What is your security setup these days?

How can you survive running three programs in real time :S.

 

I may not be one to talk, but only one of your real-time applications is needed. I find Nortons latest product godlike. I simply can't get my computer infected (unless I completely disobey the advices given by Norton Antivirus 2011). Personally, I used to use Mamutu, but it wasn't really protecting me as good as I thought (I daily test my setup against 50+ 0-day threats). Prevx is a great addon but starting with the '11-edition of Norton, it's unnecessary, I'm afraid. Unless Prevx 4 is something almighty, I'll let my license run out and go for a lone protection with Norton
'11.

 

Despite being three programs running in real time, the computer is not heavy, the NIS is lightweight, Prevx and Mamutu also to the truth talk felt only a slight delay to the start after installing Mamutu, however the rest is very light . Windows settings and Immunization not weigh anything.

Prevx am intending to withdraw and be alone with NIS 2011 and Mamutu is a case to think about.

Sorry for my english!

 

I am willing to admit that your choice is great!

 

Shared Network:
Linksys Router with SPI Firewall
DyDNS Free (Ads and Pop-ups, Conficker Worm, Phishing, Spam, Spyware)

Real-time Protection:
Avast! Free Antivirus (Shields: File System, Network, Behaviour) [Password Protected]
Comodo Firewall (w/ Defense+, Execution Control, Sandbox) [Password Protected]
Malwarebytes' Anti-Malware Full (Protection & Website Blocking)

System (Windows 7 Pro 64-bit):
Enabled DEP, SEHOP, Default-Deny SRP, Silent UAC
Disabled Windows Firewall, Defender, System Restore, Internet Explorer, Autorun/Autoplay
Spybot - Search & Destroy (Immunize)

Firefox 3.6.9:
Adblock Plus (Malware Domains subscription)
LastPass
LinkExtend
SandBoxie Free (+ DropRights & Internet Access Restrictions)

On-demand Scanning:
BugBopper
ESET Online Scanner (Smart Installer)
Hitman Pro
Norton Power Eraser
SUPERAntiSpyware Free

Analyzers:
http://camas.comodo.com/
ESET SysInspector
http://www.urlvoid.com/
VirusTotalUploader

Updates:
Freeware Files RSS
KC Softwares SUMo

Backup:
Paragon Backup & Recovery Home Special Edition


Ubuntu Lucid Netbook:
Chromium --safe-plugins, AdThwart, LastPass, WOT
Regularly updated. Sudo only, no root

 

Windows 7 Professional 32-bit (Gaming and Banking Setup)
Rollback RX (5 Snapshots = Baseline / Banking [2] / Gaming [2] )


Hardening (Defaults for all snapshots)

1. Standard User
2. Network Address Translation (NAT)

3. Use IE8 for banking apply hardening
- https://www.wilderssecurity.com/showpost.php?p=1603239&postcount=2
- https://www.wilderssecurity.com/showpost.php?p=1603831&postcount=10
- https://www.wilderssecurity.com/showpost.php?p=1684382&postcount=29

4. Use Iron for daily browsing (with built-in adblock.ini)
- https://www.wilderssecurity.com/showthread.php?t=277949
- https://www.wilderssecurity.com/showthread.php?t=278011


5. Use Sunbelts clearcloud DNS (besides IP-blocklist it adds a sort of smartscreen download security based on Vipre's Antivirus)
- http://clearclouddns.com/

6. Run UAC at Max with intelligent installer detection disabled.
Now run REGEDIT and look what your settings are:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System
locate the key "EnableInstallerDetection"

Set it to OFF (is Zero value "0")
When running a 32 bit installer program Windows7 will NOT detect it is an installer and will NOT prompt for UAC-elevation to Admin (Use Run ad admin to install).

Now run REGEDIT again and look what your settings are:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\Driver Signing
locate the key "BehaviorOnFailedVerify" 0=off, 1=warn (advise), 2=block

7. Seperated Programs from Data by using 2 partitions
8. Removed Execution rights on Downloads folder.
9. Disabled Registry Editing.
10. Disabled CMD.
11. Prevx SafeOnline

________________________________________________________

Banking Snapshots Setting: (2 Snapshots - 1 stable and 1 for testing)
Windows Firewall 2-Way
EMETv2 = Maximum (Always On / Opt-out / Opt-in)


Gaming Snapshots Settings: (2 Snapshots - 1 stable and 1 for testing)
Windows Firewall 1-Way (will make it 2-way later)
EMETv2 = Custom (Opt-out / Opt-in / Opt-in)
Comodo Antivirus (Stateful)
Sanity Check and Hitman Pro (On-demand Malware Scanners)


P.S. Sorry I'm using bootleg version of Rollback RX... I can't buy it, I'm desperate >__<
there's no freeware rollback software aside from Comodo Time Machine which for some reason I cannot install.

