What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,994
    My colleague enjoys this ever lightest security setup: Windows 8.1 only since first introduction of Win-8. He believes that there's no malware for Win-8 yet. There was no malware issues with his PC yet.
     
  2. CrusherW9

    CrusherW9 Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    517
    Location:
    United States
    That he knows of....
     
  3. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,994
    ...that his PC is working without any noticeable problems. I guess he just doesn't care.
     
  4. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,251
    Location:
    Chaotic Land
    Wow I'm shocked you gave DefenseWall up for a little bit. But very nice light setup you have there :D
     
  5. avidlearner

    avidlearner Registered Member

    Joined:
    Jul 1, 2013
    Posts:
    3
    Hi guys,

    I'm new here, but spend hours of reading through forums about security. Got a headache with so many security setups available, thus need an advice.

    First question would be if it is really worthy to have so many security programs? I noticed that some users have many applications running with companion AV, etc., while others only have standard security tools integrated into Windows.

    Having said that, I'm looking for two setups. One would be used by me, therefore I don't mind learning how to deal with specific applications, while other one should be least intrusive as possible (used by people who are less tech savvy).

    In both cases hardware is quite old one. I personally use laptop with P8700 2.53 Ghz processor, 4 GB of RAM and 256 GB SSD. Other computer has Athlon 64 3000+ 1.8GHz processor and only 1 GB of RAM. Both systems are Windows 8 Pro.

    For myself I was considering the following apps:
    Emsisoft Anti-Malware
    Emsisoft Online Armor Firewall
    Malwarebytes Anti-Malware
    WinPatrol Plus
    Sandboxie
    Chrome with extensions (Adblock Plus, Flashblock, Flag, Ghostery, HTTPS Everywhere, ScriptSafe, WOT, DoNotTrackMe)
    Some kind of software against viruses on USB and malicious EXE files would be great also

    For a future to consider (due to current limited resources and space on SSD):
    Rollback Rx
    Shadow Defender
    VPN Service


    For other computer:
    Windows Firewall
    Windows Defender
    I also read there's a way to limit threats by logging in with standard user's rights. However, is it as simple as switching users? Maybe someone knows a good guide how to set up system with default Windows security tools which would be relatively safe, light on resources and friendly to users?


    All in all, I'm more than open to any opinions, thus any suggestions would be greatly appreciated.

    Thanks in advance!
     
  6. zerotox

    zerotox Registered Member

    Joined:
    Jul 16, 2009
    Posts:
    417
    Yes, they allow Avast's network traffic but through Avast's proxy, they allow browsers for example without making out who exactly is requesting the connection as the firewall detects that Avast's proxy is requesting to connect out when in fact, it's the browser. Here at Wilders and in Avast's forum that's been discussed, and Avast has declared that they intend to change the way their http filter works in the next major version to prevent the proxy issue.
     
  7. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    Well what can I say, I'm a fanboy.:D
     
  8. CrusherW9

    CrusherW9 Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    517
    Location:
    United States
    Avidlearner, it really depends on how paranoid you want to be. Since they are older computers, you are going to want something with as little real time stuff going on as possible. The setup you mentioned using on your laptop would be rock solid but it's a bit much for my tastes. I like to stick to a few core programs. I would drop Online Armor as Windows firewall is plenty fine. You can keep OA if you want to control outbound connections easier but imo, it's not needed. I'm not sure if you meant MBAM in real time or just a scanner but I wouldn't use it in real time. I personally prefer Hitman pro for a scanner but again, preference. I've never used WinPatrol but I would drop it as well. To summarize, I think that this setup would be light and secure: Emsisoft Anti-Malware, Sandboxie, an on-demand scanner (optional because you already have a scanner with EAM), and Chrome with your extensions. I don't use Chrome but I'm pretty sure some of those extensions are redundant. Also, you mentioned usb protection. With Sandboxie paid, you can force drive letters to run sandboxed. So if you insert your usb drive, anything run from it will automatically run sandboxed.

