• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

What is your security set up

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
Wipeout

Wipeout

Member
Joined
Dec 1, 2008
Location
Last 30 Years NE OH
I am considering dumping the Internet suite, and just use the firewall.Considering Avast for anti-virus.I do have my own rules I add in Comodo to tighten up some of the default settings.

Real-Time Protection:
Comodo Internet Security 5.12
Sandboxie

On-Demand Protection:
Malwarebytes Anti-Malware
 
Avira AntiVir Personal 13.0.0.2832


[Follow-up Build 2890 does not have the option to disable product updates. It is important to disable automatic product updates (but leave definition updates ON). Product updates may affect the Windows operating system. They should preferably be downloaded only *after* imaging the operating system partition so that if they cause problems you can reimage back to the state before product updates were installed.]


Disconnect Internet connection. Double click on Setup.exe to install the program.
Ignore Avira's warnings to uninstall Comodo Firewall or similar programs which intercept phone-home attempts.

SELECT: Custom and CHECK: I accept the End User License Agreement > Next >

UNCHECK everything when asked to install Avira Toolbars > Next > Next > Next > Next


Welcome to the Configuration Wizard > Next > Next >

Allow the configuration wizard to keep the default Express Setup options. [Do not Select All.]
(UNCHECK: Application, Games, Jokes, Programs that violate the private domain, and Unusual runtime compression.) > Next > Next >

UNCHECK: Performs a quick systems scan after the installation

Next > Finish >

*ABORT any update process when it automatically pops up!* (If you haven't disconnected Internet connection as instructed above.)


Setup the program before connecting to the internet [then block apnstub.exe and ipmgui.exe from accessing the internet].


Subscription to new virus definitions for this program is renewed automatically through product updates. It is not renewed through virus definition updates. If product updates are disabled in order to prevent installation of a newer version of the program, download the latest key file from

http://dl2.avgate.net/down/windows/hbedv.key

and either copy it to
C:\Program Files\Avira\AntiVir Desktop
and restart or go to Help > License management > click on the blue hbedv.key link > browse to the new downloaded hbedv.key > Open.


Options:
C:\Program Files\Avira\AntiVir Desktop\avcenter.exe

System Scanner (upper left) > Configuration (upper right) > Yes >
UNCHECK: Follow symbolic links (on right) > System Scanner > Scan > Action on detection >
Set for Automatic, Primary action: Ignore [if you want to just scan folders and get a scan report without deleting files or being prompted what to do if virii/malware are found.]


> Click on + next to Update > Product Update > Do not download product updates.
[This option is only for Avira Antivir product updates (Antivirus definitions will still be downloaded automatically.) Product updates should be downloaded manually by going to Update > Start product update... because they may affect the Windows operating system. They should preferably be downloaded only *after* imaging the operating system partition so that if they cause problems you can reimage back to the state before product updates were installed.]


> General > Security >
Disable being notified every time USB drive has an AUTORUN.INF file:
UNCHECK: Block autorun function
> General > Events > Select: Limit size to max. >
> General > Reports > Select: Limit number to max. >
> General > Alerts > UNCHECK everything except Dial-up connection is used

> OK

> Scheduler [on lower left] > UNCHECK everything.


Set Avira Free Antivirus to Always show in Windows Taskbar.


To disable Notifier nag screen: Windows 2000/XP Control Panel > [in Windows 7/8, click on (view by Category) System and Security first] > Administrative Tools [fourth from bottom] > Local Security Policy > Right click on Software Restriction Policies > Create New Policies SO THAT ADDITIONAL RULES SHOWS UP UNDERNEATH > Right click on Additional Rules > New Path Rule... > Browse... to the path of avnotify.exe default is
C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
or
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe

> Set the security level to Disallowed > OK

Also block these two files from accessing the internet, using Comodo Firewall or similar software:
C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe

or

C:\Program Files\Avira\AntiVir Desktop\apnstub.exe
C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe


For Windows XP Home or Windows 8 (non-Pro version) you would need to boot into Safe Mode and log in as Administrator, then
go to
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
and right click on it >
Properties > Security TAB >
[Under Group or usernames] SYSTEM > Edit button > CHECK: Deny for Read & execute > Apply > OK > OK

Make sure SYSTEM is set to Deny for Read & execute before rebooting.


