My Security Setup, Can Anything Bypass It?

Network Protection:
Linksys Router with SP1 Firewall
OpenDNS Free (Phishing and "Basic Malware/Botnet" protection enabled)

Real-time Protection:
Comodo Internet Security (Firewall+HIPS+Sandbox)
Microsoft Security Essentials
Immunet Protect
WinPatrol Free

Passive Protection:
Windows 7 UAC (no prompts, thanks to UACTweak. Everything else is enabled: default drop rights, File & Registry Virtualization, etc.)
Disallowed-by-default Software Restriction Policy
SpywareBlaster

On-demand Scanning:
A-squared Free
Comodo AV
Malwarebytes' Anti-malware
Hitman Pro
Sophos Anti-Rootkit
SUPERAntispyware
Trend Micro Housecall

Firefox Add-ons:
Adblock Plus (Malware Domains subscription)
LinkExtend
NoScript

Others:
EULAlyzer
HiJackThis (+ http://www.hijackthis.de/)
VirusTotalUploader

Updates:
RSS Feeds: Freeware Guide, Fileforum, FileHippo.com, Freeware Files, kaldata.net, MajorGeeks.
KC Softwares SUMo

Virtualization:
SandBoxie (+ DropRights)
Vmware Player

System Backup:
Paragon Backup & Recovery 10.1

Every other security features on Windows 7 Pro 64-bit (excluding Windows Defender and Firewall) are on default.

 

The list is useless if you don´t explain how you use that software.

I use Deep Freeze + Sandboxie and I execute over a thousand malwares every week and I don´t get infected. You should think about that.

 

Listen to this guy and keep it simple!!!! Dont clutter up your hard-drive full of programs / software you dont need.

 

CIS (excl. AV), MSE, IP, and WP are all active all the time.
UAC is as well, without notifications.

CIS Firewall and Defense+ levels are on default (Safe Mode), except they monitor everything except for NDIS. Also Alert Frequency is on Medium. I use My Own Safe Files for every software I trust.

MSE and IP are on default, with some exception rules for other security programs. WP is on default.

SRP only allows Program Files, Windows, Standalone Files (exe without installers), and RamDisk. It uses the default designated file types except for .lnk

SandBoxie is mainly used for my Web Browser and testing untrustworthy software. VMware is used instead if SandBoxie doesn't work (like for some installations) and compatability reason (XP Mode).

I use Firefox as my main browser, with AdBlock Plus filtering junk, NoScript blocking all kinds of scripts unless I allow them, and LinkExtend determines the safety of the website I'm on using Web of Trust, McAfee SiteAdvisor, Web Security Guard, Browser Defender, Norton Safe Web, and Compete.

Any new file I don't trust will be sent to VirusTotal, if they're too big, they'll be scanned by my on-demand scanners. EULAlyzer will also be used.

I check my RSS feeds daily.

I do full scans (excl. Personal Media / Backup folders) with all of the on-demand scanners pretty much every week. Also use SUMO to check for software updates I missed.

I back up my system partition and boot sector every month, and use differential backups every week. The archives from this and previous months are kept.

 

No offense, but that really looks to complex and quite resource intensive.

Don't you think this is an overkill on Website Advisories?

 

wow you've got lots of resources

anyway windows7 64-bit is pretty safe already...
I'd worry about all the data collections / privacy policies of your apps rather than getting bypassed

you even lack key encryption on top of that.
SBIE isnt much of an anti-keylogger.


Bypassed? http://www.prevx.com/blog/149/SpyEye-steals-your-data-Even-in-a-limited-account.html
maybe not... but still...

 

If you browse using Sandboxie and test untrustworthy software in VMWare, I don´t know why you have so many security solutions installed.

 

And your computer still boots.
Keep it light and simple. World war 3 is not going to happen to your computer!
My god! lol

 

Nothing is perfect

 

@J_L,

Hi mate. Well believe me, I change my security setup many, many times within a few months. Looking for the BEST! The BULLETPROOF!!! But really, you should first step back and ask yourself "What sites do I browse? Do I use P2P...etc.". At one point I had all this cool security software 'n all that jazz, spent weeks setting it all up, bogged down my PC quite a bit but heck, what did I care?. Then one day I took a step back and looked at all the things I had, and asked myself "do I really need all this?".

If you are a casual web browser like myself, and only hop on Gmail, YouTube, Wikipedia, CNN, Wilders, Facebook. Then you are really, at minimal risk.

