- Jul 29, 2018
- 566
I like this setup, and I don't see how you can go wrong (don't know about Immunet however). I have a question, though. What about AppCheck A/RW in place of RansomOff? Anyone can compare the two as is now? I am using AppCheck free with OSA, and it's been good as far as I can tell for 3 years now with constant updates and positive developments etc.
@AtlBo Ransomoff offers complete lock down, if you set it up well it will have more features than appcheck do, appcheck is just lighter + install&forget
Also it has hips, immunet will cover rest just replace osarmor with syshardener on max:emoji_innocent:
Also, I was reading about the new Kaspersky free program here:
Q&A - Kaspersky Security Cloud Free
It's like Kaspersky A-V Free with some extra protections. Maybe a good choice for your situation idk...
The only issued I had with KFA is that it doesn't automatically update signatures, I think it's a bug.
About the ability to configure every module's settings, you can use Kaspersky Cloud Security Free. I tried it and it was quite good, but I think there is a bug there too.
Even if the Free version doesn't have a Firewall, I got a warning on Windows Security Center because Kaspersky Firewall wasn't working... and when I clicked "open Kaspersky Cloud Security for more details", the Firewall options actually opened
No trolling. I was referring to Elders 65+ who just bought their first laptop and young ones as who just started going to school 7+. Just sharing my experience what works the best for people I know. Nobody knows here about any OSArmor, VoodooShield, etc. programms. People blindly use here what is more advertised in media and apologies for misunderstanding.Im confused, im not sure are you trolling or not. But well then
From those four, ReHIPS is the most secure, but the less noob-friendly.VoodooShield
Re:HIPS
RansomOff
OSArmor
Immunet uses ClamAV, ETHOS and SPERO engines and all of them can be turned off.Isn't immunet just ClamAV?
You are better off using ClamWin w/Clam Sentinel than Immunet if you are relying Clam. Maybe Immunet has changed, but I always remember it using Clam.
@AtlBo Ransomoff offers complete lock down, if you set it up well it will have more features than appcheck do, appcheck is just lighter + install&forget
With Syshardener, first have a backup if you are unsure of something. If you are worried, don't enable multiple settings at once, try them one by one.I agree about SysHardener, if you set it and something is not working, then it's difficul to understand which setting you have to revert.
But about OSArmor, I think it's extremely easy to use, since you can make an exclusion from the popup (in this it's very similar to VS, but less annoying).
With my current setup, the used RAM (from task manager) is around:
CPU and disk usage is nearly zero for each of them, plus I don't see any delay when I launch an app or I browse my folders or I use internet. And that's what matters most for me.
- Immunet: 30Mb
- OSArmor: 15Mb
- RansomOff: 120Mb
c79ce6758d33880e7253ed62381b9cdc2b5a743986a645ca4f0ed6026ee17996
Evaluating
fda98eadf21eb3f3dc5e54a30240b2bfa6b52740bf6ead2093370487dbc5fd2d
Evaluating
2a7cb979327a2ced7fefc60d2c3f082c9b7600400c84845208f12133a4a4b915
Malicious
d6c2df18bd0ecf89d6c022fc2d7251352fcbb69ea2a2e219935b3d0d2bc93c94
Malicious
c7a52944ee636a34e88a3c79c2cb851191f6978c2d4efe5781a8c3bff24b782f
Evaluating (only Qihoo has detected it)
7d50cb316652d8ea2e10547563a494e0206d8871efcc6704577e9365e4604628
Malicious
f4974a68b01ccd04e55baae2e6308afa0620f497c8a9caf011c827eac8ce891e
Evaluating
49ed281e4ebef985841f7aee04e4ea0f8b6b4fc345b3cad3bcc6e18b7d08b48f
Malicious
f3946e1562efc1f609d6cf9474d70d1baf722d184aa2b20f13a801f3b21f0937
Evaluating (only Cyren has detected it)
269b7698524026377fac300bfd32619e14cfc9397cff8a5b369bc346bbaa36ef
Malicious
9c21f57897846e479f4da33c7ecc19aab323a92485fa3c3481ff37b18382237c
Evaluating (only Cyren and Kaspersky have detected it)
83ab9a5435bd4089d1348473c62baa24a996e8c6379a9ccb700aa8b64c6ee43f
Malicious
9ac75fcf374ae0dabd43dd103ee57420ffce1de1fb7d7c8467f1d0f248ced602
Malicious
ead42f1829a0c14ec81749b08ef67fc70ef6308ef6fa92291f26c573dfd0108f
Malicious
9e233042c950c05203087293c55d41edccd1ef3fd7108683c6e5b71eeb8c8bcc
Malicious
77fb19a29a7c56aeaffcf6cc663318010bdf24d86ba63d2f523e0438c01990da
Evaluating (only ESET and Qihoo have detected it)
a498e1270e27b453ba5fe0ee8be4dfadfbb4e186cbb5da6ae88f0baa09d2789e
Malicious
b37cc3be89e120642ff8e1dbf8cb5052ee21fecc5211d5df412bd9c647b8720c
Evaluating (only Fortinet, Rising and TrendMicro have detected it)
b629851831f8c1c82b40d4fa4fce40ab65e9e654acc16f1293d74ab4c437c63b
Malicious
8a279856a9c441bd2f216fb512500794d970e9bef19b3de935d8884c33189d1c
Malicious
when I scanned it with immunet 2 hours ago, it detected 9/20. immunet only deleted .exe and office extensions. It didn't support script filesI checked the last malware samples https://malwaretips.com/threads/8-08-2018-20.85814/#post-755763 on Cisco Talos File Reputation Talos File Reputation - Cisco Talos
Detection is 12/20 (maybe ETHOS and SPERO engines could have added something)
So, I don't understand if and how Cisco Talos is integrated in Immunet...when I scanned it with immunet 2 hours ago, it detected 9/20. immunet only deleted .exe and office extensions. It didn't support script files
only the cloud engines enabled, disabled clamAV
only 1 exe left in the folder
or syshardener is enough except malwares infecting via cmdSo, I don't understand if and how Cisco Talos is integrated in Immunet...
Anyway, adding OSArmor to Immunet is "mandatory" to increase protection, especially vs. scripts
Yeah, SysHardener and OSArmor can be used together and complement each other very wellor syshardener is enough except malwares infecting via cmd
syshardener blocks most scripts by defaultith no resource consumption
Now CCAV has the option to use Viruscope to monitor apps running out of the sandbox too, so that's already an added layer.Someone that runs ccav ( default block mode untrusted files) wich one of these would he benefit most? Since malware with valid signature will pass ccav, hips /bb are only that could notify it? But anti-exploit like osarmor + syshardener can slow down that a bit, or even prevent it to run? Wich would be smartest choise if you think system resources to take care of that problem
edit: i have to check re:hips
Well thats a good point didnt even think about viruscopeNow CCAV has the option to use Viruscope to monitor apps running out of the sandbox too, so that's already an added layer.
SysHardener is a great tool to reduce the attack surface and it doesn't take any resources since it doesn't run in background (you open it, set what you want, reboot and that's all).
OSArmor is a good BB, very customizable and very quiet. On my PC it just takes 15Mb of RAM, so I'd suggest anyone to use it, no matter what security SW they already have