XP Home Security Plan

why did you remove HMP Alert free?

 

Added Software Restriction Policy with Sully's PGS, added block on fake file extensions rules of Crypto Prevent and made them applicable to TEMP dir only (because this was the only hole left).

 

https://technet.microsoft.com/en-us/library/security/MS14-MAY

https://secunia.com/advisories/product/2275/

Microsoft Office is dangerous.
Try Softmaker FreeOffice is very light.

(Is good and light Daum PotPlayer).

 

Panda good choice http://chart.av-comparatives.org/chart1.php

 

I still think some leak protection/outbound control would be a nice added layer. I know how to set up Comodo FW/D+ v5.10 to provide this while requiring no user interaction if you're interested. First set the Stealth ports wizard to block all. Then go into the Network security policy and remove the allow rules it makes, for both apps and global rules. In global rules have simply block rules for all IP In, and ICMP In & Out. In predefined rules make tight rule sets for Web Browser as I suggested before, Outbound Only, and a Block rule. Those are the only 3 I have. For everything else I write custom rules. If they use anything like a torrent client or PM/IM program write granular rule sets for them, with block rules at the bottom (good idea for all rules) to block leaks. In the FW settings > Advanced check all the boxes.

In D+ just set it to Clean PC Mode and they'll never hear a peep out of it. Turn the shellcode injection dection on to add at least some memory protection along with the DEP (tweak to Always On). Disable the sandbox settings. Add Chiron's "protect all files" tweak. Delete the trusted vendor list (delete the "vendor.n" file). While you're at it delete Comodo's certificate altogether in the Control Panel/Internet Options/Trusted Publishers... to keep cpf.exe from hurling itself into the "Trusted Files" list. And I also block both cpf.exe & cmdagent in the FW. Do these things to prevent it from phoning home and given more privileges than it needs. Turn off the "message center" and checking for updates, disable logging in preferences. Then set a password so that they can't get in there and foul things up.

You'll have added a good layer of outbound control, leak protection and a bit of memory mitigation and they'll never hear a peep out of the thing. Well, unless adding new apps. And if they need/ask for access tell her that rule of thumb to grant it Outbound Only. I set it up this way for a lot of people that otherwise couldn't handle an outbound FW/HIPS.

If you're interested and have trouble finding the installer for v5.10, just PM me and I can get it to you.

 

Luciddream,

Thanks for you suggestions, I have already returned the PC. No doubt you have perfected the quiet setup, but, I am reluctant of adding an option which could throw a question to an innocent user when it concerns remote acquaintances (in this case of my wife, so I don't see them at all).

Regards Kees

 

I think this is a simple and effective way to safeguard a computer.
According to Avecto, an enterprise security firm, up to 92% of ALL Malware, Viruses, Trojans, etc. are stopped by using a Limited or Standard Account. We usually use an Administrator Account which allows us to make changes to our computers. It also allows malware, viruses, bugs to make changes as well. A computer is WIDE OPEN using an Administrator account. A Limited or Standard account SHUTS THE DOORS to stop changes/infections that may try to come in. Use the Standard/Limited account most of the time, especially surfing the web, then when you need to install a program or make changes, switch over to Administrator account, then back to Limited/Standard for best protection. It is simple and it works.

Removing admin rights mitigates 92% of critical Microsoft vulnerabilities
http://www.avecto.com/news-events/p...ercent-of-critical-microsoft-vulnerabilities/

How to create a Standard or Limited User Account
XP - https://www.staysmartonline.gov.au/factsheets/factsheet_3
Win 7 - http://www.staysmartonline.gov.au/factsheets/factsheet_28
Win 8 - http://www.bleepingcomputer.com/tutorials/create-new-user-account-in-windows-8/

How to IMPROVE on the Standard/Limited Account to make it even more secure. There are two methods, but both stop more malware than basic SA/LA.
http://www.mechbgon.com/srp/

 

"Mitigated" is not the same as "stopped."

 

True. Here's a couple of definitions. Knowing this, I still recommend surfing on the Limited/Standard account as it offers much more protection than Admin account, which is wide open to changes and malware.

mitigate (verb)
to make something less harmful, serious, etc.
to reduce the harmful effects of something