Hey there,
thanks for replying and liking. As I said, I want to upgrade soon, but I can't do a fresh install right now, as I'm up to neck with work. I tried a "Click-to-upgrade-from-Win-8" on another PC, and ended up with a disastrously slow system, so that's not an option. Also, I am waiting for Enterprise-N-ltsb license that should arrive next week, as I can't put up with "latest-features-through-update" bs - I need a solid, stable system without it constantly doing something in the background with possible sudden incompatibilities.
Hi!
Nice setup, however you can consider setting UAC to max and OS updates to "automatic".
My second thought is Admuncher - do you really need it since you have uBlock Origin? Isn't AdMuncher a dead product?
Setting UAC to the max, as well as working in non-admin account after finishing the entire setup is the plan, as well. I started writing a step-by-step notes for myself, as I'm likely to forget something at the last moment. Regarding the ad-muncher, it's gonna go - as it was made free, I wanted to try browsing without ABP slowing the FF down. It was only after that I discovered uBlock Origin, but never got to remove the ad-muncher. It's one of those "Bah, I'm going to do a fresh install anyway next week" situations. I don't have to mention that that day still didn't arrive, lol. Seriously now, I the plan is already in motion, so - soon.
Config looks good! Have you considered upgrading to Windows 10?
Thanks, yes.
Looks good consider adding Zemana Anti-Malware as another On Demand Scanner in conjunction with MBAM and HitmanPro.
Setting updates and UAC to max is good too. Optional but possibly upgrade to Windows 10. Very good security.
Yeah, I heard a lot of good stuff about Zemana from all around. I am thinking of it, although I'm a sucker for a free setup
. I want to try as much as possible to utilize the system hardening, adding srp's and gpo's, setting read/write permissions right, and so on - it requires some extra planning and learning, but it will pay off either way in the end, I believe. Although, if I stumble on some ridiculous offer for it (like I did last night for BitDefender Total security 2016, 3 PC's, 1 year for 20$
) I will definitely buy it. Same goes for HitmanProAlert.
On a side note, I am also looking at Sandboxie,
Voodoo shield,
Bouncer,
NoVirusThanks-ExeRadarPro, or the multiengine
SecureAplus...
All interesting new approaches to securing the endpoint (well this last one is not entirely new, but nvm)
Looks good, apart from:
- Comodo Internet Security and Sophos Home - Two real-time AVs?
- OS updates - Manual, you could make it automatic.
Yes, I haven't really explained well - Comodo's Antivirus is disabled, I run the Firewall with D+ mostly custom rules and Sandbox with Viruscope ON. Only Sophos is Realtime - I must say, I am pleasantly surprised by this one. It's a bit of a pain to set the excluded folders and files (persistent little guy with browser control), but after a bit of fiddling around, I quite like it.
Regarding the updates, I kind of had a little rage episode when I desperately needed to send a project correction urgently, and Windoze decided a session beforehand to leave only the Update-and-shutdown option. When I turned it on, I had to wait 45mins for it to finish updating. The client had to wait as well, which sucked, so I switched it to manual afterwards.
So, a question: Anyone noticed the trend lately that eastern AV's have better/faster definitions for zero-day malware? Coincidentally (of course), eastern based malware are prevalent ATM, and I wonder if anyone had some experience with these AVs - Qihoo or Baidu or Kingsoft, for example? Do you thnk it's worth adding them to your setup somehow - purely because of the signatures/response speed?
Thanks in advance,
Predrag
