After doing loads of research a couple of years ago I forked out for KAV and Outpost as, in my research these two products sounded like the best AV and firewall available. What I didn't realise at the time was that they didn't play well together and required far more time to harmonise than I was prepared to spend.

I have just gone for a complete reinstall of XP and I'm starting afresh, and this time, I'm going free-free-free.

EDIT: Since posting this OP, I realised that loading security software was part of a bigger process and so I decided to try and come up with a simple guide/proposal for what I (and other newbies) could implement fairly easily. I'm going to try and add links to guides for each part as I find them.

My Goal

To produce a system that has a decent balance of usability and unobtrusiveness with a high degree of security and recovery options.

My Proposed System

A PC running XP with a small (30Gb) partition for system files and applications and a larger (90Gb) partition for data (with an external HDD for more storage).(This makes recovery easier and helps minimise the chances of catastrophic loss
Security features: Returnil, AVG (http://free.grisoft.com/) Antivirus, Online Armor (http://www.tallemu.com/product_overview.html) Firewall, Sandboxie (http://www.sandboxie.com/), Firefox (http://www.mozilla.org/products/firefox/) Web browser (with Noscript (https://addons.mozilla.org/en-US/firefox/addon/722) and Adblock Plus (https://addons.mozilla.org/en-US/firefox/addon/1865) with Filterset G Updater Easylist and Rick752 (thanks to MikeNAS - see post 5))(This set up should provide several degrees of varying effectiveness against malware threats)
Recovery features: (Returnil provides backup for the system partition) Karen’s Replicator.(Between Returnil and Karen's Replicator most of the system should be recoverable)
Proposed Method
1. Backup1. Back up data on external hdd.
2. Back up Firefox extensions with FEBE extension onto ext HDD
3. Backup Firefox Bookmarks with Foxmarks extension onto Foxmark’s online storage
4. Backup Firefox profile with Mozbackup onto Ext HDD ~ http://mozbackup.jasnapaka.com/download.php
2. Reinstall1. Boot from Partition Boot CD (Eg Ultimate Boot CD – with Cute Partition Manager)
2. Partition HDD (Eg using Cute Partition Manager: 120 GB HDD – 2 partitions first 30gb, second 90gb)
3. Restart PC booting from XP install disk.
4. Load XP onto 30gb partition.
3. Loading Security1. Install Returnil, AVG, Online Armor, Sandboxie, Firefox.
2. Move “My Documents” to the Data Partition. ~ http://www.mydigitallife.info/2007/1...-xp-and-vista/
3. Before running Firefox install and run Mozbackup to move profile to Data partition - http://lifehacker.com/software/ask-l...sta-257297.php
4. Put a short cut to sandboxed Firefox ~ http://www.sandboxie.com/index.php?ConfigureMenu#shell
5. Edit the Sandboxie Configuration to allow changes to Firefox (my own personal preference and not very security-minded but it’s one place where I might have to compromise)If anyone's got any tips, changes or recommendations I should add, please let me know. I'll try and update the OP so that it's as close to ideal as possible.

I meant to say - I haven't installed Panda Anti Rootkit (http://www.pandasecurity.com/homeusers/downloads/docs/product/help/rkc/en/rkc_en.htm) yet but I intend to.

Last time I was looking for security options I had conflict problems. Is it fine for all these to be running simultaneously?

Oh, and one more thing! I forgot to ask... Is there anything clever I can do with partitions in XP? I seem to remember something about having programs in one partition and docs in another or something like that... This sounds like another useful free security idea.

And what about Anti-Keylogger?

-{ Quote: "And what about Anti-Keylogger?" }-
Haven't heard of it. A google search throws up a number of posiibilities. Any chance of a linky?

Don't use Filterset G and it updater. Those aren't good nowadays. rick752 EasyList etc. are much better.

-{ Quote: "
Do I need to install Filterset.G Updater?

No. Actually, it is recommended not to use Filterset.G with Adblock Plus. There are several reasons for this:

* Filterset.G has been intentionally made incompatible with the built-in subscriptions feature in Adblock Plus, updating Filterset.G requires a separate extension which basically duplicates existing functionality.
* Filterset.G is not optimized for use with Adblock Plus, it will slow down your browsing considerably more than any other filter list.
* Filterset.G makes heavy use of very complicated regular expressions with the consequence that finding the source of problems is difficult and fixing those problems is even more so. In fact, Filterset.G is fixing most problems with exception rules which creates a problem on its own (see next point).
* Filterset.G contains a considerable number of exception rules. This is a big problem because exception rules cannot be overridden. It happened on several occasions that exception rules from Filterset.G whitelisted actual ads making these ads unblockable — something users usually blamed Adblock Plus for.

