlockPlus and others like it will be able to prevent the requests to the ad servers. Think of it as an IP blocker. It won't (shouldn't) be a setting in Chrome, but an "under the hood" fix that should have never been needed. We'll see how it works out.

These are my relevant extensions. I have one more + a GM script for a specific site.

-{ Quote: "It means AdBlockPlus and others like it will be able to prevent the requests to the ad servers. Think of it as an IP blocker. It won't (shouldn't) be a setting in Chrome, but an "under the hood" fix that should have never been needed. We'll see how it works out." }-
Gotcha. :thumb:

Removed Zemana. 64bit support has a loooooooooooooong way to go. Failed its own test.

-{ Quote: "Removed Zemana. 64bit support has a loooooooooooooong way to go. Failed its own test." }-
ah man:doubt: heard that they were planning on bringing more 64bit support very soon..:doubt:

Well... hopefully soon. I don't need it but it would be nice.

-{ Quote: "Well... hopefully soon. I don't need it but it would be nice." }-
did you try spyshelter premium?;D

Nope, sounds like it's pay software, which I don't use unless I get it for free =p

-{ Quote: "which I don't use unless I get it for free =p" }-
Not even if you would love it ? :shifty:

Nope!

I don't pay for security software =p

-{ Quote: "Nope, sounds like it's pay software, which I don't use unless I get it for free =p" }-
:)I hear ya;D

Haha, well I'm always willing to try new freeware/ free software.

Uninstall spyshelter premium cause licence isue:thumbd:
and i got back OA++ back:thumb:

also removed mbam pro cause it made my reboots to be very slow when OA++ is present with it:)

Always a good idea to lighten the load. Gotta find that balance.

:thumb: :thumb:

DefenseWall
Look n Stop (Phantom ruleset)

Forgot to mention I used this guide: http://www.raymond.cc/forum/spyware-viruses/22370-escan-anti-virus-and-spyware-toolkit-utility-as-an-on-demand-scanner.html

Windows 7 Home Premium 32-bit

Firewall:
Linksys NAT Router
Look’n’Stop Firewall 2.07 (Phant0m’s Ruleset)

Anti-Virus:
Emsisoft Anti-Malware 5.1.0.16
Malwarebytes Anti-Malware Pro 1.51.1.1800

HIPS/IDS/Blocking/Hardening:
DefenseWall HIPS/Personal Firewall 3.15
EMET 2.1 (Internet facing applications & MS Office)
WinPatrol Plus 20.5.2011.0
SpywareBlaster 4.4 (Ad-Aware custom blocking)
ClearCloud DNS

Resident On Demand Scanners:
Hitman Pro 3.5.7 Build 127
Mischel TrojanHunter 5.3 (994)
Norton Power Eraser 2.0.0.52
Kaspersky TDSSKiller 2.5.14.0

good set up:thumb:

-{ Quote: "Uninstall spyshelter premium cause licence isue:thumbd:
and i got back OA++ back:thumb:" }-
back to OA++,huh? good for you;)

;) :thumb:

At last Safe-Admin on Windows 7 is as good as with Vista, running Windows 7 x 32 Ultimate

Real time
1. Border medium rights (LUA) to high (Admin)
a) UAC full
- Disabled installer detection
- Only allow signed applications to elevate
b) Beyond trust power broker, run as LUA (unable to elevate)
- Internet facing aps (IE9, WMP, Mail)
- Office 2003 programs (Word, Excel, Powerpoint)
c) Virtualizing WMP MAIL through RUNASINVOKER (also set WMP and MAIL with mandotory Medium rights with no write up through CHML.EXE)

2. Medium rights world protection (also applicable for admins and untrusted users ;D )
a) Deny Execute for all users
- For all drives containing data (D, E) through icacls.exe
- For Download directory, Program Auto start and Public Users directory through icacls.exe
- For Local intranet and Restricted sites zones through SRP
- For USB drives through SRP
b) Drive by protection for Mail and Browsers (IE9 and Chrome)
- 1806 default deny block of downloaded executables (removable with right click properties)
- This closes gap for all unsafe user directories on C-drive (e.g. Users\Kees\etc)
c) Taken away write access of all HKCU autorun entries for users with REGIL.EXE (only admin may change them)

3. Border from low to medium rights
a) Running IE9 hardened through Group Policy (no user changes allowed, forced in zone and allways running Protected Mode)
b) Running Chromium with --safe-plugins switch (Chromium is unsigned has internal sandbox containing tabs in low rights, job objects and alternate desktop = total isolation), using McFee site advisor extension

