Shmu26's new security config

Last updated
Dec 31, 1969
Windows Edition
Pro
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
VoodooShield Pro
Kaspersky Internet Security 2017
HitmanPro.Alert
standard user account
Startup Sentinel
Firewall security
Periodic malware scanners
HitmanPro, Zemana
Malware sample testing
Browser(s) and extensions
Chrome x64 w/appcontainer lockdown

extensions: uBlock Origin, uBlock Origin extra, HTTPS Everywhere, VTchromizer, Bitdefender TrafficLight, Animation Policy
Maintenance tools
CCleaner, Zipware
File and Photo backup
Macrium Reflect
System recovery
Macrium Reflect Home
I got my setup narrowed down to 1 app.
first of all, I renamed powershell.exe and powershell_ise.exe, by adding ".old" to the name, so they can't execute.
and I disabled windows script host, so java script can't run. (hope I don't discover I have a program or process that needs it)
The above should protect the most abusable Windows processes.

Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
Then I enabled Trusted Applications Mode.
I think that should do it.
Your suggestions are welcome.
 
  • Like
Reactions: shukla44, Logethica, Deleted Member 3a5v73x and 1 other person
shmu26 said:
Then I installed Kaspersky 2016, disabled "trust digitally signed applications", and set apps that start before Kaspersky to high restricted.
Then I enabled Trusted Applications Mode.
I think that should do it.
Your suggestions are welcome.
Click to expand...
Have you considered upgrading to Kaspersky 2017? 2016 is excellent but I have found 2017 to be even better
 
  • Like
Reactions: shukla44, Logethica, Deleted Member 3a5v73x and 1 other person
Kaspersky TAM started to bother me, because the trust levels for certain processes keep shifting around as if they have a mind of their own.
So I went back to SecureAPlus.
(VoodooShield would be nice but it is still too buggy for me).
there is a SAP thread at Wilderssecurity
SecureAPlus Freemium
where a tech rep from the company, named Hendy, provides support. He is good.
 
  • Like
Reactions: shukla44, Logethica and Deleted member 2913
I feel pretty secure with NVT ERP and HMP.A. It is hard for malware to get past them.
I have Avast free in passive mode (it updates but does not provide active protection), when I want to run unknown executables, I can turn it on for extra protection.
 
  • Like
Reactions: shukla44, Deleted member 2913 and Logethica
I swapped out NVT ERP, and went for ReHIPS. It handles command lines better, so you get less popups and headaches.
But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
so now it's WD + ReHIPS w/o isolation + HMP.A.
 
  • Like
Reactions: shukla44, Deleted member 2913, Logethica and 3 others
shmu26 said:
I swapped out NVT ERP, and went for ReHIPS. It handles command lines better, so you get less popups and headaches.
But before I uninstalled ERP, I copied my vulnerable processes list, and applied it to ReHIPS. So I have the best of both.
I took my productivity apps out of ReHIPS isolation, so I can work unhindered.
so now it's WD + ReHIPS w/o isolation + HMP.A.
Click to expand...
Make sure you didn't just delete your productivity apps from rehips isolation because when rehips detects changes in installed program and registry it will install the rules again. You need to change the rules from allow isolated to allow and then rehips will not overwrite them.
 
  • Like
Reactions: shukla44, Deleted member 2913, Logethica and 2 others
SHvFl said:
Make sure you didn't just delete your productivity apps from rehips isolation because when rehips detects changes in installed program and registry it will install the rules again. You need to change the rules from allow isolated to allow and then rehips will not overwrite them.
Click to expand...
I did it the wrong way the first time, now I did it your way.
 
  • Like
Reactions: Deleted member 2913, Logethica, Deleted Member 3a5v73x and 1 other person
shmu26 said:
did it, just to calm me down in those paranoid moments.
Click to expand...

Webroot is indeed very light on system and offers very protection too... but i had to uninstall it because sometimes its right click/context menu scan wouldn't work... I mean you right click on the folder and hit scan ... and nothing happens. Tried searching for a solution but didn't find one. Did you ever encounter such problem?
 
  • Like
Reactions: Deleted member 2913 and Logethica
harman said:
Webroot is indeed very light on system and offers very protection too... but i had to uninstall it because sometimes its right click/context menu scan wouldn't work... I mean you right click on the folder and hit scan ... and nothing happens. Tried searching for a solution but didn't find one. Did you ever encounter such problem?
Click to expand...
when I was using it, I didn't run manual scans very often at all. It did plenty of scans on its own...
you could ask on their forum, if they know a fix, they won't hide it from you
 
  • Like
Reactions: Deleted member 2913 and Logethica
shmu26 said:
when I was using it, I didn't run manual scans very often at all. It did plenty of scans on its own...
you could ask on their forum, if they know a fix, they won't hide it from you
Click to expand...

I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG) :D
 
  • Like
Reactions: Deleted member 2913, Logethica, King Alpha and 1 other person
harman said:
I actually wanted to scan some known infected files stored in a folder on different partition to check whether Webroot detects those malwares. That's when I came to know about the right click scan not working problem. when I googled about it there were lots of similar complaints about this problem in webroot. Didn't ask in their forum though, because it seems like a bug and they only suggested a clean reinstall with deletion of a certain folder in program data. I did that and it solved the problem but only temporarily. Didn't want to experiment any further so installed AVG. Anyways happy with the latest AVG now (never thought such a time would come when i'd say good things about AVG) :D
Click to expand...
no program without a bug. you just have to find the bugs that bug you the least...
I personally don't use webroot right now, I went more in the direction of anti-executables.
 
  • Like
Reactions: Logethica and harman
I have tried them all, again and again: NVT ERP, Voodoo, ReHIPS.
They always end up blocking something I want to run, like a chrome update or a windows process or a print job.
Makes me nervous to have to keep an eye all the time on what is being blocked, and give it the right rules.
So I went back to traditional solutions.
Kaspersky+ZAM+HMPA.
I also have blocked the various processes of powershell and wscript and cscript , by means of Kaspersky Application Control.
My system runs smooth, feels pretty light. I am willing to pay that extra couple seconds at bootup.
I think it's a good balance for me between security and sanity.
 
  • Like
Reactions: enaph, ZeroDay, askmark and 4 others
You must log in or register to reply here.

You may also like...