What is your security setup these days?

Yup he is always on the go.

 

it is so far so good

 

Is it sluggish?

 

Added sbie and just gone AV- less. Using what's in my sig. Am I protected enough?

 

It looks good to me

 

Ah thx Tom. I'm also backing up my drives with Drive Snapshot. Oh and I'm using firefox with ABP and Adobe's Shockwave flash player as the only extensions and plugins.

 

Yes, backup is a must. Maybe you can add EMET also?

 

Running as Admin on Windows7 x32 ultimate with no third party real time security Changes/updates in orange

Network protection
Wireless Router with WPA2, SPI with Flood/Poisoning/Spoofing protection and Norton DNS (malware). ISP service includes email scanner and spam-filter. Using Windows 7 internal FireWall both for inbound and outbound.

Low Rights Browsing and Privacy Protection
Using Chrome (in Program Files) with Chrome sandbox (AppContainer), Flash and PDF PPAPI (sandboxed) plug-ins and build in safe browsing website blacklisting and download reputation scoring. Block indirect and HTTP cookies, allow HTTPS cookies, block javascript (except from *.NL and *.COM), click to play flash, installed Referer Control extension only (allow only HTTPS) with Windows7 skin.

Threat gate protection
Running browser, mail, media player with EMET 3.5 memory protection. Added an ACL deny execute for everyone on all threat gate folders (browser download, e-mail and media player). Used Group policy hardening to deny execution from USB and never execute autoruns of USB sticks (and lot's of other GPO hardening).

AppLocker protection
Users and Admins are allowed to only execute signed executables and DLL's from safe places (Program Files and Windows). Admins are allowed to run installers from Microsoft and run scripts in Windows directory.

On demand
- Running CCleaner through scheduled task (/run /tn) to evade UAC pop-up
- HitmanPro Free (cloud) scan

 

EMET does little in a XP system. And I do not like to use EMET even in my Win 7 system.

 

How comes? Do you have problems with certain software when it's under EMET control?

 

How do you know what policy rules to make? Can they be done on Windows 7 Pro and Home Premium?

 

Has any tried Geswall lately.I recently tried it with comodo dragon and it goes nuts saying I am under attack just by openning the browser on windows 7 32bit.Maybe its something with chrome.Actually IE9 is doing it as well, maybe something broke it in windows 7.

 

Good man! ...except for the "Running as Admin" part

...but I know you'll be perfectly okay

btw, what's UAC set at?

 

Yeah lots of apps. I also had slowdowns. I've since kept my distance from EMET and do not intend on reducing the distance any soon.

 

My comodo browser is a little flaky at times with EMET.I have it cranked on maxiumum.

 

Yeah, it made one of my program not run and EMET was the last thing I found out to be the problem.

 

Added ScriptNo for Chrome. Figured most drive-by-downloads will come from scripts so why not block them? May get rid of an AV and just scan downloads with HitmanPro.

Does that seem secure assuming I left everything else the same?

 

Yeah sure my friend. You'll be well protected. With AG and HMP you don't need an AV and heck you wouldn't even need ScriptNo as Chrome is already sandboxed.

 

Just added Online Armor. Just couldn't stay away from it for long.

 

I thought about a HIPS FW but figured it would just annoy me, and be redundant with AppGuard. And drive-bys can't penetrate Google's sandbox?? If that's the case, that means I could only be infected by running malware manually?

 

Yeah HIPS FW is probably redundant with your AG. I just love a HIPS/AE FW combo. Gives me a sense of immense control over my system. Thus a peace of mind.

An exploitation of the sandbox? And many more ways! I'm no expert but you will always find lots of threads discussing how many ways you can be infected even with such prevention measures. I would advise not to underestimate your opponent- malware.

 

Isn't ScriptNo buggy? I've seen a lot of reports at Wilders from users saying that it doesn't block scripts at first; you actually need to reload the page... which would be pointless. You should be careful and test whether or not it blocks script when you first visit a page, even if it says it's blocking. Visit a page that you know it normally requires JavaScript, and if it that functionality of the page doesn't work, then it probably means ScriptNo did it's job. But, even then, don't be 100% confident that it will work all the time.

 

It's stuck using Asynchronous APIs so it can't stop the page from loading while it works. So the first time it's likely that you'll get Javascript going through but the second time you visit the page it probably won't.

 

Bought a second laptop yesterday,and "his highness" received as guards:
Avast free
OA free.I will think about adding SBIE,just want to see and feel how's going without it.
The other laptop:
PCAV pro
CIS FW D+
SBIE.

 

Rollback Rx|Shadow Defender|Sandboxie|Windows 7 firewall

Other than imaging,do i need to add anything further to my setup?

How to add right click unblock execute only trick to a particular folder?(The one suggested by Kees)