What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    714
    Location:
    UK
    Is sandboxing Chrome really necessary with it having it's own sandbox? This is an honest question I'm not being sarcastic or anything.
     
  2. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    I think Kees (Windows-Security) once said that Sandboxie combined with Chrome's sandbox give extra security. Maybe he'll comment about it. Nothing has gotten by them on my machine.
     
  3. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    I would cover Chrome with SBIE as well for extra security.
     
  4. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    714
    Location:
    UK
    Ok guys thanks.
     
  5. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    extra security is always welcome...
    and also I really love the auto delete function after finished session :D
     
  6. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    714
    Location:
    UK
    Yeah I like the auto delete function in sandboxie. I was going to run chrome inside Comodo's sandbox but it wouldn't launch so for the tiny download that it is I've installed sandboxie.
     
  7. guest

    guest Guest

    Just tried Macrium Reflect again, but this time using WinPE 4 instead of Linux recovery media. Worked flawlessly! So M$, even if you wanted to completely get rid of your system image recovery tool in Win 8.1, I'm not afraid. I've already got a fine replacement. Mwahahaha!! :D

    Was it the manual sandbox or the auto sandbox? If it's the later was it set to the Full Virtualization mode?
     
  8. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    714
    Location:
    UK
    +1 for Macrium Reflect, great piece of software.
     
  9. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    714
    Location:
    UK
    Manual, using the 'run virtual' option.

    Edit to add: Firefox runs fine using the same option.
     
  10. guest

    guest Guest

    Interesting. IIRC I could run Chrome sandboxed just fine with the manual sandbox, but got problem with the auto sandbox if I set it to untrusted. OTOH, the right-click AV scan didn't work for me instead. Hmmm... :doubt:
     
  11. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    5,982
    Location:
    Nicaragua
    Based on my personal experience, I know it is. If you are careful about new install and the files that you run out of the sandbox, you will not get infected.

    Bo
     
  12. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA

    What Bo said :thumb:
     
  13. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,253
    Location:
    North Texas
    Trust me...Bo knows Sandboxie!:thumb:
     
  14. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,253
    Location:
    North Texas
    Couldn't resist the free F Secure AV....running with WSA Complete.
     
  15. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Afternoon! Received an offer from my Bank....1 yr complimentary to trial McAfee Internet Security 2013...in tandem with WSA Security Plus...so far everything running smoothly. Even though McAfee has a somewhat dubious track record...as of the last few months...it has garnered some positive critique! So can't hurt to trial! Stay Tuned! Sincerely...Securon
     
  16. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,253
    Location:
    North Texas
    I have found McAfee to be improving. :thumb:
     
  17. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,545
    Windows 7 Ultimate (64bit) Standard User Account
    Software Restriction Policy disallowed by default.
    Hardened Group Policies with Baseline Security Template via LocalGPO.msi tool
    Disabled unneeded services deemed "safe" by BlackViper.
    EMET 4 (Maximum Settings)

    Tinywall 2.1
    Peerblock (Blocking 2,880,326,360 IPs) [HTTP ALLOWED] w/ custom IP whitelist needed for my games.
    DNSCrypt Proxy Client
    Privoxy
    Windows Defender
    CCleaner
    Chromium [sandboxed]
    Skype [sandboxed]
    Media Players [sandboxed]

    Dataram RAMDisk FREE (SBIE's sandbox container)
    SandboxIE (registered) setting:
    Code:
    
    [GlobalSettings]
    
    Template=WindowsRasMan
    Template=Microsoft_EMET
    Template=OfficeLicensing
    ForceDisableAdminOnly=n
    
    [UserSettings_00DA006D]
    
