What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,917
    Location:
    Slovenia, EU
    Hehe, it's not one-click-set-it-all for sure. But description is detailed with most things being passive and set only once. All together 30 services are running on my system with almost zero overhead.
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    18,484
    Location:
    The Netherlands
    Well, I'm using a lot less tools to keep the system safe. I have to admit that I almost never scan my system anymore, because it's pointless. Only if I see suspicious process, network, drive and CPU activity I quickly check it out.
     
  3. On our home PC's I run WFW 2-way and disable riskware (legacy, remote, sharing) and services which we don't need (e.g. like telemetry). Router uses Norton DNS service and use 5Ghz network for guest and 2.4Ghz for our own (with NAS and Printer on router's USB-ports and 1GB free cloud for second backup).

    All PC's run SRP basic User and have a deny Execute Access for removable drives through Group Policy or using Simple Software-Restriction Policy and USB DISK Manager. On top of this deny by default I have added a "deny execute file / traverse folder' Access Control List for Everyone on all user folders except User/AppData/Local/Temp.

    With MSI run as Admin registry tweak of Symantec, this allows me to install/update software only with the explicit consent of the Administrator in the Temp folder. To deal with this "intended admin hole" I have enabled Smartscreen white-list (requiring Adminsitrator consent also) and have set UAC to only allow signed software to elevate.
     
    Last edited by a moderator: Nov 3, 2016
  4. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,350
    Location:
    USA
    Do you have a professional background or have you just learned windows by browsing the web?
     
  5. idaho

    idaho Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    32
    Location:
    USA/Europe
    G Data Internet Security 25.3.0.1
    Opera web browser 41.0.2353.46 Built-in ad blocker activated
     
  6. @Overkill

    I worked a as sales at an IT-company where the owner send his sales-force to all 'introduction and beginner courses' of all products and services the company sold. So this makes it easy to search the internet with the right terminology when you need to know something.
     
  7. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    142
    Location:
    Philippines
    SBIE>HMP.A>VoodooShield>AppGuard(Hardened)>TinyWall
    Is it too much?!
     
  8. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,350
    Location:
    USA
    I appreciate your windows knowledge :thumb:
     
  9. idaho

    idaho Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    32
    Location:
    USA/Europe
    Emsisoft Internet Security 12.
     
  10. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,515
    Location:
    .
    It is Wilders after all...:D
     
  11. Windows 10 64bit

    Windows Firewall with Advanced Security
    Windows Defender
    Smartscreen & UAC
    Voodooshield Beta 3.45
    Portable VoodooAi .90
    Vt Uploader
    Portable Process Explorer
    Portable Autoruns
    Portable TCPview

    A beautiful balance of security and usability. Lightning fast and smooth.
     
  12. guest

    guest Guest

    reinstalled Webroot on all my machines since the firewall module is back
     
  13. daario

    daario Registered Member

    Joined:
    Jul 14, 2016
    Posts:
    24
    Location:
    Earth
    @Windows_Security: Would you mind sharing how to do this? ;)
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    18,484
    Location:
    The Netherlands
  15. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,917
    Location:
    Slovenia, EU
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    18,484
    Location:
    The Netherlands
    OK, I see. But to clarify, it monitors even more than Process Explorer, it also displays user and kernel mode hooks, that are used by rootkits. My only problem is that the tool is made in China, but perhaps I'm being overly paranoid.
     
  17. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,322
    Location:
    Canada
    In the past 3 years I've probably tried 25+ different programs to find something I like, keep going back to the same ones, MBAM and EAM. They run perfectly on my computer, no unnecessary pop-ups, no whitelist this blacklist that, no shutting off protection to update or install something. Simple and effective. With them I get an anti-virus, anti-malware, anti-exploit, anti-ransomware and behaviour blocker. Good enough, don't need the multi program nuclear arsenal.

    PS- I am using the MBAM 3 beta.
     
    Last edited: Nov 20, 2016
  18. ReverseGear

    ReverseGear Guest

    Isn't all those a part of EAM itself ?
     
  19. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,322
    Location:
    Canada
    Probably , there may be some overlap in protection, however from what i understand MBAM is supposed to look for a different type of malware than an anti-virus, with 3.0 I'm not sure now though. If its supposed to be an effective 1 program solution for malware than they may have changed this. In any case I'm happy running both for now.
     
    Last edited: Nov 20, 2016
  20. BMW325I

    BMW325I Registered Member

    Joined:
    Sep 17, 2016
    Posts:
    56
    Location:
    Sacramento California
    Windows 10 ANIVERSARY EDITION -64-Bit-
    Avira Free Antivirus 2017
    Zemana Antimalware (On Demand)
    Kaspersky Anti-Ransomware Tool For Buisness
    CCleaner
     
  21. For SRP with Windows Home see LINK1 and for Windows Pro or higher see LINK2 both on other security forum.


    Steps ACL:
    1. Right click folder where you want to add it
    2. Click security tab
    3. Click advanced button
    4. Click Add
    5. Click principal
    6. Type Everyone in text box, choose check names and OK when found (Everyone is in your OS-language, for me in Dutch Everyone = Iedereen)
    7. Click advanced permissions
    8. Choose clear everything button
    9. Select "Execute file / traverse folder" in checkmark box
    10. Change type from allow to deny, accept warning, choose OK (until your back in first screen)
    Warning
    • Don't mess with ACL unless you know how to back them up using special commands: Windows system restore does not set back ACL file/folder permission, because they are handled by NTFS, not the OS!
    • Messing with ACL is the easiest way to brick your system, so don't touch it without image backup/restore options for the drives you are changing file/folder ACL's
     
    Last edited by a moderator: Nov 20, 2016
  22. Windows 10 Pro 32 bits (added MemProtect Free now signed for Windows10AU):
    1. WFW is set 2-way and (remote, shared and legacy applications) riskware is disabled
    2. Smartscreen blocks not whitelisted and UAC blocks elevation of unsigned programs
    3. Deny execute in all user folders with ACL (except Temp) and SRP (except Admin)
    4. Run all vulnarable software in Protected Process container (using MemProtect)
    5. Run all internet facing software in AppContainer sandbox (Integrity Level)

    Updates run elevated and install from Temp folder (so are auto-allowed). With right click 'Run as Admin' (allowed by SRP) I can easily install programs from Temp folder (allowed by ACL). UAC prevents unsigned programs to install/elevate and Smartscreen whitelist should prevent me for shoot in the foot errors.
     
    Last edited by a moderator: Nov 20, 2016
  23. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    5,493
    Location:
    .
    This is such a great feature. But how to mimic Sandboxie's ability to auto-delete all files and undo all changes when closing the app?
     
  24. @Mister X

    When you own a Windows Pro you can force Chrome through Group Policy to delete all caches, temp and history files. When you have enough memory, you could force Chrome AppData and Download to RAMDISK and clear everything at next reboot. But the bottom line is that there is not much to change when being limited to AppContainer rights.
     
  25. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    5,493
    Location:
    .
    Many thanks.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.