What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    530
    Location:
    Croatia
    That DEP options (in Exploit settings) is the same like the one on Performance Options (picture is from Win 7)?
    Should both options be turned ON or only one is OK?

    Clipboard01.jpg

    And one more question (sorry for Offtopic), this Folder Access can now replace Secure Folders for protecting files and documents?
     
  2. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,060
    Location:
    South Texas, USA
    Yes option for "all programs" is correct. And as far as "Secure Folders vs Controlled Folder Access", I am not sure because Windows only monitors modification not deny access to the folder completely.
     
  3. illumination

    illumination Guest

    Windows 10 Pro 64 bit "1709"
    -Default Windows Security "Protected folders enabled and set, some Defender tweaks via gpedit"
    -Appguard 5.2.9.1 "hardened policies"
    -Edge with Ublock "custom filters"
     
  4. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,060
    Location:
    South Texas, USA
    What did you enable exactly in gpedit if you don't mind me asking?
     
  5. illumination

    illumination Guest

    Thank you for the inquiry, although at this time I am reluctant to disclose my exact settings. I view computer security much like home security, disclosing detailed settings openly on the internet is about the same as disclosing what hardware and where it is all mounted in your home to your neighborhood. I hope this comes with understanding.
     
  6. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    524
    Location:
    USA
    If you are using Defender and Edge you are not protected. I hope you understand that.
     
  7. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    4,841
    Location:
    Among the gum trees
    That's what Smart Screen is for, isn't it?
     
  8. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,060
    Location:
    South Texas, USA
  9. assersegsten

    assersegsten Registered Member

    Joined:
    Sep 13, 2016
    Posts:
    44
    Location:
    denmark
    Hello, my security setup goes like this: Bitdefender Total Security 2018+Zemana Anti-Malware(paid)+Voodoo-Shield Pro+HitmanPro+HitmanPro Alert.:)
     
  10. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    422
    Location:
    Italy
    Could you please explain why? Especially since FCU brought this feature to WD?
    https://docs.microsoft.com/en-us/wi.../policy-csp-defender#defender-cloudblocklevel
     
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,520
    Location:
    Slovenia
    Windows 7 x64 (Standard User Account, UAC on max, Windows FW outbound also)

    Emsisoft Anti-Malaware

    Sandboxie for Chrome (uBlock Origin and uBlock Origin Extra)

    Macrium Reflect (grandfather - father - son backup scheme)
     
  12. illumination

    illumination Guest

    I have more concern of Microsoft/3rd party bugs/incompatibilities then i do of a malware infection. No solution will ever be 100% unless of course you count shutting the machine down and disconnecting the internet. With experience, you learn to back everything up externally, leaving nothing personal on the system, accessing it via the external device when needed, to also keep only the applications you truly need, thus reducing the attack surface as a whole. Keeping a formatted flashdrive with the current OS on hand, not only in case of a needed wipe/format, but occasional repair, and not to disclose any more personal information on the web then necessary, as we can not control what happens once we trust a 3rd party source with that information hoping they have at the very least, standard security measures applied on their end.

    There is no need for paranoia in a home/consumer setting, as they are not targeted as businesses/corporations are. A little common sense and good back up plans will carry you quite far.

    Something to ponder..
    I have at one time or another, run every security configuration you can think of, including just windows defaults "before the latest build releases", one thing all of these have in common... Not one single infection.
     
  13. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,060
    Location:
    South Texas, USA
    Oct. 27, 2017 - Updated, Added, Removed

    Network
    • Two Netgear Nighthawk AC1900 (R7000) Routers (Kong's DD-WRT)
    • Four Netgear PowerLine AV 500 Adapters
    • Wired Cat5e Connection between both Routers
    • WPA2-PSK AES Encryption
    • SPI & NAT Firewalls - Enabled
    • DNSCrypt - Adguard DNS 1
    • OpenDNS Configuration
    Computers
    • DESKTOP (Custom Built) - Windows 10 Pro x64 Ver. 1709 Built 16299.19
    • TABLET (Surface Pro 4) - Windows 10 Pro x64 Ver. 1709 Built 16299.19
    Built-In Security
    • USER ACCOUNT CONTROL: HIGHEST SETTING
    • WINDOWS SMART SCREEN: ENABLED - SET TO BLOCK
    • WINDOWS DEFENDER: ENABLED - GPEDIT CUSTOM SETTINGS
    • EXPLOIT PROTECTION: ENABLED - IMPORTED EMET XML
    • FOLDER PROTECTION: ENABLED - ADDITIONAL FOLDERS ADDED
    • WINDOWS FIREWALL: ENABLED
    Resident
    • Windows Firewall Control 5.0.0.2 - Medium Filtering Enabled (Paid)
    • Sandboxie 5.21.7 Beta Release Candidate (Paid) - Container Folder on RAMDisk
    • Adguard Premium 6.2.433.2167 Beta (Paid)
    • KeyScrambler 3.11.0.3
    • Simple DnsCrypt 0.4.2 (Holland & Denmark) - Enabled
    On-Demand
    • PIA VPN Client v74 - VPN Enabled (Paid)
    • PeerBlock 1.2 (P2P Blocking List)
    • Emsisoft Emergency Kit 2017.8.0.7904 - Weekly Manual Scans
    • Macrium Reflect Home Edition 7.1.2646* (Paid)
    • VMWare Workstation 14.0.0-6661328** (Paid)
    Browsers, Immunization, Tweaks
    • Windows 10 Hardening Tips from http://hardenwindows10forsecurity.com/
    • Windows and User Temp Folders set to RAMDisk - Cleared on Reboot
    • Documents on External Drives - BitLocker Enabled
    • Chrome 61.0.3163.100 x64 (HTTPS-Everywhere, Lastpass Premium) - Chrome Profile Folder on RAMDisk and Sandboxed
    • Microsoft Edge and Internet Explorer (LastPass Premium) - Internet Explorer Forced to run Sandboxed
    • Homepage and Search Providers set to Startpage (IE & Edge)
    • CCleaner Professional Edition 5.36.6278 + CCEnhancer (Paid) - Automatic Cleaning Enabled
    • Spyware Blaster 5.5 (All Protection Enabled + Customblocking.txt)
    *Macrium Reflect Home Edition installed in Desktop & Tablet - Backup Template: Incremental Forever
    **VMware Workstation only installed on Desktop
     
