What is your security setup these days?

Little change: I added Norton Antivirus and Mcafee SiteAdvisor (instead of Norton Security Toolbar in NIS).

 

Did u try WOT?

 

Defensewall Personal Firewall + KeyScrambler Premium + Hitman Pro

 

Downgraded from Windows7 Ultimate to Vista Business (both x32) on my wife's laptop (old drivers were the reason)

For Admin's Vista is the best deal, all the SRP goodies of XP and icacls (ACE/DACL) of Windows7.

UAC:
a) disable intelligent installer detection for programs with no manifest
b) auto elevate only from safe locations
c) only elevate signed executables
d) Admin approval on Quiet (elevate without prompt)

SRP
a) deny execute on
- public users
- windows mail, microsoft works, games, side bar etc (all things she does not use)
- driver letters of USB devices

b) run as basic user (paths)
- Office
- Internet Explorer
- Windows Media Player
- Movie maker
- PDF Printer
- Adobe (reader)
- data partition

GPO
- autoruns disabled on CD/USB, default autorun mode is no execution
- disabled alternative programs list at logon and legacy list
- deny unsigned drivers to install
- deny user to create new tasks with task scheduler
- deny messenger to run
- hardened IE8 security settings

ACL
- deny create in user startup folder
- deny execute of Mail folder and Download directory

EMET2 (all systemssettings green)
- Adobe reader
- WMP
- IE8
- Outlook

Reg_file in startmenu (1806)
- Deny Download of executables with IE8
- Allow Download of executabkes with IE8

Comodo Time Machine
PrevXSafeOnline Facebook version (with my usual settings)
Browsing with IE8 smartscreen filter on
Hitman Pro on demand

Regards Kees

 

No, I didn't but WOT is really interesting solution. I can test it.

 

After trying lots of different AVs, ESET NOD32 is going to be my long-term choice.

 

Welcome blasev. Hitman Pro would be a valuable addition to your on-demand (non-active) security software. I have it set up to scan on boot.

Another site that helped me when getting started with Windows security is Gizmo's Freeware Reviews: http://www.techsupportalert.com/
They have a list of security software there that you wouldn't believe. It is called, naturally, "Probably the Best Free Security List in the World". I consult it frequently.

 

Welcome aboard blasev!

Hey any of you guys used Chrome 7 with Sandboxie before? Can't seem to get them working together.

dja2k

 

Same here. After upgrading to latest Chrome version, it started to crash and gave me system hangs. It's been almost a week like this... I really don't mind that much. I personally consider Chrome a secure enough browser.

 

Just why?
When SRP (which you already use) can easily deny those kinds of executions anyway?
Why have 2 same protection?

Edit: oh, I see, you are propably on admin account then?

 

still Avast

 

Seems my problem wasn't Chrome with Sandboxie, but rather Online Armor. I've had enough testing Chrome, so I went back to Firefox.

dja2k

 

Mine currently is a non-typical security setup...definitely not for the average home user. (overkill) I'm pushing the limits to see how different security technologies work together. Redundancies in this setup have been minimized and performance impact is relatively medium compared to a fresh install of Windows.

Caution: Don't follow my footsteps unless you have nothing else to do

Prevention against unauthorized code by denying initial execution
Windows Hardening (LUA, SRP, EMET, SuRun, etc)
Light Browser and Network Hardening/Immunization (e.g. specialized DNS service)

Light Virtualization/Containment - prevention against running code on the real system
Shadow Defender - ShadowMode for C:drive only and with Exclusion List (Reasons to use Shadow Defender)
Sandboxie (for launching untrusted new executable or test new apps)

Detection when running new code on the real system:
Panda Cloud Pro
Avast [Making Avast the lowest overhead AV available ]
- only File System Shield and Behavior Shield
(all checks off - using the OS internals to invoke a scan when executed)

Control the degree of trust/behavior of programs once you let them run on your real system:
Comodo Firewall with Defense+ Enabled, Sandbox enabled
Using "AlwaysSandbox" feature to restrict media players and PDF reader.
WinPatrol Plus (lock down the hosts file and file types + custom registry monitoring)

And not to forget the core basics: common_sense_RC.exe and brain_Beta.exe.

A few future consideration:
MSE when the newer version is out of beta.
Windows Firewall with Advanced Security

P.S. I've loaded Mamutu for a few days once again but unfortunately, it doesn't play nice on my laptop. It was causing a drag on my machine even with exclusion settings. I've checked and found relatively high I/O read and write values. Uninstalled.

 

installed MSE on parents PC, running smoothly

 

using avast

 

hey a friend of mine gave me 2 licences of ESET NOD32 antivirus so why not

 

looking good

 

added SpyShelter

 

AVG Internet Security 2011 (antispam not installed)
MBAM pro , SafeReturner Pro

 

Windows 7 Ultimate

Resident:
Avira Premium
WinPatrol Plus
OA++

System/Browser Hardening:
UAC
DEP
SEHOP
APPLocker - No execute from Downloads folder
Spyware Blaster
Firefox with NoScript. Adblock Plus, LinkExtend
SandBoxie

On Demand:
MBAM
Hitman Pro

Backup/Recovery:
FD-Rescue
IFW

 

ESET NOD32 AntiVirus gave me some problems in my pc so i left it in 1 pc only

 

thx for the warm welcome
I have tried hitman pro, it just too much for my tiny bandwidth.
Since I use slow and very unstable connection, everything with cloud base will not be an option.
but will try hitman again in the future

 

System -
Windows x64 Ultimate
UAC -disabled
Dep SEHOp and all other short form crap on default

Real Time -
MSE
Online armor free
Winpatrol free

On Demand -
Hitman pro
Mbam free
Emsisoft emergency kit

Browsers -
Mozilla [Safe run from oa , adblock , wot , ghostery ]
IE 8 [ safe run from oa + adblock ]

Backup -
Macrium reflect free
Comodo time machine [ just in case ]

Other stuff -
Ccleaner
Filehippo update checker

 

Windows 7 PRO 32-bit
in my comodo time machine snapshot for gaming and family use i have:

modified lots of GPO settings.
Avast Free (file and behavior shield on / only invoked scan on execution via GPO)
GesWall Free
Trusteer Rapport
EMET 2
Google Chrome browser

 

Your friend is so generous