While Filterset.G has had its uses in the past, nowadays other filter lists are certainly a better choice. If you already have Filterset.G Updater installed, you can uninstall the extension and remove the Filterset.G subscription in the Adblock Plus Preferences dialog.
" }-

-{ Quote: "Don't use Filterset G and it updater. Those aren't good nowadays. rick752 EasyList etc. are much better." }-

Cheers MikeNAS! Very useful. Do I subscribe to rick752 and Easylist via the Adblock Plus Preferences option?

I'm going to update my OP to show the change.

-{ Quote: "Cheers MikeNAS! Very useful. Do I subscribe to rick752 and Easylist via the Adblock Plus Preferences option?

I'm going to update my OP to show the change." }-

Just go:

http://easylist.adblockplus.org/

and just add what you want (atleast Easylist).

-{ Quote: "And what about Anti-Keylogger?" }-
Sandboxie will do a job on it.
Safespace is better however, for key-loggers, since its more newer and alive with Fancy GUI and technology

Thanks MikeNAS

-{ Quote: "Sandboxie will do a job on it.
Safespace is better however, for key-loggers, since its more newer and alive with Fancy GUI and technology" }-
I like the simplicity of Sandboxie (although I'd like to know how I can have extensions and themes I d/l whilst sandboxed have effect on sandboxed FF and normal FF).

Does Safespace offer similar sandboxing or is it another program to add to the (ever-increasing) repertoire?

I would add Returnil (freeware), because I don't trust scanners to keep my system partition malware-free. Keeping your system partition in an "unused" state isn't possible with Returnil. In that case you have to use your Image Backup software, which isn't ISR anymore.

Thanks Eric, I'm going to read up about Returnil (having seen some other references to it since I started looking around).

The same goes for Threatfire which seems highly regarded.

The only problem is I don't want to get any conflicts.

Can these all play nicely (and do they need specific settings to do so)?

AVG Antivirus
Online Armor Firewall
Spyware Terminator
Panda Anti Rootkit
Returnil
Threatfire
Firefox Web browser
Sandboxie

Edit - And just as importantly, is there any redundancy? The fewer programs running the better as far as I'm concerned.

Returnil + ThreatFire : if ThreatFire asks me what to do, I would always give a NEGATIVE answer, in other words I wouldn't allow anything to run.

ThreatFire without Returnil is something else, that requires an user, which can evaluate the questions of ThreatFire in order to give the right answer.

Ooo. Just seen that my presumption AVG Antivirus was the same as AVG Anti-spyware (which is Ewido by a new name). Better add it to the list.

-{ Quote: "Returnil + ThreatFire : if ThreatFire asks me what to do, I would always give a NEGATIVE answer, in other words I wouldn't allow anything to run.

ThreatFire without Returnil is something else, that requires an user, which can evaluate the questions of ThreatFire in order to give the right answer." }-
Without experience of either I don't quite understand - it sounds like you implement ThreatFire more rigorously when you are using it with ThreatFire than when you use it on its own, which seems a bit odd.

Have I misread/misunderstood?

In my case, but using your list, it would be like this :

AVG Antivirus
Online Armor Firewall
Spyware Terminator
Panda Anti Rootkit
Returnil
Threatfire (Anti-Executable is better, but is payware)
Firefox Web browser
Sandboxie

Returnil free+ Avira free +router firewall/nat suits my needs. Depending on what you do on your computer I guess. I primarily use mine to play some online games, do a bit of browsing with Opera and an occassional download or two. I tried adding ThreatFire but it doesnt fit well with gaming... I'd suggest trying Returnil + an AV of your choice as your baseline then incrementally adding up on security from there.

-{ Quote: "Without experience of either I don't quite understand - it sounds like you implement ThreatFire more rigorously when you are using it with ThreatFire than when you use it on its own, which seems a bit odd.

Have I misread/misunderstood?" }-
Well, this is a matter of logical reasoning.
When your system partition is fresh installed, it is malware-free and everything is working properly.
When you install Returnil you FREEZE that malware-free, good working system partition.
Each time you reboot you get the SAME system partition back.

If ThreatFire asks you what to do in order to run something good or bad, you always answer NO.
You don't need bad changes or good changes, because your system partition is already working properly.
If you give the wrong answer, the malware might execute itself, but when you reboot the malware will be gone.

If you don't have Returnil, you don't have a frozen environment anymore, which means that you have a different system partition each time you reboot.
When ThreatFire asks you what to do in order to run something good or bad, the answer can be YES or NO.
If you give the wrong answer the malware might execute itself and will be still there the next time you reboot.

-{ Quote: "Well, this is a matter of logical reasoning.
When your system partition is fresh installed, it is malware-free and everything is working properly.
When you install Returnil you FREEZE that malware-free, good working system partition.
Each time you reboot you get the SAME system partition back.