    For your other computer, it depends on how the un-tech savvy people use the computer. If they download and install things frequently, then it becomes more difficult. You can lock them out of any such ability, which would be really secure, but then people might get mad. To provide the most freedom, a simple anti-virus program is your best bet. But if you want more security you have a few options. You can have a anti-executable like EXE Radar Pro auto allow everything in the C:\Windows and C:\Program files directories, along with any programs in C:\Users\user\appdata\ (chrome). This would prevent anything from running except your trusted programs. Or, you can easily do this by making them run with a standard user account and enforcing parental controls. Then accompany this with a light antivirus and you're golden. You can also attempt to use Sandboxie but some knowledge is required to use it. I would say that if you can be there to help out, Sandboxie might be okay. Otherwise stick to the execution control or simply an AV.

    EDIT: I also forgot to mention, EMET is a great program to add to any setup :thumb:
     
  9. avidlearner

    avidlearner Registered Member

    Joined:
    Jul 1, 2013
    Posts:
    3
    Thanks a lot for your input, CrusherW9. Really appreciate that.

    I do have more question, hope you don't mind. It's funny that I was using computers for many years and never really cared about security programs. Mostly used simple AV and luckily didn't get into too much trouble. However, I was surprised by the amount of discussions behind these products.

    What struck me even more is that by using tools already built into Windows it's possible to have very secure system. Dealing and setting limited rights in Windows is quite new stuff to me. I saw many articles available, thus need to do more reading in order to fully understand that stuff. It's not that simple as I thought. For example, amount of options available at EMET is truly overwhelming.

    Having said that, I agree with you that I should go as light as possible. I see that an issue here is RT scanners. I guess couple on-demand scanners could coexist? I'm asking because there're so many tools available to attack specific problems. For instance, to deal with trojans, rootkis or just simple malware. I'm wondering if there's a ultimate tool which can scan all these areas? Because I've a sense that most of these tools are overlapping each other in most of the cases. So, is it worthy to have tools for specific purposes or general AV can take care of it?

    Unfortunately, I don't have Sandboxie paid version, so your trick with USB drive won't work. Are there any alternatives?

    As for other computer, I won't be around, but users barely will need to download files. Your idea about locking stuff is great as they'll mostly browse the internet and barely need to download anything. BTW, how hard is to allow installations in case there's a need? And will it restrict work with photo apps? For example, importing pictures, etc? Also, will downloading torrents work?

    Thanks for your help and I hope not bothering with my questions too much.
     
  10. CrusherW9

    CrusherW9 Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    517
    Location:
    United States
    Regarding on demand scanners, sure, you could have multiple scanners on your system; it won't hurt anything. You're right in that there are a LOT of scanners available. In terms of "ultimate" scanners, you're also right in that there is a lot of overlap. You're going to want to pick one solid all purpose scanner. This will get you to say 95% detection(not real percentage, just picked to show my point). Adding any more will only increase your detection marginally due to overlap so to me, I'm fine with just a single scanner. Adding any more is up to you. Extra scanners can be used with a traditional anti-virus however again, the more you add, the less the increase in detection.

    For your usb protection, look into disabling autorun(which I believe is default in Windows 7 and 8 ). Don't forget that your AV should scan any drives when they are connected or something is launched from them so you aren't entirely without protection. If you have a sort of execution control in place, this takes care of usb protection as well.

    This guide is great for software restriction policies for your other laptop. I don't quite remember 100%, but if you simply enable parental controls, the user will be prompted for admin credentials when they are attempting to execute something in user space. If they can type the password in, they can run whatever they want. This should not negatively effect any programs already on the computer. Although, anything that has to launch with administrator rights will prompt for a password so that can be an annoyance. And no DO NOT turn off UAC. Leave it at the second highest or highest setting.

    EMET is actually really easy to setup; don't be intimidated. Just ignore all of the intricate settings and simply set it to "Maximum security" and then import the built in "Common programs" setup. I can post screen shots later if you need them. Do keep in mind that EMET is quite stable, but it can break some programs and you will need to know that you may have to dial back the protection of that program to get it to work properly.

