DacoZ's Security Configuration

[DaCoZ]

Tips:

- Tor Browser with HTTPS Everywhere / NoScript enable
OR
- Firefox with Kaspersky Protection / private browsing

- MBAM Premium (real time protection and all detection options ON)
- MBAE Premium ON
- I use Shadow Defender each time I want to test softwares / malwares / open a file join by mail, etc...
=> I Cancel modifications after tests.
Or
=> I scan with MBAM Premium / Zemana Anti'Malware, before validate any change
=> Rogue Killer scan atl east one time by month

 

[_CyberGhosT_]

Which 3rd party Firewall are you using my friend, the Kaspersky firewall or another 3rd party ?
Just seeking clarification is all.
Nice config, all I would add to that is an Anti exploit, seeing that you run MBAM, adding MBAE would be a good idea. JMHO
PeAcE

In French (courtesy of Google)
Quelle 3ème partie du pare-feu utilisez-vous mon ami, le pare-feu de Kaspersky ou d'une autre 3ème partie ?
Juste demander des éclaircissements est tout.
Belle config , tout ce que je voudrais ajouter à cela est un Anti exploit, voyant que vous exécutez MBAM , ajoutant Mbae serait une bonne idée . JMHO
Paix

 

[DaCoZ]

I'am using the Firewall From Kaspersky Total Security (

and then I turned ON: file anti-virus, application control, Network attack blocker, IM antivirus, Mail anti-virus, Webcam acces control, private browsing, web anti-virus, system watcher, system changes control, anti spam, anti banner, safe money ....

it includes tools : privacy protection, trusted application mode, cloud protection activated, on-screen keyboard, rescue disk, unused data cleaner, Microsoft windows troubleshooting, vulnerability scan....
)

I'am using MBAE Premium too, I've forgotten to mention it, added after

PS :
Your french is good

 

[DJ Panda]

Add Malwarebytes Anti-Exploit Free for added protection and use Zemana Anti-Malware as another on demand scanner.

 

[DaCoZ]

Add Malwarebytes Anti-Exploit Free for added protection and use Zemana Anti-Malware as another on demand scanner.

- I've got MBAE Premium, I edited my first post.
- i'm trying to decide between Zemana anti-malware and Emisoft Anti-malware. I tried them this week : ZAM run very well on my pc, but with EAM, a lot of errors occur with too many exe files at runtime (Firefox, IE11, notepad++, Netbeans, and a lot of more exe)

Which 3rd party Firewall are you using my friend, the Kaspersky firewall or another 3rd party ?
Just seeking clarification is all.
Nice config, all I would add to that is an Anti exploit, seeing that you run MBAM, adding MBAE would be a good idea. JMHO
PeAcE

In French (courtesy of Google)
Quelle 3ème partie du pare-feu utilisez-vous mon ami, le pare-feu de Kaspersky ou d'une autre 3ème partie ?
Juste demander des éclaircissements est tout.
Belle config , tout ce que je voudrais ajouter à cela est un Anti exploit, voyant que vous exécutez MBAM , ajoutant Mbae serait une bonne idée . JMHO
Paix

I answered you just after your post, but my long answer is awaiting moderator approval, and seems to be invisible at the moment.
To summarize, I've got Kaspersky firewall, and I've edited my first post because I've got MBAE Premium and forgotten to mention it

Note : Your french is good

 

[Exterminator]

Looks good! Thanks for sharing your config

 

[Ink]

Kaspersky includes Automatic Exploit Protection (AEP).

 

[Noxx]

DaCoZ, just get Emsisoft Emergency Kit and Zemana AntiMalware portables. They don't slow your PC down (hence on-demand). I have nothing to add really. Thanks for sharing your config.

 

[Alkajak]

Have you thought about adding uBlock Origin as a Firefox add-on? It is compatible with Kaspersky Anti-Banner and may give you improved adblocking.

 

[DaCoZ]

Kaspersky includes Automatic Exploit Protection (AEP).

Kaspersky Total Security is also very good against malwares, but less safe than severals tools I tested.

Last exemple :
Thuesday 28 : I tested a new js downloader (received by e-mail with the js in a zip file) and I downloaded the ransomware locky link to the js file, after analysing it.
=> Kapersky Total Security failed to detect the two files (it detected them wednesday 29 - quick, but to late, if I was not aware of security).
=> MBAM Premium & Emisoft Antimalware have detected the ransomware at runtime (blocked it), and MBAM Premium, EAM, and ZAM have detected the js and exe on scan.

 

[DaCoZ]

Have you thought about adding uBlock Origin as a Firefox add-on? It is compatible with Kaspersky Anti-Banner and may give you improved adblocking.