    SbieCtrl_UserName=MyUsername
    SbieCtrl_NextUpdateCheck=865320647326
    SbieCtrl_UpdateCheckNotify=y
    SbieCtrl_ShowWelcome=n
    SbieCtrl_EnableLogonStart=y
    SbieCtrl_EnableAutoStart=y
    SbieCtrl_AddDesktopIcon=n
    SbieCtrl_AddQuickLaunchIcon=n
    SbieCtrl_AddContextMenu=y
    SbieCtrl_AddSendToMenu=y
    SbieCtrl_HideWindowNotify=n
    SbieCtrl_WindowLeft=562
    SbieCtrl_WindowTop=253
    SbieCtrl_WindowWidth=660
    SbieCtrl_WindowHeight=450
    SbieCtrl_ActiveView=40021
    SbieCtrl_BoxExpandedView_DefaultBox=n
    SbieCtrl_AutoApplySettings=n
    SbieCtrl_SettingChangeNotify=n
    SbieCtrl_BoxExpandedView_IE=y
    SbieCtrl_HideMessage=1308,ie4uinit.exe [IE]
    SbieCtrl_HideMessage=2222,ie4uinit.exe [IE]
    SbieCtrl_HideMessage=1307,wmplayer.exe [Media]
    SbieCtrl_HideMessage=2221,wmplayer.exe [Media]
    SbieCtrl_BoxExpandedView_Media=y
    SbieCtrl_BoxExpandedView_User=y
    SbieCtrl_BoxExpandedView_Game=y
    SbieCtrl_BoxExpandedView_IM=y
    SbieCtrl_BoxExpandedView_P2P=n
    SbieCtrl_ReloadConfNotify=n
    
    [DefaultBox]
    
    ConfigLevel=7
    Template=BlockPorts
    Template=LingerPrograms
    Template=AutoRecoverIgnore
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    DropAdminRights=y
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\uTorrent\
    ClosedFilePath=C:\Program Files (x86)\Skype\
    ClosedFilePath=%AppData%\Skype\
    
    [IE]
    
    ConfigLevel=7
    Template=IExplore_Force
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    DropAdminRights=y
    NotifyInternetAccessDenied=y
    ProcessGroup=<StartRunAccess>,iexplore.exe
    ProcessGroup=<InternetAccess>,iexplore.exe
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Media Player\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\uTorrent\
    ClosedFilePath=%AppData%\Skype\
    ClosedFilePath=C:\Program Files (x86)\Skype\
    ClosedFilePath=!<InternetAccess>,InternetAccessDevices
    NotifyStartRunAccessDenied=y
    ClosedIpcPath=!<StartRunAccess>,*
    ForceFolder=C:\Program Files\Internet Explorer
    
    [Media]
    
    ConfigLevel=7
    Template=BlockPorts
    Template=LingerPrograms
    Template=AutoRecoverIgnore
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    NotifyInternetAccessDenied=y
    NotifyStartRunAccessDenied=y
    ForceProcess=wmplayer.exe
    ForceProcess=vlc.exe
    ForceFolder=C:\Program Files\VideoLAN
    ForceFolder=C:\Program Files\Windows Media Player
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=InternetAccessDevices
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\uTorrent\
    
    [User]
    
    ConfigLevel=7
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    DropAdminRights=y
    ForceFolder=D:\Downloads
    ForceFolder=D:\
    ForceFolder=D:\Videos
    ForceFolder=D:\Searches
    ForceFolder=D:\Saved Games
    ForceFolder=D:\Pictures
    ForceFolder=D:\Music
    ForceFolder=D:\Links
    ForceFolder=D:\Favorites
    ForceFolder=D:\Documents
    ForceFolder=D:\Desktop
    ForceFolder=D:\Contacts
    ForceFolder=B:\
    ForceFolder=A:\
    ForceFolder=Z:\
    ForceFolder=Y:\
    ForceFolder=X:\
    ForceFolder=W:\
    ForceFolder=V:\
    ForceFolder=U:\
    ForceFolder=T:\
    ForceFolder=S:\
    ForceFolder=R:\
    ForceFolder=Q:\
    ForceFolder=P:\
    ForceFolder=O:\
    ForceFolder=N:\
    ForceFolder=M:\
    ForceFolder=L:\
    ForceFolder=K:\
    ForceFolder=J:\
    ForceFolder=I:\
    ForceFolder=H:\
    ForceFolder=G:\
    ForceFolder=F:\
    ForceFolder=E:\
    NotifyInternetAccessDenied=y
    ClosedFilePath=InternetAccessDevices
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\uTorrent\
    
    [Game]
    
    ConfigLevel=7
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=9532688
    NeverDelete=n
    ForceProcess=dnlauncher.exe
    NotifyInternetAccessDenied=y
    NotifyStartRunAccessDenied=y
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\uTorrent\
    ClosedFilePath=C:\Sandbox\X\Game\drive\C\Program Files (x86)\Garena Plus\ggdllhost.exe
    ClosedFilePath=C:\Program Files (x86)\Skype\
    ClosedFilePath=%AppData%\Skype\
    ForceFolder=C:\Program Files (x86)\Steam
    
    [IM]
    
