CMLew Security Config

[illumination]

Thanks! @illumination ,
Actually I tried to scroll through the MT thread for Window Defender with Shadow Defender combo, and sems it is quite complicated especially getting the update part. Also another search frm Shadow Defender's Facbook, it says:-
"Shadow Defender can also use system RAM for its buffer. In this case Windows will essentially be running from RAM, with all the speed and security benefits this entails. Using Shadow Defender with a large RAM buffer will essentially prolong the lifespan of all your shadowed storage devices, as it saves shadowed disks from all daily write hits. All temporary files that Windows creates with each session will be strictly confined in RAM, with none of it hitting your actual disks. No actual disk writes also means no recoverable leftovers after file deletions, perfect for the more paranoid amongst us or for professionals who regularly work with very sensitive projects. This will also dramatically reduce future fragmentation on conventional hard disks and is extremely beneficial to the lifespan of devices with limited IOPS like solid state drives, USB sticks, memory cards etc"

I only have 4GB of RAM. Averagely I'm downloading/uploading 4 - 6GB of documents (pdfs and excels). Would that going to be an issue for me? This includes surfing website as well.

I do not believe that will be an issue. Click on the system requirements.

Shadow Defender Home Page - the easiest PC security and privacy tool

 

[CMLew]

I do not believe that will be an issue. Click on the system requirements.

Shadow Defender Home Page - the easiest PC security and privacy tool

Thanks! I'm just concerned because i do not know if just downloading/ surfing will take up the RAM cache by the shadow defender write.

 

[CMLew]

Removed:
MBAM
MBAE

Added:
Shadow Defender (Trial) - Shadow Mode
AppGuard (Trial) - Lockdown Mode
Mozilla Firefox with Ublock Origin + Cyscon Shield
Avast! Online Scanner on Chrome

Ideas:
I'm planning to make my laptop as light as possible in terms of programs. Most of them I hope can be run portable via USB Drive; like Privazer, KeePass, EEK, etc.

Question:
How do ensure Window Defender and Window Update got it run without hassle?
I do not have MS Office (I use Libre)
I do not have Adobe Acrobat (I use Nitro)

Should I put in ReHIPS too?

 

[jamescv7]

@CMLew

Unfortunately you cannot exclude Windows Update/Windows Defender prior that those operation should be done outside the virtualization.

For such replacement, better conduct system image prior you want to test something so it can easily revert back.

Well ReHIPS should be fine, just make sure to understand the overall complexity of configuration since its a HIPS based but actually Appguard alone is definitely fine.

 

[illumination]

Removed:
MBAM
MBAE

Added:
Shadow Defender (Trial) - Shadow Mode
AppGuard (Trial) - Lockdown Mode
Mozilla Firefox with Ublock Origin + Cyscon Shield
Avast! Online Scanner on Chrome

Ideas:
I'm planning to make my laptop as light as possible in terms of programs. Most of them I hope can be run portable via USB Drive; like Privazer, KeePass, EEK, etc.

Question:
How do ensure Window Defender and Window Update got it run without hassle?
I do not have MS Office (I use Libre)
I do not have Adobe Acrobat (I use Nitro)

Should I put in ReHIPS too?

The easiest solution is to run Shadow Defender as on a on demand. Meaning instead of having it set to start on boot, manually start it after you have started the system and run all updates. You will have to also place Appguard in "Install Mode" while running those updates. Windows Defender will install updates in Medium mode of Appguard as it is by default listed in Power Apps of appguard, windows malicious removal tool is listed in power apps as well. You will not see them physically listed, but they are in there by default. Regular windows updates will not install in medium mode though.

So basically on days when you have lets say "cumulative updates for windows" it would be best to not turn on Shadow defender yet, to place Appguard in "Install Mode" and run those updates "do not forget to untick automatically resume at the top of appguard so it can restart if needed while installing"..

If you just need windows defender updates, you can leave appguard alone on those mornings and just not start Shadow Defender until after those have installed, then you are good to go.

Personally, I find those two programs over kill, as appguard and windows default is more then enough, if and when I use SD, it is only to test products that do not require a restart only.

