What is your security setup these days?

Update:

Resident:
AVG 8.0 Free
Avira Premium [Free for 6 months]

On-Demand:
MBAM
Spybot S&D [with TeaTimer]

Firewall:
Router

 

See below, this combo seems to produce the fastest boot to desktop times yet for me.

Mind you I also carried a services prune that speeds things up too!

http://www.blackviper.com/WinXP/servicecfg.htm

 

NAT + SPI Firewall
Online Armor Free
Antivir Free
Windows Defender

Trying a new setup myself.

 

Been lurking a long time now...
Router w/ FW
Avira Antivir Premium
DefenseWall 2.47

Feel really safe running this as security setup...thinking of putting Rollback Rx back on system....

 

Xp2efenseWall Hips 2.47
SpyWare Blaster 4.1
MalWare Defender 2

vista:AppRanger 2
Windows Defender and Widows FireWall on
WinPatrol Plus v16

new pc maybe next month will be:

vista:AppRanger 2
DriveSentry maybe later change to threatfire pro
AppGuard

 

Active/Realtime
Look'n'Stop
DefenseWall
Malware Defender

On Demand
CureIt
MBAM

Hardning
Seconfig Xp

Hardware Firewall
AlphaShield

Opera
Open DNS

Sandboxie, when I feel the need.

 

Home PC (shared by all family members, except oldest Son)

XP Pro: SP3
- running admin, with SRP limitation on P2P shared directories + temporarary IE
- behind a properly configured router (eldest Son's PC/IP's locked in a seperate partition
- external harddrive which is offline all the time (stored elsewhere so when thiefs might steal computers we still have family pics/movies)
- Syncback for data partition backup and paragon for image backup/restore program partition, monthly backup, keeping a perputual three generations image (current, previous month, image of two months ago)

Security software
- GeSWall Pro 2.8.3 with network control, , running in highest security mode, auto terminate attacks, no notifications
- Avira free with check at write only of smart file types, heuristics on high, limitations of packed file scan removed
- Spyware Terminator free (yes latest 2.5..1.028 runs light), no hips, with no installation detection and shields configured to block unknown, except services and driver shield (ask me when unknown)
- Banking/shopping with IE7 (simply for compatibility reasons) and KEYSCRAMBLER FREE (only icon visible)
- Normal browsing with Chrome -incognito, contained by GeSWall (registry virtualised, data access limited to D:\Downloads)

Pros: this basically makes the safety instruction real easy:
1) when Avira pops-up ==> change the default deny access to delete (checks at write, new files can be deleted)

2) when you explicitely and knowingly install a program by yourself:
a) check downloaded file with SPyware Terminator also via context menu (Avira auto checks)
b) set it to trusted for GeSWall (also via right mouse click context menu)
c) when Spyware Terminator pops up ==> allow (in all other cases never choose allow).


Cons: no protection against SystemShutdownSimulator type of intrusions

 

Updated List Jan 28, 2009

Vista Home Premium SP1 (UAC OFF\WD OFF)

Resident
Online Armor AV+ v3.1.0.20 Public Beta (Paid)*
SUPERAntispyware 4.25.1012 (Paid)*
Sandboxie 3.35.04 Beta (Paid)*
Avira Antivir Personal v8

On-Demand
Shadow Defender 1.1.0.275
VMWare Workstation 6.51 (XP SP3 Pro & Windows 7)

Other
Spybot Search & Destroy (Immunized)
Spyware Blaster (Immunized)
Vista Services Optimizer (Manual TuneUp)

dja2k

 

Kees, which version of the Syncback do you have?
Do you still using DW?

 

Syncback old version 3.2.19 Dutch

I have installed DefenseWall on my Mom's PC (she is 75 and does not want pop-ups: she only knowns to hit the red button before doing I-net purchases and trust new programs before install) together with Avast Dutch

Cheers

 

NAV 2009 Gaming Edition
SAS Pro
Rollback-RX with one snapshot per day (max 7 snapshots)
Windows firewall turned on
Windows 7 x64 + UAC highest level

It's enough imo

 

I see, thanks for info, i was thinking about SB, but now i think it will be useless for me. I'm using ShadowProtect and in fact i only need my image backups to restore anything what i want.

