Layered defense setup

Hello. I am reviewing my PC security setup this 2 days. Because I always use online banking service and i do a lot of documents works on internet for my job. So i am very serious concern my computer security setup.

My current setup:

Comodo Firewall / Defense+(HIPS)
NOD32
Spyware Terminator+HIPS
Process Guard
Spyshelter

I am considering to add in or replace "Spyware Terminator" by

Malware Defender
Malwarebytes' Anti-Malware
ThreatFire
Spy Sweeper

How should i choose ? May i have some advise over here ?

Once again to say, i really do many serious tasks online, security setup really very important to me.

Thanks for concern.

Regards
Gavin

 

Well you don't need another HIPS so malware defender is out. Spysweeper I don't know much about. I don't think it would help any. I think adding malware bytes would be good. Threatfire is a HIPS/behavior blocker. You already have defense+ and process guard. I think just adding MBAM would round things off nicely. You could also instead add either a sandbox like sandboxie or defensewall or geswall. With either of those you really don't need spyshelter. So it would be Comodo, Nod32, process guard (kinda over kill with defense+), and sandboxie/defensewall/geswall.

 

I see you got 3 HIPS programs in play there. I would just go with 1...being the one you are most comfortable with.

Where you do a lot of sensitive online work I would suggest you look at antilogger products also. eg: Prevx Safeonline, Zemana Antilogger, there are a few others but those are the first 2 that come to my mind and I have used them both (not at the same time).

Take a look at some of the setups in the "Whats your security setup these days" thread for some other ideas. Just beware that some of these setups are overkill and more for sport than practicality.

 

Don't replace Spyware Terminator with Malware Defender. Malware Defender is a HIPS program, and may interfer with Comodo's Defense+. It wouldn't be wise to run the two together. Your best bet out the choices you listed would be to use MalwareBytes or SpySweeper. I believe i would go with Malwarebytes since it protects well against Rogues which seems to be NOD 32's weaker area. Spyware sweeper has excellent detection, but the last time i checked it was much heaver on resources than Malwarebytes. You will have to get the paid version of Malwarebytes or you will only be able to do on-demand scanning with it.

 

Can I suggest Keyscrambler Pro or Premium?

Here is a comparison...

http://www.qfxsoftware.com/products.htm

Simple and works in the backround.

 

I agree with the above posters you should only have 1 HIPS. Comodo HIPS will probably be best seen how it is not old and updated, and you cant get a MD licence any more so don't bother with that.

If you want Layered defense have 1 HIPS 1 sandbox ie Sandboxie and a backed up image with something like Macrium Reflect.

 

1 HIPS is enough
And add Malwarebytes

 

Agree

 

First of all, thanks for all of your precious opinions. From the information collected from you guys, i think MBAM is the choice. I will consider to drop "spyware terminator" or "process guard". But last time i used the SandboxIE it always crash my Windows XP, so i am quite afraid to try again those sandbox software.

Keyscrambler i am not familiar with this kind of software, perhaps i should take a look on it.

You guys are very helpful, i really appreciate it. Because now too many security software to select, really hard to make the decision.


Regards
Gavin

 

Comodo Firewall / Defense+(HIPS) / Sandbox
NOD32
Malwarebytes' Anti-Malware
Keyscrambler
Immunet (optional)

 

Just added keyscrambler to my security setup,thanks to escapevelocity,
very nice software.encrypts anything you type on your keyboard

 

Too many HIPS and related programs there. You only need one HIPS, two or more will go crazy when they start detecting each other. Even a HIPS plus Threatfire is not advisable, unless you want tons of popups.

I would keep Comodo and Defense+ and everything else except for MBAM and NOD32 (you've got a license for that, you might as well use it instead of Comodo's antivirus).

P.S. Make sure Defense+ is configured to actually give you decent security. By default there are way too many things it doesn't intercept.

Edit: Also, last I checked, Comodo could keep tabs on keyloggers, so Keyscrambler may not be necessary. Probably can't hurt though.

 

FYI southcat,
Take a look at the Comodo sandbox-does it protect against keyloggers thread. Its under other anti-malware but it got moved. Kinda shows you that defense+ works well against keyloggers.

 

Hello kjdemuth, thank you again. I already tried Defense+ with zemana and spyshelter website provided keylogger test, it can pass. But seems like the comodo sandbox is not a stand alone program, it is integrated into comodo internet security.

After learned from the comodo website, i found that the CIS seems to be too powerful, Does anyone experience it ? How is it ?

Thanks for concerns.

Regards
Gavin

 

yes comodo D+ is very powerfull when set to paranoid(proactive mode) mode

 

Too powerful? No. Its all in how you configure it. I wasn't really referencing the sandbox just the fact that defense+ can handle keylogging. I think that Comodo, Nod32, MBAM and keyscrambler are enough for you.

 

If your anti-keyloggers fail, keyscrambler gives you a backup foil to the bad guys, encrypting keystrokes at the kernel. Layers.

 

OA also has a good antikelogger capabilities
i may use it again if my laptop dont get over heated again

 

OP, you might try SafeOnline from PrevRX too.

 

Or does Comodo Firewall / Defense+ HIPS handle most of what SafeOnline does?

 

My guess is that's correct. I don't even run the FW since I've not seen any use for it except for (note the sarcasm) slowing down my browsing speed possibly.


If anyone has got a good example of added protection of the FW IF already running one through hardware, please write that here.

 

Outbound protection.

 

True

Yeah Defense+ is very good, but it takes some time to create rules in the beginning (I always disable the signed executable thing)
I like more when it asks for every program and then you slowly build your set of rules

 

keep your

1) Comodo with D+
2) NOD32
3) Spyshelter
4) Threatfire > with kees1958 settings > https://www.wilderssecurity.com/showthread.php?t=234443&highlight=kees1958 threatfire

remove your

1) Spyware Terminator+HIPS
2 Process Guard > unless you disable your Comodo D+

 

keyscrambler seems like very good, i will give it a try. But I think i will retain Process Guard as a backup HIPS. Remove spyware terminator but add in threatfire, do i still need MBAM Pro ?

I love Comodo D+ it is very good HIPS program don't mention it is anti-keylogger also.

Thanks Less, the URL you attached which is very useful and the rest of you, thanks for your opinions.

Regards
Gavin