Recent Topics
Hailstorm Yesterday
by Delta - 06/05/20 04:47 AM
Date code on Mighty Engine Guard II? Air Filter
by blufeb95 - 06/05/20 01:01 AM
My poor Jetta can't catch a break.
by FordBroncoVWJeta - 06/05/20 12:22 AM
Bought a truck finally, warning no Ford content
by bdcardinal - 06/04/20 11:31 PM
Got a septoplasty today....
by daves66nova - 06/04/20 10:44 PM
2020 330i xDrive Loaner
by MCompact - 06/04/20 10:02 PM
Appliance repair?
by motor_oil_madman - 06/04/20 09:44 PM
Glad we got a seasonal RV site
by Pat in Speedway - 06/04/20 09:19 PM
Mobil 1 AP Clearance at Wal-Mart
by KeithS_NW_Ohio - 06/04/20 09:07 PM
Recent experience with a Michelin Defender
by FordSVTGuy - 06/04/20 08:46 PM
music quality of speakers in the 70's vs now
by raaizin - 06/04/20 08:15 PM
pressure washer care
by raaizin - 06/04/20 08:06 PM
Watch Forums?
by maverickfhs - 06/04/20 07:53 PM
Who has a media/sand blast cabinet?
by spasm3 - 06/04/20 07:39 PM
Why isn't Polyethylene Glycol standard?
by RamFan - 06/04/20 06:37 PM
Motorcraft GF-6 at Quick Lane.
by Gene K - 06/04/20 06:29 PM
OEM Honda wiper blade curvature
by mclasser - 06/04/20 06:24 PM
GDI vs. MPFI OCI's
by LubricatusObsess - 06/04/20 06:19 PM
Mobil “full synthetic”
by 53' Stude - 06/04/20 06:01 PM
1992 Ford Ranger Brake Fluid Type
by yeehaw1960 - 06/04/20 04:21 PM
Newest Members
stubby73, Polkaman, Ramboagain, tekfire07, Kernal
71608 Registered Users
Who's Online Now
27 registered members (Amkeer, bachman, CB900F2, chuck172, Danno, DaHen, 3 invisible), 758 guests, and 27 spiders.
Key: Admin, Global Mod, Mod
Forum Statistics
Forums67
Topics306,229
Posts5,288,645
Members71,608
Most Online4,538
Jan 20th, 2020
Donate to BITOG
Print Thread
Hop To
Windows 10 Security Settings #5428601 05/13/20 08:49 PM
Joined: Jul 2010
Posts: 23,692
Z
ZeeOSix Offline OP
OP Offline
Z
Joined: Jul 2010
Posts: 23,692
The new Dell laptop i got a couple months ago came loaded with McAfee "LiveSafe" which was a full blown anti-virus program that was a 1 year free subscription as part of the purchase. With McAfee loaded, Windows Defender took a second seat and wasn't the real time anti-virus program, but only did it's updates and do random background scans.

I didn't really like McAfee, as the user interface was horrible and it didn't give much scanning and protection info to the user. So I decided to uninstall it and install my Malwarebytes Premium (a full license version). I actually installed Malwarebytes Premium before uninstalling McAfee and they both seemed to play well with each other. Anyway, the setup I ultimately want is Windows Defender and Malwarebytes Premium both working together in unison, which is routinely done from the info I've found on Malwarebytes website and other websites. After making a setting change in Malwarebytes Premium it looks like both Windows Defender and Malwarebytes Premium are both fully active. Before turning off the setting of "Register Malwarebytes in the Windows Security Center", only Malwarebytes was the real time program and Defender was not running real time, but randomly doing "Quick" scans in the background.

So another security setting I came across was the "Core Isolation > Memory Integrity" setting located in "Windows Security > Device Security" options. Mine was set to "Off", but I'm wondering if it should be turned "On" (if not, why not?). Anyone here using this security setting set to "On" ?