4. Windows FW 2 way

5. EMET 2.1
- Internet Facing: E9, Chrome, Mail, WMP
- Office Aps: Word, Excel, PPT
- Acrobat Reader

On demand
1. Antivirus scans
a) Hitman Pro
b) Bitdefender extension for Chrome
c) Jiotti upload for Chrome

2. Backup
a) Paragon for Image Backup
b) Syncback for Data Backup


Third Party real time BTSERVICE (of Beyond Trust) uses less than 0.001 percent of CPU capacity (so not complete Windows only :-[ ), using UAC full (have allowed CCleaner, Auturuns, ProcesExplorer, Paragon Image Backup and HitmanPro to elevate without prompt through Beyond Trust Power Broker). When I want to install an application I move it to Temp and remove 1806 block (got all the flexibility of running admin with LUA/denny execute security), check it with HMP and Jotti

Links for background info
1. Beyond Trust see
- http://www.wilderssecurity.com/showpost.php?p=1916011&postcount=1
2. Safe-Admin see
- http://www.wilderssecurity.com/showpost.php?p=1852017&postcount=2
- http://www.wilderssecurity.com/showpost.php?p=1852018&postcount=3
- http://www.wilderssecurity.com/showpost.php?p=1852024&postcount=5

-{ Quote: "also removed mbam pro cause it made my reboots to be very slow when OA++ is present with it:)" }-
I came here to report the same thing, and saw your post.
I disabled MBAM real-time as I felt it had slowed down browsing and boot time.
I hate taking it out of the real-time mode, but I still have it update every hour and scan once a day.
I'll probably enable it again one day before too long.
8)

-{ Quote: "
b) Running Chromium with --safe-plugins switch (Chromium is unsigned has internal sandbox containing tabs in low rights, job objects and alternate desktop = total isolation), using McFee site advisor extension

2. Backup
a) Paragon for Image Backup
b) Syncback for Data Backup

" }-


What do you mean by alternate desktop? how do you do it? :)
Paragon. Is it free?
I'm copying your setup and add trusteer rapport

-{ Quote: "What do you mean by alternate desktop? how do you do it? :)[...]" }-

Those who got the info got the knowledge. Or something like that. ;D

Go here http://www.chromium.org/developers/design-documents/sandbox

Read it... Then re-read it, just to assimilate it further.... Read again, if you must. :)

One more link: http://blog.chromium.org/2008/10/new-approach-to-browser-security-google.html

windows xp sp3:
panda+pirvatefirewall+spyshelter free

other machine :
windows 7 x64

Avast free everything high
Prevex free high
Mamutu
MBAM trail ;) it will end in five days
Comodo Firewall
secunia
Sandboxie free

Lua +emet +SRP

Firefox + noscript,trafficlightbeta ,

On demand MBAM ,SAS ,hitmanpro

so what do you think

-{ Quote: "What do you mean by alternate desktop? how do you do it? :)
Paragon. Is it free?
I'm copying your setup and add trusteer rapport" }-

Yep all free, paragon and syncback

M00nbl00d gave you the links: it is all chrome / chromium default protection, they really achieved total isolation, also their javascript engine is supurb, see explanation of hidden classes http://www.youtube.com/watch?v=hWhMKalEicY


I also think Chrome has great scripting protection (off course someone who makes a living out of blocking scripts will disagree ;D ) and constanly is improving the browser for it

http://chromestory.com/2010/10/xss-auditor-and-disable-outdated-plug-ins-to-add-more-security-to-google-chrome-inbuilt/

Also in newest chrome warns for the dangerous content for scripts
http://news.softpedia.com/news/Chrome-14-to-Block-HTTPS-Mixed-Scripting-by-Default-206738.shtml

http://www.itnews.com.au/News/261012,google-to-kill-man-in-the-middle-attacks.aspx

But then again I am a security minimalist ;D , so don't take my word for it

Real-Time:
Avira Antivir Personal with Guard scanning only "downloads" partition (Number of files scanned 0 unless I download anything)
Sandboxie (For Firefox with delete contents, internet/start restrictions, drop rights and only able to read my windows partition)

On-Demand:
Avira Antivir Personal (Active processes daily scan)
MBAM (Daily scan)
Hitman Pro (Just in case)

