Who says MSE doesn't have heuristics??

Saraceno, you are a gem.
Thank you so much. I will come back to this post at a later date and use your setup recommendations. P.S. tnx for the PM.

The selection of a firewall is definitely a difficult task for a newbie.
I was told a very long time ago by an old timer "newbies should always ask questions that they do not know the answer to, but should never answer questions that they do not know the answer to" (we were talking about motorcycles at the time). A sophisticated firewall may just put me in such a position.

 

Thanks Saraceno. After reading your tutorial I decided to give the MSE/Sandboxie combo a try.

 

FD, emmjay, threedog, thanks for the feedback.

Just a couple of notes, regarding 'quick recovery', if you make your 'desktop' the place where you are going to save imporant files, make sure you set firefox, chrome, or Opera to save files to your 'desktop', or to 'ask where to save'. Keep in mind, if you save files to 'my documents', sandboxie won't give you a prompt to recover the file.

Opera


Chrome



The reason I don't enable 'immediate recovery', is just incase 'something suspicious' downloads, and the prompt pops up, and you might accidentally accept the prompt to recover the file. Another good tip. Once you recover a file to your desktop, such as a media file or program installer, there's nothing stopping you from then right-clicking and running it as sandboxed to see how it performs.

For example.

Where to go to enable files and folders



The installer recovered, now we're going to right-click and run it 'sandboxed', just incase you think it might be malware. eg. program says portable, but you can see if it really is portable.



By expanding the folders, you can see files being created in system 32 folder, user data folder etc etc. If this was a portable application, or a media file, and you notice it's creating all sorts of files all over your system, you might want to terminate the sandbox, and delete the file.



And emmjay and others, if you employ 'sandboxing' of the recovered files (if they are somewhat suspicious downloads), or say upload any 'unknown' files to http://www.virustotal.com/ or better yet, installing the virus total uploader (at their site under email/uplaoder - where you can right-click on a file and sent it to virus total directly and have it scanned by many different virus engines), you'll have a very light and extremely solid setup. If you need to update your browser, do it the regular way, outside the sandbox.

 

I'm already using sandboxie+mse combo, its just the best combo out there!! Great tutorial tho.

 

Thanks PunchsucKr. There are other settings to tighten the sandbox, creating other sandboxes, dropping rights, internet restrictions, and so on (some applications might not work properly, and will require further tweaking/monitoring to get right).

But for general users, as long as they make sure they clear the sandbox regularly (say, every couple of hours of browsing), the basic settings are fine.

The lightest setup I've tried. As long as the files you recover are download from reputable sources, you won't ever have a problem. Apologies again to you for the thread hijack!

 

haha.. no problems if its gonna help people.
and yes it is the lightest security combo ever. the problem is i have never had a virus from the internet for years now ... i mainly keep my av for those pesky flash drives from friends.