What is your security setup these days?

Windows 10/64 bit

Windows Firewall Control 4.9.6.0
AppGuard 5.2.9.1
Shadow Defender 1.4.0.648
O&O ShutUp10
AdGuard 6.1.331.1732
Raxco Instant Recovery Home 2.2.0 Build 314

 

Took Malwarebytes 3.0 off my computers. I grew tired of the multiple issues. I probably didn't need it on there anyway. I know I don't need the aggravation.

 

I'm using the same setup over a month on my routine laptop:

Kaspersky IS

MalwareBytes AntiExploit with additional shields for some apps.

Kaspersky is not created to tune it. Still cannot switch off this rather stupid warning that some site has wrong certificate. And I cannot remove this idiotic icon for virtual keyboard - I have LastPass and don't need any virtual keyboard.

 

W. XP Home
Windows Firewall
POSReady 2009
PsExec
Black Viper's List
Google DNS/Open DNS
MBAE beta Premium
No Flash I.E.8
No Java/Silverlight/NET Installed

Firefox ESR - UBO,Noscript,CanvasBlocker,No Resource URI Leak.

Added:

network.IDN_show_punycode (set to true)

https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/

TH Mago di Oz

 

I'm trying a new anti-HIPS setup right now. I ditched SpywareShelter Firewall and Zemana and exchanged them for: HitmanPro.Alert, Sandboxie Pro Windows Firewall Control, and Voodooshield Pro.

I could use some opinions....should I replace Sandboxie with Shadow Defender, or leave SBIE?

 

It looks like you got a good setup now. Shadow Defender is good if you intend on trying new software that does not require a reboot.
I would send a PM to my dear cruelsister and ask what she thinks about Shadow Defender?

 

I've used it before. In fact, I've used just about everything out there. I just cannot decide between internet access point virtualization or system-wide virtualization. With my HIPS rules that makes the latter appealing.

 

Most of her have tried everything. What ever works for you. System wide is a good extra layer as far as I am concerned. even though I been here a long time I still always learn from new and old members here. I was one of the original 1000 members here under a different handle.

 

How do you rate Spyshelter as far as your best security per a HIPS?

I been a long time HIPS dependent on 32 Bit but after x64 I found it best to go virtualization mostly to make up the difference since I absolutely refuse to install bloat and resource hog AV's of any sort except On-Demand Only.

NVT-ERP has helped take some of the sting out of matters with process control though.

 

Router: Linksys WRT32X AC3200 with OpenWRT
Rasp.Pi in front of the router with: Pi-Hole, DNSCrypt and Unbound

OS:
No AV ! I do not believe in OS / software security.
Ubuntu LTS (sometimes Qubes OS might replace my Ubuntu?!) and Win10 LTSB x64
GPO / secpool hardening (too many to list)
Password Manager: Keepass 2.x with some 'gimmick' plugins like FaviconDownloader/QR-Code/..
ProcessHacker
Chromium with some tweaks and of course several addons
VeraCrypt
Windows own DNSCache disabled, several other .reg tweaks
Sandboxie
VM for tests

VPN:
Protonmail VPN

Bios:
Modded UEFI + modded MEI to remove ('unused' code)

 

Windows 10/64 bit

Sphinx Firewall Control Plus 8.1.0.16
AppGuard 5.2.9.1
KeyScrambler 3.11.01
VooDooShield 3.58
Shadow Defender 1.4.0.648
O&O ShutUp10
AdGuard 6.1.331.1732
Raxco Instant Recovery Home 2.2.0 Build 314

 

Sandboxie.

 

Easter, I apologize for the delayed response. I really, really, like Spyware Shelter Firewall. Is it perfect, no. But it is a very light HIPS that offers very good protection. I especially like that I can create firewall rules based on NIC/TAP addresses, and that it blocks screenshotting, webcam, microphone and keyboard access to apps I can choose. It is still being developed too, in fact there was an update a week ago. If it were not for SSF I'd go with Comodo. But SSF is able to bast the comodo leak test out-of-the-box and is lighter and less intrusive. I find that SSF combo-ed with a light resident "scanner" (hitmanpro or zemana), and system imaging provides good, light, protection.

