- Oct 25, 2018
- 236
So, what about NVT ERP? Would there be a reason why people recommend running it alongside AG or OSA?
Last edited:
If you could pick only one program for protection.
- Thread starter Digmor Crusher
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Apr 7, 2016
- 566
- Oct 25, 2018
- 236
Please correct me if I'm wrong, but this discussion suggests that anti-exe does NOT fully protect the memory, like blocking PowerShell may not necessarily stop code injection into chrome.exe, or something like that.
If this is the case, then Kaspersky's TAM module is insufficient. If a browser's existing memory space can be manipulated to add instructions to a running process, then the ability to block PowerShell may not stop keylogging, or something like that. Am I missing something here?
Last edited:
it's probably true but that's extremely rare for home users. Please don't worry about every tiny detail that paranoid users post because it would scare us for the rest of our life
people are safe with a good AV + good browsing habits
I'm telling you, blocking "Unsigned application" option in Hard_configurator or Syshardener/OSA/ by registry can block >90% of malwares without any AV because most malwares are unsigned
security forums usually inject paranoia and scare average users like us. That's what I don't like
it's better to stick to 1 good security solution -> find its weaknesses and patch them as much as you can -> happy life
also remember usability and productivity (for work and entertainment) are the reasons we bought our computers, not to overprotect them
Kaspersky alone + Windows smartscreen (on windows 10 and 8) are sufficient enough, no need to enable TAM
the more you improve your PC security, the less performance and usability your PC is
- Oct 25, 2018
- 236
That's what I was afraid of. I understand this is "rare" for home users, but not impossible. With evolving AI malware in the wild now, what was "rare" yesterday will be ubiquitous tomorrow. That's why I don't want to give users a lasting false sense of security by saying all bases are covered, when they're really not.
People are NOT safe with AV + good browsing habits. I know this from personal experience. I had a fully up-to-date system and up-to-date 3-pronged security suite provided by my ISP in October of 2006. And next thing I knew, SQL Slammer and Stack Bot were all over us. I reimaged my system three times, only to get reinfected again within minutes each time. I stopped it by adding ISS BlackICE. Paranoia is better than overconfidence IMO.
MT doesn't exist to assure people that all you need to do is install AV and don't visit any dodgy websites. If you have any real experience, then you know as well as I that most infections come not from bad websites, but from good websites that were hacked by a third party. So safe browsing habits don't cut it.
Last edited:
again, back to the previous message, if a malware is not allow to run by TAM, they won't do anything to your PC + you also have Windows smartscreen which is also a reputation-based checker for a file. You already have double protection before the file is even able to execute
reputation-based protection is different from traditional AV. If a file is not safe or not used by many people or it doesn't have enough indicators to be classified as safe, they will be blocked until they are classified as safe
if you block Windows script host, powershell, java,... malwares only have 1 or 2 ways to inject into your process which is itself, an exe file
fileless malwares are scripts. If you block script handlers like windows script host and powershell, they can do nothing to your PC
kaspersky also has memory scanner and exploit protection to detect malicious behaviors such as code injection + it has application control/HIP-like module which you can set to prevent code injection for process A or B or all processes if you want to
for example, google chrome, you can restrict chrome.exe using application control -> it can't do what you restrict it to do
you can't cover 100% weaknesses of your PC.
for example, people are worried about exploits (let's assume it's the last thing to worry) => they install HitmanPro.Alert and hope it can prevent all or most exploits besides updating their Windows => they introduce more instability and more annoying bugs
Yandex Browser. Considering, that pretty much the only way I could get infected is via a browser, like 99,99% chance. So I focus my efforts there.
To put it bluntly: Emails are opened in txt, so I could only click on the link. Discord/Steam, again, I could click on the link within the message.