Misc:
EMET
Norton DNS
Secunia PSI
Macrium Reflect Free

No Realtime AV and FREE Security Setup


Windows 7 Profesional SP1 32-bit



System Partition, Data Partition (storage),
Microsoft Baseline Security Templates, Software Restriction Policy (SRP), UAC set to highest, EMET and 1806 trick (3)
deny Everyone from executing on data partition and download directory, userpace including desktop
disabled unnecesary services (ie. print spooler, windows search, windows defender)
Macrium Reflect FREE (Sector-by-Sector image backup)



OpenDNS / OpenDNS FamilyShield

MVPSHOST


Trusteer Rapport


Mozilla Firefox (5.0.1) (explicit low-integrity via icacls)
Noscript
Adblock Plus
HTTPS-Everywhere


PowerBroker FREE Edition


Hitman PRO (on-demand scanning)







Thanks Kees1958, m00nbl00d :)
I replaced Chrome with Firefox because I really like Noscript :)

Konata,

M00nbl00d knows a trick to run unsigned programs elevated (he also uses a batch file to switch on/off cmd + batfiles through registry)

After implementing this you are officially a member of the SMK-club (Guess we will have to call it SMK2 now, Sully, M00nb00d Konata and Kees) ;D

-{ Quote: "Konata,

M00nbl00d knows a trick to run unsigned programs elevated (he also uses a batch file to switch on/off cmd + batfiles through registry)

After implementing this you are officially a member of the SMK-club (Guess we will have to call it SMK2 now, Sully, M00nb00d Konata and Kees) ;D" }-

I only install browser, bittorrent, media player, IM, Steam and watch movies :D
I don't elevate unsigned apps ;D

btw after installing powerbroker, my sandboxie broke :wacko:


haha SMK2!
*makes his SMK2 avatar now* ;D

-{ Quote: "No Realtime AV and FREE Security Setup


Windows 7 Profesional SP1 32-bit



System Partition, Data Partition (storage),
Microsoft Baseline Security Templates, Software Restriction Policy (SRP), UAC set to highest, EMET and 1806 trick (3)
deny Everyone from executing on data partition and download directory, userpace including desktop
disabled unnecesary services (ie. print spooler, windows search, windows defender)
Macrium Reflect FREE (Sector-by-Sector image backup)



OpenDNS / OpenDNS FamilyShield

MVPSHOST


Trusteer Rapport


Mozilla Firefox (5.0.1) (explicit low-integrity via icacls)
Noscript
Adblock Plus
HTTPS-Everywhere


PowerBroker FREE Edition


Hitman PRO (on-demand scanning)







Thanks Kees1958, m00nbl00d :)
I replaced Chrome with Firefox because I really like Noscript :)" }-
thats a very good setup konata:thumb:

-{ Quote: "thats a very good setup konata:thumb:" }-

thanks. but I don't think so.. I'm still not satisfied with it :(

Page42:) i love Mbam Pro but with OA++ it slow down my browsing session and boot up too maybe in the next realease it will be better;)

What's odd is that enabling real-time protection in MBAM does not seem to make any difference performance-wise right away. It seems to creep up over time until I really notice the drag on the system, and then disabling MBAM real-time protection and IP blocking makes for a dramatic speed increase. :-\

Trend Micro Titanium Antivirus +, Zonealarm Firewall and Windows 7

page42 same here;D

i configure my Nat Router firewall on high;) and other restictions;D and NoVirusThanks is rocking and rolling in my xp system:thumb: and OA++ in my win764:)

-{ Quote: "What's odd is that enabling real-time protection in MBAM does not seem to make any difference performance-wise right away. It seems to creep up over time until I really notice the drag on the system, and then disabling MBAM real-time protection and IP blocking makes for a dramatic speed increase. :-\" }-
-{ Quote: "page42 same here;D" }-
Thanks for that confirmation.
I wonder if the MBAM people are aware of this?
I mean, the slowdown is one thing, but the gradualness of it seems so hard to explain.

-{ Quote: "Thanks for that confirmation.
I wonder if the MBAM people are aware of this?
I mean, the slowdown is one thing, but the gradualness of it seems so hard to explain." }-
I thought about getting it, but this seems like a a good reason to hold off and stay with the free version for the time being.