Cheers,

 

actually thats not convenient at all..one of the reasons of regreting having paid for SP..its a sector based back up ,not a file based (the other reason is that it cannot restore to resized partitions-have not tried it with HIR but it is not a reliable restore method anway)

 

.
m0n0wall
NOD
SUPERAntiSpyware
PeerGuardian2

 

Back to the old setup.

NAT/SPI Firewall
Defensewall 2.47
Dr.Web CureIt 5.00

 

well I have put my trust in Prevx Edge and nothing else. It seems to work as I am still here.

 

Your still here but are you alone on your own computer?

 

NAV 2009 Gaming Edition
Prevx Edge x64 beta
Rollback-RX with one snapshot per day (max 7 snapshots)
Windows firewall turned on
Windows 7 x64 + UAC turned off

New setup. Just replaced SAS Pro with new Prevx Edge x64 beta and turned off UAC (thank god I hate that crap)

 

Realtime: Avira Personal Free, Windows Defender, Windows Firewall
OnDemand: HijackThis, Malicious Software Removal Tool, MWAV Free

Other: UAC and default DEP enabled, IE8 with DEP and Protected Mode on + IE7Pro blocking ADs, flash, OpenDNS blocking porno, adware, some services disabled.

 

Realtime:
OA Premium 3.1.0.20
PrevxEdge 3.0.1.2
MBAM 1.33

On Demand:
A2 command line scanner

 

Well cooked up a special this time

Home PC (shared by all family members, except oldest Son)

XP Pro: SP3
- running admin, with SRP limitation on P2P shared directories + temporarary IE
- behind a properly configured router (eldest Son's PC/IP's locked in a seperate partition
- external harddrive which is offline all the time (stored elsewhere so when thiefs might steal computers we still have family pics/movies)
- Syncback for data partition backup and paragon for image backup/restore program partition, monthly backup, keeping a perputual three generations image (current, previous month, image of two months ago)


Security setup

GeSWall Pro 2.8.3. om high, no pop-ups, auto kill intrusions, USB also marked as threatGate

Avast (Dutch): Standard Shield only, with check at writes only + on execution check of OLE documents, startup diskettes, 16bit win + Dos aps

Malware Defender in learning mode with locked user interface (so default deny)
ASK registry protection of startup, system, network plus some extra system/startup settings (thanks Xiolin for adding most extra's in v2.0.1 defaults) MINUS HKLM + HKU RUN and RUNONCE.
ASK Application protection only on Kernel Objects, Physical Memory, Phisical Disk, Keyboard in low level, Registry in Low Level, Set System time, Shutdown Windows
Internet Facings aps protected from accessed by others

MikeLins's StartUp Monitor to guard HKLM + HKU RUN and RUN ONCE plus custom and user startup [changes will generate a pop-up)

PC Tools FireWall V5 (DUTCH) in expert setting, having trusted all applications already installed, limiting internet facing aps as much as possible to run them (lowest rights possible of change other application, control other ap, change system, DNS). PCTFW generates an pop-up when intrusion occurs (after having checked its black/white list).

With the above I score a 300 out of 340 with Comodo Leak test, with few pop-ups, when running trusted, 340/340 when running untrusted with 1 pop-up. The idea is to create a stable system, which does not throw pop-ups for normal operations and allows simple installs of programs not toucing system settings of showing strange behaviour

I do all browsing with Chromium and On-line purchasing (most music) with IE7. Withing IE I have Keyscrambler as an extra keylogger safety (GW takes of most and MD and PCTFW form a second keylogger layer)

HIPS is tackled twice, AV is only check at read (have A2 and AdAware as on demand scanners for backup).

Why the hell am I cooking such a strange combo

A) because it is fun
B) trying to find an optimum of strong quiet protection, crispy system performance with a second safety net that allows change with few pop-ups

Cheers

 

Judging from the description you made like it would fit more to use(for the family computer) something like SD,returnil e.t.c
But i know..i'd answer the same "where's the fun in that"...
geek curse

 

Chris,

Because my wife buys misic randomly I can not virtualise applications or partitions. Without this constraint Returnil would have been a lot easier solution.

Now everything works seamlessly. When doing normal stuff with normal aps the security seems to be non-existant.

 

Should I add any sandbox to my setup? I have:

AntiVir Premium Security Suite (no firewall or WebGuard)
Comodo Internet Security beta
Prevx Edge

I find that if I use DefenseWall or GesWall, my browsing gets sticky while scrolling.

 

Sandboxes are always good with any setup. They isolate web browsing from the rest of your system.