Yep the Yandex browser has a lot of built in protection including Kaspersky which scans for anything downloaded from the web. The UR browser also also scans for malware in web downloads and that appears to also use Kaspersky. A lot of people run with just Windows Defender and literally nothing else for those individuals I would definitely recommend Yandex or UR with VoodooShield Pro
- Aug 4, 2016
- 1,465
IMHO most 'attacks' that computer users suffer are often mostly self inflicted, usually but not exclusively by trying to obtain something for free that should be paid for whether it be music, video or even porn, stupidity plays a part too - Somehow & I'm not sure how but I've gone 25 years plus without any serious infection at large. I'm being slowly drawn to the conclusion some of the reason may be the way I do things?
There is the possibility many things may happen but users can end up with a PC that's difficult to use esp by other family members because of severe locking down - Good multiple backups will protect against most eventualities (though I will never use a IOT fridge lest it be attacked and my beer is warm)
Confession: I do accidentally end up at times on sites with ladiesscantily no clothed, strangely this occurs when other half not in so I am no internet angel, I'm sure few on the forum do this?
There is the possibility many things may happen but users can end up with a PC that's difficult to use esp by other family members because of severe locking down - Good multiple backups will protect against most eventualities (though I will never use a IOT fridge lest it be attacked and my beer is warm)
Confession: I do accidentally end up at times on sites with ladies
- Oct 25, 2018
- 236
Thank you for that information. I'm not as worried about executable malware; that's old tech. Also, I'm less worried about what malware can do to your PC, than about what it can do to your bank account if a keylogger runs within your browser. I was of the understanding that incomplete strings of code could be injected into a running process, hence the term "fileless." To me, a script still has a file extension (e.g. .js, .vbs); therefore, it is still a file.
True, but that's no reason not to try. AppGuard claims to have no breaches in 20 years. In my eyes, the existence of a vulnerability means less if it's already mitigated to the point of being non-viable.
- Aug 4, 2016
- 1,465
- Oct 25, 2018
- 236
Sorry to inform you that you're wrong. Most malware infections come from legitimate websites. Consider this: if you made your money in cybercrime, would it make a lot of sense to you to create a whole new website that nobody knows about, and plant your exploit there? How many computers would you expect to catch that way? You might make better use or your time to find vulnerabilities in established websites that are bringing in traffic. You'll get lots of computers that way.IMHO most 'attacks' that computer users suffer areoftenmostly self inflicted, usually but not exclusively by trying to obtain something for free that should be paid for whether it be music, video or even porn, stupidity plays a part too - Somehow & I'm not sure how but I've gone 25 years plus without any serious infection at large. I'm being slowly drawn to the conclusion some of the reason may be the way I do things?
There is the possibility many things may happen but users can end up with a PC that's difficult to use esp by other family members because of severe locking down - Good multiple backups will protect against most eventualities (though I will never use a IOT fridge lest it be attacked and my beer is warm)
Confession: I do accidentally end up at times on sites with ladiesscantilyno clothed, strangely this occurs when other half not in so I am no internet angel, I'm sure few on the forum do this?
- Oct 25, 2018
- 236
Can you? How do you know? Are you running Zemana, and checking your TCP connections? See previous post. You thought AV + safe browsing was sufficient, and you were mistaken there, too.I can say that too
- Aug 4, 2016
- 1,465
I can't but I'm pretty sure I'm OK - I do have other ways of checking of course, but learned a fair bit since Windows 3 so not my first day, & used I think every AV solution there is, and I do enjoy messing with things, but I still maintain the big thing between your ears is the best protection of all (not your nose)
- Oct 25, 2018
- 236
I get the idea that we have participants who are pretending to have more authority than they truly have, and are undermining the value of MT. If AV + safe browsing is a panacea, then there's no point in having discussions here.
Fact is, my last known infection on my own PC was in October of 2006. I'm not sure what happened, but a family member said there was news of a recent outbreak, that had infected 11 million computers. I had AV+AS+FW that was provided by my ISP, and I was infected three times in one day without even surfing. Mind you, this was Windows XP, but again, I was running a firewall, and I hadn't even opened a browser!
I reimaged my system from an Acronis backup, only to have the AV throw up alerts in seconds about SQL Slammer and Stack Bot. Within minutes, my computer was slow and sluggish. This didn't stop until I reimaged a final time, disconnected from the Internet, and installed the firewall the hackers used, ISS BlackICE.
