Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.
Sandboxie - AppGuard - Chrome w/ublock/canvas fingerprint/disable html5 autoplay. Backup AX64.
I figure this is a good thread to dive into wilders after looking for a year or two.
Gateway: PfSense 2.3.2_1, dedicated PfSense Appliance. (Quad Core 1.9Ghz, 4GB Ram, 32GB SSD, Intel NICS) Suricata w/6000 signatures, Adguard Family Safe DNS.
Wireless: Unifi AC-LR Access Points w/AP Controller, VLAN segregated SSIDs, complex SSID names for rainbow table avoidance.
Desktops: Panda Protection Service (Web Filtration, Firewall disabled), Zemana Anti-Logger/Malware, Kerish Doctor.
Browsers: Chromium from Woolyss (No sync • No WebRTC • No Widevine), uBlock Origin and uBlock Extra. (Default+ MVPS+All Tracking and Annoyance Filters)
OS: Hardened, Privacy Tuned Windows 10.
Cloud/Backup: Sync.com zero-knowledge cloud service with extra-encryption level using Fort Encryption.
Thanks guys any suggestions please advice!
Raxco Instant Recovery
VoodooShield Pro (thank you Dan!) - Smart mode
Windows Firewall Control – (Binisoft)
Chromium woolyss portable, with uBlock Origin
TurboSFV / batchs on W. Task Scheduler to test integrity files
portables app. as herdProtectScan , Zemana, ProcessExpl, etc.
Resident – Scheduled – On Demand
Something missing to escort VoodooShield.
ReHIPS? without speaking about isolation system, VS is already doing the job.
CylanceP ? On the last Dan’s video, it is not really convincing.
Semi isolation with MemProtect + pumpernickel ?
If you have suggestions ...
Really do love your set-up, dude. Naught for nothing but mine is similar. Toss out the AppGuard and include the Chrome extensions ADGuard, Browsec, and WebRTC Leak Prevent (oh, sure... SD, SpyShelter FireWall, Avira Free, MBAM premium, Last Pass... yawn). What really intrigues me is that Raxco addition. Gotta say, nice touch! I'm a year or so from upgrading to a terabyte HD and currently banging it out on a Dell W7, nowadays teeny tiny 500G hard drive// 181 GB used space and 232 GB free to pollute as I wish.
Not that you'll cross this post soon or even be inclined to reply at all, dear LonelyWolf... please pray tell if you think that 232 GB free space will be enough playground to rock & roll that Raxco addition. As much as I'm infatuated with Macrium and an external hard drive my other pressing $$ obligations don't cut that mustard now for such pleasantries..
Recap: 181 GB used/ 232 GB wide open. To Raxco or not to... that is the big Q. TY big time.
Possible second setup for 2017
Yesterday I tried to help a friend with a borked up Windows 10 which started into automatic recovery followed by an oflline Windows Defender scan. I could not get it into manual recovery, it kept looping and failing, The brother of that guy had made a recovery CD but that did not work. This evening the brother will take the disk out and put in a simular machine (he runs a PC repair shop) and will scan for malware and promised to mail me when he got the image running again.
Having read the internet stories about automatic repair loops I wonder what has happened with F8? Any info on getting W10 out of automatic repaid loops are welcome. When there is no option within Windows to control this anymore, I will fall back to may latest Windows 7 images tomorrow afternoon.
I'm using Spyware Shelter Firewall, Zemana Antimalware Premium and daily incremental images with IFW. That's it.
Gateway: PfSense 2.3.2_2, dedicated PfSense Appliance. (Quad Core 1.9Ghz, 4GB Ram, 32GB SSD, Intel NICS) Suricata w/6000 signatures, Adguard DNS.
Wireless: Unifi AC-LR Access Points w/AP Controller (on local server), VLAN segregated SSIDs, complex SSID names for rainbow table avoidance.
Desktops: Kaspersky Internet Security 2017 (Turned OFF/Removed: Mail/Spam, HTTPS scanning, Anti-Banner, URL Rating, Safe Browser, Private Browsing, VPN.)
Zemana Anti-Logger/Malware, Kerish Doctor, CCleaner Cloud(paid).
Browsers: Chromium from Woolyss (No sync • No WebRTC • No Widevine), uBlock Origin and uBlock Extra. (Default - removed Peter Lowe, +All Tracking and Malvertising filters)
VPN: AirVPN available one each system not for privacy if necessary.
OS: Hardened, Privacy Tuned Windows 10.
Cloud/Backup: Sync.com zero-knowledge cloud service with extra-encryption level using Fort Encryption. Added local 12TB NAS with continuous encrypted backups of local machines.
Coming soon: Adding FingBox or Domotoz to the network for SIEM functionality for internet security.
Old new setup for 2017 returned to Windows 7 Ultimate because I like F8 to much
1. WFW set two-way with all riskware (remote, shared, legacy, gadgets) disabled
2. Deny execute in all user folders with ACL (except Temp) and SRP (except Admin)
3. White-list execution with Avast (aggressive) and UAC (block unsigned elevation)
4. AppCheck anti-ransomware free, backup up by regular NAS and off line USB-disk
5. Sandbox Chromium and Firefox in MemProtect cage using protected processes
Should be plenty of free space, I have a bit less than you with absolutely no issues. I would suggest giving the free trial a spin to see if it suits you.
You can get F8 back in Windows 8/10 if you're prepared to do a little bcdeditting...
My boring setup, VooDoo Shield and EAM. In my opinion this combo is 99.99% effective. Should I add Appguard to cover the other 0.001 %?
I already returned to my old Windows 7 image and updated it. Keeping Windows 7 for a while to let all updates trickle through.
I have applied this on my Asus Trasnformer with windows 8.1. Thanks for posting.
No problem. Glad it helped.
With Appguard, you will add pain for this 0.001% imo.
Ichito do You have Look'n stop premium ? how it looks to Private Firevall ?
Yes ... it's paid version 2.07. I think LNS is more focused on pakets / port filtering but of course it's able to create process rule Including ability to launching other process facing internet. It does not includes HIPS / BB module, although it can control checksum of processes and DLL's. PFW in my opinion is more focused on detection / rules of processes and it has nice HIPS / BB module - it's rebuilt Dynamic Security Agent.
BTW...LnS and GSW have been removed...currently there are only DSA and NVT ERP only
now i loking for something very light to Win7 sp1 64 bit. Now I have installed only VoodooShield premium.
I am running Windows Defender (up-to-date), Malwarebytes 3.05.1299, and VoodooShield 3.50 (all active scanning)
HitmanPro 3.7.15, Emsisoft Emergency Kit and Microsoft Malicious Software Removal Tool (each scheduled/on demand scanning)
Is this sufficient, or overkill? Or is there a better alternative all-in-one?
Comes down to preference, but I don't think you'd need MB if you're actively scanning with the on-demand software. Similarly, I'm using WD, VS and HMPA.
Hi, this is my Windows config:
Windows 10 64 bit
Real-time Malware Protection:
Emsisoft IS, Malwarebytes 3.0, VoodooShield, AppCheck, Shadow Defender, Sandboxie
herdProtect, Zemana antimalware premium
System Image Backup Software:
True Image 2017
Emsisoft Internet Security
My security set/up 2017...Strong and effective.
Thanks for the reply but I was just being a goof, I do have a license for AG but really don't think I need it.
I don't think its overkill, a solid setup , anti-virus, anti-malware and VS. Have all your bases covered.
Separate names with a comma.