Advice Request If you could pick only one program for protection.

Please provide comments and solutions that are helpful to the author of this topic.

Wraith

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
In today's world, there is no one program that can give you 100% protection. It has to be a layered security approach starting at the basic level. A password protected BIOS and a well-configured router. Next if one is using windows, it should be strengthened to reduce the attack surface and personally I use syshardener to disable scripts since the home users rarely need them. Then comes the automatic updates which should be turned on to ensure that the OS is up to date. Next comes the browser and the AV software and this depends upon the user, the OS and the PC configuration. Generally I use Chrome with BD trafficlight and ublock origin. As for the AV part it depends. On windows 10, an average user will be safe with Hard_Configurator. On PC's with windows 7, I would choose Kaspersky Internet Security with Trusted Application Mode. In my family PC which runs windows 7, I have Comodo Internet Security and AppGuard.
 
  • Like
  • +Reputation
Reactions: KonradPL, Cortex, oldschool and 4 others
L

Local Host

Moonhorse said:
I barely download anything, so smartscreen + virustotal would be minimal

For family members i have installed WD, since automatic scans , no nags, simple enough to use and never major bugs ( built inside)

I rather harden browser ( ublock origin, anti-phishing extensions , add bookmarks ( 2 factors if available )

Since neither me or my family members wont torrent anything, anti-phishing is the only thing im trying to focus on..
Click to expand...
Exceptions are still not working on WD, a bug that has been there ever since Windows 10 was in Insider Preview.

WD will scan every file regardless of exceptions, which adds a huge delay while opening and debugging software.
 
  • Like
Reactions: roger_m, oldschool, bribon77 and 5 others
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Local Host said:
Exceptions are still not working on WD, a bug that has been there ever since Windows 10 was in Insider Preview.

WD will scan every file regardless of exceptions, which adds a huge delay while opening and debugging software.
Click to expand...
It is definitely not suitable for programmers and advanced users who use esoteric software. They seem to aim to protect the average home user and stop there.
 
  • Like
Reactions: Cortex, Nevi, ebocious and 4 others
alakazam

alakazam

Level 9
Verified
Mar 25, 2014
398
ZoneAlarm Extreme Security. It might be buggy, but it has the only anti-ransomware feature that actually works, from what I've seen in test videos. Also, it has a good firewall and the Kaspersky signatures, so it's a pretty solid security suite.
 
  • Like
Reactions: Cortex, Nevi, bribon77 and 2 others
ebocious

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
236
alakazam said:
ZoneAlarm Extreme Security. It might be buggy, but it has the only anti-ransomware feature that actually works, from what I've seen in test videos. Also, it has a good firewall and the Kaspersky signatures, so it's a pretty solid security suite.
Click to expand...
Do we know how ZA's anti-ransomware component stacks up against AppCheck? I understand AppCheck is crude compared to the non-free Ranstop, but still effective in the hands of a more advanced user.
 
  • Like
Reactions: Cortex and Nevi
alakazam

alakazam

Level 9
Verified
Mar 25, 2014
398
ebocious said:
Do we know how ZA's anti-ransomware component stacks up against AppCheck? I understand AppCheck is crude compared to the non-free Ranstop, but still effective in the hands of a more advanced user.
Click to expand...
I've never tried AppCheck, but ZoneAlarm has been tested against several ransomware and recovered the files in almost all the situations. However, it will take a lot of backup space on your C drive because the way it works is: it makes a backup folder of all your documents and images, and it locks up that folder, not allowing anything to modify the files except for the PC admin. In case of a ransomware, it blocks it, and replaces any damaged files from your PC with a copy of the ones from the locked backup folder.

Here is a recent test of ZoneAlarm:



However, the security suite as a whole (ZoneAlarm Extreme security) tends to be pretty buggy. On my PC, it crashed for no reason and it was very difficult to uninstall.

So using ZoneAlarm was a mixed experience for me. It does offer good protection, it has one of the best firewalls in existence, great anti-ransomware and the Kaspersky signatures, but the software needs improving as far as functionality is concerned. My rating would be: 9/10 protection and 3/10 functionality.
 
  • Like
  • +Reputation
Reactions: Cortex, Moonhorse, Nevi and 7 others
ichito

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
542
Wraith said:
In today's world, there is no one program that can give you 100% protection. It has to be a layered security approach starting at the basic level. A password protected BIOS and a well-configured router. Next if one is using windows, it should be strengthened to reduce the attack surface and personally I use syshardener to disable scripts since the home users rarely need them. Then comes the automatic updates which should be turned on to ensure that the OS is up to date. Next comes the browser and the AV software and this depends upon the user, the OS and the PC configuration. Generally I use Chrome with BD trafficlight and ublock origin. As for the AV part it depends. On windows 10, an average user will be safe with Hard_Configurator. On PC's with windows 7, I would choose Kaspersky Internet Security with Trusted Application Mode. In my family PC which runs windows 7, I have Comodo Internet Security and AppGuard.
Click to expand...
- Sorry guys but for me to much speculation and not enough clear/definite answer.
- According to quote above: of course you are right mentioning about multi-layered protection but in my opinion tehre are some apps that can give user...using stronger and advanced configuration...enough good and comfortable protection that is based on restriction and more granular control. They don't touch browser security features (although not necessary in some cases) and don't play with signatures wich are for me always far away from real threats. If one wanted to ask what can be an example of such app?...I can give the answer
malwaretips.com

Advice Request - If you could pick only one program for protection.

