What is your security setup these days?

My current setup:

Windows 8 Pro x64 with EMET 4.0 | Blue Ridge AppGuard Beta 4.0.8.0 | Sandboxie Beta 4.05.12

EMET system wide mitigations:

• DEP - Application Opt Out
• SEHOP - Application Opt Out
• ASLR - Application Opt In
• Certificate Trust - enabled

AppGuard Protection Level: Medium (Recommended)

Sandbox configuration:

• Seperate sandboxes for program groups
• Restrictions / Start/Run-Access + Internet Access | specific apps and processes only
• Program Stop / Leader Programs | forced programs as leader programs
• DropRights
• Resource Access / File Access / Read-Only Access | C:\Windows
• Resource Access / File Access / Direct Access | for specific apps and their respected profile folders under C:\Users\Username\AppData
• Auto-Delete

Applications protected by Sandboxie + AppGuard + EMET:

• MPC-HC, IrfanView, Foobar2000, Windows Media Player, PDF-XChange Viewer Pro

Applications protected by AppGuard + EMET:

• Google Chrome, Microsoft Office 365 Home Premium with Outlook

Chrome settings:

• Plugins click-to-play, Javascript is allowed only on certain domains, AppGuard Privacy mode for document folders
• ABP | EasyList Germany+EasyList, Malware Domains, Fanboy's Social Blocking, EasyPrivacy, non-instrusive ads allowed
• HTTPS Everywhere
• LastPass | Two-Factor

 

Yes ofcourse, I have to agree with Joe on this one...it's annoying and not necessary imo.

 

Sigh(a long one).......well I've tried my best...

 

Everyone has their pet peeves

 

You're right.

 

ESET Smart Security 7 Beta

 

V7 Final should be released in two days Don't tell anyone

 

this version is very nice

 

Tzuk has discontinued lifetime license model for Sandboxie.
It costs 15 EUR/year now.

 

what about those that has lifetime licence,are they going to be honor?

 

It will continue to be valid.
http://www.sandboxie.com/phpbb/viewtopic.php?t=16676

 

Originally Posted by Windows_Security
Windows 7 Ultmate 32 bits (E5200 dual core at 3 GHZ with SSD + 2xHDD + NAS & WL Router)

Windows execution control
- Deny execute for Everyone of EXE files in folders of internet facing programs and USB (ACL)
- Deny execute for Basic Users of all executables outside Windows and Program Files folders (SRP)
- Deny elevation of unsigned binaries (eg. Chromium, Evince PDF, VLC Media Player) in all folders (UAC)

Addtional intrusion mitigation
- Chromium's sandbox with click to play flash, allow javascript for [*.]NL & COM, added AdBlockPlus extension
- Memory protection DEP, SEHOP, ALSR, added EMET and Virtualization (RunAsInvoker) for internet facing programs
- Disabled risk-ware services, locked user autoruns and settings of Outlook & Chromium, Windows FireWall 2-way (GPO)

Real time
- Ad-Aware V11 Free anti virus (on execution only)

 

I'm realizing how nice, simple, and secure your config is. Why did you drop HMP for Ad-Aware?

 

how is comodo antivirus these days?i want to try it

 

trialing Webroot SecureAnywhere AV 2014

 

Ashampoo Anti-Virus 2014
Malwarebytes Anti-Malware Free

 

Just for sake of switching and low CPU impact of Ad-Aware https://www.wilderssecurity.com/showpost.php?p=2292089&postcount=33

 

Hardware Firewall Router (Fritzbox 3270)
Windows 7 Ultimate 32 Bit Firewall
Bitdefender Antivirus Plus 2014
MalwareBytes Antimalware Pro
Hitman Pro 3.7.8 - Build 207


BTW:
Since i heard "it's a bad idea to have two Realtime Protections
runnig at the same Time(Bitdefender/MBAM)i have deaktivated
the Realtimeprotection from MBAM.

Greets

Lucien

 

Actually you can have MBAM protection enabled if you want.

It's only a problem when you have two antiviruses installed, due to the way the interface with Windows. You can have problems, even if the real time protection is disabled on one of the antiviruses.

 

Going to keep Webroot SecureAnywhere AV 2014. Any good deals for purchase (I'd like to get a multi year license if feasible)

 

I know about this offer....it is only 1 year though....
http://store.downloadcrew.com/p30151-webroot_secureanywhere_antivirus_2013_1-device

 

Siketa, not bad. (I should say I have some time to find out a good deal so I'm not that worried yet.) Perhaps a deal could be in the works around Black Friday?

 

I just changed my setup from:
Avast 2014 BETA 2 (default settings) + EMET 4.0 + USB Disk Security + Sandboxed Browsers with ABP and Zenmate


to:
Avast 2014.9.0.2005 Internet Security (Hardened Mode Aggressive) + WSA 2014 + USB Disk Security

I did not remove my Avast 2014 because it BEST for offline computers like mine (during saturdays and sundays)...On the other hand, I added WSA 2014 because it is BEST for online computers like mine too (mondays to fridays).

 

You can keep an eye on https://www.wilderssecurity.com/showthread.php?t=349153 and on the Prevx Releases sub-forum.

 

Ah that's a good move to keep a great app like Sbie alive and thriving. And thank God I have a license.