- Aug 4, 2016
- 1,465
I think Emsisoft as as their recent blog says (and I happen to agree with them) it does a good job of malware protection without for me needless unwanted frills.
Last edited:
If you could pick only one program for protection.
- Thread starter Digmor Crusher
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Sep 3, 2017
- 825
Symantec, Kaspersky comes the first place
(my choice obviously)
Bitdefender, G Data comes second
(my choice obviously)
Bitdefender, G Data comes second
- May 8, 2017
- 536
The holy McAfee Total Protection XD #joking
- Jan 27, 2018
- 1,410
A lot of your suggestions are sound, but most if not all are not 100% effective, few are. So lets say which programs, that you may or may not use, do you think are the most bullet-proof, in other words which provide the closest to 100% protection?
Thats why I say Appgaurd, configured properly, and Voodoo Shield may be the closest. HM to Comodo with CS settings.
Thats why I say Appgaurd, configured properly, and Voodoo Shield may be the closest. HM to Comodo with CS settings.
- Mar 29, 2018
- 7,613
One would need to include Hard_Configurtor as well in the bullet-proof catedgory. See @askalan tests here in past months.
Hard Configurator - may 2019 report
Hard Configurator report for may 2019 Containment: KVM/QEMU Windows: 10 LTSB VPN: CyberGhost Product: Windows SmartScreen (activated by Hard_Configurator with recommended SRP and restrictions) Office: LibreOffice (standard settings) Disclaimer: Experimental setup for testing effectiveness of...
malwaretips.com
Set-and-forget goodness! Just saying.:notworthy:
- Apr 5, 2014
- 6,008
- Mar 29, 2018
- 7,613
- Apr 5, 2014
- 6,008
Yes you are right, Emmm KIS with TAM EnabledThat's 2 apps.
- Oct 31, 2014
- 1,712
- Apr 19, 2017
- 249
- Oct 25, 2018
- 236
AppGuard, if money is no object. I believe it is the most complete product on the market in terms of reducing attack surface. And when properly configured, I believe it can stand up to just about anything you throw at it. The only vulnerability it has is visiting nephews, which is solved by adding a password.
I like the idea behind VoodooShield, but it will never be the father of AppGuard. VS slows the system down by uploading everything to VT and waiting for a result. If you want to turn that feature off, then you have to pay. It's cheaper than AG, but I know what I'm paying for. And I don't like prompts. If I want to install something, then I can quickly lower the protection level to temporarily allow installs. I would rather have to launch an installer twice because I forgot to allow the first time, than have to go through a flurry of alerts every time.
If money is an object, then Cruel Comodo is my next choice. In time, I hope to know more about H_C. As of right now, I don't know if it has any memory protection or not, and I also don't know if configuration changes require a reboot or not. Until I know that, I know what Cruel Comodo is capable of, and I can turn off all alerts and just toggle Auto-Containment when I need to install something.
I'm okay with a little bit of tinkering from time to time, but in moderation. The older I get, the less entertaining it is to tinker, and I especially don't want to play with productive machines. I like a simple on/off switch to allow software installation (with password protection for community machines), that automatically re-enables protection in 15-20 minutes in case I forget.
I see KIS got a lot of votes. If Kaspersky has a feature that can consistently block 100% of zero-day threats, then I'd like to know more. If not, then never mind. Everybody says "it's enough for anything you're likely to encounter." I don't care how likely I am to encounter a targeted attack. With AI malware in the wild, it is unwise to assume home computers are safe. 10 years ago, Ian "Gizmo" Richards said the name of the game is "don't get infected." An ounce of prevention is worth a pound of cure. I'll take 100% protection over 99%.
I like the idea behind VoodooShield, but it will never be the father of AppGuard. VS slows the system down by uploading everything to VT and waiting for a result. If you want to turn that feature off, then you have to pay. It's cheaper than AG, but I know what I'm paying for. And I don't like prompts. If I want to install something, then I can quickly lower the protection level to temporarily allow installs. I would rather have to launch an installer twice because I forgot to allow the first time, than have to go through a flurry of alerts every time.
If money is an object, then Cruel Comodo is my next choice. In time, I hope to know more about H_C. As of right now, I don't know if it has any memory protection or not, and I also don't know if configuration changes require a reboot or not. Until I know that, I know what Cruel Comodo is capable of, and I can turn off all alerts and just toggle Auto-Containment when I need to install something.
I'm okay with a little bit of tinkering from time to time, but in moderation. The older I get, the less entertaining it is to tinker, and I especially don't want to play with productive machines. I like a simple on/off switch to allow software installation (with password protection for community machines), that automatically re-enables protection in 15-20 minutes in case I forget.
I see KIS got a lot of votes. If Kaspersky has a feature that can consistently block 100% of zero-day threats, then I'd like to know more. If not, then never mind. Everybody says "it's enough for anything you're likely to encounter." I don't care how likely I am to encounter a targeted attack. With AI malware in the wild, it is unwise to assume home computers are safe. 10 years ago, Ian "Gizmo" Richards said the name of the game is "don't get infected." An ounce of prevention is worth a pound of cure. I'll take 100% protection over 99%.
- Mar 16, 2019
- 3,862
Kaspersky with TAM (Trusted Application Mode) enabled blocks everything that is not trusted by Kaspersky so that should cover everything.
- Oct 25, 2018
- 236
Does that include fileless processes, or just self-contained binaries? If it's just anti-exe, that's nothing special.
Webroot. Longtime users of it, think its the best antivirus ever made.
yes, because fileless files are usually executed from a script file (.bat, .ps1, .hta, .js, .vbs,...). Those can be filtered by TAM
anyway, it's better to deny execution of these extensions or script handlers so they can't do any harm to your computer
- Jul 28, 2016
- 950
For me ( for nostalgic reasons ) it would be AVG IS... today it would be and NVT syshardener an comodo firewall with cs settings!
today it would be and NVT syshardener an comodo firewall with cs settings!
- Oct 25, 2018
- 236
Oh, so TAM can block process injection? Any tests?
yes, it can also block process injection
however, TAM only allow verified safe apps to run so malwares have very little chance to bypass Kaspersky's verification. If the malware is not allowed to run in the first place, it can't do anything do your PC
in case an app is allowed to run, we can still set a rule for Kaspersky Application control to stop Process injection for specific apps or a category of app. It's complicated and not recommended for us to mess with unless we have enough knowledge
here is the screenshot shows that kaspersky can be set to block code injection to a process - blue box (screenshot from google)
Kaspersky's application control is HIPS so it can do almost everything to a process (block code injection, for example)
TAM = application control but is set to block by default if something is not verified to be safe
Last edited:
- Sep 3, 2017
- 825
TAM doesn't (directly) block Process injections!
It blocks the associated file (prevent it from running) like HIPS .A Trusted mode!
For some rare reason the file is trusted and has valid signature as per KSN..then TAM is dead!
TAM is not a behavior or reparing module it just a FILE REP module!
Process injections or for instance any sort of infection has nothing to do with TAM
TAM-Whitelisting module as per KSN
Similar threads
