What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Windows 10 / 64bit

    Windows 10 Firewall Control
    AppGuard
    KeyScrambler
    ShadowDefender
    Raxio Instant Recovery
     
  2. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Standard User Account
    UAC set to Always notify
    Windows SmartScreen On
    Windows Update On
    Reduced attack surface
    Unsigned processes blocked/not allowed.
    Software Restriction Policy - Executions in AppData, Local and Temp are set to Disallowed

    Adguard Premium - For anti-phishing, ad-blocking and stealth.

    On-demand: Emsisoft Emergency Kit (Portable), Zemana AntiMalware (Portable)

    Password management: KeePass

    Encryption: EncryptOnClick + WinRAR

    Google Chrome:
    Chrome://flags >
    "Enable PPAPI Win32k Lockdown = All plugins",
    "Enable AppContainer Lockdown = Enabled",
    "Extension Content Verification = Enforce Strict",
    "Reduce default 'referer' header granularity = Enabled"

    Browser tweaks for better privacy
    DuckDuckGo Search
    No extensions
     
    Last edited: May 11, 2016
  3. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Have you had any negative effects with these tweaks?
     
  4. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    No negative effects, running smooth. :thumb:
     
  5. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Will enabling any of these tweaks cause issues when running chrome in sbie?
     
  6. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Since AppContainer is being used in this case, I really wouldn't recommend it.

    I'm not saying it wouldn't work, but I just wouldn't implement both, just in case a problem were to occur.
     
  7. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    What I figured. Thanks Tyrizian
     
  8. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Sure, no problem

    Any other questions, don't ever hesitate to ask.
     
  9. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
  10. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    682
    Location:
    Wembley, London
    @Tyrizian
    I can't keep pace with your changes :geek:
    So you have now dropped VoodooShield :confused:
    Any particular reason :cautious:
     
  11. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    :D Sorry about that

    VoodooShield as of late has been pretty buggy, so I've set it aside for now.
     
  12. Nocturnalizer

    Nocturnalizer Registered Member

    Joined:
    Oct 4, 2015
    Posts:
    42
    Location:
    London, UK
    I've gone back to a simple, light setup of Adguard Premium, VoodooShield and Sandboxie protecting Firefox. Zemana AntiMalware Premium for on-demand scans every week. SUA too.
     
  13. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Very strong setup, I like it :thumb:
     
  14. Nocturnalizer

    Nocturnalizer Registered Member

    Joined:
    Oct 4, 2015
    Posts:
    42
    Location:
    London, UK
    Thank you! Partly inspired by your excellent setup too.
     
  15. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Excellent :thumb:
     
  16. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    I have set this in Chrome "Enable AppContainer Lockdown = Enabled" and running it in Sandboxie with no problems or errors.
     
  17. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    AppContainer doesn't work inside Sandboxie. The only reason why you are not seeing any errors is because Sandboxie is disabling the AppContainer tweak and setting the integrity level back to untrusted.
     
  18. Grumlo

    Grumlo Registered Member

    Joined:
    Nov 14, 2015
    Posts:
    176
    Appguard, Adguard, Chrome in Sandboxie
    Windows defender - off
    I think now maybe is so many. Any suggest ?
    I have live.com account and now i think to go local.
     
  19. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Awesome :)
     
  20. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    I will check that later tonight.
    Tnx
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I would use local account instead of Live. And maybe add something to backup the system.
     
  22. hjlbx

    hjlbx Guest

    @paulderdash

    BRN is reviewing vulnerable applications. There are a few minor bugs. Some additional file types might be blocked by default and applications added to User Space.

    Waiting to see.

    I added all the programs from Florian's list to AppGuard User Space and submitted xml to BRN for testing.
     
  23. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    I just tested Chrome without Sandboxie and with Sandboxie.
    When is Chrome in Sandboxie then process are Untrusted.

    Here are picture without Sandboxie and with Sandboxie:
     

    Attached Files:

  24. hjlbx

    hjlbx Guest

    When run Chrome in Sandboxie, then it is run as Untrusted = integrity level specified by Sandboxie.

    When run Chrome outside Sandboxie, then it is run in AppContainer = integrity level specified by enabling Chrome's experimental setting for AppContainer.

    If you are always going to run Chrome sandboxed, then it really isn't necessary to specify AppContainer.

    Invincea made some kind of mention that they would try to implement AppContainer, but there is no guarantee that they will be able to do it.
     
  25. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Most often run Chrome in Shadow Mode (by Shadow Defender) :D.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.