New PC-Suggestions for Running "Lean"

Discussion in 'other anti-malware software' started by TheKid7, Oct 30, 2008.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I have built a new Windows XP Pro SP3 PC and want to run "Lean" while still having good security while browsing the web. My only web access so far has been for Windows Update and Microsoft Office Updates.

    Current Setup:

    1. NOD32 version 3.x Antivirus (with BlackSpear’s Recommended Settings xml Configuration File Loaded, Configuration Password Protected),
    2. Windows XP SP3 Firewall On
    3. SuperAntiSpyware Free Edition
    4. Sandboxie Paid (All Web Browsers Forced into “Sandbox”, Only Web Browsers and Windows Media Player Allowed to Run in Sandbox, Auto Delete Sandbox Contents on Web Browser closure)
    5. SpywareBlaster.

    For the time being I have decided to leave off the following: Microsoft WindowsDefender, Ad-Aware 2008 Free Edition, AVG Anti-Spyware Free Edition, Spybot Search & Destroy, MalwareBytes AntiMalware and a2free 3.5 AntiMalware.

    Plan to add:

    1. FunkyToad’s HostsXpert (For Window’s Hosts File Management) and the MVPS Hosts File (with routine updates). I also will disable the Windows DNS Client Service to minimize the load on the PC caused by numerous entries in the Window’s Hosts File.
    2. When a2free 4.0 AntiMalware is released in a few weeks I plan to give it a try.

    Does anyone have any suggestions for additions/deletions? I have been thinking about HIPS and/or HIPS-Firewall such as Online Armor. I also plan to try out Paragon Disk Backup Personal 9.0 in the near future.

    Thank You in Advance.
     
  2. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Definitely a Behaviour blocker/HIPS since you are using NOD32. I'd go for Mamutu, if you're willing to pay, or Threatfire/Online Armor/Comodo ( try them all and see what it suits you best), if you're not.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    it seems to me that you are able to give good advises now can i ask you,if i have a well configure hips program do i need a behaviour blocker
    to complament it?or not?thanks in advance for the advice:thumb:
     
    Last edited: Oct 30, 2008
  4. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    No, normally a HIPS should include all the functions of a behaviour blocker, so instead of getting more protection you'd just get more popups. At most it may give some additional popup that the HIPS doesn't about something like keyloggers or clipboard loggers, but I think that it won't really happen if you're using a good HIPS.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks:thumb: for the good explanation:thumb:
     
  6. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Lean? First start with your services. Stop all unnecessary ones. Black Viper has probably one of the best lists. I don't even know if his website is around anymore or not. Be aware that many apps will put in services or autostarts. Kill these off too. You can often rename parts of apps if needed. For instance the Intel mouse driver I use (Sidewinder) has this idiotic updchk.exe run all the time. There has never been a driver update since I bought the mouse, but it is not even going to give me an option to turn it off. Deleting or renaming the file does nothing, as it replaces it or borks the driver and I have to re-install it. I now just make a compiled autoitscript that basically does nothing but open and close, and name it updchk.exe. You just need to be aware that things you install very possibly may want to start other things for you, you know, in the name of convenience. So keep checking.

    Second, close all the ports you don't need. Windows Worm Cleaner is a good tool for this.

    Third, to state the obvious, alternate browsers and apps/etc that have very small footprints. Ranging from firewalls to AV to HIPS etc.

    Fourth, consider some reg tweaks for your installs. There are thousands out there, and many sites devoted to them. This will get rid of crap like the initial Windows Tour and such stuff. Too many to mention for sure.

    Fifth, take your system restore % down a notch. Turn off any of the advanced items you don't need, wether it be error reporting or the eye candy fading effects etc.

    Sixth, as far as security goes, Sandboxie is good. Consider creating a Software Restriction Policy (SRP) to specifically make a program (such as browser) start as only a 'Basic User'. Or run in LUA, although depending on what you do that may be easier said than done. There are a few threads running around Wilders that talk about how to add the 'Basic User' for the SRP.

    Seventh, keep a cleaner around like CCleaner or other to throw out the garbage periodically.

    Eigth, use JKDefrag, and JKDefragGui. Use the GUI to install the DefragScreensaver. Now you should stay defragged all the time.

    And finally, IMO the #1 thing you can do to help keep that lean 'feel' is be aware of what apps put context menu items in for you. Nothing feels slower than when I right click on something and it takes a very noticable LAG to bring the context menu up.

    These are what I do, or some variation. Remember too that Suites generally are much larger than individual apps, although that is not always the case depending on what app it is. Using 7 different apps vs a Suite that consists of 7 modules, there could be a large difference either way as to which has the smaller footprint.

    Sul.
     
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
  9. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    If you have a hardware firewall I would still leave windows firewall active but it's not really needed.

    For the lightest setup use the apps in my siggy, learn their their capabilibities and the only time you will need blacklist scanners as on demand will be be for a second opinion/testing.
     
  10. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    OFF TOPIC:

    emperordarius i see in ur setup in ur sig u are using avira suite and comodo firewall, im guessin u disable firewall in the suite and just using comodo's, but why would you buy the suite instead of just the AV if your not using the firewall, is there some kind of bonus to doing that?
     
  11. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    Just about the same setup,except for the MS thingy,for well over a year FAST,LEAN and CLEAN. People load tons of stuff,but IMO have to know what in your situation is really needed and from there cut down to something simple and effective,get rid of all the resource hungry and conflicting stuf on your machine.
     
  12. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    In fact I have avira with the mailguard, firewall and backup uninstalled. The reason why I'm using the suite is because someone I know bought a 3 user license for the suite and gave one to me. If it was for me, I would have bought the Premium Version.
     
  13. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    ah ok, thx for clearing that up :D
     
  14. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    I had a feeling that someone would have eventually asked that question:D
     
    Last edited: Nov 1, 2008
Loading...
Thread Status:
Not open for further replies.