Case in point: anyone who says AV + safe browsing is enough, I'm pulling your geek card.
Fact is, my last known infection on my own PC was in October of 2006. I'm not sure what happened, but a family member said there was news of a recent outbreak, that had infected 11 million computers. I had AV+AS+FW that was provided by my ISP, and I was infected three times in one day without even surfing. Mind you, this was Windows XP, but again, I was running a firewall, and I hadn't even opened a browser!
I reimaged my system from an Acronis backup, only to have the AV throw up alerts in seconds about SQL Slammer and Stack Bot. Within minutes, my computer was slow and sluggish. This didn't stop until I reimaged a final time, disconnected from the Internet, and installed the firewall the hackers used, ISS BlackICE.
Case in point: anyone who says AV + safe browsing is enough, I'm pulling your geek card.
- Aug 4, 2016
- 1,465
Not my experience with the peoples PC's I clean up, of course I said mostly. NYT was an example of what you said a while back, but I still find its the key genners etc that get the worst hits of all.
I'm the one who don't like saying good browsing habits because I don't browse safe websites
I haven't been infections for at least 10 years despite having that reckless browsing habits because I know what weaknesses my AV has and how to patch them. I ignore overly sophisticated things like exploits,...
if I suspect something, I simply throw it into sandboxie, virustotal, online sandbox analysis or inside a virtual machine but it takes a lot of time
I have an old PC with first-gen i3, installed Avast free (tweaked with my settings) + Appcheck antiransomware and Syshardener. Install chrome browser + Windows defender browser protection + bitdefender traffilight. More importantly, they don't conflict with each others
malwares have to pass through many layers
this machine has been using continuously for at least 6 hrs per day for 6 years, never be infected
I don't believe in claims although it might be true. Appguard is SRP tool. I don't like any thing like that because they will reduce my productivity. I don't buy computers to overprotect them. I want them to perform smoothly and bug-free
anti-exe and SRP simply block. They don't tell you if something is safe or not. If you keep blocking, your apps might be malfunctional and if you take a risk and allow it, you might be screwed
if a hack comes from a good websites, it's very hard to detect and block sufficiently. However, I can suggest you 1 solution -> put your browser into Sandboxie or Comodo Firewall's sandbox (better than sandboxie but much less functional) => your are extremely unlikely to get any infection because they can't escape the sandbox in the first place
if you say some malwares can escape => it will become an endless discussion
- Oct 25, 2018
- 236
And how would people have known not to visit NYT? Case in point: never tell people that AV + safe browsing will keep you safe. You don't have to be out looking for trouble, when trouble is out looking for you.
- Oct 25, 2018
- 236
I haven't had an infection since Windows XP. In October, it will be 13 years for me. I used an ACL deny permission on the Windows folder to prevent privilege escalation. I only used it for the account I was logged into, so I could still install new software with an administrator's credentials via RunAs. I was fairly satisfied with this solution, until I started reading about fileless malware.
These days, my top two are AppGuard (which I understand is used by the U.S. Department of Defense) and Cruel Comodo; I also plan to have a look at H_C. Mind you: I haven't encountered a fileless infection yet. But I'm not waiting until AFTER I do. An ounce of prevention is worth a pound of cure.
Last edited:
- Oct 31, 2014
- 1,712
Guys do not become paranoid with the computer security. The virus never comes on its own. We invite him. A little mind and a light protection you are very well protected.With a little attention here in the forum you will learn to distinguish the virus very easily. I after so long in this forum before i seeing the virus i smell him
- Aug 4, 2016
- 1,465
Discussion going at a tangent, I have said how I feel & my experience on my systems & many others but there are no guarantees on PC's or life itself (bigger worry) & no way of protecting against the unknown, but I'm pretty happy I can restore the system(s) critically within minutes & all else within hours - I may be wrong though, my wife thinks I always am so... . Opting out of this discussion.
Similar threads
