Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.
Just curious, why a free AV and a paid adblocker?
One is free and the other one is a lifetime license, Why not?
Which one is more sensible to do?
Stay with SRP which is technically less stronger than AppLocker.
Use AppGuard without knowing its weaknesses and how deep it works.
Keep waiting until someday AppLocker becomes easily available in most Windows OSes.
PC: Sig, + router w/SPI, tons of tweaks/trims
Macbook: Debian, Virtualbox, OpenVPN (PRQ, Mullvad), TOR + Firefox v28 portable - (on DataTraveler 4000 USB stick) *used @ public WiFi spots*
Good Evening! Vipre I.S.2014...AppGuard...WSA Security Plus...Homeland Security MK 11...Sincerely...Securon
Emsisoft Anti-Malware 9
I think you could just use SRP: https://www.wilderssecurity.com/thre...-policies-on-any-windows-edition-free.359155/ <---- easy way to set it. And also might be worth it to add Private Firewall which has behavioural engine, i'm not exactly sure but i think the ''system anomaly detection'' is the behavioural detection part? Soo it is seperate from the main HIPS module? I'm fairly new to Private Firewall but it dosen't offer too many pop-ups even with HIPS at max.
Private Firewall uses about 30mb total ram with 2 running processes.
Waiting for AppLocker, that might be long wait better use something in it's place.
If you have license to applocker, why not? But if you do use it SRP becomes bit redundant, that's just my opinion. Let's wait for the other experts to chime in
As for 1 vs 2 I would choose of course 2. The decision about 3 depends on what security you actually have while "keeping waiting".
Changing it up. Eset Smart Security, Sandboxie and Appguard. FYI Appguard 4.1 beta is the excellent. Highly recommend.
I am using SRP, but I'm just not happy enough with it because I know it's weaker and AppLocker is supposed to replace it. In my ol' (and dead) Win 7 Ultimate netbook I had access to use AppLocker. Now that I'm in Win 8.1 Pro I only have SRP. AppLocker is only available in Win 8/8.1 Enterprise which AFAIK is not available to buy for home use in my country, not to mention the silly requirements to be able to use the Enterprise edition. I initially wanted to wait if Win 9 will have AppLocker available to OS versions other than Enterprise and that bloated Ultimate editions, but I'm getting impatient.
About PFW, I tried it in the past and it worked pretty well, although the usefulness of HIPS in classical flavour on 64-bit systems is arguable. But I have been retired from the CHIPS world and now I prefer a more simplified policy restriction HIPS.
Problem is I do not exactly know how deep AG works. Yes, I've burnt my trial period with it and read some documentations, and I like the concept. I've been keeping my eyes on it for months. Yes, I know it installs custom driver(s), but in 64-bit systems I am not sure if the driver(s) offer much effectiveness (oh hai KPP). Logically speaking though, AG is supposed to be stronger than SRP but weaker than AppLocker. Until Microsoft folks started to be rational and make AppLocker to be easily accessible, either I am stuck with SRP or go with the third-party road.
Anyway, thanks for your replies. I'll wait for more leaks about Win 9 as well as trying to catch up with AG thread.
(oh yeah, GJ tested AG a few while ago IIRC. I'll be reading it again.)
When you use another browser as IE, it is possible to really harden the security zones, which are also used by outlook and windows media player. My IE only works for VPN & Citrix access and I switch it on/off with windows features. For Chrome there are group policy templates available to lock it entirely to your demand.
I think Windows Pro has enough internal OS-features to overcome this user land downside of SRP (e.g. using folder permissions/security to block execution for Everyone in media and mail folders or switching on/of download block through registry file execution, or denying elevation of unsigned executables).
Problem being some of those settings are non-applicable in Windows 8/8.1 and/or non-applicable for my needs. The 1803 and 1806 tricks screwed up the cookies while gave no effect for the downloads blocking, the ACL rules can't be set without errors for AppData folder, I need to elevate unsigned executables, etc. I am planning to just use the home Windows OS editions for future upgrades since I never really use those additional features (really, I'm not using remote desktop connection or WMC), but still hesitating which one is better in the long run when comparing it to AG's licensing model. If Windows 9 Pro (if they made such edition) still had no AppLocker, I'll stop bothering with these advanced OS editions. Basically what keeps me from buying and using Windows editions which have access to GPO is only SRP or AppLocker.