To submit a suspected virus, go to
http://analysis.avira.com/samples/
to upload it.


You can scan multiple drives inside program options: Local Protection > Scanner > CHECK drives you wish to scan. The premium version also offers the option to scan multiple folders here. The free version does not.


In case of error message:

The procedure entry point ?_Xbad@tr1@std@@YAX4error_type@regex_constants@12@@Z could not be located in the dynamic link library MSVCP90.dll

download and install Microsoft Visual C++ 2008 SP1 Redistributable Package
http://www.microsoft.com/downloads/...FamilyID=a5c84275-3b97-4ab7-a40d-3802b2af5fc2


Manual updates can be downloaded from:
http://dl.antivir.de/down/vdf/ivdf_fusebundle_nt_en.zip
Unzip the downloaded file and copy all the contents to
C:\Program Files\Avira\AntiVir Desktop


Using two Antivirus programs at the same time:
If there are two Antivirus programs installed, you should not have two Antivirus *Guard* programs active at the same time because this would slow the system down, Windows may even have problems booting with two Antivirus guard components being active. So if installing AntiVir on a system where there already is an Antivirus program installed, do not install AntiVir guard.

Also disable the guard component of one program if using another program to scan an entire disk drive.


Default log file location is
C:\ProgramData\Avira\AntiVir Desktop\LOGFILES
or
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES


For older versions:
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES
C:\Program Files\Avira\AntiVir PersonalEdition Classic
or
C:\Program Files\Avira AntiVir Personal\
C:\WINDOWS\Application Data\Avira AntiVir Personal\LOGFILES
 
Comodo Firewall 2012 product version 5, 12, 256249, 2599


Version 5.12 is compatible with Windows 8. That is the only difference between v5.10 and v5.12. There are no other different features. On Windows 7/XP machines, installing v5.12 is identical to installing v5.10.

Followup version 6 introduces an extra step when blocking applications requesting internet access: When you don't have computer resources to be running updates and when a program wants to download an update, it gets blocked by Comodo Firewall. But instead of clicking one button to deal with it, version 6 now asks you to _choose_ if you want to block or terminate and block, every time.


Double click on Setup.exe to install the program > OK > UNCHECK everything.
Do not change DNS servers. Do not enable Cloud Based Behavior Analysis.

BEFORE CLICKING ON Agree and install ** CLICK ON CUSTOMIZE INSTALLATION here. **

UNCHECK: Install COMODO GeekBuddy and COMODO Dragon >

THEN GO TO Configuration options TAB and UNCHECK: Everything > Back > Agree and Install


First import any saved configurations if you have them:
Right click on the Comodo icon in the task bar > Configuration > Manage My Configurations > Import...

Wait for it to be imported, then click on the imported configuration > Activate


Otherwise, set your custom configuration:

Start the program > More... TAB > Preferences > General TAB > UNCHECK Everything > OK

Firewall TAB > Firewall Behavior Settings [last on right] > General Settings TAB > Custom Policy
then
Alert Settings TAB > Alert Settings > Very Low (Shows only one alert per application) > OK


Defense+ TAB > Defense+ Settings > [last on right] > Disabled > OK


Firewall > Common Tasks > Define any New Trusted/Blocked Applications
To view a list of blocked/trusted applications: Firewall > Network Security Policy


Note that even if you exit this program, it will still block access to other computers on the network if the following are blocked under Firewall > Network Security Policy:

System
Allow And Log IP In/Out From IP Any Where Protocol Is Any
C:\Windows\explorer.exe
Allow And Log IP In/Out From IP Any Where Protocol Is Any


To temporarily block ALL internet access: Firewall TAB > General Settings TAB > Block All > OK
 
Comodo has consistently beaten other free and pay-for software firewalls (firewalls - not anti virus software). When it comes to anti-virus software, there is A LOT of discussion on anti-virus software that centers on ">>I<< use it and >>I<< haven't had any problems -- therefore it's the best."


The one an only reason I suggest Avira is because I used a virus that managed to get through on my system when I was using Norton back in the day, then installed all reputable anti virus software on the market to observe which ones detected it. which not.


Avira not only had good definitions - they were good ZERO DAY definitions. Others eventually detected the virus I saved but only later on. The downside is that Avira is a major pain to install, unless you buy the pay-for version of Avira.