But lets not say throw everything out the window. With COMODO's Firewall and D+ you'll be covered with a "whitelisting" type layer of security, which as most of us know is VERY effective. Afterwords setup a good antivirus, perhaps a sandbox, and you are now the farmer with the rifle.

But nevertheless, it all boils down to our little think-box to keep us protected, the best anti-virus out there we can find in our melon. So, to conclude... Comodo + a good antivirus + a sandbox, good host file, and maybe toss in a scan from MalwareBytes once a week, and you'll be fine mate.

Cheers!

 

well his setup is just above average.

he have 4 realtime app running...

but he's got damn long list of on-demand scanners... paranoia?


MY SUGGESTION?:
DUMP CIS4 or Immunet Protect + Winpatrol
Replace it with Prevx SafeOnline Free or Trusteer Rapport free.

 

The apps in my siggy have seen me through gigs of malware samples. KISS

 

Of course my Computer boot fine, in fact it's much faster than the average Joe's.

As for resource intensive take a look at this:
1.45 gb out of 4 gb used. Plus, that's with Firefox and a 512mb RamDisk.
System Disk Space: 15.8 gb out of 33.5 gb. Most of it is winsxs.
Dual-core Processor, ~5% used in background.

P2P, W@rez, etc. That's pretty normal for me. Except I only trust getting media off of them, and maybe a few little things to try on my virtual machine..

I don't really do banking or stuff like that, still a teen. So SafeOnline and Trusteer Rapport aren't that useful.

As for all the on-demand scanners.. Well I've gone through a LOT more than that. Kept these because they don't come with useless features, most (excl. 2) can do right-hand scanning, and they pretty much detect different things.

Maybe I'll get rid of HouseCall, its scanning takes forever.. Plus it doesn't have right-click. Need some more info about its detection.

I'm not really looking here for suggestions on my setup, but more for if there are any risks for me.

 

Maybe... I think they're called Zero-Day MALWARES or so...

 

Yes risk of conflict.

 

Guys, he doesnt want suggestions...
He's concerned if there's anything that can bypass his setup


OBVIOUS ANSWER: YES! NOTHING IS 100% PERFECT, Does that enlighten you J_L?

 

I doubt Zero-Day Malwares will matter much with Cloud AV, Virtualization, Whitelist, and HIPS.

WinPatrol is more for pesky Ask-toolbars and the like. Too lazy to use CIS fully monitoring installations..

As for risk of conflict, please elaborate.

Yes nothing is 100% perfect, but I want more details than that.

 

There's the answer to your bypass.

 

details? wait. What? you want to talk about actually bypassing your setup?
you want us to give you what a zero-day malware would actually do to you?

sorry I'm not an expert in writing malware nor am not a prophet to know what zero-day malware can do in the future.

 

Fine then, the zero-day malware stuff can wait.

What I want to know is how effective Trend Micro Housecall is at detecting malware.

What about rootkits and boot-sector viruses?

 

I have used Trend House call in the past to check my fathers computer when he was having issues. It found a rootkit and removed with zero problems. But it did not detect the other 3 trojans that were left behind.

 

I see. At least it can remove rootkits.

About Prevx CSI, I've actually had it before for quite a long time. Thing is, I thought it wasn't that useful anymore because HitmanPro includes it and it can't do a full scan. Also comes with unnecessary "real-time infection monitoring" and SafeOnline Trial, which I had to manually disable. There's the removal limitations as well.
Should I bring it back? What advantages does it have over my other scanners?

Accidently missed this: http://www.prevx.com/blog/149/SpyEye-steals-your-data-Even-in-a-limited-account.html
Very interesting, how well does SandBoxie and CIS protect against SpyEye?

 

You overlap in many areas. That is good I suppose, if you don't mind that much protection.

You obviously know that the answer is "yes, somthing could". Perhaps you might rephrase the question to "where is my overlapping security lacking" or something similar. I see that as more likely to produce answers, as people who use many different products, including some of the ones you are using, will have a better idea of how they have tested and implemented thier security.

Sul.

 

Good point, but with all the KISS posts I'm seeing, I wonder about that.
Anyways, "where is my overlapping security lacking" is a better way of saying it. That's exactly what I'm looking for.

Usually I post carefully on a less active forum, so I'm not used to this kind of rapid posting. If any of you feel offended by me not quoting and replying to everything properly, please don't take it personally.

 

Kind of paranoid for average use yet not enough because the well known motto of hackers says the most secure pc is...