June 26, 2014 - Updated, Added, Removed
Desktop - Windows 8.1 Pro with Media Center x64
Laptop - Windows 8.1 x64
USER ACCOUNT CONTROL: HIGHEST SETTING
EMET 5.0 TECHNICAL PREVIEW: RECOMMENDED SECURITY SETTINGS
WINDOWS SMART SCREEN: ENABLED
WINDOWS DEFENDER: DISABLED
WINDOWS FIREWALL: DISABLED
Three Netgear WNR3500L-100NAS (DD-WRT Firmware)
Four Netgear PowerLine AV 500 Adapters
Wired Cat5e Connection between all 3 Routers
WPA2-PSK AES Encryption
SPI Firewall Enabled
Emsisoft Internet Security 22.214.171.12457 Beta (Paid)
Appguard 126.96.36.199 Beta (Paid) - Locked Down
NVT ERP 188.8.131.52 Build1 v8 Beta (Paid)** - Lockdown Mode Extreme
NVT DRP 1.5 Beta - Monitoring Enabled
Sandboxie 4.13.1 Beta (Paid) - Sandboxie Container Folder on RAMDisk
Adguard 5.10.1086.5545 Beta (Trial)
DNSCrypt 0.0.6 - HTTPS Enabled
Shadow Defender 4.0.519 (Paid)
PeerBlock 1.2 (P2P Blocking List)
Macrium Reflect 5.2 build 6551*
Aomei Backupper Professional Edition 2.0*
VMWare Workstation 10.0.2 build-1744117** (Paid)
Browser, Immunization, Tweaks
Firefox 31.0b4 (Adguard Beta, HTTPS-Everywhere, BetterPrivacy) - Firefox Profile Folder on RAMDisk and Sandboxed
Homepage and Search Provider set to Startpage (Firefox & IE)
Tweaks on How to eradicate Google from Firefox Applied
LastPass 3.1.2 Premium (Firefox & IE)
Spyware Blaster 5.0 (All Protection Enabled + Customblocking.txt)
*Macrium Reflect (Full Backups - Daily)
**VMware Workstation, NVT ERP, and NVT DRP only installed on Desktop
I believe AG is stronger than AL. AFAIK AG has restriction policies and memory protection. AL imposes only restrictions.
Finally upgraded MBAM 1.75 to 184.108.40.2062. So far so good.
Here is my current setup.
Microsoft Windows 8.1. update 1 with all updates installed
Windows Firewall is turned on (inbound protection only)
User Account Control is set to maximum
Software Restriction Policies are set and enabled
ESET Nod32 AV is monitoring my system
OpenDNS is used for DNS resolving
I use Google Chrome with Adblock Plus extension
Emsisoft Emergency Kit
I also use:
Macrium Reflect for daily system image backup
Cobian Backup to backup personal files
Secunia PSI and SUMO to check for software updates
KeePass to store my passwords
CCleaner to clean unneeded files
TrueCrypt to encrypt sensitive information
VirtualBox for testing purposes
Process Explorer as replacement for Task manager
Agree: Home + Apguard is problably cheaper and easier to use as Pro/Ultimate/Business edition. I just happen to have a few development licenses (there is a trick to implement free developers version of sharepoint with Ms Framework development kit + free Yammer, which is cheaper as Sharepoint + Yammer business licenses)
Good Morning! Replaced Avira A/V Suite with Avira A/V Pro...in concert with AppGuard and WSA Security Plus. Sincerely...Securon
Moose’s World Current Set-up that will chance in the
Built-In Security Operating system:Windows 8.1.1 X64 Bits O.S.
User Account Control: Highest Setting
Windows Defender: Disable
Windows Firewall: Enable
On-demand scanner: herdProtection one a week scan
Web Browser(s): Internet Explorer11 and Opera NextBrowser
Extensions/Add-Ons:Adguard Web Filter,Disconnect, History Eraser,IvlogSafe and Zenmate.
Back-up: Windows Back to a External Hard Drive
Process Monitor: Processor Explorer
Update Checker: Patch my PC
Recovery: Hiren Boot CD
Clean up and privacy software: Ccleaner, Privacy Eraser and CyberGhost.
AL is a built-in security mechanism (part of the OS) and has kernel-level process(es). AG is a third-party software and presumably has kernel-level process(es). In terms of effectiveness, technically AL should be stronger than AG, at least for the case of 64-bit systems.
Which is why I said previously that SRP/AL + EMET/DEP all + LUA/UAC max give virtually the same level protection as AG. Only thing that SRP is IMO the weakest so AL should be used instead.
None. Just changed from Ubuntu based distros to Debian. If that counts as a security upgrade.
Running now Linux for almost 10 months. It feels great to roam the net worry free and on a super fast laptop. Of course there are limitations involved with Linux.
Sandboxie and Emsisoft Anti-Malware 9.0.
I removed ESET Nod32 AV as real-time scanner and added ESET Online scanner for on-demand system scan.
I am running appguard and ERP Pro together I excluded both from each other in appguard in the power application in advance settings and include appguard in ERP Pro in safe application
Separate names with a comma.