oldschool

Level 34
Verified
@shmu26 On VS paid you can disable "Automatically allow all software from the program files folders".
Stay safe not paranoid :D
Hey, you stole my tagline. :mad::LOL::LOL::LOL: And the above setting falls into the paranoid category.

@shmu26 - I've never had VS block something I wasn't intending to run. The simple rule I follow is this: If it blocks something out of the blue, I don't allow it, but I've never had an instance of this. In the end, everyone's systems are different, with different programs, etc.
 

mickel1

Level 2
You might,try Eset Internet security{e-bay} discount price,way lighter than Emsisoft,really nice firewall,and with your OSA and SH really solid,I also have had some bad experiences with Comodo Firewall,hopefully one day Cruel sister will return
If you learn how to set up ESET Internet Security right, then you don't need OSA and SH or anything else.
 

Back3

Level 2
camo7782
You already have Emsisoft with OSA and SH.
When I search for pros and cons of Emsisoft on the net, a few testers said that the main weakness of Emsisoft is phishing and url blocking. The rest is top notch. So I would make sure my web browser has good phishing and malware blocking protection and that would be it.
 
Last edited:

mickel1

Level 2
Please, any howto's on this?

 

Robbie

Level 28
Verified
Content Creator
My current situation has Emsisoft, OSA and SH. I'm missing the HIPs and Firewall components if I'm right, what is a reliable alternative (paid or free) to the most decanted CruelComodo?
You say you were using Emsisoft+OSA+SH+CFW? No wonder why your internet crashed mate.

Emsisoft: behaviour blocker
OSA: post-exploit protection
SH: system configuration hardener
CFW: firewall, auto-sandbox, HIPS

Starting with the basics, if you setup SysHardener correctly, there's hardly need for OSA, you'll just get extra notifications. Having said that, I recommend against pairing CFW with strong antivirus suites, like Emsisoft. You'll get into trouble. You need to cover the most dangerous points of your OS without compromising the stability of it. This is achieved by finding the best combination of software according to your needs and hardware.

If you like and paid for Emsisoft, that's great, good AV. Get rid of OSArmor and keep SysHardener, configure it deep, understand the potential of it. You'll have signatures, behaviour blockers, and the OS hardened enough to restrict malware actions, such as the use of scripts.

You still want firewall notifications? That's good. Use Windows Firewall (built-in) and add MalwareBytes Firewall Control or similar, will give you notifications about inbound and outbound connections for free.
 

camo7782

Level 4
You say you were using Emsisoft+OSA+SH+CFW? No wonder why your internet crashed mate
It ddnt crash, and the disk read issue is still present after removing CC

Use Windows Firewall (built-in) and add MalwareBytes Firewall Control or similar
Ill look into it, but this way I have no sandbox, correct?

You're pointing at the wrong cause of your troubles. IIRC you were all about HIPS
So disabling the HIPs should be ok with Emsisoft?

If you learn how to set up ESET Internet Security
I don't have that I have Emsisoft

main weakness of Emsisoft is phishing and url blocking. [...]. So I would make sure my web browser has good phishing and malware blocking protection.
To that point I have the following plug-ins:
  • uBlock Origin
  • HTTPS Everywhere
  • MWBE
  • Emsisoft plug-in
Do I need something better/different?

Your AV might catch it, but VS will not, because it is in Program Files.
So VS runs everything in program folder? What is a script or malware makes a copy in this folder. and then runs it from there?

So there are times when you will rely on your judgment and allow a file to run even if VS recommended to block it
So in practice VS put responsibility on me, where AV takes it personally.
 
  • Like
Reactions: Dave Russo

shmu26

Level 82
Verified
Trusted
Content Creator
So VS runs everything in program folder? What is a script or malware makes a copy in this folder. and then runs it from there?


So in practice VS put responsibility on me, where AV takes it personally.
Correct, VS allows everything in program folder to run. But it is not so easy for malware to copy something into this folder, because it needs elevated privileges. It is a protected area in Windows. That's why it's okay that VS allows these programs to run. Windows itself protects this and other areas.

Indeed, VS puts responsibility on you, if you ignore the recommendations, which will probably happen from time to time. Whereas AV takes all, or almost all, of the responsibility on itself.
 

shmu26

Level 82
Verified
Trusted
Content Creator
to sum up, should I add VS to replace CruelComodo with my current setup?
Yes, I would recommend it, unless you want to try the ComodoFix config instead, so you will still have a good firewall. It's your choice.