- Jul 3, 2015
- 8,153
did it, just to calm me down in those paranoid moments.Use Webroot (it's very light!) although it's not necessary for a low-risk user.
Shmu26's new security config
- Thread starter shmu26
- Start date
- Jun 9, 2013
- 6,720
A good idea.
- Mar 15, 2011
- 13,070
By nature of that setup, no need for AV.
The power of Voodoshield goes on user decision pop-ups so honestly you will have very minimal bypass.
The power of Voodoshield goes on user decision pop-ups so honestly you will have very minimal bypass.
- Jul 3, 2015
- 8,153
I got my setup narrowed down to 1 app.
first of all, I renamed powershell.exe and powershell_ise.exe, by adding ".old" to the name, so they can't execute.
and I disabled windows script host, so java script can't run. (hope I don't discover I have a program or process that needs it)
The above should protect the most abusable Windows processes.
Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
Then I enabled Trusted Applications Mode.
I think that should do it.
Your suggestions are welcome.
first of all, I renamed powershell.exe and powershell_ise.exe, by adding ".old" to the name, so they can't execute.
and I disabled windows script host, so java script can't run. (hope I don't discover I have a program or process that needs it)
The above should protect the most abusable Windows processes.
Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
Then I enabled Trusted Applications Mode.
I think that should do it.
Your suggestions are welcome.
- Oct 23, 2012
- 12,527
Have you considered upgrading to Kaspersky 2017? 2016 is excellent but I have found 2017 to be even better
- Jul 3, 2015
- 8,153
I understood that 2017 is not yet fully optimized for win10 anniversary update
Hey, great security config @shmu26 Thanks for sharing.
Thanks for sharing.
- Jul 3, 2015
- 8,153
Kaspersky TAM started to bother me, because the trust levels for certain processes keep shifting around as if they have a mind of their own.
So I went back to SecureAPlus.
(VoodooShield would be nice but it is still too buggy for me).
there is a SAP thread at Wilderssecurity
SecureAPlus Freemium
where a tech rep from the company, named Hendy, provides support. He is good.
So I went back to SecureAPlus.
(VoodooShield would be nice but it is still too buggy for me).
there is a SAP thread at Wilderssecurity
SecureAPlus Freemium
where a tech rep from the company, named Hendy, provides support. He is good.
It looks as if all basis are covered, nothing to add here.
- Jul 3, 2015
- 8,153
I feel pretty secure with NVT ERP and HMP.A. It is hard for malware to get past them.
I have Avast free in passive mode (it updates but does not provide active protection), when I want to run unknown executables, I can turn it on for extra protection.
I have Avast free in passive mode (it updates but does not provide active protection), when I want to run unknown executables, I can turn it on for extra protection.
- Jul 3, 2015
- 8,153
I swapped out NVT ERP, and went for ReHIPS. It handles command lines better, so you get less popups and headaches.
But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
so now it's WD + ReHIPS w/o isolation + HMP.A.
But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
so now it's WD + ReHIPS w/o isolation + HMP.A.
- Nov 19, 2014
- 2,350
Make sure you didn't just delete your productivity apps from rehips isolation because when rehips detects changes in installed program and registry it will install the rules again. You need to change the rules from allow isolated to allow and then rehips will not overwrite them.
- Jul 3, 2015
- 8,153
I did it the wrong way the first time, now I did it your way.
- Nov 19, 2014
- 2,350
Cool. Glad i could help.
Webroot is indeed very light on system and offers very protection too... but i had to uninstall it because sometimes its right click/context menu scan wouldn't work... I mean you right click on the folder and hit scan ... and nothing happens. Tried searching for a solution but didn't find one. Did you ever encounter such problem?
- Jul 3, 2015
- 8,153
when I was using it, I didn't run manual scans very often at all. It did plenty of scans on its own...
you could ask on their forum, if they know a fix, they won't hide it from you
I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG)
- Jul 3, 2015
- 8,153
no program without a bug. you just have to find the bugs that bug you the least...I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG)
I personally don't use webroot right now, I went more in the direction of anti-executables.
- Jul 3, 2015
- 8,153
back to NVT ERP
tried out ReHIPS for a few days, awesome program, but I experienced some conflicts with it. too bad.
tried out ReHIPS for a few days, awesome program, but I experienced some conflicts with it. too bad.
- Jul 3, 2015
- 8,153
I have tried them all, again and again: NVT ERP, Voodoo, ReHIPS.
They always end up blocking something I want to run, like a chrome update or a windows process or a print job.
Makes me nervous to have to keep an eye all the time on what is being blocked, and give it the right rules.
So I went back to traditional solutions.
Kaspersky+ZAM+HMPA.
I also have blocked the various processes of powershell and wscript and cscript , by means of Kaspersky Application Control.
My system runs smooth, feels pretty light. I am willing to pay that extra couple seconds at bootup.
I think it's a good balance for me between security and sanity.
They always end up blocking something I want to run, like a chrome update or a windows process or a print job.
Makes me nervous to have to keep an eye all the time on what is being blocked, and give it the right rules.
So I went back to traditional solutions.
Kaspersky+ZAM+HMPA.
I also have blocked the various processes of powershell and wscript and cscript , by means of Kaspersky Application Control.
My system runs smooth, feels pretty light. I am willing to pay that extra couple seconds at bootup.
I think it's a good balance for me between security and sanity.
Similar threads
