Danger ichito's setup for Vista

[ichito]

This is setup on my Vista...sometime I'm using/testing new or old apps (just for fun...sentiment...to remeind something).
----------
edit:
This setup is not for every/average users.

 

[509322]

Very, very bad realtime protection.

He is the real-time protection. SpyShelter set to "Ask User."

 

[harlan4096]

@ichito: please consider to update Your system, at least to Windows 7: https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet

Also enable UAC, and set to auto the OS updates, although I guess Vista is not getting any updates from Microsoft any more...

Thanks for sharing

 

[Danielx64]

Not sure if Vista even has this feature, you may want to turn on OS File Reputation. Also I see that you are running Enterprise, is this your machine or not?

 

[harlan4096]

I think OS File Reputation is available since W8...

 

[Sunshine-boy]

He is the real-time protection

lockdown its a good real-time protection for Hackers:devil:like yourself XD but not for ppl like me because I cant save my machine without a Sig, Cloud or other detection methods like a BB:notworthy:

 

[ichito]

@askalan
@Sunshine-boy
Maybe more comment about what wrong is in my real-time non-signatures protection? Do you realy think that cloud, signatures "or other detection methods" (which?) are obligatory to be protected? And the best..."protection for hackers?"...show me how/when...

@harlan4096
Thanks for your advice but at this time I don't think about upgrade...Vista is enough for my needs and even more I'll go back to use XP on old laptop of my wife (she got new with W8.1) so I can use again my liked apps like SSM or Filseclab FW I know Vista is already abandoned but from time to time I'm checking it to find updates for MS applications.

@Lockdown
Just thanks

 

[Windows_Security]

@ichito

First good to see you here also Second I see you use Keriver and Shadow Defender together. Do you have seperate data partition? If so would be interesting to know what is protected / virtualised by shadow defender and what is backed-up / recovered by Keriver.

Thx

 

[Sunshine-boy]

Maybe more comment about what wrong is in my real-time non-signatures protection

Just think there is a malware that can bypass Spyshelter but already detected by YOUR AV (sig)?

 

[Daljeet]

Thanks for your advice but at this time I don't think about upgrade.

@harlan4096 advice you upgrade to Windows 7 because Microsoft end his support for vista
For security, you should have updated OS

Update
I suggest you Kaspersky or Emsisoft as a real time protection.
Add zemana antimalware

 

[ichito]

Hi @WS
and vice versa
Yes...I have my data on non-system disk so in SM both disks are vitualised except "download" folder (the same for Firefox, SlimJet...as the "backup" browser...and IE that is not in use). This folder is on "list of restricted folders" in SS and is also added to the localisation with write access so I think is actually enough. I didn't excluded Keiver's snapshots folder because files inside are to big to be touched by ransomware or something. K1-C backups only system disk but as wrote earlier it stores his data on second disk on which are placed also files of recovery console.

@Sunshine-boy
I know that SS isn't perfect but do you know such app that offers 100% of protection? Second thing...is not only the one security app on my system.
-----------
edit:
Some clarification...Keriver's backup folder hasn't special protection both in SD and SS. I think there is no malware that could touch file in weight ca 4 GB

 

[karthic1998]

Can you use the zemna anti malware

 

[Andy Ful]

I think that @ichito knows all vulnerabilities of such setup. He is an experienced user, so he can infect himself only when he wants to. Many Firefox vulnerabilities and keyloggers are covered by SpyShelter. Shadow Defender covers other vulnerabilities and most kernel-exploits.
Personally, I would also block Windows Script Host (there is probably no PowerShell on Vista) and use something like Adguard DNS or ublock Firefox addon for blocking phishing websites and malware in advertisements.
@ichito, I am curious how did you set 'Protected Files' and 'Restricted Applications' modules?

 

[Deleted member 178]

I smiled when i saw Ichito's setup posted and its tag, i knew he will got it even before reading it.

People knowing @ichito knows he is not a classic user and has quite some experience, SS +SD is almost bulletproof.

Obviously his tag won't be changed because MT has rules about the config's tag attribution, especially to discourage beginners to blindly copy experienced users setup that would make them unsecure.

 

[TairikuOkami]

Obviously his tag won't be changed because MT has rules about the config's tag attribution, especially to discourage beginners to blindly copy experienced users setup that would make them unsecure.

People still could partially copy "Pro Config" of users, who use no realtime AV, no file reputation, etc, since even the name suggest, that it is "better".

 

[Daljeet]

People knowing @ichito knows he is not a classic user and has quite some experience, SS +SD is almost bulletproof.

People still could partially copy "Pro Config" of users, who use no realtime AV, no file reputation, etc, since even the name suggest, that it is "better".

I want to know the recipe of bulletproof config.
Without real-time protection how pro user stays protected.

 

[Deleted member 178]

I want to know the recipe of bulletproof config.
Without real-time protection how pro user stays protected.

Replace the AV by any HIPS, anti-exe or SRP; in addition, use a sandbox or virtualization software but most of all, be experienced and comfortable with most of the windows processes.

 

[Exterminator]

Personally I would update my OS

I smiled when i saw Ichito's setup posted and its tag, i knew he will got it even before reading it.

People knowing @ichito knows he is not a classic user and has quite some experience, SS +SD is almost bulletproof.

Obviously his tag won't be changed because MT has rules about the config's tag attribution, especially to discourage beginners to blindly copy experienced users setup that would make them unsecure.

Experienced users should make that know in their config and discourage the novice from blindly following their configurations.
Thanks for sharing your config

 

[Deleted member 178]

People still could partially copy "Pro Config" of users, who use no realtime AV, no file reputation, etc, since even the name suggest, that it is "better".

They can, but disabling UAC and Smartscreen isn't a good example of best practice and safe habit.
Of course, people are responsible for their choice and are free to make them; but i made those rules because MT can't be taken responsible to give a "secure" tag to a special config, then a beginner copy it (without even understanding it) and smash his system or get infected.

 

[Daljeet]

@Umbra Is this config used by company's like Emsisoft or they create their special one.
I just want to know how industry uses protection suites nothing else.