Pick one program that you think provides the best protection if it was the only one you could use. For me I think either Appguard or Voodoo Shield would be pretty much bullet proof.
malwaretips.com malwaretips.com
:)
 
  • Like
  • Wow
Reactions: Cortex, Venustus, Nevi and 2 others
ebocious

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
236
alakazam said:
I've never tried AppCheck, but ZoneAlarm has been tested against several ransomware and recovered the files in almost all the situations. However, it will take a lot of backup space on your C drive because the way it works is: it makes a backup folder of all your documents and images, and it locks up that folder, not allowing anything to modify the files except for the PC admin. In case of a ransomware, it blocks it, and replaces any damaged files from your PC with a copy of the ones from the locked backup folder.

Here is a recent test of ZoneAlarm:



However, the security suite as a whole (ZoneAlarm Extreme security) tends to be pretty buggy. On my PC, it crashed for no reason and it was very difficult to uninstall.

So using ZoneAlarm was a mixed experience for me. It does offer good protection, it has one of the best firewalls in existence, great anti-ransomware and the Kaspersky signatures, but the software needs improving as far as functionality is concerned. My rating would be: 9/10 protection and 3/10 functionality.
Click to expand...

Gotcha. Cruelsister tested AppCheck awhile back; and, although it didn't automatically restore files in the event that they were successfully encrypted, they could still be recovered from the AppCheck backup folder, which also has tamper protection as with ZA.

Of course, AppCheck is not a security suite; its one and only function is to protect against ransomware. In Cruelsister's test, one of the ransomware samples included a backdoor Trojan, and AppCheck did nothing about that. Of course, antivirus could help if it successfully identifies the Trojan, or a decent outbound firewall could stop it from phoning home. So I've been using AppCheck as an extra layer of protection on everything, including systems on which I decided to forego default-deny protection either because the user was a download junkie, or because I didn't expect to be in frequent contact with them. This way, if they did call me because of a ransom message on their desktop, I could remote in, scan the system for persistent infections, and restore the original files.

 
Last edited:
  • Like
  • +Reputation
Reactions: Nevi, alakazam, oldschool and 4 others
9

93803123

"Software xyz until the next bypass video or it does something that annoys me to the point where I will dump it, cross the street, sniff & taste the sheet over there, only to go through the same thing and make full-circle to my starting point here."
 
  • HaHa
  • Like
Reactions: roger_m, ebocious, oldschool and 3 others
ebocious

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
236
If money were no object, then I would install AppGuard on every Windows machine, for primary protection against remote exploits and loaded documents. If money is an object, then Cruel Comodo is the runner-up. I understand that some find it ridiculous to waste the invaluable HIPS functionality of Comodo Firewall in favor of Auto-Containment. But this is the best solution for me, as set-and-forget is just my style. With AG or CC, I can disable all alerts, and act like it's the '90s again: a time before I knew about drive-by downloads, portsweeps, etc.

That said, I don't use AG or CC by themselves. If I may quote a previous post of mine, I’m currently playing with two different configurations in Windows, and a lesser one on the Mac:
  • Mac: BlockBlock, RansomWhere, OverSight, ReiKey
  • Windows config 1: Cruel Comodo, AppCheck Free
  • Windows config 2: AppGuard, AppCheck Free
They all have limited accounts, CleanBrowsing DNS, Malwarebytes Browser Guard/Extension, Bitdefender TrafficLight, Web of Trust, and HTTPS Everywhere; along with a few hardening tweaks specific to each OS. I also use VT Uploader, LastPass, and NordVPN on my personal devices.

For download junkies, or people who may not have me on speed dial, I narrow it down to RansomWhere on the Mac or AppCheck Free on Windows; along with CleanBrowsing, the above-mentioned browser extensions, and some kind of antivirus. For high-risk Windows users, I'll complete their apparatus with SecureAPlus.
 
  • Like
Reactions: Nevi, Venustus and oldschool
ebocious

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
236
Sampei Nihira said:
With the highly hardened browser nothing enters.;):)(y)
Click to expand...
In the vast majority of cases, that is true. But it is still possible for a desperate hacker to go portsweeping, and your browser has nothing to do with that.

If any application on your computer listens on the firewall, it is a potential vector. At that point, it's up to your network and/or host security to stop exploits from gaining a foothold, or prevent anything from getting out if they do. Your browser is your frontline defense, but it should not be your only defense.
 
  • Like
Reactions: Prorootect, Venustus, Sampei Nihira and 1 other person

Similar threads

anirbandutta01
    • Like
Serious Discussion Safe mode protection
Replies
11
Views
875
General Security Discussions
Brahman
Brahman
Victor M
    • Like
    • Applause
Serious Discussion Why would a hacker attack you?
Replies
8
Views
756
General Security Discussions
fskhanonline
F
C
    • HaHa
    • Wow
    • Like
Serious Discussion I am a target of persistent hacking, and I am looking for advice on how to overcome this
Replies
35
Views
2,414
General Security Discussions
SpiderWeb
SpiderWeb

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top