Here's info from Microsoft what this setting does ... sounds like it wouldn't hurt to turn it on.

https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/memory-integrity

https://support.microsoft.com/en-us...tion-in-windows-defender-security-center

Screen shot of the "Core Isolation" setting:

[Linked Image]

On a side note, uninstalling McAfee was a royal pain as it was embedded in all kinds of stuff, even the Google Chrome web browser. The loaded McAfee stuff ultimately consisted of 1) McAfee "LiveSafe", 2) McAfee "WebAdvisor" and 3) McAfee "Personal Security" (a separate App that was uninstallable). I could probably write a short book on what it took uninstall and clean up all associated folders and files. Without using Revo Uninstaller there would have been way more garbage leftover and it would have been a big nightmare.

Re: Windows 10 Security Settings [Re: ZeeOSix] #5428658 05/13/20 10:22 PM
Joined: Oct 2017
Posts: 1,494
M
MParr Online Content
Online Content
M
Joined: Oct 2017
Posts: 1,494
Yep, McAfee is major bloat ware.


2019 VW Tiguan SE 2.0 TSI Now: Castrol Pro OE LL IV 0W20 & OE VW
2020 F-150 STX Super Cab 2WD 2.7 Ecoboost. FF & OE filter
Re: Windows 10 Security Settings [Re: ZeeOSix] #5428726 05/14/20 03:05 AM
Joined: Feb 2020
Posts: 85
P
Paul_Siu Offline
Offline
P
Joined: Feb 2020
Posts: 85
McAfee is often a resource hog and often cause cpu to mysteriously spike. I end up uninstalling it.

Re: Windows 10 Security Settings [Re: Paul_Siu] #5428831 05/14/20 08:13 AM
Joined: Sep 2010
Posts: 12,863
4WD Offline
Offline
Joined: Sep 2010
Posts: 12,863
Originally Posted by Paul_Siu
McAfee is often a resource hog and often cause cpu to mysteriously spike. I end up uninstalling it.


Same … what a monster

Re: Windows 10 Security Settings [Re: ZeeOSix] #5428939 05/14/20 09:36 AM
Joined: Apr 2008
Posts: 42,283
O
OVERKILL Offline
Offline
O
Joined: Apr 2008
Posts: 42,283
The core isolation feature is only valuable if you do virtualization, if you don't, it's not going to help you.


2019 RAM 1500 Sport - Mobil 1 EP 0w-20, FRAM Ultra
2019 Audi e-tron technik (my wife hates it)
Re: Windows 10 Security Settings [Re: ZeeOSix] #5428946 05/14/20 09:42 AM
Joined: Feb 2009
Posts: 17,960
D
daves87rs Offline
Offline
D
Joined: Feb 2009
Posts: 17,960
Yep, it is pretty bad....


2020 Chevrolet Trax LS
2019 Chevrolet Equinox LS
2006 Chevrolet Cobalt LS
2004 Chevrolet Cavalier (project)

Re: Windows 10 Security Settings [Re: ZeeOSix] #5428953 05/14/20 09:49 AM
Joined: Jan 2009
Posts: 7,949
gathermewool Offline
Offline
Joined: Jan 2009
Posts: 7,949
I also have Malwarebytes Premium, but don't run it as my main IS, since it always scores so low on Consumer Reports testing.

I run Avira free. I don't care that it's not the fanciest and I don't care that it likes to also tell me how it can make my PC run better - I'm only interested that it's protecting me.


14 Forester XT Touring FA20DIT (Cobb Stage 1)
Castrol Magnatec 5W-30 D1G2 + FU filter (2nd OFI) (77,760mi, 3/7/20)
15 Legacy Premium FB25
Magnatec 0W-20 D1G2+ FU filter (2nd OFI) (54,621mi, 3/4/20)
Re: Windows 10 Security Settings [Re: ZeeOSix] #5429095 05/14/20 12:14 PM
Joined: Aug 2017
Posts: 1,540
D
Dave9 Offline
Offline
D
Joined: Aug 2017
Posts: 1,540
My theory is that part of the bloatware security suites' strategy is slow your system down enough that you can't get as much done, thus decreasing your exposure and infection rate.

