Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Umbra

  1. I prefer the old one, faster access and better visibility. Too much scrolling to my taste, make it confusing.
  2. No issues so far. The settings menu is so big, my eyes almost get out of my head ^^
  3. Yes i even made a joke about Emsisoft buying it.
  4. It is not the UI doing the protection, it is the service/driver, and they are the first things to be loaded during boot even before your desktop appears.
  5. Exclusions are a must-do with Comodo, all running EAM's processes must be in each comodo's exclusions modules.
  6. I'm also using Binisoft WFC , after looking at its rules panel, i have those rules enabled too when i disabled them in the past; Then i looked at my other machine without WFC , those rules are still disabled, so it clearly shows that WFC is responsible for it, i guess those are default WFC rules, indicated in Windows Firewall as WFC - (rule name) and probably added when WFC was updated.
  7. Hello @mesmerized I totally agree with @Elise advice, one antivirus is enough; the combo you proposed is totally redundant and will not afford you much more security. In the past i would advise you to keep Malwarebytes alongside Emsisoft, but now even them are becoming a standalone solution. Having 2 Antiviruses doesn't make much sense those days, however adding complementary security softs is common practice for the most paranoid of us (like me). But for the classic users, Emsisoft alone is enough, what matters the most are your computing practices. Having safe habits will greatly reduce the amount of threats you may encounter. By learning how your antivirus works, what options it has , will make you safer. The minimum required in my opinion for the classic "safe habit" user is an Antivirus like Emsisoft and an adblocker.
  8. SRP is indeed Software Restriction Policy, like Windows' Applocker (available in pro version) and some other 3rd party softs. Step 2 can be done with any default-deny type of softs (those allowing you to select a executable and block it from running) , EAM can block them too.
  9. Sorry @Stapp and everybody, i didn't mean to offend anyone.
  10. I dont know for others but to me it seems so easy to use, for example i have a customized Surf Protection HOST list, which block lot and lot of stuff which are all reported now in Forensic. So i just unticked SF, then all SF alerts disappear, which is convenient when i want to look for something else, then after i'm done, i reticked it, then they all reappear. I don't see any complexity in it, unless i'm too used to complicated things and i see it a child play
  11. Yes because Powershell isn't dangerous by itself, and is needed sometimes by the system reason why you can't remove it (only the old version can); not saying on Win10, it will replace cmd very soon. So since the old v2 is vulnerable and often used as an attack vector, disabling its execution is enough.
  12. @Peter2150 1- by restricting users to use it via Group policy https://community.spiceworks.com/topic/1183987-disabling-powershell-with-group-policy 2- via SRP, blocking: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe system.management.automation.dll 3- by uninstalling it windows/forum/windows_7-performance/how-to-uninstall-powershell-windows-7/c7077177-294d-4aed-8307-a1a554a56ae5?auth=1 i usually just do step 2, good enough for me.
  13. To be simple, with Bitcoins you have 3 notions to understand: 1- bitcoins: are just encrypted datas associated with a value in money, any modification to it (exchange, sales, etc...) is added to the data bitcoin "code" called blockchain. 2- blockchain: when anything happen to the bitcoin (when you sell it, or buy something, etc...), information datas are verified, validated by the community then added on top of the bitcoin's code; this newly added code can be modified but previous infos are locked, so in case of issues you can check it as "history". 3- Miners: those a the "community" , since bitcoins system used heavy encryption and need lot of computing resources to check, validate and re-encrypt transactions; users could volunteer to give the system access to their machines (and getting a portion of bitcoins in return for their help), those days, people can use dedicated machines to process and encrypt the datas, so some sites uses their visitor machines to do it while getting the benefits. So basically, miners originally aren't dangerous by themselves, they just eat you computer' resources. Consider them as "annoyances"
  14. Yes i will do Indeed, Layered Protection is mostly a setup made by security geeks or at least people more security-aware than the others; Average Joe rarely bothers with it. If i go to uncharted territories, i rather use a VM or a Linux live CD
  15. To me, "layered protection" is adding softs with features that complement each others, not overlapping. I made a guide years ago when the idea of Layered Protection wasn't very popular (some part are outdated but you will get the idea)
  16. Hello G11, You just have to do a factory reset of the Host Rules : - Go to Settings > click "Factory Defaults > Select "Host Rules" > Click "Ok" Then you can add a new host file.
  17. I also run several products but not 2 real-time scanners at same time.
  18. Hello @Buddel I don't think you need anything else, like you i'm using EAM + WFC and it is good enough.
  19. Personally i import MVPS Host list, which i find often updated and block enough domains.
  20. @Insert Real Name Yes, this is a start, but if you don't need Powershell at all, better disable it "completely".
  21. You have to select "all files" in the search window.
  • Create New...