What is your security setup these days?

They?
It's a one-man show....

 

very true
is comodo time machine updated?
did any one try foldershield?
http://www.eazsolution.com/en/foldershield.php

 

Because you deleted exploitshield ?
Th.

 

Impressive....but a little bit beyond the average user's capabilities. Most of us don't have the time to do all of that, or the knowledge. So, we do what we can. AND, with the right tweaks and settings, we can be pretty secure.

 

The 3 best AV programs right now are Avast, the new Bit Defender, and Eset. I have used Bit Defender in the past, before it had shields, and used it in a forensics role, to find things other AV missed. And have been using Avast for a long time. I recently removed Avast, installed the new Bit Defender, and much like before, in years past, it found some crap that Avast missed, and cleaned it up. I have used EVERY AV on the market at one time or another, tested them all, nothing changes. Your TOP GUN AV programs always were, and still are: Bit Defender, Avast, and Eset. Everything else is weak. And I don't care what anyone else says, I have run all of them hard, and seen the results. Kaspersky:Avira:Norton: McAfee: AVG: Emsisoft: all others: The BIG 3: Bit Defender, Avast, Eset. There aint no denying it. Eset is the only free version without shields at this time, but it is great as a back up.

 

Is this your opinion or do you have some facts to back this ranting? Emsisoft is one of the best performers in most AV tests.

 

paradoxal no?

 

The same can be done for any pair of AV. After you uninstall A your next B founds some "crap" after A.

 

and if you want to test a software and compare it to another, each must be installed on a clean REAL system (no VM) and with the same malware samples.

 

Emsisoft

 

DefenseWall + Shadow Defender + Macrium Reflect

 

Good to hear everything is running smoothly. Getting into setting up GPO is more time consuming, but I'm sure it's worth it. There are companies who sell templates for corporate environment.

 

It's good to know that's only your personal opinion. Many people here have had great experiences with "all others" aswell.

 

Online armor only on windows 7 64.....

 

Windows Defender on Windows 8.

HitmanPro.

 

Mamutu and every once in a while a boot cd scanner

and of course the best anti-malware killer, a clean image

 

With my brief experience with Windows 8 x64 since the first of this year i gotta say that it's not proven all that much more rapid than my snappy XP Pro units but one difference that does stand out is that it's far more forgiving during clashes between some programs, as in it is more stable in that respect. Performance gains obviously can be had with SSD vs. spinners that i use.

I feel I'm back in the same boat as with a first 98se though. Determining between reliable AntiSpyware and Antivirus app vendors all over again is making the absence of once popular classical HIPS like Malware Defender and EQSysecure keenly felt in this camp. x64 versions of both would be something on the order of miraculous second coming lol

And there is the other missing link of the classical Behavior Blockers of which ThreatFire was promptly brushed aside leaving Mamutu.

So on this Win 8 box so far its turned out to be a test with Sandboxie.ShadowDefender.FileChangeAlarm. Emsisoft EK.....and relying more heavily then ever on Imaging untill such time, if ever, a resurgence of auto and classical HIP developers decide, if ever, to have another stab at the security market again. Also applies to Behavior Blocker wizards should there be any left.

 

Online Armor Premium has strong hips feature like registry,file and app protection in real time and it is very good in win64

 

Just restored an image from before I threw .NET FW & EMET onto my box. Changed my mind on adding that surface. And things are actually noticeably a tad snappier too. Just from doing registry scans and defrags I can tell .NET FW was huge. They go by quicker now and there's about 20K less files to comb through too. And that's with only .NET FW 2.0 (SP2). Can't imagine what v4 brings along with it.

Will wait on either ExploitShield or Open EMET... the latter of which I'm especially intrigued by. But I feel pretty safe now with Hardware DEP (Always On) & the shellcode injection protection in D+, if need be.

 

OS & Hardening

XP Pro SP3 - fully patched
Router w/SPI (wired)
Hardware DEP (Always On)
Hardware Virtualization (VT-x & VT-d)
VirtualBox
User Friendly Default Deny SRP
Folder Permissions
LUA (on demand - for sensitive usage), "Run as" used as needed
Group/Local Policy edits
Unneeded Services trimmed
... many other hardening tweaks
Sensitive material offline on (hardware) encrypted USB sticks

Apps

Comodo FW/D+ v5.10 - FW - Custom Policy, Very High Alerts, All Advanced checked. D+ - Paranoid, Treat Unrecognized as Untrusted, Shellcode Injection & Heuristic command line analysis checked, Cloud settings unchecked, All Monitoring settings checked, Sanboxing disabled/all unchecked.

Sandboxie - Removable Drives/USB Ports forced realtime, Internet facing apps restricted.
TrueCrypt - OS Partition encrypted
VT Hash Check - New downloads scanned before unsandboxed
OpenVPN - PRQ (direct), Mullvad (2'nd)
Macrium Reflect - Several clean images at various stages of setup

Other on demand scanners

Hitman Pro - Portable only/full scans
MalwareBytes Free - shell scans & full scans
CCE
GMER
TDSSkiller

Browser/Privacy

Firefox/Ixquick Search (SSL)
Addons: Adblock Plus (EasyList, EasyPrivacy, Malware Domains, Antisocial), CS Lite Mod, HTTPS-Everywhere, NoScript, RequestPolicy, WOT, Element Hiding Helper for ABP (disabled - on demand)
about:config - much hardening

Logon Barriers

Bios PW
TrueCrypt Key (32 digit ASCII key) - No message/blank screen, no ESC option
SysKey - floppy disc required
Ctrl+Alt+Del required (secure login)
Logon PW

 

Got a good direct link to it? Dunno if i happened to d/l a rare corrupt copy of it but i tried the installer couple of days ago and it refused for sum reason to fully install. This was about the same time i was testing several comodo. firewall installs too. Comodo. is got to lighten their hips/sandbox combo to be more fluid and not lay so heavy on system responsiveness. It was a turn down for me. What ever happen to surgically precise coverage but light intrusive HIPS coding like EQSysecure.MalwareDefender.RealTime Defender.and such?

PatchGuard does a bang up job sealing the Ring0 Kernel for now for sure and new driver x64 signing requirements is so far making for a lull in rootkit making tactics like is always wreaked havoc for every new O/S release by MS, but.......

One AS i forgot to mention but use On Demand is still SAS. Recent popular Cloud based protection however is just not for me due to sleeping malware that can be devised to slip in undetected then wake up for business when "live on air" connection is disconnected. That's where a solid HIPS/Behavior Blocker is proved equally reliable as a cloud monitor or better IMO. Resident AV's w/hips can also prove useful in that respect too but for my units Independent HIPS have proved more outstanding with less then half the install load as any AV and I've tried them all at one time or another.

Another reason Light Virtualization Apps like ShadowDefender and Sandboxie now occupy a more active role in my security setup since no new classical hips have yet to surface.

 

what about an Anti-executable like NVT ExeRadarPro?

 

Yes jmonge and i thinks in locked mode is invulnerable, more one does not slow down the computer, I'm a big fan of online games and I was no lague, right after my attempts to have a partner like avast antivirus, eset or another one may experience slow but they are negligible, the made assign a password with earlier stages allowed the legitimate applications they want to do is on the computer, blocking the rest of the shot no malware can be installed on pc

 

My new setup:

Windows 8 64 bit

Avast! Free
Novirusthanks Exe radar pro - Lockdown setting
Spyshelter Firewall 2.3
Exploitshield

What do you guys think about this setup? I think it's solid right?