Critique my no realtime AV setup. ^^

Windows XP Pro SP3 [Administrator Account]
(DEP/ACL)

Realtime:

• Windows XP Firewall
• cFosSpeed Firewall (more info below...)
• Peerblock Beta (IP Blocklist)
• Avast Network Shield (URL Blocker and Intrusion Detection System)
• GeSWall 2.9 Professional Edition [15-day TRIAL] (System-wide Intrusion Prevention System)
• Prevx SafeOnline v.3.05.136 Beta (Browser Protection)
• MBRGuard (Master Boot Record protection)
• Deepfreeze (System Virtualization)

On-Demand:

• Macrium Reflect [FREE] (Disk Imaging)
• Avast 5 Free Antivirus

Browsers: (ACL Protection)

• Google Chrome (--safe-plugins -incognito) [GesWall]
• Internet Explorer 8 (All security levels set to high) [GesWall]

Source: http://www.cfos.de/speed/documentation/options_e.htm#link_firewall


Screenshot:

 

Seems like you are doing better than me. However, no doubt my security will be improved in the end, and pretty good overall. Though not as sophisticated as many gurus here.

 

depending on your internet habit ... your current setup maybe rock solid.

 

I think MBRGuard would be redundant since you're running under LUA. I assume you only run trusted apps as admin via SuRun.

 

Thanks, I'll still keep MBRGuard since it doesnt consume much resources.

 

I have a somewhat similar setup; Online Armor Free + PrevX Free, however, I consider the latter to be a real-time scanner.

PeerBlock looks interesting - I just installed it after reading your post.

MBRGuard is overkill imo. I use MBRFix instead, which is a small, free command line tool for backing up and restoring MBRs. I used it to copy the MBR of each of my computers, external hard drives, certain flash drives (e.g. mp3 player), and it's on my BartPE rescue disk together with those backup images. That way I don't need realtime mbr protection, although that might be safer.

I was tempted to install USB Guardian, but decided against it because PrevX should notice most intruders, plus I rarely plug unknown USB drives into my computer, so no need for another realtime protector. However, I occasionally run Rising PC Doctor, which includes a USB scanner/immunization (although it removes the autorun.inf files I use to associate USB devices with custom icons)...

I recently switched from ShadowDefender to Rollback Rx, but as far as lite virtualizers go, Deep Freeze looks even better than SD. (I only found out about it recently).

What about backup/restore software? I think everyone needs it regardless of how safe their setup is because sometimes it's all those anti-malware/firewall programs that conflict with each other and wreck the system.

 

I forgot to write that in the post, but I have Macrium Reflect written in my signature.
MBRGuard doesnt have running processes.

 

I tried infecting myself with some latest malwares from MDL.

PrevX detects 1 of 2 during download completion.
After/During install PrevX notify me of 19 infections in my system.

Mamutu does not notify me about anything. It sits there like there's nothing happening, while I am bombarded with popups....
Q: Is it because the malware isnt actually changing anything from my real system and everything is happening in the sandbox?


I emptied the sandbox, re-scan with prevX and everything is clean.
I also rebooted my pc to revert everything with Deepfreeze just in case.

 

I have no experience with Mamutu... All I can say is that between LUA, Sandboxie, and DeepFreeze, it sounds like you have all bases covered.

 

Have you tried Panda Cloud Antivirus? (it's free - I'm testing it myself on a virtual machine...)

 

I still can't trust most cloud based technology... I'm worried on what gets sent into the cloud.
and I cant understand their EULA.

 

But you use Google Chrome for your web browser?

 

I just have Defensewall 3 and Sandboxie, along with a backup on an external drive and a pair of snapshots that, when things get too cluttered I revert to, and start cluttering all over again.

 

If there's something in this world who knows alot about me... that would be GOOGLE.

I've been using google since I was a kid.
Google is already a part of my life... Why would I not trust it?
Just not being able to access Google feels like not being able to access internet.
That's just me...

changing browsers does not change a thing, I'll be using gmail as my email, google search as my homepage, watch videos on youtube.


I won't trust something like SRWare Iron/Chromeplus just because it said that it does not send any data to google...
who are the developers anyway? they're complete strangers to me.

 

But there are known privacy issues with Google's stuff, especially Chrome. I just thought it was funny you mentioned cloud technology, you have your system locked down, yet you use Chrome. Not knocking your choice, to each h/h own. I would not use that browser if you paid me.

 

Then give me alternative to some Google's stuff that does not have a single privacy issue.

Yahoo Search? Bing? Whatever it is, all have privacy issues.
It's matter of which you are going to trust.

-Konata Izumi

 

Not that it "does not have a single privacy issue" but it does have a lot less than Google Chrome - Iron...
http://www.srware.net/en/software_srware_iron.php

 

I re-create the whole setup from the scratch.
Now running Windows XP SP3 Pro using Administrator Account

still without realtime antivirus

 

If you know you're clean when you setup with Deep Freeze, I think you're good to go.