    Oh yea and if you want to know more about locking down Windows with built in features, look at this thread. And this thread is FANTASTIC at giving a good introduction to the type of security programs available. And lastly, don't forget about backing up your systems.
     
    Last edited: Jul 1, 2013
  11. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,388
    Location:
    Nicaragua
    I was just like that but then one day I realized that there are better technologies that can be used to prevent getting infected than using real time antiviruses. Then, I discovered Sandboxie, decided to use it and from that day on things related to computers have been a joy as problems with viruses don't happen anymore.
    Who said that you need the paid version to open your USB drives sandboxed? Just kidding but really you don't need the paid version to do so. Using the paid version is better and more comfortable because any file or program that runs out of the USB drive (if allowed under Start/Run restrictions) would run automatically when it starts but you can run your USB drive sandboxed by navigating to it using a Sandboxed Windows Explorer. You could even create a sandbox for that purpose alone and to make it comfortable, you can also create a sandboxed shortcut for your sandboxed Windows Explorer. That way, when you click on the shortcut, Windows Explorer will open sandboxed in the sandbox that you created for that purpose.

    I suggest you take a good look at Sandboxie as it can make your computer and internet experience better as it did to me.

    Bo
     
  12. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    OK. Point taken but I wouldn't say that using avast with a 3rd party firewall is useless. Since the all of Avast shields are able to operate without issue.
     
  13. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Just reinstalled Bitdefender 2014 I.S....in tandem with WSA Security Plus...Sincerely...Securon
     
  14. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    I've been running Bitdefender IS 2014 for a few days and am quite impressed with how quick my laptop is with this running. A noticeable performance increase over OA premium and Emsisoft anti-malware.

    Also running Sandboxie just in case.
     
  15. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  16. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,312
    Location:
    USA
    Hello avidlearner,
    I am the only person in my house that cares about security and that knows anything about fixing pc's in general, so I have a simple solution...I run my kids pc's and the family pc in shadow mode ALL the time and optionally use appguard and/or exe radar pro along with sandboxie to mainly keep the current sessions malware free but at the end of the day shadow defender wipes away anything and everything THEY do!
    The only time shadow defender is disabled, is when I am on the computer making changes or updating etc. and I have never had to deal with any infections or human errors lol other than my own :D
    BTW this setup is extremely light and wonderful for slower/older pc's

    You could always use toolwiz timefreeze which is free but not quite as secure as shadow defender as far as I know.
    Just a suggestion
     
  17. avidlearner

    avidlearner Registered Member

    Joined:
    Jul 1, 2013
    Posts:
    3
    Thanks everyone for suggestions! Now I need to do some further reading and testing as I don't want to be the guy who's only asking questions, I don't mind putting effort. ;)
     
  18. Antimalware18

    Antimalware18 Registered Member

    Joined:
    Dec 12, 2008
    Posts:
    417
    Ok, so new setup after i ran into a few problems between comodo bb/hips and my wifes games.

    Avast free
    Comodo firewall only bb/hips off
    Emet
    UAC
    Google chrome sandboxed through CFW
     
  19. CrusherW9

    CrusherW9 Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    517
    Location:
    United States
    Feel free to PM me :)
     
  20. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,974
    Location:
    Parallel Universe
    What, I can't be a fanboy of both?:D Comodo FW is the best. But best doesn't mean it would suit me. My favorite is OA. I love Emsisoft products.

    You're mean Swex. Always trying to catch me. :D
     
  21. jingjing

    jingjing Registered Member

    Joined:
    Mar 7, 2013
    Posts:
    24
    Location:
    China
    Avira AV Free
    Toolwiz Time Freeze
    CCleaner
     
  22. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Sure you can :D
     
  23. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,490
    I wonder when ill change my setup. :D
     
  24. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Just re-installed EAM-V-8...it's super stable...light...and with OA in V9...It will be Sublime...and Sweet...or is that Suite...Lol! Sincerely...Securon
     
  25. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,249
    Location:
    North Texas
    So...how do you really like it?:D
    Running CIS with Chiron's settings plus WSA Complete...all so light.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.