 

Thanks for a very detailed enough explanation into SS from your own standpoint from real experience.

I often read the same satisfaction by others who like us, favor a HIPS, and choose this one as the most efficient and user friendly too.

 

Yea use since 2 year
SpyShelterFW(+Appguard optional) with Shadow Defender/Sandboxie and Zemana + Mbam o/d
Very effective and light security...

Why i use Sandboxie while i have SD ?!
Cuz SD work globaly while Sandboxie can limit malware to specific folders if bypass HIPS
https://www.sandboxie.com/index.php?ResourceAccessSettings

 

Looks as tight as it can get with that combination and you gotta like the mix n match options at the ready of any of the On-Demand ones too.

 

Back to Windows for the time being - Seeing how it has evolved over the past year of not using it. Still have a few random reboots due to ntsokrnl faulting on graphics intensive applications like youtube/videos/games. However Windows Defender running very well and overall the OS is now feels more stable, irrespective of this kernel issue i have always had since windows 10.

Windows 10 Pro 64 bit creators update
Windows Defender
Private internet access Openvpn
HitmanPro Alert
O&O ShutUp10
Enpass password manager
Vmware Workstation

Regards.

 

One issue that I'm having with SpywareShelter is that Corsair Link, the software that controls liquid coolers, works on a driver-level. Every time I put my computer to sleep and re-awken it Link asks permission for the driver to do its thing. Ok. Great. Except that SpywareShelter cannot create a rule for a file that is only temporarily there, meaning that there can be no rule for it and I get prompted about it every time. It's very annoying.

 

OS: Windows 7 x64 (Standard User Account, User Account Control on max, Software Restriction Policies, Windows firewall inbound, various tweaks)

On-demand scanners: Avira PC Cleaner, Emsisoft Emergency Kit, VirusTotal Uploader
Chrome: (uBlock Origin & uBlock Origin Extra)
VPN: Mullvad VPN (using OpenVPN)
Backup: Macrium Reflect (grandfather - father - son backup scheme)
Virtualization: VirtualBox (Linux Mint, Windows XP, Windows 10 guest OSs)
Cleanup: CCleaner, Privazer, Clear history TC
Updates: SUMO
Passwords: KeePass

Other tools: Process Explorer, Autoruns, Defraggler and some other tools

 

My favorite feature with Sysinternals' Process Explorer and Autoruns, is that they can each be configured to submit a hash for every line item to Virus Total. Just a couple of clicks and you can see the Virus Total results for every running process, startup program, scheduled task, driver, codec, etc., on your computer. Very cool!!!

 

Yes, I agree. It's nice addition and quick feedback about things that autostart and those that are running.

 

OS: Windows 10 x64 Creators Update
Antivirus: F-Secure
Password Manager: F-Secure Key
VPN: F-Secure Freedome
Browser: Firefox with Ublock Origin

 

OS: Win 10
Anti-malware: MBAM (Free), Hitman.Pro.Alert, VoodooShield (Free)
AV: ESET Smart Security 10
VPN: AirVPN
Backup: Macrium Reflect (grandfather - father - son backup)
Cleanup: CCleaner, GeekUninstaller
Password Manager: Keepass2
Browser: Firefox with UBlock Origins, Self Destructing Cookies
Email: Mailbox.org

Am i missing something important?

 

OS: Windows 10 Creators Update Pro x64
Account Type: Local Account/Admin
UAC: Maximum
SmartScreen: Enabled
Firewall: Windows Firewall
AV: Windows Defender
App & Browser Control: Set to Block
Policy Restriction: Appguard v5.2.9.1
Virtualization: VMware Workstation Pro 12.5.4
Utilities: Sysinternals (Process Explorer, Autoruns, TCPview)
Password Manager: Keepass 2.x
Browser: Google Chrome (uBlock Origin, IP & Domain, Lastpass)


A clean install of Creators was performed, then drivers and applications were applied, and then the system was locked down, just the way I like it.