What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Lucius

    Lucius Registered Member

    Joined:
    Dec 9, 2010
    Posts:
    77
    I have not updated my setup here for a while sooo...

    PureVPN (I wouldn't go online without it, love this guy :).. Best VPN service for me.. Tested so many of these services before..)
    AdGuard (5.10 RC)
    Sticky Password Manager
    KIS 2015 MR1 (latest beta)

    Runs great and light and everything. :ouch:

    + Macrium Reflect (Weekly images)

    Windows 8.1 PRO x64 with latest updates
     
  2. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Haha yes, some people are still using Windows you see :D
     
  3. Charyb

    Charyb Registered Member

    Joined:
    Jan 16, 2013
    Posts:
    679
    Emsisoft Anti-Malware 9
    Windows Firewall Control 4
    EMET 5

    images, syncs, and other back-ups
     
  4. Paul R

    Paul R Registered Member

    Joined:
    Aug 5, 2014
    Posts:
    59
    Location:
    Bury, Lancashire
    MBAM v2
    EMET v5
    Kaspersky Internet Security 2014
    NProtect MBR Guard
    Sandboxie
    WinPatrol
    Zemana Anti Logger
    Secunia (keep programs updated)
    Exe Radar Pro
    Macrium (image backups)
     
  5. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    574
    Location:
    The Outer Limits
    I`d miss all those wonderful security apps and discussions here and elsewhere regarding security for Windows.

    Security wise, Linux would be the better choice but less fun.

    Regards Eck:)
     
  6. Although Panda, Avira, Qiho360 (and even Fortinet) Free do better in test, I opted for Avast. Avast is one of the few AV's which can be tweaked by power users, in my case for maximum performance and security.

    My user folders are protected by SRP (block execution) with a right "run as admin" option to install. Avast on-execution protection is applied only in user folders. So with the agressive hardened mode with reputation check, this provides me with a cloud based white list of AVAST.

    The UAC protected folders have an Avast "write" executable (soft) check only. The hard check is UAC not allowing to elevate (touch admin space) when an executable is unsigned.

    Balancing the AV settings with my other security measures, clearly has a performance advantage. Changing from blacklist (Avria, Panda) to Avast's whitelist should be saver and feels faster on cold (first) launch of an application.

    C:\Program Files\Google\Chrome\Application\chrome.exe - 6 executions to Blank New Tab with Panda (also monitoring Chrome)
    1.8656
    0.6078
    0.7254
    0.5704
    0.5363
    0.6906

    C:\Program Files\Google\Chrome\Application\chrome.exe - 6 executions to Blank New Tab with Avast tweaked settings
    1.2670
    0.5578
    0.7024
    0.5372
    0.5542
    0.6444
     
    Last edited by a moderator: Aug 17, 2014
  7. guest

    guest Guest

    Speaking of SRP, I just finally deleted my SRP rules. I'm done with this weak insect. Also, I temporarily switched back to my ISP's DNS. It isn't as slow as I expected, and now it raises a question of the point of using an alternative DNS. I dunno, maybe I'll be back to OpenDNS, maybe not. Waiting for rational calculations. :cool:
     
  8. IN XP days the lowest Integrity Level was medium. Since SRP operates at medium level, it could be misused by medium level processes (although I know of no exploits in the wild using a side by side intrusion to escape LUA permissions). Since Vista we have low and untrusted level sandboxes, making SRP less vulnarable to attacks.

    Please tell me why you value it as a weak insect? Is it because Applocker is stronger (operating at kernel level)?
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Phishing and other minor prevalent threats aside, what about backups? True enough, I haven't bothered posting about my Linux machines here, but my Windows security is becoming just as stagnant.
     
  10. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Evening! Eset S.S.7 ...AppGuard...Sas Pro 6.0...Homeland Security Mk 17. Sincerely...Securon
     
  11. powerpack

    powerpack Registered Member

    Joined:
    Mar 23, 2010
    Posts:
    42
    Location:
    Now-here or NO-WHERE
    I am not an expert but I am pretty much settled down only with it via Pretty Good Security, once it's configured you are done. I never ever infected and if want to install any legit program right click and 'Run As Admin', all set. That's stronger than just signatures ;)
     
  12. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Homeland?
    ESET is from Slovakia. :)
     
  13. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I agree. IMO SRP is much more effective than AV or other signature based solution. By default whitelisting is more secure (and restrictive) than blacklisting.
     
  14. powerpack

    powerpack Registered Member

    Joined:
    Mar 23, 2010
    Posts:
    42
    Location:
    Now-here or NO-WHERE
    Hello Kees!
    Can you please tell more about it. I mean Avast protection only for user folder and UAC protected folders have Avast Write executable check only.:confused:
     
  15. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    682
    Location:
    Wembley, London
    No need to change software and post every other day here.
    Whole of our household protected by Emsisoft :D
     
    Last edited: Aug 18, 2014
  16. guest

    guest Guest

    Yep. IMO it won't stand a chance for serious usages.

    It's just that I think it's too weak since it just works on user space. There's no kernel level process. IMO AppLocker is a better option when compared to SRP.
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    If application is run in user space (let's say browser) it's still protected by SRP and all SRP rules apply to it, or am I missing something? What would be a benefit of SRP running in kernel level compared to SRP in user space + UAC on max? Would it be able to prevent process execution for processes that are run by some kind of kernel exploit?
     
  18. guest

    guest Guest

    When we are talking about real-life scenarios the difference is somewhat minimal. As for kernel exploits, there's nothing can protect you from those, not even whatever the God you are currently believing in. But with kernel level processes a security software/feature should be stronger and thus, more reliable in above-average intrusions. True, it's still usable, but I'm not a type of man who can be satisfied with just today's conditions. I personally just consider SRP to be "not strong enough for my liking".
     
  19. Well with low rights PDF, Flash and Javascript in browser it will be a lot harder to use rich content/embedded code to exploit SRP.Also the new anti-exploit tools hitting the market (EMET, MBAE, HMPA, etc) make it even harder to create a succesfull an predictable intrusion using side by side infection.

    For most PoC's to pass SRP, SRP was not setup in default deny. Even Applocker allowed vb-scripts to bypass protection (it was by design, microsoft offered an optional patch). Guess everyone has different ideas on the risk which is involved.
     
  20. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Afternoon! Siketa...Correct you are. But I always deal with it's North American Office...based in San Diego Calif...U.S.A. So I've granted Eset... Un-Official Jurisdiction...for Un-Official Inclusion in my Homeland Security Scenario...Lol! Sincerely...Securon
     
    Last edited: Aug 19, 2014
  21. It is in the Antivirus settings when you click on the wheel icon. When you select something in the exclusions screen, it will be deselected (so my Program Files Folders only have a check on W for write enabled, because it is not selected).

    I have WSA with whitelist (allow only seen in the community) on my wife's laptop with UAC/SRP hardening. Did not realize AVAST free offers the same whitelisting approach.
     

    Attached Files:

  22. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Looks like I am going be with Pure for a loooooong time. This is the only Kaspersky product I have ever loved. :)
     
  23. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,254
    Location:
    Texas
    I'm just glad you made an appearance! We were worried! :D
     
  24. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    What's the differences between Pure and KIS?
     
  25. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    284
    Location:
    Philippines
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.