 

[CMLew]

Personally, I find those two programs over kill, as appguard and windows default is more then enough, if and when I use SD, it is only to test products that do not require a restart only.

Thanks @illumination ,

That's the reason why I am running trial before deciding. Just thought of trying Shadow Defender since it works just like what I wish for. Turn on Shadow Mode and surf. If got infected, just reboot and back to square one.

 

[CMLew]

Does running portable apps from the desktop will trigger Appguard in Lockdown mode? Hence no app will be open?

 

[hjlbx]

Should I put in ReHIPS too?

ReHIPS is an early beta. It's functionality is not yet refined enough. It will likely cause serious problems for you.

Both myself and @Umbra are testing it. It boinked one of my systems and nearly boinked his. He recovered because he uses Rollback RX. I was not able to recover system because I used a dedicated test system without utilities and other recovery softs; I had to clean install OS manually after activating ReHIPS isolation mode since it blocked most System32 critical files.

 

[Online_Sword]

It boinked one of my systems and nearly boinked his.

A software only utilizing windows built-in mechanism also could break down systems...

 

[CMLew]

Removed:
Shadow Defender (Trial)
Appguard (Trial)

Added:
Comodo Internet Security
KeePass USB Portable
EEK USB Portable
Privazer USB Portable
Tor Browser
Porteus (Back-up, Portable OS)

Tried SD and Appguard. Quite easy to use, like install and forget. However, I still like CIS, great learning curve for me after using it on my older laptop. Will be using CIS on this new laptop from now on. Should be expecting no issue since it is a new laptop and not much applications running (other than those window update and ASUS update).

Will be using alot of Portable programs.

 

[CMLew]

Here's my portableapps to pair with this laptop. Wonder if anyone can give any suggestion of what to add in?

Additionally I also plug in FoxitPDF Reader and LibreOffice for general use. GIMP if I want to edit image. and VLC for some videos.

Capture.JPG

 

[CMLew]

Added:
Aomei Backupper - just back-up 19GB system into my external HDD.
Recuva (Portable)
Oxynger Keyshield (Portable)
Spybot Anti-Beacon (Portable)

Edit: Updated Thread Field

 

[CMLew]

Removed:
CIS

Added:
NVT ERP
Window Defender

Custom configured NVT (still tweaking). Currently in Alert Mode.
Window Defender is turned on by default.

Waiting for HMPA for its exploits protection.

 

[CMLew]

Added:
HMP Alert Ver 3.4 Beta (Trial)

Qn: Should I add Sandboxie since I already have HMPA with NVT there (AppGuard coming soon)?

 

[Deleted member 178]

Added:
HMP Alert Ver 3.4 Beta (Trial)

Qn: Should I add Sandboxie since I already have HMPA with NVT there (AppGuard coming soon)?

do you need it?

 

[CMLew]

do you need it?

Good Qn... can't answer that myself either...

 

[Deleted member 178]

So dont use what u dont need

 

[CMLew]

Removed:
Aomei Backupper
Window Defender (auto-off)
HTTPS everywhere addon
ublock Addon
uMatrix Addon


Added:
Emsisoft Anti-Malware
Zemana Anti-Malware
Adguard Premium
Shades Sandbox
Noscript Security Suite on Firefox

Wanted to reinstall CIS but somehow there is incompatibility issue with EAM. Hence no firewall..
So now...
HMPA for exploit, cryptoware & keystroke encrypt.
EAM and Zemana (with Pandora turn on) as main since both real-time scan active.
Adguard Premium for ad and tracking filter/ block.
NVT as anti-executable (in lockdown)
Shades as sandbox.
UAC set as high.
All relevant install software cross-excluded against each other.

Resource usage looks good (between 37-40%, almost equivalent to my previous single BIS install )

 

[CMLew]

Added:
Toolwiz TimeFreeze

Included a Light Virtualization.
From Toolwiz, excluded HMPA, EAM, Zemana, Adguard, Shades for updates.. I guess.

Now I think my setup is complete. shall be using this long term.

 

[CMLew]

Updated the config thread to reflect my current setup.