You will also get advice to use MS essentials but the ease of use will come at the price of definitions. Some people may not have a need for that, maybe average definitions are "good enough". If this is the case, Avira freeware is definitely not a good way to go because it is a pain to install and use.
 
...and I want to get this post in before anyone mentions "safe browsing habits" AS IF there is such a thing:








"Customers who follow safe browsing best practices are not likely to be compromised by any exploitation of the WMF vulnerability. Users should take care not to visit unfamiliar or un-trusted Web sites that could potentially host the malicious code."
Microsoft Corporation
January 3, 2006
 

Attachments

  • MicrosoftSafeTrustedHackRafaBrowsingHabits.jpg
    MicrosoftSafeTrustedHackRafaBrowsingHabits.jpg
    35.6 KB · Views: 192
Last edited:
But to answer you question, personally, my real security setup is to install a multi boot on relatively small partitions and then nuke one OS from the other fairly regularly, at least once a month with every Patch Tuesday.

As long as you never store personal docs on the OS partition and maybe move Windows Desktop folders etc. to another partition, this way you can nuke anything that manages to get in without even diagnosing what happened.
 
c627627 said:
But to answer you question, personally, my real security setup is to install a multi boot on relatively small partitions and then nuke one OS from the other fairly regularly, at least once a month with every Patch Tuesday.

As long as you never store personal docs on the OS partition and maybe move Windows Desktop folders etc. to another partition, this way you can nuke anything that manages to get in without even diagnosing what happened.
Click to expand...

Yes! I am a firm believer in this philosophy.That is keeping os on a separate partition.Interesting take on your multi-boot security.


I have been snooping around Wilder Security forums, and started to consider layers of protection vs a suite. Nice tips using Avira AntiVir Personal.I'm still up in the air on what anti-virus to use at this point. I like Comodo, and don't want to give it up.Unless they change the interface in Comodo 6.1, I have no reason to update.I dont want the most important parts being buried in menus, and making it confusing, and harder to make rules.I like the interface on 5.12.I going to use FW Defense + , standalone A/V, and sandboxie should serve my purpose.I want protection, but not at the cost of slowing my system down or added features that are not proven.Some of this is a guess, but reading some of the issues in Comodo forums,I have a better understanding.The price you to pay to go-online anymore.It's funny, On Wilder Security forums, people have the pc's locked down tighter that Fort Knox.

Thanks for taking the time to post :)
 
Last edited:
I use a springfield XD .45 for windows security and if anything gets in.... Booom, boom, bang, boom, boooom, bang, bang, booom, bang, click.... problem solved :D

I have been using just windows security essentials and so far no problems. I also don't download anything unless it's from iTunes, Steam, Origin or any other trusted sites.
 
Wipeout said:
I like Comodo, and don't want to give it up.
Click to expand...

I would keep Comodo Firewall. Not Comodo antivirus/antimalware. Then install Avira or other anti malware on top of Comodo Firewall.
 
c627627 said:
I would keep Comodo Firewall. Not Comodo antivirus/antimalware. Then install Avira or other anti malware on top of Comodo Firewall.
Click to expand...

I agree.I really like Comodo.

Another important point.Imaging software.Macrium is a good option.Link is below.I use ShadowProtect, but its not cheap.Dependable? 100% in my testing over the years.

It's always nice to have a clean tweaked image file, and basic drivers for your set-up.I always have a clean tweaked baseline image file, that is bare-bones.You can always create more :)


http://www.macrium.com/reflectfree.aspx

http://www.surfright.nl/en/hitmanpro/

http://www.faronics.com/products/deep-freeze/enterprise/

http://www.techsupportalert.com/content/introduction-and-quick-guide-sandboxie.htm

Scroll to bottom, and check out malware list. I use Adblock for Firefox, but its always nice to have added protection in other areas.
https://adblockplus.org/en/subscriptions
 
Last edited:
Wow that's a fancy setup.

I have started using what I think is a very odd setup. My main computer has enough ram to run windows off of a ramdrive. If I'm treading into unsure waters then I tend to use that VM which gets reset to a base level image. No leftovers of anything. On both I've stopped using anything other than the crappy but free microsoft security essentials and windows firewall. I haven't had a virus in years. In my opinion stopping viruses these days is more about common sense than what antivirus software you're running.
 
awktane said:
In my opinion stopping viruses these days is more about common sense than what antivirus software you're running.
Click to expand...

