Yet another recommend me a setup thread.

Like all the HIPS and any isolation software, even winpatrol has it. Appart from the registry protection on real time there is something else?

 

no idea maybe the scaner only ,i saw a youtube video

 

@guest

it has
Registry Protection: protect key position of system registry, prevent malicious tampering by trojans

Process Protection: Prevents trojan execution, protect your account of Bank, SNS and Online games.

Pen Drive Protection: prevents trojan execution on pen drive and removable disks.

 

Yes I see I guess that is like a mini HIPS (with or without popups), although the descriptions are quite optimists.
Since is talking all the time about trojan I guess that is only able to protect against the trojans in the database and the rest of malware maybe is not able to block it because they are not trojans.

 

is it promising?

 

I hope but I think that still lack of a lot of things, offering protection just for trojans... and blocking some important registry keys and system files does not sound very impressive nowadays.
And then claim that protects against all those things... yes but just a bit

 

it maybe a light hips

 

LOL J. You just want it to be HIPS cause you like popups

 

indeed my son

 

what about Spyware Terminator 2012 ?

 

What about it J?

 

is it good?

 

http://i.imgur.com/vVWo7.png
http://www.spywareterminator.com/download/download.aspx
AntiVirus Integration
Spyware Terminator has included the popular antivirus F-PROT, for optional integration to achieve a higher level of security. F-PROT can be integrated into spyware scans, updates and the real-time protection.

 

your mbam pro must be better but let's stay on topic
I'm still not done with my setup

 

Last time I checked they used ClamAV, so it seems to only be a way to milk their customers after getting a good reputation (back), but hopefully they've changed their engine together with this move.

EDIT: As can be seen in its own topic the pro version uses F-Prot, the free version has ClamAV available for the user to use.

 

i guez

 

after lots of thinking... I think I'm going with this:


Standard User Account :
deny users UAC elevation request - UAC set to highest and SRP-disallowed + 1806 trick : for Default-deny approach.
SuRun: to elevate apps automatic/manual

GesWall: system-wide automatic isolation for applications that are in the database.
Sandboxie FREE: to manually contain/test untrusted "tempting" files.
Spyshelter FREE: to inspect bad behaviours

Windows Image Backup: just in case



I'm considering Kingsoft PC Doctor as it would surely add another layer without overlap or maybe just use Windows Defender

 

And windows firewall I guess.
I would prefer Comodo firewall since you get the Fw,sandbox (you can use it or not but does not use any resource), HIPS, and cloud behavior blocker and the cloud AV. It's a point to have a cloud AV and BB that only checks unknown files and does not need any resource from your computer, ad taking into account that Valkyrie is around the corner...

Anyway if you just want a HIPS SS free is quite good.

 

I agree with Comodo firewall.

 

maybe next time, probably when CIS 6 is released

 

The main differences we know about so far (or rather that I know about, someone else may have more info) between 5.8 and 6.0 is that automatically sandboxed items don't take advantage of full system virtualization.

Really that isn't a huge deal when you can right click and manually sandbox instead.

 

Is not that easy, is not the same to have an on-demand sandbox than a automatic sandbox, there should be anything else because if not the implementation would be trivial and I know that is taking a lot of effort.

Anyway, also the cloud will be improved with the addition of Valkyrie, the files will be scanned with CIMA(CAMAS), CAV, the 15 (more will be added) specialized engines of Valkyrie, and an advanced heuristic engine, the result of everything will be evaluated to give a final result. http://valkyrie.comodo.com/

Also there will be some kind of protection for the browser, a kind of tool bar (I hope they do something like traffic light in terms of space) that I think they will bring something really different.

And maybe an improved version and integrated in the cloud of THreatCast will be back, at least in a 6.x version.

The full support for the x64 HIPS (CIS 5., is going to be one of the first vendors in provide it, or maybe even the first, I doubt about SS.

A home made version of KillSwitch will be integrated into CIS replacing the "view active process list" and also will be accessible from the tray icon.

All this is more or less what has been said in the forum, but probably there will be something else.

 

The issue is likely with Execution Controls Settings and not the sandboxing. You can definitely right click and manually sandbox with no problems and it will virtualize, I've done this myself.

 

If it were easy they would have make it since the beginning but although from our point of view is trivial there must be something else. At least for us will be a more secure, user friendly and, 99% software compatible sandbox.

 

Like I said, the issue is probably with the execution control settings sandboxing before the program runs. But if you right click and manually sandbox you can see the file system created in virtualroot.