HIPS, anti-exe were, are and will be forum geeks toys, the masses aren't skilled/knowledgeable/ready for such tools. They want simple "all-in-one-automated-do-it-all-for-me-without-me" kind of solution.
WD for all of its strengths is actually kind of slow when you trigger its high caution scans. The cloud lookup of an executable after downloading it sometimes takes 1-2 seconds while an offline engine like Emsisoft can do it in milliseconds.Compared to WD ?
By "layered" I meant really, heavily, over-the-top, way overboard layered. I saw a couple today and I honestly couldn't believe it.
I actually do what Umbra says - either you trust VS, or you don't. So I run a highly private, very basic AV (no cloud, no uploads, disabled logging, good sigs) along with VoodooShield 5.03b on AlwaysOn/Aggressive and call it a day.
Now that VS will be implementing WhitelistCloud into it (which it has in the version I am running), and allegedly Dan has removed VT from it and replaced it with WLC, false positives are rare, and it will also stop outbound connectivity on malicious/suspect applications. I'd be pretty confident running VS 5.03+ (WLC integrated) as the sole security solution these days. But I still like to have some alternate sig based AV on my boxes. (for now, doubtful I will renew)
I'd look at Emsisoft again someday if they nixed Bit Defender sigs and either went with their own, or preferably Ikarus or something. Also I am hesitant to buy suites that don't at least have their own good quality firewall for people I install suites for. So I usually grab BD, Panda Advanced or Norton (whichever has the best deal at time of renewal) for family and friends as I like those third party firewalls I can tweak up.
Whitelist Cloud (or someyhing like that), it is opposite to blacklisting (what classic AVs do), from what i heard, VS will have all the legit files listed and if you run a file that isn't in this list it will be flagged.What is WLC?
Whitelist Cloud (or someyhing like that), it is opposite to blacklisting (what classic AVs do), from what i heard, VS will have all the legit files listed and if you run a file that isn't in this list it will be flagged.
Kind of what does PCmatic.
Theoretically it is not a bad mechanism but the workload to maintain such list will be huge and at beginning will generate have lot of FPs . Especially from peoplke using low-reputation apps.
Configure SONAR Advanced ModeFor the average user though I think configuring something like Norton SONAR to operate in the more prompting mode (forgot the exact name) might be the friendlier way of achieving that.
The second setup probably wins (only on Windows 10) against malware you will never encounter.Emsisoft vs. Windows Defender (with Configure Defender).
The good thing about default deny is I'm 100% sure my computer don't have any virus so I don't have to waste 30 min ~ 1 hour every month scanning my computer with EEK, Malwarebytes and HitmanPro.The second setup probably wins (only on Windows 10) against malware you will never encounter.
The first probably wins to avoid the false positives you will hardly see on your computer
Emsisoft has much better support (and some other advantages), so it is worth its price if such support is required.
Emsisoft has much better offline protection.
WD is free and Windows built-in, which can be important for some people.
i am using also Emsisoft + Vodoosheild free which i can say light and a good setup
just added fresh phishing and malware host file manually to for improving surf protection
and Tinywall for creating windows firewall rules