If ThreatFire asks you what to do in order to run something good or bad, you always answer NO.
You don't need bad changes or good changes, because your system partition is already working properly.
If you give the wrong answer, the malware might execute itself, but when you reboot the malware will be gone.

If you don't have Returnil, you don't have a frozen environment anymore, which means that you have a different system partition each time you reboot.
When ThreatFire asks you what to do in order to run something good or bad, the answer can be YES or NO.
If you give the wrong answer the malware might executes and will be still there the next time you reboot." }-

That's very good summary. I'm using that kind of setup too but I don't even want to answer No.

-{ Quote: "That's very good summary. I'm using that kind of setup too but I don't even want to answer No." }-
I use Anti-Executable instead of ThreatFire and AE always says NO and doesn't allow me to say YES, so there is no doubt anymore. ;D

-{ Quote: "I use Anti-Executable instead of ThreatFire and AE always says NO and doesn't allow me to say YES, so there is no doubt anymore. ;D" }-

Yeah I know that. I use DefenseWall and Sandboxie plus Shadow Defender. All drives are shadowed plus couple of usb memorys too. My firewall is always trustworthy GhostWall.

-{ Quote: "Yeah I know that. I use DefenseWall and Sandboxie plus Shadow Defender. All drives are shadowed plus couple of usb memorys too. My firewall is always trustworthy GhostWall." }-
Well, I'm still looking for a firewall, I might try GhostWall. Thanks.

-{ Quote: "Well, I'm still looking for a firewall, I might try GhostWall. Thanks." }-

I absolutely adore "LITE" becuase mostly my units are medium type components for the most part, so i gone back to Kerio 2.15 and no more worse for wear, good ole obsolete free software firewall for me.

-{ Quote: "
The only problem is I don't want to get any conflicts.

Can these all play nicely (and do they need specific settings to do so)?

AVG Antivirus
Online Armor Firewall
Spyware Terminator
Panda Anti Rootkit
Returnil
Threatfire
Firefox Web browser
Sandboxie

Edit - And just as importantly, is there any redundancy? The fewer programs running the better as far as I'm concerned." }-
Online Armor is a firewall with a HIPS component which does a lot of things (execution control, process control, etc). If you're going to use OA I'd drop Threatfire and Spyware Terminator. If you like Threatfire, drop Spyware Terminator and search for a light firewall-only app (Windows firewall, Ghostwall, Kerio 2.1.5, LnS, etc)

-{ Quote: "Well, I'm still looking for a firewall, I might try GhostWall. Thanks." }-

GhostWall is awesome. You should test it. Just set rules and forgot it totally.

-{ Quote: "Just set rules ..." }-
That is exactly the problem. ;D

-{ Quote: "Oh, and one more thing! I forgot to ask... Is there anything clever I can do with partitions in XP? I seem to remember something about having programs in one partition and docs in another or something like that... This sounds like another useful free security idea." }-

This is highly recommended. This allows you to have separate backups for your system and your data, and also allows you to use Returnil without using a Returnil virtual partition for data. If your system ever becomes corrupted, you can restore the system partition without overwriting your data partition.

-{ Quote: "This is highly recommended. This allows you to have separate backups for your system and your data, and also allows you to use Returnil without using a Returnil virtual partition for data. If your system ever becomes corrupted, you can restore the system partition without overwriting your data partition." }-
I agree with MrBrian. That's the first thing I did, separating system from data.
That gives you total freedom in your system partition, while your data remains intact and it simplifies the backup/restore of course.
Almost every malware targets [C:], because most computers have only one big partition [C:] with everything on it.

In case of a destructive attack on [C:], you can lose your data of today if on [C:], because your image/file backup is always of yesterday. If your data is another partition than [C:], you still have your data of today.
Another solution is incremental backups, but not everybody likes them. :)

So just how is this accomplished from an XP install disk? Is there a prompt someplace duting install procedure that affords the user an option of setting say My Documents over to the other partition or hard drive? Or is this something needs done after the full install is complete? Maybe with third party tools?

I know quite a lot about in the trenches combat against malware and defense startegies but when it comes to these type matters i admit that i don't have a clue, thats why i rely on the best HIPS and other safety apps like returnil to keep everything stationary during internet runs around the bases of the web.

If you really want to move "My Documents" :
1. Right click on "My Documents"
2. Click on Properties
3. Change the target
I never tried it, but it should work in practice.

I didn't move anything, I left my system partition as it was and created my own folders on my data partition, but I'm the only user on my pc.
The most sensational and EASY move I've ever seen was with nLite. This allows you to move the entire folder "C:\Documents and Settings" to [D:]

-{ Quote: "So just how is this accomplished from an XP install disk? Is there a prompt someplace duting install procedure that affords the user an option of setting say My Documents over to the other partition or hard drive? Or is this something needs done after the full install is complete? Maybe with third party tools?
" }-

When you install XP you can create partitions. If you've already installed XP, you could try Administrative Tools->Computer Management->Disk Management, but I think you cannot shrink existing partitions with this program. Other free programs that can shrink existing partitions include gparted and Partition Logic. See http://www.thefreecountry.com/utilities/partitioneditors.shtml for other choices. For pay programs, PartitionMagic is an option.

