What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    Do you disable Windows Defender?
     
  2. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    Absolutely, yes. One of the first things that I take out. Although I do leave it on for client machines that I work on for other users. But for myself, I disable it entirely with Winaero Tweaker.
     
  3. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    OS Hardening
    Standard User Account
    Deny unsigned files to elevate
    UAC to max

    Antimalware
    Windows Defender
    Smartscreen
    Zemana Antilogger

    3rd party policy restriction/virtualization
    Sandboxie (all internet facing applications except Chrome, Steam, Gog, Origins)
    AppGuard (guards all internet facing applications)

    Browser security
    Chrome (Guarded by AppGuard and not run in Sandboxie, AppContainer enabled, ControlFlowGuard, not signed in to Google account)
    HTTPS Everywhere
    Lastpass extention (with Google Authentificator and restricted access from all countries except my own)
    Privacy Badger extension
    µBlock extension

    VPN
    Mullvad (connected via Viscosity an system startup)

    Encryption
    VeraCrypt (AES)

    Backup
    Onedrive (only encrypted private family photos uploaded)
     
    Last edited: Mar 8, 2017
  4. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    Thanks. I will check out Winaero Tweaker as my next question was going to be 'how?'
     
  5. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
  6. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  7. wildman

    wildman Registered Member

    Joined:
    Feb 18, 2004
    Posts:
    2,185
    Location:
    Home on the range.
    More and more I am using Linux Mint 17.3 and there you don't need any security related software because I have checked to only update known safe site software. I have kept Windows7 Home Premium only because Linux does not have compatibility with some of the graphic programs I have on the windows side and Wine on Linux is flatly not that great. On the windows side for security I use Windows Defender, SpywareBlaster and SuperAntiSpware.
    Always,
    Wildman
     
  8. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    You can install VirtualBox or VMware Player @ Mint and run Windows inside.
    Of course, you will have to check whether or not graphic driver works fine with your software.
     
  9. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    412
    Location:
    Greece
    windows defender pua enabled , ublock origin in all browsers
    heimdal free.
     
  10. Elwe Singollo

    Elwe Singollo Registered Member

    Joined:
    Oct 30, 2015
    Posts:
    114
    I've run an Admin account for as long as I can remember, however my recent sojourn into Linux has given me an appreciation that having to validate changes that require escalated privileges is not a bad thing. I've also noticed a number posts extolling the virtues of SUA and built in security on Windows 10 so thought I'd give it a go. Surprisingly I don't hate it. Current set-up on Win10 x 64 Pro:

    SUA
    SRP deny for all files other than DLLs for everyone other than administrators and a few additional files types added to the default list
    Some tweaks via Group Policy to deny Autorun for removable drives etc
    Windows Defender off (via GPO) disabled any autoruns for WD processes I could find.
    HMP Alert
    Shadow Defender on demand
    Mulvad on demand
    O & O shut-up (largely to make me feel better rather than thinking it really makes Windows private)
    IFW

    Using privacy based Chromium build with AppContainer switch as primary browser (Last Pass & UBlock Origin) and Edge sometimes.
    Universal Apps rather than third party where possible.

    I couldn't find a way of getting Office365 apps to work with SRP deny on the SUA account when including DLLs in the disallowed settings (anyone know how?) so have a few concerns around how comprehensive the cover is but not enough to make me do anything about it for now.

    Only really use Windows now for anything I need to do with Office or to keep up to date for family members so reckon that will do. Thinking of replacing HMP.A. with MemProtect and FIDES if I can be bothered. Distro hopping keeps me occupied so a lot less tweaking of Windows than in previous times.

    Anything obviously missing wouldn't mind hearing about (other than blacklisters, can't be doing with them any more).

    Cheers
     
  11. illumination

    illumination Guest

    Even though I'm sure this was a rhetorical question on your part, I will answer it for those reading that may be curious. Appguard being policy restriction, blocks the execution before it takes place, unlike Voodooshield that allows the execution but then suspends the process. I can tell you from testing, Appguard will block the sample every time before VS will even have a chance to intercept it. I'm assuming it would be the same with CFW and Appguard, as CFW would have to allow the execution in order to sandbox it ect.

    Autopilot mode does not utilize the whitelisting portion "anti-executable" of VS, Smart does. This means Smart mode is actually more secure then Autopilot mode. Smart mode works locking the system when you are at risk, and the rest of the time when you do not have a web facing application open, VS is fine tuning your snapshot for max compatibility and usability. When I run Voodooshield, I use and test VS, it is always in smart mode.
     
  12. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I've had similar problems with some other program (can't remember which) if I left default rules in Additional rules. If I deleted them and replaced them by actual paths (program files + x86 + windows) the problem disappeared. IDK if it would help with Office365, but you can give it a try.
     
  13. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
    I agree about Smart mode being more secure than Autopilot, but I think VS uses whitelisting also on Autopilot.
    The difference is, on Smart mode, when VS is ON, any non-whitelisted app is blocked, no matter whether is good or bad.
    In Autopilot, it depends on VoodooAi. If a new app is deemed safe by VoodooAi and all the 57 blacklist engines (from VirusTotal) say there's no threat, then the app will run; otherwise it will be blocked.

