CMLew Security Config

Last updated
Dec 31, 1969
Windows Edition
Home
Primary sign-in
Primary user
Windows UAC
Maximum - always notify
Real-time protection
Emsisoft Anti-Malware
Voodooshield Free (Auto-Mode ON)
Binisoft Window Firewall Control (Paid)
Software firewall
Microsoft Defender Firewall
Malware testing
No malware samples
Periodic security scanners
-
Browsers, Search and Addons
Opera Developer Version with VPN Turned-ON*
Google Canary
Firefox Developer Version*

*Protected with Sandboxie (Paid)
Maintenance and Cleaning
Nil
Personal Files & Photos backup
Shadow Defender on Boot (only use External Drive for Saving)
Personal backup routine
Device recovery & backup
-
Device backup routine
None
I

illumination

Thanks! @illumination ,
Actually I tried to scroll through the MT thread for Window Defender with Shadow Defender combo, and sems it is quite complicated especially getting the update part. Also another search frm Shadow Defender's Facbook, it says:-
"Shadow Defender can also use system RAM for its buffer. In this case Windows will essentially be running from RAM, with all the speed and security benefits this entails. Using Shadow Defender with a large RAM buffer will essentially prolong the lifespan of all your shadowed storage devices, as it saves shadowed disks from all daily write hits. All temporary files that Windows creates with each session will be strictly confined in RAM, with none of it hitting your actual disks. No actual disk writes also means no recoverable leftovers after file deletions, perfect for the more paranoid amongst us or for professionals who regularly work with very sensitive projects. This will also dramatically reduce future fragmentation on conventional hard disks and is extremely beneficial to the lifespan of devices with limited IOPS like solid state drives, USB sticks, memory cards etc"

I only have 4GB of RAM. Averagely I'm downloading/uploading 4 - 6GB of documents (pdfs and excels). Would that going to be an issue for me? This includes surfing website as well.
I do not believe that will be an issue. Click on the system requirements.

Shadow Defender Home Page - the easiest PC security and privacy tool
 
  • Like
Reactions: Logethica

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Removed:
MBAM
MBAE


Added:
Shadow Defender (Trial) - Shadow Mode
AppGuard (Trial) - Lockdown Mode
Mozilla Firefox with Ublock Origin + Cyscon Shield
Avast! Online Scanner on Chrome

Ideas:
I'm planning to make my laptop as light as possible in terms of programs. Most of them I hope can be run portable via USB Drive; like Privazer, KeePass, EEK, etc.


Question:
How do ensure Window Defender and Window Update got it run without hassle?
I do not have MS Office (I use Libre)
I do not have Adobe Acrobat (I use Nitro)

Should I put in ReHIPS too? :)
 

jamescv7

Level 85
Verified
Helper
Mar 15, 2011
13,085
@CMLew

Unfortunately you cannot exclude Windows Update/Windows Defender prior that those operation should be done outside the virtualization.

For such replacement, better conduct system image prior you want to test something so it can easily revert back.

Well ReHIPS should be fine, just make sure to understand the overall complexity of configuration since its a HIPS based but actually Appguard alone is definitely fine.
 
  • Like
Reactions: Logethica
I

illumination

Removed:
MBAM
MBAE


Added:
Shadow Defender (Trial) - Shadow Mode
AppGuard (Trial) - Lockdown Mode
Mozilla Firefox with Ublock Origin + Cyscon Shield
Avast! Online Scanner on Chrome

Ideas:
I'm planning to make my laptop as light as possible in terms of programs. Most of them I hope can be run portable via USB Drive; like Privazer, KeePass, EEK, etc.


Question:
How do ensure Window Defender and Window Update got it run without hassle?
I do not have MS Office (I use Libre)
I do not have Adobe Acrobat (I use Nitro)

Should I put in ReHIPS too? :)
The easiest solution is to run Shadow Defender as on a on demand. Meaning instead of having it set to start on boot, manually start it after you have started the system and run all updates. You will have to also place Appguard in "Install Mode" while running those updates. Windows Defender will install updates in Medium mode of Appguard as it is by default listed in Power Apps of appguard, windows malicious removal tool is listed in power apps as well. You will not see them physically listed, but they are in there by default. Regular windows updates will not install in medium mode though.

