What is your security setup these days?

+1

 

When I tried that combo erp was totally quiet, how do you have yours configured?

 

I have comodo firewall in one pc and hips in paranoid mode and it is very quite

 

Actually, you'll find plenty of more than sufficient alternatives other members are using. Note I didn't say replacement, but SBIE isn't a necessity in the purest sense of the word.

Yes, it's very useful. That's why so many, including myself, have it.

You should create another thread for that.

 

Some changes;

Eset Smart Security 7 (10 license pack for 2 years)
Immunet 3 Free (SPEROS/ETHOS only)
Adguard Beta

Dumped Mbam, too many issues with 2x versions, and DHC dropouts on 1.75, and Processor Restraint issues in 2.0.. SAS has questionable detections, and 6 is still in beta. I wasn't impressed with Zemana, and don't like the yearly sub on a per-PC basis with no family pack. Webroot has way too many issues. Since Threatfire, Pestpatrol, PrevX, DesktopArmor and all of those are gone, the only problem free adjunct to AV I can find anymore is Immunet3-Free. It's tiny, and doesn't impact the system at all.

 

ERP: scanned and whitelisted all folders/subfolders in Program Files & Program Files (x86) and C:/Windows; then set to Lockdown Mode extreme
Appguard: set to Lockdown Mode

now if i install or update some softs, i set AG on install and ERP on alert.

i keep Windows 8 Defender at the moment, but i can ditch it anytime since nothing should go on my system partition if i don't allow it.

 

Do you exclude both from eachother?

 

Appguard auto-exclude exclude then protect the whole C:/ and my manipulation cited earlier do the same for ERP but manually and with less folders.

 

just got ridoff shadow defender I don't know but it is difficult to be re-starting all the time to see changes and if by accident the pc is re-booted I loose all my data

 

just create a "work folder" and exclude it from SD then put your datas in it; if you have sandboxie , put this folder to be force-sandboxed if any exe want to run in it , in case a malware get in.

 

why didn't I do that hey I will try it again just ex-clude the documents rightby the way thanks

 

you are welcome, you can also use the "commit" button , it will do the same than exclude but for specific cases.

 

Added Webroot also, found an (un-used) invitation key for PrevX pre-alfa testing, to my surprise it worked on Webroot Gaming version also. Indeed very light.

 

Watch out for that cryptolocker malware...

 

yes, it is why i recommended him to force this folder in sandboxie.

 

True....

 

Files in that folder wont be protected by SBIE if malware is run outside the sandbox.

 

he is under Shadow Mode , its excluded working folder (created in another partition , example D: ) will be forced there:

http://i.imgur.com/PdjTIIs.jpg

unless he recover the malware, no way he can get infected.

 

Yes true. Since Shadow mode doesn't protect personal files all untrusted/unknown software has to be run under SBIE supervision. Default download location should be under SBIE forced folder also...

 

Why force folders? anything downloaded from the net stays in the browsers sandbox until I choose to move it.

 

If you run all dangerous applications unders SBIE control you shouldn't need forced folders option. If you run them outside SBIE control, SD alone would not protect your data from malware. I don't use forced folder option also, as I don't run random executables from some "test folders" or something similar.

 

The only time I run anything out of the sandbox is when I know it's safe. Thanks

 

IMO more important than forced folder is block file access to personal data. I use it to prevent access to my personal folders from all apps running in SBIE. That way even if malware runs inside sandbox it can't access my personal data.

 

Where do I find that setting?

 

Resource Access - File Access - Blocked Access. You can add all personal folders to list and nothing from Sandbox can't access them.