     
  14. ReverseGear

    ReverseGear Guest

    I kept VS on autopilot on 1 day and now its in smart mode. I do feel a little slowdown with both modes . Hopefully it settles in a few days
     
  15. illumination

    illumination Guest

    I was under the impression Autopilot only uses Voodooai and VT engines, hence it being less secure then Smart Mode. Something to reconfirm with @VoodooShield.

    ******************************************************
    As for my security set up to keep on topic, im using...

    Windows 10 Pro
    On Desktop without Wifi adapter "ethernet only", no Webcam, no Microphone.

    Norton Security
    Norton Wifi Privacy "VPN"
    Appguard
    Vmware

    IMO, the best, lightest combination i have run. NS with its Smart Firewall and excellent Network protection, Appguard with needed apps added to Guarded Apps for "Lock Down Mode" and Norton Wifi "that yes works with ethernet only" for securing my Traffic and spoofing my IP.

    I should mention the above is a shared system, and also my testing system. I keep 2 Guest systems, one strictly for testing malware/analysis and looking for bugs, the other just for testing applications to learn about them before installing on the main system.
     
    Last edited by a moderator: Mar 10, 2017
  16. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    Windows 7 Pro SP1 x64

    Firewall & Anti-Virus
    :
    Router NAT/SPI (Password Protected)
    Emsisoft Internet Security 2017.2.0.7219 (with hpHosts file)

    Blocking/Hardening:
    AppGuard 4.4.6.1
    HitmanPro.Alert 3.6.3 Build 586
    Norton ConnectSafe DNS (Malware, Phishing)

    Browser (Firefox)
    :
    HTTPS Everywhere
    uBlock Origin
    Avira Browser Safety
     
  17. Elwe Singollo

    Elwe Singollo Registered Member

    Joined:
    Oct 30, 2015
    Posts:
    114
    Thanks Minimalist. That worked. Much appreciated.

    Cheers
     
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    You're welcome. Nice to see it helped you too :thumb:
     
  19. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    I removed Avast as its web shield started to block almost all sites in Google Chrome without warning that it's Avast tricks. I had to waste some time to find out the reason.

    Windows 7 x64 Ultimate
    Standard User Account
    User Account Control - max, with password

    Kaspersky IS

    MalwareBytes AntiExploit with additional shields for some routine apps.

    I don't know if I really need MBAE with KIS, but they seem to get along. This combo is rather lite.
     
  20. Pete8

    Pete8 Registered Member

    Joined:
    Feb 17, 2017
    Posts:
    10
    Location:
    France
    For one of my family member PC, just migrated to Win10

    Win10 x64 Home

    RT
    Bitdefender Internet Security 2016 (updated to 2017)
    VoodooShield v3.53 Autopilot Mode

    Browser (Google Chrome)
    uBlock Origin

    On demand scanners/cleaners
    zhpcleaner, adwcleaner

    Don't know if i should had any other RT protection to Bitdefender IS or if this is enough...
     
  21. hamo

    hamo Registered Member

    Joined:
    Jul 11, 2016
    Posts:
    67
    Location:
    Egypt
    Platform:
    Windows 10 Education 64 bit
    User Account Control - max, with password

    Rial-time Protection:
    -Kaspersky Internet Security 2017 (Default setting, ONLY uncheck "trust digitally singed application" ).
    -Hitman Pro Alert.
    -Voodoshield Pro (Smart default setting).

    On demand scan:
    -Zemana Anti-malware.
    -Hard Protector.

    Password manger:
    Kaspersky Password manger.

    Browser:
    -Adguard add on extension.
    -Windscrib VPN Pro.
    -HTTPS every where extension.

    :)
     
  22. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    IMO BD is enough if they are careful and use safe computing habits.
     
  23. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    OS: Windows 7 x64 (built in: User Account Control on max, Standard User Account for daily computing, Firewall inbound only, various tweaks and modifications)

    Antimalware - realtime: Emsisoft Anti-Malware; on demand: Avira PC Cleaner, Malwarebytes AM, HitmanPro, Virustotal Uploader

    Sandbox: Sandboxie for Chrome

    Backup: Macrium Reflect (grandfather - father - son backup scheme)

    Privacy: F-Secure Freedome VPN; uBlock Origin (easy mode) and uBlock Origin extra in Chrome; CCleaner; PrivaZer; Tor Browser

    Updates: SUMO

    Passwords: KeePass

    Virtualisation: Virtualbox (guest OSs: Windows XP, Windows 7, Windows 10, Linux Mint)

    Other tools: Autoruns; Process Explorer; Recuva; TCPView
     
    Last edited: Mar 15, 2017
  25. Pete8

    Pete8 Registered Member

    Joined:
    Feb 17, 2017
    Posts:
    10
    Location:
    France
    Thanks for your answer. Finally I let BD and Voodooshield together. BD 2017 has RT protection and seems to be efficient against exploits and malicious web sites. What I dont like in BD 2017 is that when you click on the virus definition update button, it searches for updates for a long time (bug??). This is strange behaviour. With Malwarebytes it's very quick.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.