You can use TweakUI to relocate special folders, such as My Documents and (Internet Explorer) Favorites. For other programs, there might be a way to manually relocate the data to the data partition.

I've read this repeated many times but was not so convinced and that might have to do with my excellent backup programs/images, but it is something worthwhile and is been explained for purpose and detail so i may just try that soon myself.

The best free security setup.

That's a hard one because there are so many good ones, but i would always recommend at least 3 and they would include the likes of SAS, Returnil, SuRun, HIPS, etc and i could mention some more FREE ones but their listed all over these forums with really informative in-depth discussions according what the users habits are and what they have in mind, severe layered approaches, combos with LUA/SRP's and so forth.

-{ Quote: "So just how is this accomplished from an XP install disk? Is there a prompt someplace duting install procedure that affords the user an option of setting say My Documents over to the other partition or hard drive? Or is this something needs done after the full install is complete? Maybe with third party tools?

I know quite a lot about in the trenches combat against malware and defense startegies but when it comes to these type matters i admit that i don't have a clue, thats why i rely on the best HIPS and other safety apps like returnil to keep everything stationary during internet runs around the bases of the web." }-

I did it like this after install :-

Change the Default Location of the My Documents Folder

To change the default location of the My Documents folder, follow these steps:

Click Start, and then point to My Documents.

Right-click My Documents, and then click Properties. Click the Target tab. In the Target box, do one of the following:

Type the path to the folder location that you want, and then click OK . For example, D:\My Stuff . If the folder does not exist, the Create Message dialog box is displayed. Click Yes to create the folder, and then click OK.

-or-

Click Move , click the folder in which to store your documents, and then click OK twice. If you need to create a new folder, click Make New Folder. Type a name for the folder, and then click OK twice. In the Move Documents box, click Yes to move your documents to the new location, or click No to leave your documents in the original location.

Restore the My Documents Folder to Its Default Location

To restore the My Documents folder to its default location, follow these steps:

Click Start , and then point to My Documents. Right-click My Documents, and then click Properties. Click Restore Default, and then click OK. In the Move Documents box, click Yes to move your documents to the new location, or click No to leave your documents in the original location.

-{ Quote: "This is highly recommended. This allows you to have separate backups for your system and your data, and also allows you to use Returnil without using a Returnil virtual partition for data. If your system ever becomes corrupted, you can restore the system partition without overwriting your data partition." }-

Thanks for this.

I am wondering how this is set up. Is it really a case that you just move My Documents into another partition and then just make sure to save files there only?

Also, Returnil sounds great, and I'm going to have a play, but is there a way to have it create "restore points"? (Could System restore do this instead?)

What I have in mind is being able to go back through restore points until you find the most recent safe point.

Sorry if I'm reinventing the wheel. I'm fairly new to all this and I'm not too sure where to start looking for info.

For "restore points", incremental backups come to my mind, but maybe there's another option...

-{ Quote: "
What I have in mind is being able to go back through restore points until you find the most recent safe point.
" }-
Personally, I didn't like restore points as solution, because I have to choose between different restore points
and that means that I have to choose between different system partitions.
So the crucial question is : which one of all these restore points is a good and safe one ?
If you don't know for certain, your choice = gambling and you don't gamble with security.

A smart average user will always go to the FIRST restore point, the one he created himself, because he doesn't know for sure what happened between all these different restore points.

That's why I always rollback to my original fresh installed system partition.
In other words, I replaced all questionable restore points with only ONE restore point, the right one, the safe one.
Pure simple logical reasoning, if you think I'm wrong, break it, I'm all ears. :)

-{ Quote: "I am wondering how this is set up. Is it really a case that you just move My Documents into another partition and then just make sure to save files there only?

Also, Returnil sounds great, and I'm going to have a play, but is there a way to have it create "restore points"? (Could System restore do this instead?)

What I have in mind is being able to go back through restore points until you find the most recent safe point.
" }-

The My Documents move was in fact simple to do. You can use TweakUI to move special folders like this, or use the technique mentioned by others here. It is a simple change and works well. My Documents is a pseudo folder, not a real folder, and that's why this move is easy to do and effective.

For other programs that save data, you'll have to manually go into the programs' settings and change the folder location yourself. For example, I put my Opera browser's profile, including bookmarks, in the data partition. Other candidates to do this for would include your email program's data. Other items that I have in my data partition include a folder for downloads and a Temp folder. I don't bother to try to move program settings data to the data partition, as this data can be commingled in various places in the system partition.

