What's needed without AV?

I agree.

 

If you stick with XP then: FF w/NoScript & AdBlock+ (since you won't use Chrome), EMET 3.5 properly configured, disable a few unnecessary services, and use a router or Windows firewall, and only an on-demand av. I would not use any 3rd party applications with those hardware specs. Just image your setup once you've got it set up the way you like it.

If Linux: Maybe try a "semi light" distro like Lubuntu or even Xubuntu, but stick with the x386 versions, as they seem, at least in my experience, to be more stable than x64.

 

i only use NoScript and on demand AVs.

can't get any lighter than that.

i'm the only one using this machine though, so i only have myself to worry about.

 

I think I'm gonna stop with trying stuff. Nothing really helped. I think my next step will be a new pc. Reinstalling windows just is too much work. Maybe I will play some more, but it's getting kinda pointless. I got Perfectdisk working again (offline defrag didn't work, but simply boot into safe mode made it work). Webcontrol is now working with avast present. Only PD makes the pc somewhat faster though.


@escalader: I have Webcontrol running now with avast. I did that, because I thought I could uninstall Adblockplus then which would make FF start a couple of seconds faster. A lot of ads and cookies later adblock is up and running again. Priceless extension. Winpatrol is on my pc since the beginning of time. It "frequently" lets me know something has changed. Maybe not needed, but a nice addition and I'm kinda loyal to it. Nice to disable/remove startups also.

I used Defencewall some years ago, but it didn't work wel for me. Don't know why anymore, but never looked back.

Time machines were tested also some time ago, but ****** up my pc bigtime and imaging is good enough for me.

@wat0114: I am behind a modemrouter, have all unneccesary services disabled and FF is "wellextentioned". In that case would "EMET 3.5 properly configured" be enough...? Sandboxie would have to stay I guess.

Sure you can. Don't give up just yet.

 

Imo, yes, I would add a well configured EMET 3.5. Sandboxie at least won't burden the system much at all, yet it will make it virtually impossible to be victimized by any exploit you might stumble upon. Still, if you handle NoScript properly, Sandboxie likely becomes unnecessary.

 

Good combo. That should be all he needs if he knows what he's doing. I sometimes wonder if I do, so I have a little extra.

 

Check my signature. NEVER hacked or infected in 10 years despite downloading tons of apps and lots of high-value data on the HD.

 

@flatfly: I got exewatch which is a nice little app, but when I click "about exewatch" the old non-existing website opens. The author didn't post here since july. Do you know if it has been updated since then? It doesn't autostart yet, so I guess not.

 

That is all he needs even if he doesn't know what he's doing. Just set sbie to autodelete sandbox contents on app exits, leave sbie with default settings, sandbox internet facing apps including browsers, scan weekly with mbam and hmp, take monthly fresh full snapshots with keriver restore. That's all. Nothing complex. All simple and easy. I would have suggested Comodo fw or Online Armor fw if he needed more protection with tiny amount of hassle of alerts.

 

Sven is a good friend of mine, I think he was dealing with RL issues which kept him from coding for a while... I'll nag him about ExeWatch when I see him, though I would be sad to see it become abandonware...

 

@fatfly: Sad to hear. Hope he gets up and running soon.

 

You are right, that's some of what I meant by 'knows what he's doing' , along with learning the details of Sandboxie. The more you know about it the stronger it gets. Also the free Sandboxie comes with one sandbox, so that limits its scope somewhat. For instance, I wouldn't want to go without a sandboxed folder for my downloads.

Also he'd have to know when to exit his sandboxed browser to clear it out. I think it's possible for some malicious software to work within the sandbox and you wouldn't want to have it on board when doing banking or purchasing. I think Page42 said something about that recently, deleting the sandbox more frequently. I tend to do that automatically when moving from one bookmarks folder to another, such as political sites to security sites to game sites.

Then there's mail and flash drives and CDs/DVDs to deal with.

And one of the main things that I had to learn the hard way, knowing what not to click. In other words, avoiding social engineering traps.

 

To get things a little bit more clear...I know what I'm doing. I'm just not up to date. Lot of new software around which I heard of, but didn't try yet. I have sandboxie paid and don't use it's full potential. Don't want to sandbox "everything". Without av it would be different, but since disabling avast doesn't do a lot speedwise I will keep it. All the tips are well appreciated. My knowledge is somewhat up to date now. Unfortunately changing stuff didn't bring me much speedwise. Buying a new pc will be the next step likely. I will make it lighter using some of the software mentioned here. Exewatch is a keeper btw. I love it. Tiny Watchers twinbrother (using some imagination).

 

Yeah I guess a lot of this discussion is no longer relevant since you are keeping your AV. Maybe it'll be useful for someone who happens along who does want to drop their AV.

 

I agree.

 

Glad to hear you've settled with a steady setup.