 

I have to remind myself daily that many here are beginning thier journey or not far enough along yet to trust themselves.

Some just like to experiment and play with software.

I chuckle to myself a lot. I have been there, and done that. You couldn't pay me to go back there now. But without going through the exact same process, I might not know what I do now. I suppose it is a common way for people to learn, by going over-board at first.

Sul.

 

Back to IE8 until the release of IE9.

 

Why i'm happy? xD
BECAUSE! like 2 weeks ago i did a base snapshot reset, but it got stuck in the middle of it (I did a lot of them before but i had bad luck this time ) and then i decided to force a restart (BIG MISTAKE!!!)
It corrupted the whole drive, i couldn't boot the HDD, could not boot the DVD NOTHING!! No safe mode, no DVD, no HDD.

Then i decided to unplug my main HDD and set my second HDD as master and then boot DVD, then turn off the PC and reconnect main HDD as slave this time and then boot DVD again but this time with secondary HDD as master and select fix startup problems in secondary disk (which is the main HDD) and VOILA!!
It took my like 2 hours of diagnosing, the first time i tried this it failed but luckily the second time WORKEEEED!!
No files were lost during this process! HAHAHA

 

I'm through playing around. Going back to what for me is "the old reliable."

Vista 32 & 64 bit, UAC enabled, IE8.

REAL-TIME:
NIS 2011
ClearCloud DNS
WinPatrol Free

ON-DEMAND:
MBAM
Hitman Pro
Norton Power Eraser
Emsisoft Emergency Kit
Online Armor Cloud Scanner

BROWSER PROTECTION:
Sandboxie (on-demand)
Prevx/SafeOnline free
SpywareBlaster
Keyscrambler free

 

I know ... there's got 2 b someone out there who can develop a stable rollback app... for free of course....

 

Testing: Different Antiviruses for my Gaming + Banking Setup.

hah! I hope!

 

Darn...i've made a lot of base resets too,i hope i will have always luck
But....what you are saying worries me a bit...let's see if i get it straight.You couldn't boot,not even with your windows DVD?

 

Testing Mamutu 3.0.0.12 for my security setup.

 

I don't see the point if you already have DEP/UAC/SRP.....

 

maybe to filter out behavior during 'RunAsAdmin' installs

 

hehe... If that's the case then surely he need Mamutu..

 

I have heard a lot good about Mamutu. On my setup, I have installed it as trial (Returnil Virtual Mode Enabled). It is very light-weight and fast. Emsisoft updates trusted/whitelist software often, so currently no FP on my setup.
I believe my existing setup is already rock solid, stable, and fast. What you guys recommend? Should I buy it or not? Will it make my security setup stronger or only serve as unnecessary load without any real benefit?
Waiting for recommendation...

 

Win7 prof. x64 on my laptop:

Real-Time

* MSE
* Online Armor Free Firewall x64
* DSL Router (Fritzbox whatever)

On-Demand

* AVZ
* MalwareBytes Anti-Malware

Windows Settings

* UAC disabled
* Windows Fireall disabled
* Windows Defender disabled
* No Windows Malicious Software Removal Tool installed
* CD/DVD/USB Autorun disabled

Browser and Immunization

* Firefox 3.6.10 (Adblock, Foxproxy standart)
* UltraSurf

What exactly are those things?

What do u think about my setup?

 

LOL ... it's MalwareBytes Anti-Malware fellow! (unless u r talking about a new one...)

 

Dude, I'm just gonna express my personal opinion

Yes, it's very good

Yes it is

Hardly ever IME...

Indeed

I'd buy DefenseWall or ShadowDefender or any other software that could provide a different approach. As mentioned before, having UAC/DEP/SRP and Win Patrol Plus will pretty much cover your back quite well against malicious behaviour.

But it's your money man... so do as you please!

 

ye thats what i meant.. edited it

 

Thanks atomomega for your worthy suggestion. I also do not feel its need. UAC/DEP/SRP/SEHOP/EMET is protecting me very well without any problem.
Currently, DefenseWall (3.07) do not support x64. Shadow Defender x64 (1.1.0.325) caused repeated BSOD on my setup (perhaps conflict with KIS 2011). Returnil is already here to do that job.

 

#Data Execution Prevention (DEP):
http://support.microsoft.com/kb/875352
http://en.wikipedia.org/wiki/Data_Execution_Prevention

#Structured Exception Handling Overwrite Protection (SEHOP):
http://support.microsoft.com/kb/956607

#Drive-by Protection via 1806 Trick:
https://www.wilderssecurity.com/showpost.php?p=1603237&postcount=1

#Enhanced Mitigation Experience Toolkit (EMET)
https://www.wilderssecurity.com/showthread.php?t=267034
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04

 

I'd buy Rollback Rx if I had the money.