For restore points, you can manage these as you normally would when Returnil protection is off. (If you do it with Returnil protection on, the changes will be lost upon reboot.) If you need a free backup program, try DriveImage XML.

-{ Quote: "I've read this repeated many times but was not so convinced and that might have to do with my excellent backup programs/images, but it is something worthwhile and is been explained for purpose and detail so i may just try that soon myself.
" }-

Another nice advantage of having a separate data partition is that when you move to a new operating system, it's easy to bring your data along with you :).

Thanks for the tips on moving the documents folder off the active system area to another partition or drive.

I regulary jockey drives so i assume there would be no ill after affects when adding a new slave drive and just repeat those steps again. Am i correct in this?

-{ Quote: "Thanks for the tips on moving the documents folder off the active system area to another partition or drive.

I regulary jockey drives so i assume there would be no ill after affects when adding a new slave drive and just repeat those steps again. Am i correct in this?" }-

I don't think there should be a problem. If you plan to keep the data partition on a separate drive, maybe it's best to make sure that the 'good drives' are always swapped in or out as a set.

-{ Quote: "Thanks for the tips on moving the documents folder off the active system area to another partition or drive." }-Another option is to avoid My Documents altogether, and just create a data partition (or separate drive) with directories and sub-directories for all of your documents.


----
rich

-{ Quote: "Another option is to avoid My Documents altogether, and just create a data partition (or separate drive) with directories and sub-directories for all of your documents.


----
rich" }-
That's what I did. I have a second harddisk/partition [D:], which contains all my personal files organized in folders.
DefenseWall locks [D:], when I open Firefox to surf on the internet.

I didn't move anything from my system to data partition.
The folder "My Documents" on my system partition has still 2 files to give malware and hackers the idea, I'm working there and that I'm very vulnerable. It's pure psychological. :)

Hi, this guide was what I used to move My Documents to a new partition. It was my first time and if I can do it, anyone can ;). http://www.windowsbbs.com/showthread.php?t=49222

Scoobs,
For AdBlockPlus, in addition to EasyList, you might consider EasyElement and ABP Tracking Filter.

I had a pile of programs like you did at one time. I have whittled my way down to Sandboxie, Online Armor (full without AV) and Avira Premium as my only active/real time protection. I sometimes call on Returnil via Session Lock when I'm doing some rough surfing. Returnil is also handy trying programs that don't need a reboot to install and to try other things.

I still keep a couple of on-demand scanners around to check files I download. I also have another hard drive that I store backups on in the event something goes wrong. It is also important to keep your important programs up to date. See my sig. for a good place to scan if you have any vulnerable applications. It probably a good idea to check at least once a month.

Cheers,
innerpeace

Edit: Have a look at this post for good basic info. http://www.wilderssecurity.com/showthread.php?t=206805

I don't understand why everyone wants to move my documents etc. folders. I don't even want to use those. I just build my own folder structure to other partition and use that. Of course many programs want to use my documents folder but usually you can change that setting if needed.

-{ Quote: "I don't understand why everyone wants to move my documents etc. folders. I don't even want to use those. I just build my own folder structure to other partition and use that. Of course many programs want to use my documents folder but usually you can change that setting if needed." }-
You are right of course. I've done the same thing. Maybe only Europeans do that . ;)

-{ Quote: "I don't understand why everyone wants to move my documents etc. folders. I don't even want to use those. I just build my own folder structure to other partition and use that. Of course many programs want to use my documents folder but usually you can change that setting if needed." }-

Yeah i see your point on that MikeNAS, i usually don't bother because i only keep security utilities there anyway, my cherished Sci-Fi FLV's i always move to another partition, don't want to lost those classics.

But then i never encountered malware anyway that focused on my Data Folder anyway, usually they like to slip a dropper in C: or else go for the open %WinDir% or System32.

BTW, i'm right now getting a Comdo D+ Update in progress for any who use that one. 48% and counting..................

-{ Quote: "I don't understand why everyone wants to move my documents etc. folders. I don't even want to use those. I just build my own folder structure to other partition and use that. Of course many programs want to use my documents folder but usually you can change that setting if needed." }-
I think that may be the reason. Most of us non-Europeans usually save things in My Documents ;D. I'm trying to keep things simple :P.

So, is there a good reason not to move My Documents to another partition?

-{ Quote: "I think that may be the reason. Most of us non-Europeans usually save things in My Documents ;D. I'm trying to keep things simple :P.