    ConfigLevel=7
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    NeverDelete=n
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\uTorrent\
    ForceFolder=C:\Program Files (x86)\Skype
    
    [P2P]
    
    ConfigLevel=7
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    DropAdminRights=y
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=!<InternetAccess>,InternetAccessDevices
    ForceProcess=utorrent.exe
    ForceFolder=C:\Users\X\AppData\Roaming\uTorrent
    ForceFolder=C:\Users\Y\AppData\Roaming\uTorrent
    ForceFolder=C:\Program Files\uTorrent
    NotifyInternetAccessDenied=y
    ProcessGroup=<StartRunAccess>,vlc.exe,utorrent.exe,explorer.exe
    ProcessGroup=<InternetAccess>,utorrent.exe
    NotifyStartRunAccessDenied=y
    ClosedIpcPath=!<StartRunAccess>,*
    OpenFilePath=utorrent.exe,%AppData%\uTorrent\
    OpenFilePath=utorrent.exe,%{374DE290-123F-4565-9164-39C4925E467B}%\
    OpenFilePath=utorrent.exe,C:\Users\X\Torrent\
    
    [UserSettings_00F20079]
    
    SbieCtrl_ReloadConfNotify=n
    SbieCtrl_EditConfNotify=n
    SbieCtrl_HideWindowNotify=n
    SbieCtrl_AutoApplySettings=n
    SbieCtrl_SettingChangeNotify=n
    SbieCtrl_HideMessage=2314,GoogleUpdateOnDemand.exe
    SbieCtrl_HideMessage=2203,*GUIPROXY_00000001 - Skype.exe [00000102]
    SbieCtrl_HideMessage=1308,dllhost.exe [GC]
    SbieCtrl_HideMessage=2222,dllhost.exe [GC]
    SbieCtrl_HideMessage=1308,dllhost.exe [P2P]
    SbieCtrl_HideMessage=2222,dllhost.exe [P2P]
    SbieCtrl_HideMessage=2314,dllhost.exe
    SbieCtrl_HideMessage=1308,wmplayer.exe [P2P]
    SbieCtrl_HideMessage=2222,wmplayer.exe [P2P]
    SbieCtrl_HideMessage=2314,wmplayer.exe
    SbieCtrl_HideMessage=2327,[81 / 0]
    SbieCtrl_HideMessage=2327,[31 / 0]
    SbieCtrl_HideMessage=2103,1394hub [Game]
    SbieCtrl_HideMessage=1308,rundll32.exe [P2P]
    SbieCtrl_HideMessage=2222,rundll32.exe [P2P]
    SbieCtrl_HideMessage=2314,rundll32.exe
    SbieCtrl_HideMessage=2222,ie4uinit.exe [IE]
    SbieCtrl_HideMessage=1308,ie4uinit.exe [IE]
    SbieCtrl_HideMessage=2314,ie4uinit.exe
    SbieCtrl_HideMessage=1308,wmpshare.exe [Media]
    SbieCtrl_HideMessage=2222,wmpshare.exe [Media]
    SbieCtrl_HideMessage=2314,wmpshare.exe
    SbieCtrl_HideMessage=2221,wmplayer.exe [Media]
    SbieCtrl_HideMessage=1307,wmplayer.exe [Media]
    SbieCtrl_WindowCoords=301,132,825,600
    SbieCtrl_ActiveView=40021
    SbieCtrl_EnableLogonStart=y
    SbieCtrl_EnableAutoStart=y
    SbieCtrl_AddDesktopIcon=n
    SbieCtrl_AddQuickLaunchIcon=n
    SbieCtrl_AddContextMenu=y
    SbieCtrl_AddSendToMenu=y
    SbieCtrl_UserName=x
    SbieCtrl_ShowWelcome=n
    SbieCtrl_NextUpdateCheck=1555555555
    SbieCtrl_UpdateCheckNotify=n
    SbieCtrl_BoxExpandedView=Firefox,Game,GC,IE,IM,Media,P2P,User,XGC
    
    [GC]
    