Except the license is lifetime, and your setup may not produce these same results.
;)

-{ Quote: "Except the license is lifetime, and your setup may not produce these same results.
;)" }-
From what I've read it's not uncommon and I see no reason to believe I will be the exception. Also Avira's forum recommends it's use as on demand only. There is a thread on the Avira forum developed by a couple of mods, kind of like Blackspears recommendation setup for NOD 32.

-{ Quote: "From what I've read it's not uncommon and I see no reason to believe I will be the exception. Also Avira's forum recommends it's use as on demand only. There is a thread on the Avira forum developed by a couple of mods, kind of like Blackspears recommendation setup for NOD 32." }-
Avira and MBAM when both with active guard on, they definitely slow down my system, not much but it is noticeable. As I'm using Sandboxie I have them both on demand (by all means Hammer, I'm not trying to convince you to get Sandboxie!). I've also tested MBAM alone with active guard on, the system didn't seem to be affected although I've only had it on for a few hours.

-{ Quote: "i configure my Nat Router firewall on high;) and other restictions;D and NoVirusThanks is rocking and rolling in my xp system:thumb: and OA++ in my win764:)" }-
rock and roll is good but dont fry ur system though:argh:

-{ Quote: "Konata,

M00nbl00d knows a trick to run unsigned programs elevated (he also uses a batch file to switch on/off cmd + batfiles through registry)

After implementing this you are officially a member of the SMK-club (Guess we will have to call it SMK2 now, Sully, M00nb00d Konata and Kees) ;D" }-

I also use a batch file (rather two batch files) to switch between medium and low IL for %AppData%\Local\Temp folder. The batch file that applies the Low IL, applies it without inheritance.

When I want to download something, I just need to run the batch file to set the low IL, and then the other one to set the IL back to medium.

-{ Quote: "Real-Time:
Avira Antivir Personal with Guard scanning only "downloads" partition (Number of files scanned 0 unless I download anything)
Sandboxie (For Firefox with delete contents, internet/start restrictions, drop rights and only able to read my windows partition)

On-Demand:
Avira Antivir Personal (Active processes daily scan)
MBAM (Daily scan)
Hitman Pro (Just in case)

Misc:
EMET
Norton DNS
Secunia PSI
Macrium Reflect Free" }-

Haven't had any success finding a way to have downloads trigger an on-demand scan, so I set up Avira and a download partition the way you suggested Cyrano2. Works well so far, very light with the added benefit of having Avira handy for an on-demand scan. After Kees listed BitDefender Quickscan as one of his programs, I wrote them to ask if they had any on-demand product that would scan a download automatically, and they wrote back that it is doable and they have been looking into creating such a product.

IE9 started giving me a few small, unrelated problems mainly with the interface, so I've switched to Chrome again.

-{ Quote: "Nope!

I don't pay for security software =p" }-
Used to think like this, if it's priced right in my opinion, i like to support them ;D
And also never forget Customer Support ;D

avast free
comodo firewall only

still looking for a good anti spyware for free

had malware bytes never found anything same with sas free ?

Perhaps if I really felt threatened and there was some perfect program out there I would. But I believe that all security should be built into the OS kernel by default.

Turned off auto-sandboxing. I can still right click and select to sandbox (in which case it will be limited) and my other programs are still sandboxed.

-{ Quote: "avast free
comodo firewall only

still looking for a good anti spyware for free

had malware bytes never found anything same with sas free ?" }-
If you are not infected what you want the scanners to report?:argh:

-{ Quote: "If you are not infected what you want the scanners to report?:argh:" }-
delicious crispy cookies?!:argh:

Urgh, I really feel like Sandboxie would make this setup perfect.

Yes it would. It also works nicely together.

grr if only

Still only Sandboxie with Macrium fallback...

philby

Decided to run MSE again after using avast! for a few months. Running nicely so far alongside MBAM PRO.

mbam and ESET Smart Security 4.2.71.2 so far. Need to be careful though with the newest build of ESET if you have a 5 year old router. I had to change my prefered DNS to a public 4.2.2.2 so that I could get on the internet.

DefenseWall for life! ;D :thumb:

DW :thumb: :thumb:

-{ Quote: "Urgh, I really feel like Sandboxie would make this setup perfect." }-

oh how I envy people with paid Sandboxie :(

Well that lasted all of two hours; MSE is just still too resource intensive. I like to give it a try whenever a new version engine is released. Maybe one day...

To be honest, I'm considering going AV free. AppLocker properly configured, coupled with my current setup, should be enough protection, surely? It's just so ingrained to run an AV that I struggle with this idea.