So, is there a good reason not to move My Documents to another partition?" }-

No there is a reason to move,at the time that imaging was heavily discussed,general consences was that keeping your C partition as small as possible because it makes up for faster imaging times. My documents can pile up fast so what many at that time did was migrating this folder to an another partition and secured this folder with an simple replication program,like Karen Replicator to an external or second internal drive.

btw. common sense is global !;)

-{ Quote: "No there is reason to move,at the time that imaging was heavily discussed,general consences was that keeping your C partition as small as possible because it makes up for faster imaging times. My documents can pile up fast so what many at that time did was migrating this folder to an another partition and secured this folder with an simple replication program,like Karen Replicator to an external or second internal drive.

btw. common sense is global !;)" }-
Yes, but those are the reasons for separating system and data.
But some users move folders from C to D, while other users don't move folders from C to D, they leave C untouched and create a new set of folders on D.
That was the subject.

-{ Quote: "Yes, but those are the reasons for separating system and data.
But some users move folders from C to D, while other users don't move folders from C to D, they leave C untouched and create a new set of folders on D.
That was the subject." }-

O yea gosh, forget about that,lessening the changes to be compromised by sneaky stuff,good reason.good measure ! :thumb:

BTW if i remember right,encrypting your D did'nt much against malware. right ?

but then again you may say that my remarks are out of context,never mind me but beware and correct me if i say really stupid things !

-{ Quote: "
BTW if i remember right,encrypting your D did'nt much against malware. right ?
" }-
No, I simply stopped using TrueCrypt, because I thought TC would do something for me, but I was very wrong, it was my misunderstanding. I was a bit disappointed and I gave encryption a rest. :)

-{ Quote: "Maybe only Europeans do that . ;)" }-

;D Yeah maybe... I'm from country where linux come from and most people don't even know what it is.

-{ Quote: ";D Yeah maybe... I'm from country where linux come from and most people don't even know what it is." }-

I guess that they know Windows very well ! ;)

Riiiight. This is getting into territory I wasn't quite prepared for.

I was after a fairly unobtrusive arranngement I could set up and then not worry too much about, bar regular updates and scans.

At the moment I have an 80gb HDD with one 40gb XP partition on it. (I had intended to experiment with a PCLinuxOS partition in the free space).

I've had a play with Returnil but I'm not too keen on the intrusive logo at the top of my screen all the time. That said, I think I'm unhappy because I feel that without a proper separate partition for my system I'm not getting the best protection I could from it.

I've just got my system set up as I like it (the download of open office will be a bugger to do again) but if people recommend starting again then so be it.

If I did start from scratch again, what should I do? I'm thinking -


Install two partitions
Install all the progs I'm fairly certain are safe from USB stick (after downloading them at work) onto the "system" partition (ie, Firefox, sandboxie,AVG, Returnil, Online Armor, and Threatfire - which i haven't looked at yet)
Set up the other partition as a "data" partition to hold any files, and things like my firefox profile etc.
Set up Returnil to always run and to "freeze" my system partition.


If there's a decent thread about how to set up from scratch I haven't found it yet.

-{ Quote: "
I've just got my system set up as I like it (the download of open office will be a bugger to do again) but if people recommend starting again then so be it.
" }-
If you like your actual setup, keep it. Nobody forces you to do all this. You can always do it later and think longer about it first.

After a bit more reading, I think I'd want to cut down the list of programs I use.

I think I'd go for:-

Firefox (with Noscripts and Adblock Plus with Easylist filters)
Sandboxie (paid - with Sandboxed FF set as default browser)
Online Armor (free version)
AVG (free version)
Returnil (free)


Then I would use something like Karen's Replicator to back up my data partition to an external HDD.

If I decide to install a program at a later date, is there any way to let it past Returnil, so that if I have to recover the system partition I don't lose the program? (I'm just thinking about the recent OpenOffice download and install I did)

-{ Quote: "If you like your actual setup, keep it. Nobody forces you to do all this. You can always do it later and think longer about it first." }-

Erik, thanks a lot mate. You've been really helpful answering all my innane questions!

My current thinking is that if there's a decent straightforward way to start from scratch then now, before I fill my PC with the usual rubbish, is the time to do it.

I think that with my curent 40gb partition on an 80gb HDD, I'm better off starting again, rather than trying to resize and format the partitions into the right configuration (ie, small system partition - I'm guessing something like 20gb?)

Or can I work with what I've got?

-{ Quote: "Erik, thanks a lot mate. You've been really helpful answering all my innane questions!

My current thinking is that if there's a decent straightforward way to start from scratch then now, before I fill my PC with the usual rubbish, is the time to do it.

I think that with my curent 40gb partition on an 80gb HDD, I'm better off starting again, rather than trying to resize and format the partitions into the right configuration (ie, small system partition - I'm guessing something like 20gb?)

Or can I work with what I've got?" }-
If you are motivated to do this separation, then :
1. System Partition [C:] = 20gb = Windows + ALL Applications
2. Data Partition [D:] = 100gb = personal files.
It depends how many applications you have of course.

Thanks Erik. I'm going to give it a go.

Looking for a free partitioning program now.

