Which anti-malware setup to run?

Discussion in 'other anti-malware software' started by GrammatonCleric, Aug 2, 2013.

Thread Status:
Not open for further replies.
  1. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    I have Windows 8 64bit. I browse many risky sites and download many risky things just for kicks and giggles. I am protected behind Acronis True Image so I do re-image every once in a while (monthly). However, I would like to increase my re-image interval but introducing better protection whilst still maintaining high performance.
    So out of these software tools which one would you add to create a layered defense. Keep in mind that I have Lic for all of them:

    1) Eset 7 Beta (or 6) Just the AV
    2) Outpost Firewall Lifetime
    3) Online Armor Pro 6
    4) Emisisoft Antimalware 8
    5) Bitdefender suite
    6) Kaspersky 2013
    :cool: WSA
    9) Sandboxie 4.04 64bit
    10) EMET 4
    11) AdMuncher
    12) MalwareBytes Pro
    13) HitmanPro
    14) Spycatcher
     
    Last edited by a moderator: Aug 2, 2013
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    Nod32 and Online Armor will be a nice combo or even webroot and online armor
     
  3. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    Sandboxie and Emet should be your first 2 installs. Then I'd install Emsisoft anti malware, and I know this one isn't on the list, but I'd also install comodo firewall and set the behaviour blocker/sandbox to fully virtualized.

    Edit: you'd be much better using a VM.
     
    Last edited: Aug 2, 2013
  4. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    Thanks!
    Yeah not a Comodo fan so most likely won't install them no matter how good they might be.

    I tried VM but I also like to play games on the PC so yeah...herein lies the rub. :) That's why need for barebones metal security.
     
  5. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,913
    If you want to use only those from the list then I would try this:
    3) Online Armor Pro 6 (if by "Kaspersky 2013" you mean only AV without FW)
    6) Kaspersky 2013
    9) Sandboxie 4.04 64bit
    10) EMET 4
     
  6. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    In my opinion you're playing with fire relying mainly on signature based products for the amount on risky activity you do. But Sandbox is a must if you're browsing a lot of dodgy sites.
     
  7. guest

    guest Guest

    I'll suggest something a little different --> harden your OS. Believe it or not it's enough if you just go to those bad websites. That's the lightest setup you can get.

    ADDED: Those risky downloads can be uploaded to VirusTotal as long as it isn't too big.
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    that's exactly what i do and with some registry tweaks you ready to go:thumb: i dont know if i should trust antivirus anymore and i know it helps in a way but just to depend on antivirus/antimalware alone is NOT enough:)
     
  9. CrusherW9

    CrusherW9 Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    516
    Location:
    United States
    My setup(on my gaming PC): Sandboxie Paid, EMET, Applocker. You're on Win8, which unless you have the Enterprise version, you don't have Applocker. But if you have SRP, try that. Otherwise, substitute for EXE Radar Pro. Sandbox your browser and other risky programs and leave the anti-exe to protecting everything else.
     
    Last edited: Aug 2, 2013
  10. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    I can't remember the last time that an antivirus detected anything on my own or my wife's machines. It's been years, in any case. Sandboxie alone (with auto deletion) pretty much takes care of any possible bad guys and Online Armor protects against unwanted outbound transmissions.

    What I do download to my "downloads" folder (which is a "forced folder" protected by Sandboxie) gets scanned before it gets entrusted to the "real" system.

    I agree with jmonge and others that a real-time av is not necessarily required if one takes prudent steps to keep their system safe.
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    trust me and it is my own experience and i am ready to dump all my antiviruses and antimalwares software as they give some headaches and also with proactive protection who needs them :) i am very ready for this move:)
     
  12. Blues7

    Blues7 Registered Member

    Joined:
    May 11, 2009
    Posts:
    858
    Location:
    Blue Ridge Mountains
    I'd probably have kept my av if the latest EAM (and beta) didn't cause issues on my machine...that said, now with just OA, Sandboxie and MBAM Pro running in real-time it feels like a new machine with no hiccups whatsoever.

    Sometimes there is a silver lining after all. (Well, at least maybe. :p )
     
  13. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    since i removed my antivirus/antimalware from my machines they are running faster and more smooth i'll be the judge :)
     
  14. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    1) What are your options and how to's on hardening my OS? I have Secunia CSI doing the patch work, and UAC to MAX and I am not using admin. What else can I do?

    2) Yes that's the reason why I browse those risky sites is to provide cannon fodder to VT and I assume/hope that VT sends those files to the respectable vendors.


    Any tips on what reg tweaks? (not being factitious...just trying to do best practice).


    After reading NoVirusThanks I feel like it duplicates what OA Premium does...what is the difference of that from OA Premium? How is the reasource usage?
     
    Last edited: Aug 2, 2013
  15. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    the 1806 regedit browser tweak trick to blocks files in real time
     
  16. guest

    guest Guest

    It varies on how deep you want to dig your OS. UAC on maximum level is a good start, as well as SUA. If your computer supports group policy editor then you just need to type gpedit.msc on your search and start to harden your OS from there. If not, some GPO tweaks are accessible through registry editor, but I don't have enough experience with that so other members with more knowledge will give you better tips. Also, disabling uneeded services through services.msc will help. You might be interested on Black Viper's tweaks. Do note that disabling some services might make some programs unable to start/work properly. There's also SRP or AppLocker to play with.

    Personally though, I just tweaked my OS a little through GPO and defined some ACL policies on certain folders/partitions only. And enabled DEP on all programs plus disabled some services, notably the ones with relations to remote connection services. And I run as an admin since I do admin tasks almost everyday. :D

    Not really. EXE Radar is a classical whitelist-based anti-executable while OA Premium is a classical HIPS with a personal firewall feature. Although you can configure OA to work as an anti-exe as well, EXE Radar requires less work to configure. About the resource usage, both EXE Radar and OA Premium shouldn't take too much of it. I got some performance slow-downs when I enabled the read-protection on OA's registry shield rules though, so I just left it disabled and focusing on create + modify + delete protection instead. :)
     
    Last edited by a moderator: Aug 3, 2013
  17. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    Resource wise NVT ERP < Online Armour. I found OA to slow down my system from time to time.
     
  18. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I'd say Windows hardening + HIPS but if you're like me that you cant go without an AV then you have lots of options. :D
     
Loading...
Thread Status:
Not open for further replies.