I will test it (As a replacement of Ghostery).

DaCoZ, just get Emsisoft Emergency Kit and Zemana AntiMalware portables. They don't slow your PC down (hence on-demand). I have nothing to add really. Thanks for sharing your config.

My pc wasn't infected for severals years (at least 3 years) with the config I use, the care I take from malicious mails, website (I often use Tor Browser) and the virtualisation (by Try&Decid) when I surf or do things that could infect my pc . I also make backups (clone system and datas), regulary, with Acronis True Image on a external HDD, connected to my PC only for the bakcup (10 min max to restore my system).

(My hardware isn't slow as I use 2 PCI-Express SDD (one for the system, the other for games) and a 6 cores (each with hyperthreading => 12 logicals cores).

But your suggestion is interesting, for friends and familly, that often have problems
I will try on their pcs.

 

[Deleted member 178]

Advice: never test malware on your host machine but rather on a Virtual Machine.

 

[Duotone]

Nothing more

Advice: never test malware on your host machine but rather on a Virtual Machine.

Take "heed" on Umbra's advice, it's not really practical doing test on your host PC.
Try adding this:

• Sandboxie
• Zemana Anti-Malware
• AppGuard

 

[_CyberGhosT_]

Umbra won't steer you wrong, and he is passionate about security and very knowledgeable, I trust him impeccably.
PeAcE

 

[Ink]

Kaspersky Total Security is also very good against malwares, but less safe than severals tools I tested.

Last exemple :
Thuesday 28 : I tested a new js downloader (received by e-mail with the js in a zip file) and I downloaded the ransomware locky link to the js file, after analysing it.
=> Kapersky Total Security failed to detect the two files (it detected them wednesday 29 - quick, but to late, if I was not aware of security).
=> MBAM Premium & Emisoft Antimalware have detected the ransomware at runtime (blocked it), and MBAM Premium, EAM, and ZAM have detected the js and exe on scan.

Was it an exploit, did MBAE (Anti-Exploit) block it?

 

[DaCoZ]

Was it an exploit, did MBAE (Anti-Exploit) block it?

No,I was only speaking about malware detection skill (not anti-exploit) of Kapersky Total Security. It was an obfuscated Javascript .js file.
- I saw the url of the file it would have downloaded in the .js file, then I downloaded the exe file (after activated my Try&Decide tool),
- I ran the exe and wait the result => Ransomware locky.
- I have tested severals tools, only MBAM Premium and Emisoft Anti-malwares blocked it at runtime, Zemana anti-malware detected them on scan. After that, I tested with only Kaspersky => it didn't detect the two files, only one day later.
I Then tested without protection sowftware (only Try&Decide) and I saw the result and encrypted files : it was a new ransomware locky.

 

[DaCoZ]

Advice: never test malware on your host machine but rather on a Virtual Machine.

Nothing more

Take "heed" on Umbra's advice, it's not really practical doing test on your host PC.
Try adding this:

• Sandboxie
• Zemana Anti-Malware
• AppGuard

Try&Decide isn't secure, to test malwares !?
After testing the ransomware locky (file encrypted, text asking for the ransom), I used the option on Try&Decide to cancel all changes, and all have been restored as before testing.

From Acronis:
"When you turn Try&Decide on, your computer is in the Try mode. After that you can perform any potentially dangerous operations without worrying that you might damage your operating system, programs or data. When you turn Try&Decide off, you decide if you want to apply the changes to your computer or you want to discard them.
When Try&Decide can help
We recommend that you turn Try&Decide on before you try to:
Change any system settings, when you are not sure how these changes may affect your computer.
- Install system updates, drivers, etc.
- Install unfamiliar applications.
- Open mail attachments from unknown senders.
- Visit websites that might contain potentially troublesome content"

​

I thought it was a good secure Tool to test malwares and to see if my protection software detect them (real time / scan).
Severals years without get infected, with Kaspersky Total Security (Pure, before), MBAM Premium, MBAE Premium, Rogue Killer, Try&Decide.

​

 

[Ink]

No,I was only speaking about malware detection skill (not anti-exploit) of Kapersky Total Security. It was an obfuscated Javascript .js file.

See my original post, you went of to talk about Malware Detection, not I.

Do you use AEP in Kaspersky, or only Anti-Exploit by Malwarebytes?

 

[DaCoZ]

I use AEP in Kaspersky and Anti-Exploit by Malwarebytes.
Do you think It could make a conflict, or only use one would be better ?

 

[_CyberGhosT_]

No it will not make a conflict.