Nowadays is all about stealing your information.Not that other threats don't exist.Nothing is 100 % effective, but there are some good options to add into your security.I am learning more about sandboxie because its such a great program.Some people go overboard with security in the wrong area.I want to do transactions and banking online without depending an a virus program or security suite.These security suites are nice, but I would rather have 1 program that protects my butt in real time.There's alot under the hood to sandboxie.Knowing how to use it correctly involves some understanding.I never realized this until hitting there forums.I have been using Amazon and the Egg for years without issue, but things are always changing.
 
Last edited:
True enough which is where my VM comes in. I'll look into sandboxie for fun.
 
awktane said:
True enough which is where my VM comes in. I'll look into sandboxie for fun.
Click to expand...

I'm not sure how a vm will save you either.Sure you can delete it, but that does not mean information can't get extracted while using a vm.My knowldege is limited when it comes to vm's.Outbound traffic is more of my concern.Come on in, but I will make rules before you try to leave :p
 
Wipeout said:
I'm not sure how a vm will save you either.Sure you can delete it, but that does not mean information can't get extracted while using a vm.My knowldege is limited when it comes to vm's.Outbound traffic is more of my concern.Come on in, but I will make rules before you try to leave :p
Click to expand...

The vm is just an image loaded onto a ramdrive. Every time the virtual machine is booted it's brought back to a controlled state - a fresh install. There is no information to steal except the information I've used in that session. You don't need a ram drive to do that - it's just what I do because it's crazy fast. On the host machine? Nothing of importance to steal. Everything that could be stolen on my side would have to be done during the time I start up that VM and shut it down.

Now tinfoil hat aside... the information available on a single computer is worth very little. You are far more likely to be the target of evil because some large corporation had a machine in their office somewhere that hadn't had any updates in 15 years... or some head admin decides that abc123 is the best password EVARRR. The other most likely situation? You are the guy who hasn't done updates for 15 years and you got an email that said hey click here to get a million dollars... and you listen.
 
Last edited:
Running off ram, crazy fast.Interesting.I am aware of virtual machines, but never tried it.Lets say I get slammed with malware or a virus using a vm.If I reboot, it all goes bye bye ? If the answer is yes, I have some dangerous waters I would like to surf :)
 
You can configure it to do so using snapshots yeop.

Here's how I've done it - as you may or may not know when your computer loses power or you turn it off everything on the ram drive goes byebye because... well everything is stored in memory. Using the ramdrive software I've got it configured such that whenever I start the ram drive it loads a specific image. All that's on that image is a vhd file. I have hyper-v setup so that it has a vm where the hard drive is located at R:\secure.vhd. Every time I mount the drive it will load the exact same version of that file no matter what happens while it is mounted. Now technically that means if I were to mount it, then unmount it the entire contents of the hard drive and the virtual machine's memory would still be in memory. You'd have to scan through a ton of memory, figure out that the vhd was bitlocked, track down the bitlocker key from the VM's memory, etcetc. That's safe enough for me. If someone goes through all of that without me noticing something then they deserve it. Also the minute I shutdown and restart the host there's no way to recover any of it. Once I remount the ram drive it again loads that pristine image. Nomnom.

Now without a ram drive most virtualizing tasty hosts allow you to either do the same thing automatically (always return to the pristine image) or at the very least return to a snapshot. What I like about the ram drive is the fact that there's no leftovers of anything left on anything that could be recovered if I do shut down the host.
 
You must log in or register to reply here.

Similar threads

c627627
Dangers of updating NETGEAR Router Firmware for Netgear Nighthawk X6S AC3600 Router
Replies
0
Views
2K
c627627
c627627
Alaric
"Cortana, you're fired!"
36 37 38 39 40
Replies
786
Views
45K
petteyg359
petteyg359
c627627
How to install 2015 freeware antivirus Avira version 15
Replies
11
Views
7K
ThunderCloud
T
X
Hello Guys i really need some help with my old Intel 530 cpu msi motherboard
Replies
7
Views
1K
trents
trents
c627627
Source of file scanning in Windows 10
Replies
11
Views
1K
c627627
c627627
Back