  14. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    525
    Location:
    Canada
    W10
    Defender with Controlled Folders and Exploit Protection
    MB3 ( paid)
    Ublock Origin

    Simple, no hassle's and no popups. Figured I don't need industrial strength protection at the expense of usability. No worried about ransonware, have 3 or 4 backups of everything anyways, Will see how it goes.
     
  15. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    414
    Nothing much has changed here. Bitdefender Total Security 2018, uBlock Origin; second-opinion scanners: HtiManPro, adwCleaner, VTUploaer; Backup: Iperius. That's all, I guess.
     
  16. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    865
    Location:
    Italy
    W.10 Home 1709 (PC my Daughter)
    S.U.A.
    UAC Max
    Windows Smart Screen
    Google DNS
    Windows Firewall
    I.E.11 Off - WMP Off - Disable Flash in Edge
    Validate Admin Code Signatures set to 1
    Additional LSA Protection.
    Windows Defender Security Center - ON

    • Attack Surface Reduction - Block execution of (potentially) obfuscated scripts - Impede JavaScript and VBScript to launch executables.
    • Network protection.
    • Controlled Folder Access.
    • Exploit protection.
    Chrome x64 - https://peter.sh/experiments/chromium-command-line-switches/
    • --disable-webgl --no-referrers
    Chrome://Flags
    • Extension Content Verification - Enforce Strict
    • Enable AppContainer Lockdown - Enabled
    U.B.O. + NoCoin Filter List
    ScriptSafe
    HTTPS Everywhere
    Click & Clean

    Exploit Protection -
    http://sendvid.com/gcftah7j
     
    Last edited: Oct 29, 2017
  17. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    865
    Location:
    Italy
    Windows XP Home (My PC)
    Windows Firewall
    Trick POSReady 2009
    Ps Exec
    Black Viper's List
    Google DNS
    No NET Installed
    No Java
    No Flash I.E.8
    MBAE Premium (ver 24) + Rule HOSTS file - 127.0.0.1 data-cdn.mbamupdates.com

    Firefox ESR

    • Custom Setting About:Config
    • Primetime Content Decryption Module Plugin - Enable MP4 ( H 264 + AAC) HTML5 Video Support
    U.B.O + NoCoin filter List
    Noscript
    Canvas Blocker
    No Resource URI Leak
     
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,520
    Location:
    Slovenia
    @Sampei Nihira
    I see that you use POSReady trick on your XP system. Did you get security updates for last two months? I try to update 2 XP installations in VM but can't get them offered. CPU is stuck at 100% with nothing found. Did you encounter similar problem?
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    865
    Location:
    Italy
    A) Disables automatic updates.
    B) Download through the Microsoft Update Catalog the most recent cumulative update I.E.8 and install (KB4040685):

    1.jpg


    C) Enables automatic updates and check new updates.
     
    Last edited: Oct 29, 2017
  20. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,520
    Location:
    Slovenia
    Thank you for your suggestion :thumb: Will try it out.
     
  21. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    930
    I got my updates for October via Wauaclt /detectnow. Never had any problems getting updates with WU.
     
  22. amico81

    amico81 Registered Member

    Joined:
    Oct 18, 2017
    Posts:
    20
    Location:
    Germany
    Windows 10 Pro 64 bit "1709

    - Gdata Antivirus 2018
    - Second Opinion Scanner -> Zemana and Hitmanpro
    - Firefox 56.0.2 with Ublock Origin and Noscript
     
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,520
    Location:
    Slovenia
    @Sampei Nihira
    Your suggestion solved my problem. Thnx again.

    Yes I also never had problems until last two months. Solution posted by Sampei worked perfectly for me.
     
  24. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    865
    Location:
    Italy
  25. illumination

    illumination Guest

    Windows 10 pro 64 bit V1709
    Eset IS 11.0.144.0 "Custom Settings"
    Google Chrome with Ublock Origin & Ip and Domain

    My final set up.
    Removed Appguard as it is not needed with Eset IS.
    After some testing of new features in W10, have decided to come back to my favorite suite, which covers not only the main system but my mobile devices as well.
     
Loading...