So basically on days when you have lets say "cumulative updates for windows" it would be best to not turn on Shadow defender yet, to place Appguard in "Install Mode" and run those updates "do not forget to untick automatically resume at the top of appguard so it can restart if needed while installing"..

If you just need windows defender updates, you can leave appguard alone on those mornings and just not start Shadow Defender until after those have installed, then you are good to go.

Personally, I find those two programs over kill, as appguard and windows default is more then enough, if and when I use SD, it is only to test products that do not require a restart only.
 

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Personally, I find those two programs over kill, as appguard and windows default is more then enough, if and when I use SD, it is only to test products that do not require a restart only.

Thanks @illumination ,

That's the reason why I am running trial before deciding. Just thought of trying Shadow Defender since it works just like what I wish for. Turn on Shadow Mode and surf. If got infected, just reboot and back to square one.
 

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Does running portable apps from the desktop will trigger Appguard in Lockdown mode? Hence no app will be open?
 
  • Like
Reactions: Logethica
H

hjlbx

Should I put in ReHIPS too? :)

ReHIPS is an early beta. It's functionality is not yet refined enough. It will likely cause serious problems for you.

Both myself and @Umbra are testing it. It boinked one of my systems and nearly boinked his. He recovered because he uses Rollback RX. I was not able to recover system because I used a dedicated test system without utilities and other recovery softs; I had to clean install OS manually after activating ReHIPS isolation mode since it blocked most System32 critical files.
 

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Removed:
Shadow Defender (Trial)
Appguard (Trial)


Added:
Comodo Internet Security
KeePass USB Portable
EEK USB Portable
Privazer USB Portable
Tor Browser
Porteus (Back-up, Portable OS)

Tried SD and Appguard. Quite easy to use, like install and forget. However, I still like CIS, great learning curve for me after using it on my older laptop. Will be using CIS on this new laptop from now on. Should be expecting no issue since it is a new laptop and not much applications running (other than those window update and ASUS update).

Will be using alot of Portable programs.
 

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Here's my portableapps to pair with this laptop. Wonder if anyone can give any suggestion of what to add in?

Additionally I also plug in FoxitPDF Reader and LibreOffice for general use. GIMP if I want to edit image. and VLC for some videos.

Capture.JPG
 
  • Like
Reactions: Logethica

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Added:
Aomei Backupper
- just back-up 19GB system into my external HDD.
Recuva (Portable)
Oxynger Keyshield (Portable)
Spybot Anti-Beacon (Portable)

Edit: Updated Thread Field
 
Last edited:
  • Like
Reactions: Logethica

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Removed:
CIS

Added:
NVT ERP
Window Defender

Custom configured NVT (still tweaking). Currently in Alert Mode.
Window Defender is turned on by default.

Waiting for HMPA for its exploits protection.
 

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Added:
HMP Alert Ver 3.4 Beta (Trial)


Qn: Should I add Sandboxie since I already have HMPA with NVT there (AppGuard coming soon)?
 
  • Like
Reactions: Logethica

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Removed:
Aomei Backupper
Window Defender (auto-off)
HTTPS everywhere addon
ublock Addon
uMatrix Addon


Added:
Emsisoft Anti-Malware
Zemana Anti-Malware
Adguard Premium
Shades Sandbox
Noscript Security Suite on Firefox


Wanted to reinstall CIS but somehow there is incompatibility issue with EAM. Hence no firewall..:(
So now...
HMPA for exploit, cryptoware & keystroke encrypt.
EAM and Zemana (with Pandora turn on) as main since both real-time scan active.
Adguard Premium for ad and tracking filter/ block.
NVT as anti-executable (in lockdown)
Shades as sandbox.
UAC set as high.
All relevant install software cross-excluded against each other.

Resource usage looks good (between 37-40%, almost equivalent to my previous single BIS install )
 

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,252
Added:
Toolwiz TimeFreeze


Included a Light Virtualization.
From Toolwiz, excluded HMPA, EAM, Zemana, Adguard, Shades for updates.. I guess.

Now I think my setup is complete. shall be using this long term. :)
 
  • Like
Reactions: Logethica