Latest Changes
Dec 31, 1969
Operating System
  • Windows Edition
    Pro
    Version or Build no.
    stable
    System type
    64-bit operating system; x64-based processor
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Always Notify
    Network Security (Firewall)
    3rd-party Firewall app by a trusted vendor
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Sign-in Accounts
    Malware Testing
    I participate by downloading malware samples into an isolated VM environment
    Real-time Web & Malware Protection
    VoodooShield Pro
    Kaspersky Internet Security 2017
    HitmanPro.Alert
    standard user account
    Startup Sentinel
    RTP - Custom security settings
  • Virus and Malware Removal Tools
    HitmanPro, Zemana
    Browsers and Extensions
    Chrome x64 w/appcontainer lockdown

    extensions: uBlock Origin, uBlock Origin extra, HTTPS Everywhere, VTchromizer, Bitdefender TrafficLight, Animation Policy
    Privacy-focused Apps and Extensions
    uBlock Origin
    Password Managers
  • lastpass
  • Web Search
  • F-Secure (google powered)
  • System Utilities
    CCleaner, Zipware
    Data Backup
    Macrium Reflect
    Frequency of Data backups
    Daily
    System Backup
    Macrium Reflect Home
    Frequency of System backups
    Regularly

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    I got my setup narrowed down to 1 app.
    first of all, I renamed powershell.exe and powershell_ise.exe, by adding ".old" to the name, so they can't execute.
    and I disabled windows script host, so java script can't run. (hope I don't discover I have a program or process that needs it)
    The above should protect the most abusable Windows processes.

    Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
    Then I enabled Trusted Applications Mode.
    I think that should do it.
    Your suggestions are welcome.
     

    Exterminator

    Community Manager
    Verified
    Staff member
    Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
    Then I enabled Trusted Applications Mode.
    I think that should do it.
    Your suggestions are welcome.
    Have you considered upgrading to Kaspersky 2017? 2016 is excellent but I have found 2017 to be even better
     

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    Kaspersky TAM started to bother me, because the trust levels for certain processes keep shifting around as if they have a mind of their own.
    So I went back to SecureAPlus.
    (VoodooShield would be nice but it is still too buggy for me).
    there is a SAP thread at Wilderssecurity
    SecureAPlus Freemium
    where a tech rep from the company, named Hendy, provides support. He is good.
     

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    I feel pretty secure with NVT ERP and HMP.A. It is hard for malware to get past them.
    I have Avast free in passive mode (it updates but does not provide active protection), when I want to run unknown executables, I can turn it on for extra protection.
     

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    I swapped out NVT ERP, and went for ReHIPS. It handles command lines better, so you get less popups and headaches.
    But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
    I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
    so now it's WD + ReHIPS w/o isolation + HMP.A.
     

    SHvFl

    Level 35
    Verified
    Trusted
    Content Creator
    I swapped out NVT ERP, and went for ReHIPS. It handles command lines better, so you get less popups and headaches.
    But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
    I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
    so now it's WD + ReHIPS w/o isolation + HMP.A.
    Make sure you didn't just delete your productivity apps from rehips isolation because when rehips detects changes in installed program and registry it will install the rules again. You need to change the rules from allow isolated to allow and then rehips will not overwrite them.
     

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    Make sure you didn't just delete your productivity apps from rehips isolation because when rehips detects changes in installed program and registry it will install the rules again. You need to change the rules from allow isolated to allow and then rehips will not overwrite them.
    I did it the wrong way the first time, now I did it your way.
     

    harman

    Level 1
    did it, just to calm me down in those paranoid moments.
    Webroot is indeed very light on system and offers very protection too... but i had to uninstall it because sometimes its right click/context menu scan wouldn't work... I mean you right click on the folder and hit scan ... and nothing happens. Tried searching for a solution but didn't find one. Did you ever encounter such problem?
     

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    Webroot is indeed very light on system and offers very protection too... but i had to uninstall it because sometimes its right click/context menu scan wouldn't work... I mean you right click on the folder and hit scan ... and nothing happens. Tried searching for a solution but didn't find one. Did you ever encounter such problem?
    when I was using it, I didn't run manual scans very often at all. It did plenty of scans on its own...
    you could ask on their forum, if they know a fix, they won't hide it from you
     

    harman

    Level 1
    when I was using it, I didn't run manual scans very often at all. It did plenty of scans on its own...
    you could ask on their forum, if they know a fix, they won't hide it from you
    I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG) :D
     

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG) :D
    no program without a bug. you just have to find the bugs that bug you the least...
    I personally don't use webroot right now, I went more in the direction of anti-executables.
     

    shmu26

    Level 83
    Verified
    Trusted
    Content Creator
    I have tried them all, again and again: NVT ERP, Voodoo, ReHIPS.
    They always end up blocking something I want to run, like a chrome update or a windows process or a print job.
    Makes me nervous to have to keep an eye all the time on what is being blocked, and give it the right rules.
    So I went back to traditional solutions.
    Kaspersky+ZAM+HMPA.
    I also have blocked the various processes of powershell and wscript and cscript , by means of Kaspersky Application Control.
    My system runs smooth, feels pretty light. I am willing to pay that extra couple seconds at bootup.
    I think it's a good balance for me between security and sanity.