Local Host

Level 22
Verified
Kernel bugs are rarely used nowadays and get fast fixes. Attacker use easy methods with best profit instead of much work.

You can't compare XP with Vista, 7, 8 or 10 ;)
Different kernel('s)
Windows Defender is the number one target and easy to bypass, due to coming pre-installed with Windows 10.

I would say ~90% of malware is aware of WD nowadays, developers are more lazy to try and bypass third-party AVs rather than WD.
 

danb

From VoodooShield
Verified
Developer
Kernel bugs are rarely used nowadays and get fast fixes. Attacker use easy methods with best profit instead of much work.

You can't compare XP with Vista, 7, 8 or 10 ;)
Different kernel('s)
Kernel bugs / exploits are just one issue… there are tons of other reasons security software should run in kernel-mode, here are a few…



What a lot of people do not realize is that most kernel-mode drivers are simply modified versions of official Microsoft kernel-mode driver templates, so they too are essentially “internal security mitigations”.

There is absolutely nothing wrong with starting in user-mode while developing a security product, but at some point it is probably best to venture into kernel land.
 

HarborFront

Level 54
Verified
Content Creator
The only issue I have with Windows 10 sandbox is it boots up an entire VM. It can’t sandbox an individual app like Sandboxie does where it looks all normal but if you go into the corners, the yellow lines indicate it is sandboxed. Please correct me if I’m wrong.

Yup, just tried it. Pretty limited. If you copy the exe shortcut of your browser from the main desktop and paste into the virtual desktop it simply won't work

If you want to use a browser other than Edge, you need to install it. You need to transfer your bookmarks and re-install your favorite browser extensions and add-ins. No bookmarks get saved. No extensions or add-ins get saved.

However, you can

run single exe portable files like AdwCleaner, SumatraPDF etc (i.e. no exe shortcuts). Portable apps which extracted to many files cannot be run.
install and run software like browser etc

in the sandbox without issue
 
Last edited:

valvaris

Level 4
Verified
I myself use - WD with Glasswire in "Ask to Connect" mode plus WD Application Guard - Microsoft Edge Chromium with UBlock (Advanced Mode) - That covers my Layer 7 needs.

As for Network Protection I use a Mikrotik Router as my Home Router (RB4011) and another with The Dude (hEX S with SD Card) for Network Monitoring. The Rules in the Firewall in use are in the MIkrotik Forums -> [Share] - Router Config with Firewall (Tcp/Udp) Filter - MikroTik

Best Regards
Val.
 

Back3

Level 5
My basic setup for the last 2 years has been Windows Defender with Configure Defender ( High) and the firewall rules of SysHardener, I make an image of that setup with Macrium Free. This is the system I use when I upgrade Windows.
To that structure, I have added Comodo Firewall at Cs settings for over a year but I have never upgraded Windows with Comodo or other security apps on board.
Nowadays, I still have my basic setup with Voodooshield Free and SWH with only Windows Hardening.
 

HarborFront

Level 54
Verified
Content Creator
@PotentialUser

Since you are using Emsisoft with WD they already make a good combo pair against malware attacks.

You don't require another firewall since Emsisoft's firewall sits on top of Windows default firewall.

My suggestions for hardening of security/privacy would be to

1) Harden your Windows OS
2) Harden your system
3) Harden you browser(s)

Try these

Shadow Defender - I think there's some free lifetime promotion ongoing. Search for it
Sandboxie or Sandboxie Plus - free
Virtualbox - free

and run a reputable paid VPN

If you are uncomfortable with your mainstream malware protection's adequacy try the AI-driven WiseVector StopX. It works ok with WD but not sure whether it'll clash with Emsisoft
 
Last edited:
Top