Whether you need one at all, or even MS Security Essentials, has everything to do with your behavior, whether you do risky things, or let others who do risky things use it, and how secure your browser is set up.

With a new laptop what I'd do is make a backup image of the factory install after you get the must-have apps you want put on it and everything configured to your liking, then uninstall everything that you don't know you need. Some would say nuke it from orbit and do a fresh windows install, but all the bloat that came from the factory should be removable via add/remove programs. Once you've used it a few weeks to months to make sure everything is good, replace the backup you already made with a new backup.

No security suite is a replacement for having a full backup that you can restore to a known clean state. It also avoids having to do a fresh reinstall of the OS every few years - for people that keep piling on junk that slows their system and eats up SSD space. Restoring a backup can take about 5 minutes from a decent USB flash drive, vs reinstall everything again from scratch, taking days or weeks to finally get it just how you want it. Then again some people change almost nothing, but that's not a safe bet for browsers, one of the primary infection points if you otherwise followed safe practices.

Last edited by Dave9; 05/14/20 12:17 PM.
Re: Windows 10 Security Settings [Re: OVERKILL] #5429163 05/14/20 01:46 PM
Joined: Jul 2010
Posts: 23,692
Z
ZeeOSix Offline OP
OP Offline
Z
Joined: Jul 2010
Posts: 23,692
Originally Posted by OVERKILL
The core isolation feature is only valuable if you do virtualization, if you don't, it's not going to help you.


The first link I posted to a Microsoft article says:
"It uses hardware virtualization and Hyper-V to protect Windows kernel mode processes from the injection and execution of malicious or unverified code. The integrity of code that runs on Windows is validated by memory integrity, making Windows resistant to attacks from malicious software. "

I don't think it means you have to be running as a virtual machine for Memory Integrity to be used. They make it sound like the feature basically "locks down" the memory from being used by any unverified code. Like a "firewall" for the memory to only let validated code use the memory in order to block many types of malware.

Maybe you can elaborate.

Re: Windows 10 Security Settings [Re: ZeeOSix] #5429413 05/14/20 07:59 PM
Joined: Apr 2008
Posts: 42,283
O
OVERKILL Offline
Offline
O
Joined: Apr 2008
Posts: 42,283
Originally Posted by ZeeOSix
Originally Posted by OVERKILL
The core isolation feature is only valuable if you do virtualization, if you don't, it's not going to help you.


The first link I posted to a Microsoft article says:
"It uses hardware virtualization and Hyper-V to protect Windows kernel mode processes from the injection and execution of malicious or unverified code. The integrity of code that runs on Windows is validated by memory integrity, making Windows resistant to attacks from malicious software. "

I don't think it means you have to be running as a virtual machine for Memory Integrity to be used. They make it sound like the feature basically "locks down" the memory from being used by any unverified code. Like a "firewall" for the memory to only let validated code use the memory in order to block many types of malware.

Maybe you can elaborate.


It's a feature that was originally crafted to protect (and isolate) the memory and processing stacks for VM's, it sounds like they've extended it to provide a pseudo-virtualization environment, using the same tech, to isolate processes. I expect it is still of little utility in the real world and may be buggy if your system doesn't play well with hardware virtualization support enabled (and even if it appears to, which is likely why it is disabled by default) but could conceivably provide benefit if you are frequently experimenting with malicious code that functions by exploiting memory space references? This stuff should all be blocked before it gets to that point ideally.


2019 RAM 1500 Sport - Mobil 1 EP 0w-20, FRAM Ultra
2019 Audi e-tron technik (my wife hates it)
Previous Thread
Index
Next Thread

BOB IS THE OIL GUY® Powered by UBB.threads™