Lowered MBAM from real-time to demand only.
It was running around 42K idle and 100k+ while running firefox. Thats without the IP blocker too. I do love MBAM and all but thats a little too high for my taste.

-{ Quote: "To be honest, I'm considering going AV free." }-

I did that some time ago, never regretted doing so. ;D

-{ Quote: "I did that some time ago, never regretted doing so. ;D" }-

Do you run scans often? If so, with what?

-{ Quote: "Do you run scans often? If so, with what?" }-

No, not often, no need.
Mainly just for new downloads.
MBAM + HMP
+ A few rootkit scanners (when I get bored)

-{ Quote: "No, not often, no need.
Mainly just for new downloads.
MBAM + HMP
+ A few rootkit scanners (when I get bored)" }-

Hmmm, intriguing. I use MBAM PRO which is fantastic and run anything suspicious in Sandboxie. I think with AppLocker running I'll be set.

-{ Quote: "oh how I envy people with paid Sandboxie :(" }-
Same here...

-{ Quote: "Well that lasted all of two hours; MSE is just still too resource intensive. I like to give it a try whenever a new version engine is released. Maybe one day...

To be honest, I'm considering going AV free. AppLocker properly configured, coupled with my current setup, should be enough protection, surely? It's just so ingrained to run an AV that I struggle with this idea." }-
It's the only way to go if you care about resources.

AppLocker up and running. Feeling lean and mean 8)

Looks strong. I'd remove MBAM and throw on DefenseWall if you're willing to pay. That's a damn powerful program.

-{ Quote: "grr if only" }-
....you wouldn't need to pay for it would be like heaven :shifty:

-{ Quote: "Looks strong. I'd remove MBAM and throw on DefenseWall if you're willing to pay. That's a damn powerful program." }-

I have used DefenseWall but a few niggles stopped me from taking it on full time. I do agree though, a damn powerful program.

:thumb: :thumb:

-{ Quote: "....you wouldn't need to pay for it would be like heaven :shifty:" }-
It would be!

-{ Quote: "I have used DefenseWall but a few niggles stopped me from taking it on full time. I do agree though, a damn powerful program." }-
Yeah? Like what? I've only had very little experience with it on trial basis.

Back to Prevx.

Red and Red ;)

-{ Quote: "Yeah? Like what? I've only had very little experience with it on trial basis." }-

You're best off trialling it further. My niggles may not be your niggles.

-{ Quote: "Red and Red ;)" }-
I feel HMP is more like orange ;D

-{ Quote: "Red and Red ;) " }-
-{ Quote: "I feel HMP is more like orange ;D" }-
It is orange.:P

removed avast for the time being, using the Webroot SecureAnywhere beta now

I am buying a new pc for home soon. I will be using a hassle-free setup which is the outcome of all the trialing on this laptop. Don't worry, on this laptop I will keep changing my setup and keep coming back to ESET in the end.

My idea:
The pc is for home, so the operating system will be Microsoft Windows 7 Home Premium 64-bit. Additionaly, it will be connecting to the Internet through a Linksys WRT54G2 router.
I will be using an Administrator account with all settings on default (UAC, DEP, and the more advanced settings in registry), so no tweaking. Also, Windows Firewall and Windows Defender will both be enabled.
Furthermore, I will use Webroot Cloud Antivirus as realtime protection.
For backup, imaging and recovery I will install Acronis True Image Home.
Google Chrome (with Adblock Plus) will be the main browser and Internet Explorer 9 (with the EasyList Tracking Protection Lists) will be setup as default browser.

-{ Quote: "You're best off trialling it further. My niggles may not be your niggles." }-
Well it's on my old xp32 machine, which I never use now that I have my CR48 and my other laptop.

-{ Quote: "removed avast for the time being, using the Webroot SecureAnywhere beta now" }-
Oh! you can use wsa and avast at the same time. I can assure you that there is no conflict and complement each other. The two are running smoothly in my pc.;)

-{ Quote: "Red and Red ;)" }-
Under the cover of darkness....Avira returns.....almost unnoticed...like the frog sitting in the pan of water...slowly heating up....and before he knows it...boom! Avira!

trying SpyShelter Premium again8)

Trying Forticlient Lite;D

its a firewall;D

-{ Quote: "its a firewall;D" }-
lol its a free antivirus

:) :thumb:

what engine?

-{ Quote: ":) :thumb:" }-
lol uninstalling very heavy for my liking:argh: