Latest changes
Dec 31, 1969
Windows Edition
Pro
OS build or version
stable
System type
64-bit operating system; x64-based processor
Update and Security
Allow all automatic updates
User Access Control
Always notify
Firewall and Network protection
Provided by a third-party security vendor
User permissions
User account
Malware exposure
Malware samples are downloaded on a Virtual machine
Real-time Malware protection
VoodooShield Pro
Kaspersky Internet Security 2017
HitmanPro.Alert
standard user account
Startup Sentinel
Periodic scanners
HitmanPro, Zemana
Browser and Extensions
Chrome x64 w/appcontainer lockdown

extensions: uBlock Origin, uBlock Origin extra, HTTPS Everywhere, VTchromizer, Bitdefender TrafficLight, Animation Policy
Privacy tools and VPN
uBlock Origin
Password manager
lastpass
Search engine
F-Secure (google powered)
Maintenance tools
CCleaner, Zipware
Photos and Documents backup
Macrium Reflect
Data Backup Schedule
Once or multiple times per day
Backup and Restore
Macrium Reflect Home
Backup Schedule
Once or more per week

shmu26

Level 85
Verified
Trusted
Content Creator
I got my setup narrowed down to 1 app.
first of all, I renamed powershell.exe and powershell_ise.exe, by adding ".old" to the name, so they can't execute.
and I disabled windows script host, so java script can't run. (hope I don't discover I have a program or process that needs it)
The above should protect the most abusable Windows processes.

Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
Then I enabled Trusted Applications Mode.
I think that should do it.
Your suggestions are welcome.
 

Exterminator

Community Manager
Verified
Staff member
Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
Then I enabled Trusted Applications Mode.
I think that should do it.
Your suggestions are welcome.
Have you considered upgrading to Kaspersky 2017? 2016 is excellent but I have found 2017 to be even better
 

shmu26

Level 85
Verified
Trusted
Content Creator
Kaspersky TAM started to bother me, because the trust levels for certain processes keep shifting around as if they have a mind of their own.
So I went back to SecureAPlus.
(VoodooShield would be nice but it is still too buggy for me).
there is a SAP thread at Wilderssecurity
SecureAPlus Freemium
where a tech rep from the company, named Hendy, provides support. He is good.
 

shmu26

Level 85
Verified
Trusted
Content Creator
I feel pretty secure with NVT ERP and HMP.A. It is hard for malware to get past them.
I have Avast free in passive mode (it updates but does not provide active protection), when I want to run unknown executables, I can turn it on for extra protection.
 

shmu26

Level 85
Verified
Trusted
Content Creator
I swapped out NVT ERP, and went for ReHIPS. It handles command lines better, so you get less popups and headaches.
But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
so now it's WD + ReHIPS w/o isolation + HMP.A.
 

SHvFl

Level 35
Verified
Trusted
Content Creator
I swapped out NVT ERP, and went for ReHIPS. It handles command lines better, so you get less popups and headaches.
But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
so now it's WD + ReHIPS w/o isolation + HMP.A.
Make sure you didn't just delete your productivity apps from rehips isolation because when rehips detects changes in installed program and registry it will install the rules again. You need to change the rules from allow isolated to allow and then rehips will not overwrite them.
 

shmu26

Level 85
Verified
Trusted
Content Creator
Make sure you didn't just delete your productivity apps from rehips isolation because when rehips detects changes in installed program and registry it will install the rules again. You need to change the rules from allow isolated to allow and then rehips will not overwrite them.
I did it the wrong way the first time, now I did it your way.
 

harman

Level 1
did it, just to calm me down in those paranoid moments.
Webroot is indeed very light on system and offers very protection too... but i had to uninstall it because sometimes its right click/context menu scan wouldn't work... I mean you right click on the folder and hit scan ... and nothing happens. Tried searching for a solution but didn't find one. Did you ever encounter such problem?
 

shmu26

Level 85
Verified
Trusted
Content Creator
Webroot is indeed very light on system and offers very protection too... but i had to uninstall it because sometimes its right click/context menu scan wouldn't work... I mean you right click on the folder and hit scan ... and nothing happens. Tried searching for a solution but didn't find one. Did you ever encounter such problem?
when I was using it, I didn't run manual scans very often at all. It did plenty of scans on its own...
you could ask on their forum, if they know a fix, they won't hide it from you
 

harman

Level 1
when I was using it, I didn't run manual scans very often at all. It did plenty of scans on its own...
you could ask on their forum, if they know a fix, they won't hide it from you
I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG) :D
 

shmu26

Level 85
Verified
Trusted
Content Creator
I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG) :D
no program without a bug. you just have to find the bugs that bug you the least...
I personally don't use webroot right now, I went more in the direction of anti-executables.
 

shmu26

Level 85
Verified
Trusted
Content Creator
I have tried them all, again and again: NVT ERP, Voodoo, ReHIPS.
They always end up blocking something I want to run, like a chrome update or a windows process or a print job.
Makes me nervous to have to keep an eye all the time on what is being blocked, and give it the right rules.
So I went back to traditional solutions.
Kaspersky+ZAM+HMPA.
I also have blocked the various processes of powershell and wscript and cscript , by means of Kaspersky Application Control.
My system runs smooth, feels pretty light. I am willing to pay that extra couple seconds at bootup.
I think it's a good balance for me between security and sanity.
 
Top