-{ Quote: "
Looking for a free partitioning program now." }-
Ranish Partition Manager
http://www.ranish.com/part/

I'm wondering... would it be rude to start a new thread about "Best Free Security Setup from scratch"?

At the moment my method would be:-


Boot from Partition Boot CD (Eg Ultimate Boot CD – with Cute Partition Manager)
Partition HDD (Eg 120 GB HDD – 2 partitions first 30gb, second 90gb)
Restart PC booting from XP install disk
Load XP onto 30gb partition
Install Returnil, AVG, Online Armor, Sandboxie, Firefox
Set up Returnil, AVG, and Online Armor as always on.
Install Firefox extensions Adblock Plus (with all 3 easylist filters), Noscript.

-{ Quote: "Ranish Partition Manager
http://www.ranish.com/part/" }-
Thanks Erik. I've just realised that I have a copy of Thhe Ultimate Boot CD floating around somewhere, and I think that's got Ranish on it. I'll give it a whirl.

-{ Quote: "Thanks Erik. I've just realised that I have a copy of Thhe Ultimate Boot CD floating around somewhere, and I think that's got Ranish on it. I'll give it a whirl." }-
Yes, I vaguely remember that this CD has Ranish on it.
It's good to have some practical experience with partitioning. 2 years back, I didn't even know what a partition was.

You could also try GParted LiveCD. It's linux based and has worked well for me.

-{ Quote: "If I decide to install a program at a later date, is there any way to let it past Returnil, so that if I have to recover the system partition I don't lose the program? (I'm just thinking about the recent OpenOffice download and install I did)" }-

The only way to do this with Returnil free, is to disable Returnil's protection, reboot, install and the enable Returnil again.

Returnil paid has the option of "total session save".

-{ Quote: "You could also try GParted LiveCD. It's linux based and has worked well for me.



The only way to do this with Returnil free, is to disable Returnil's protection, reboot, install and the enable Returnil again.

Returnil paid has the option of "total session save"." }-Thanks Hurst, that's good to know.

Scoobs,
Regarding WinXPproSP2 and its activation and my personal experiences.
- activating Windows via internet works but not forever, I think it's about 4 months, at least in Belgium.
- after that, I couldn't use internet anymore, so I had to do this by phone.
In order to avoid phone-activation in the future, I took an image of my activated Windows.
So now I can restore Windows, instead of installing + activating it, if I ever want to re-install my computer again from scratch.
Don't know if that is important to you, but I hate phone-activation : too many numbers via phone (about 100 digits and no mistake) and I have to give an explanation, why I want to re-install Windows.

Thanks Erik - that is important to me. Thanks for the heads up. What did you use to image?

-{ Quote: "Thanks Erik - that is important to me. Thanks for the heads up. What did you use to image?" }-
ShadowProtect Desktop, quite expensive about $80.00.
Maybe you better ask for cheaper solutions at Wilders or even freewares.

Acronis True Image 11 is about $50

I read in a post that ATI8 was around for free, but I have never used it, nor do I know if it's legal.

Scoobs,
Take care of your Image Backup software FIRST and test it after installing Windows : backup and above all restore and more than once. It's the ideal moment to test IB software, when you are installing your computer from scratch. And use the Recovery CD.

I also recommend a Zero Tool to fill your harddisks with zeroes. You can do this much later, but you will need it after having a KillDisk attack. You can't even use your Recovery CD anymore after such attack, not even the Windows CD.
Go to the manufacturer website of your harddisk first, they usually have tools (freeware) to test your harddisk. DBAN is also good for that purpose.

As a matter of fact, Ultimate Boot CD has DBAN...I used it on my last fresh install and worked great... it slow, 18 hours, for just one pass on a 80 gig HD

-{ Quote: "As a matter of fact, Ultimate Boot CD has DBAN...I used it on my last fresh install and worked great... it slow, 18 hours, for just one pass on a 80 gig HD" }-
That is very long. I have also a 80 gig HD (WD Raptor).
The Zero Tool of WD needs 20 minuts to do a full zero.
I'm almost 100% sure that DBAN has also a zero option and that took 18 hours ?

yes.

there where many options: one-pass zeros, DoD 3 passes, DoD 7 passes, Guttmann 35 passes.

I choose one pass zeros. I remember wondering how just filling a disk with zeros could take so long...

-{ Quote: "yes.

there where many options: one-pass zeros, DoD 3 passes, DoD 7 passes, Guttmann 35 passes.