    ConfigLevel=7
    Template=Chrome_Force
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    DropAdminRights=y
    ClosedFilePath=C:\Program Files\uTorrent\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=%Local AppData%\Mozilla\
    ClosedFilePath=C:\Program Files (x86)\Mozilla Firefox\
    ClosedFilePath=C:\Program Files (x86)\Steam\
    ClosedFilePath=C:\Program Files (x86)\Skype\
    ClosedFilePath=%AppData%\Skype\
    ClosedFilePath=!<InternetAccess>,InternetAccessDevices
    NotifyInternetAccessDenied=y
    ProcessGroup=<StartRunAccess>,chrome.exe
    ProcessGroup=<InternetAccess>,chrome.exe
    NotifyStartRunAccessDenied=y
    OpenFilePath=chrome.exe,%{374DE290-123F-4565-9164-39C4925E467B}%\
    ClosedIpcPath=!<StartRunAccess>,*
    
    [Firefox]
    
    ConfigLevel=7
    Template=Firefox_Force
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#000000,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    DropAdminRights=y
    OpenFilePath=firefox.exe,%{374DE290-123F-4565-9164-39C4925E467B}%\
    ClosedFilePath=C:\Program Files\uTorrent\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=%Local AppData%\Google\
    ClosedFilePath=%AppData%\Skype\
    ClosedFilePath=C:\Program Files (x86)\Skype\
    
    [XGC]
    
    ConfigLevel=7
    Template=AutoRecoverIgnore
    Template=LingerPrograms
    Template=BlockPorts
    BorderColor=#00FF00,ttl
    Enabled=y
    BoxNameTitle=n
    CopyLimitKb=239152
    DropAdminRights=y
    ClosedFilePath=C:\Program Files\uTorrent\
    ClosedFilePath=%AppData%\uTorrent\
    ClosedFilePath=C:\Program Files\VideoLAN\
    ClosedFilePath=\Device\Mup\
    ClosedFilePath=C:\Program Files\Windows Mail\
    ClosedFilePath=C:\Program Files\Windows Journal\
    ClosedFilePath=C:\Program Files\Internet Explorer\
    ClosedFilePath=C:\Program Files (x86)\Steam\
    ClosedFilePath=C:\Program Files (x86)\Mozilla Firefox\
    
    [UserSettings_00F4007A]
    
    SbieCtrl_UserName=y
    SbieCtrl_ShowWelcome=n
    SbieCtrl_NextUpdateCheck=1375127535
    SbieCtrl_UpdateCheckNotify=y
    SbieCtrl_WindowCoords=71,224,825,600
    SbieCtrl_ActiveView=40021
    SbieCtrl_HideWindowNotify=n
    SbieCtrl_HideMessage=1308,ie4uinit.exe [IE]
    SbieCtrl_HideMessage=2222,ie4uinit.exe [IE]
    SbieCtrl_HideMessage=2314,ie4uinit.exe
    SbieCtrl_AutoApplySettings=n
    SbieCtrl_SettingChangeNotify=n
    SbieCtrl_BoxExpandedView=IM,Media
    
    

    What's new?:
    Replaced Google Chrome with Chromium
    changed my wilderssecurity avatar to tinywall tray icon. coz I'm loving it at the moment :D
     
  18. guest

    guest Guest

    I prefer your old avatar actually. Not that I'm a fan of Lucky Star though. :D

    Anyway, any reason at why are you using SRP instead of AppLocker?
     
    Last edited by a moderator: Jul 28, 2013
  19. mattfrog

    mattfrog Registered Member

    Joined:
    Apr 3, 2012
    Posts:
    85
    Location:
    United Kingdom
    A slightly altered setup this evening!

    Windows 7 Home Premium (up-to-date)
    ESET Smart Security 6
    New: VoodooShield
    Removed: OpenDNS/DNSCrypt (browsing was slowly sadly)
    New: DEP fully activated (looking in to EMET 4)
    Firefox (latest) with LastPass, Disconnect, Adblock Edge
    Nightly backups to Skydrive (considering re-purchasing Backblaze)

    EDIT:
    MalwareBytes (Free) and HitmanPro as on-demand scanners, scanned once a week or so.
     
    Last edited: Jul 28, 2013
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,742
    Location:
    Canada
    still running appguard in lockdown mode:thumb:
     
  21. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,579
    Location:
    Romania
    Trying a non-HIPS setup..Avast free,Rising FW,WinPatrol Plus and Sandboxie.It does feels a bit like "i'm naked" :D
     
  22. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Doesn't WinPatrol Plus deserve to be called at least mini HIPS? Doesn't Scotty bowwow at all?
     
  23. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,545

    I'm not familiar with Applocker yet. can you refer me a link about applocker?
     
  24. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,321
    Location:
    USA
  25. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    I call it a light HIPS ;)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.