I choose one pass zeros. I remember wondering how just filling a disk with zeros could take so long..." }-
If I was you, I would visit the manufacturer website of your harddisk and see if there are any tools to zero your harddisk.
18 hours is inhuman. ;D

-{ Quote: "18 hours is inhuman." }-

I agree, specially when you NEED your computer to work on your thesis :thumbd:

But I hope not doing it again until I sell my computer next year

-{ Quote: "
if there's a decent straightforward way to start from scratch then now, before I fill my PC with the usual rubbish, is the time to do it." }-
Just ensure that all your data is safe (i.e. backed up applying the LOCKSS (Lots of Copies Keep Stuff Safe) (http://www.lockss.org/lockss/Home) principle), get a good imaging app (verify your images and practice restoring to a second/empty HDD and to the primary HDD), get a pen and paper to write your plans and you're good to go :)

Junctions and Symbolic Links (http://schinagl.priv.at/) are another possibility for the task of moving data folders.

-{ Quote: "
I've had a play with Returnil but I'm not too keen on the intrusive logo at the top of my screen all the time. That said, I think I'm unhappy because I feel that without a proper separate partition for my system I'm not getting the best protection I could from it.

I've just got my system set up as I like it (the download of open office will be a bugger to do again) but if people recommend starting again then so be it.

If I did start from scratch again, what should I do? I'm thinking -


Install two partitions
Install all the progs I'm fairly certain are safe from USB stick (after downloading them at work) onto the "system" partition (ie, Firefox, sandboxie,AVG, Returnil, Online Armor, and Threatfire - which i haven't looked at yet)
Set up the other partition as a "data" partition to hold any files, and things like my firefox profile etc.
Set up Returnil to always run and to "freeze" my system partition.

" }-

This is what I'd do too, provided you don't often change program settings or install new programs (or are willing to tolerate the Returnil reboot required to turn off protection while you make changes you want to make permanent to your system partition). You shouldn't have to start over from scratch to do this.

The Returnil banner can be turned off.

Ultimate Boot CD for Windows has a free imaging program called DriveImage XML. Or you can download it separately. Not a speed demon but works.

ThreatFire is a "quiet" program and thus fits your requirements.

Consider Mozy for free online backup of your documents.

Thanks for all the help so far guys.-{ Quote: "The Returnil banner can be turned off.

Ultimate Boot CD for Windows has a free imaging program called DriveImage XML. Or you can download it separately. Not a speed demon but works.

ThreatFire is a "quiet" program and thus fits your requirements." }-
Thanks MrBrian, that's all good to know. DriveImage XML sounds useful for me because I want to image a laptop harddrive, so there's no second hdd to copy te image to. Carrying out the whole process in Windows will do the trick.

I have a new HDD for my laptop which I want to install, so a fresh install and set up seems like a good idea....-{ Quote: "You can always do it later and think longer about it first." }-Hopefully this thread constitutes the "thinking longer about it first".

I've edited the OP to reflect my intended plan.

Hi, have a look at www av-comparatives org ... after this you might want to reconsider your choice of AV

I have been using AVG for years on several computers and never had a problem.. its very low on memory and also provides a free mail scanner.. However, Avira's detection rate is said to be so much better that I recently switched.

Online Armor seems to be one of the best firewalls overall (par with Comodo) both are much better than most commercial personal firewalls.

Personally I would say running a sandboxed browser on a virtual system (i.e. using Sandboxie while running Returnil) is kind of overkill

However, if web browsing in a non virtual environment it would help to have something that monitors system files+registry for unauthorized modifications... Spyware terminator does this in realtime (switch everything off except for file/registry monitoring) Win Patrol does not have a real time shield but can be set up to monitor files every few minutes. Since running several realtime security application concurrently might cause problems Win Patrol might be a good choice...

Cheers

-{ Quote: "Hi, have a look at www av-comparatives org ... after this you might want to reconsider your choice of AV" }-Thanks PlanB, I'm always willing to listen to good suggestions.-{ Quote: "I have been using AVG for years on several computers and never had a problem.. its very low on memory and also provides a free mail scanner.. " }-This is why I like it, but I'm a bit concerned about version 8 - It sounds like it might prove problematic.
-{ Quote: "However, Avira's detection rate is said to be so much better that I recently switched." }-I'm happy with the job AVG does and I've read that Avira is quite noisy, and also has to be re-registered from time to time, which sounds like a hassle. How does it compare to AVG in terms of how much attention it demands?

Ok. Here it goes,

Vista FW/XP FW
AntiVir Personal 8.0
Threatfire 3.5
Geswall 2.7.1 Free
Ccleaner

I haven't found a really good free backup software. So I use Acronis TrueImage 11.0. Works on Vista and XP.

Al

Hi,

Avira's default settings is in fact a little "noisy", but you can switch the update process to invisible (you need to do this in AVG too) + from time to time it launches a notifier "avnotify.exe" displaying some ads - I switched this one off via software policy settings (secpol.msc, Software Restriction Policy)

There seems to be a "re-registration process" every 6 months, according to antivir the licence key will automaticall renew after 5 months, but who knows ;-)

Cheers