Huorong Internet Security v5.0.58.1 or later (heavily tweaked)
Firewall security
About custom security
Action on threat detection: clean (instead of ask)
Behavior Based Detection: Enable Ransomware Trapping
HIPS: File / Registry / Sensitive action: all possible rules enabled (default action is still "ask")
HIPS: Enable Network Access Control (kinda outbound Firewall, colour indicator green and orange - safe or not)
Installation Detection: Automatically block recognized installations of unlisted softwares
Firewall: Lateral Movement Protection - Remote MMC and Remote WMI also o
Network Access Control on (=two-way Firewall)
Advanced: Enable custom rules
Imported custom rules shared by user JerryLin - v4.24_1 - Update - Huorong Internet Security (Stable)
Source:
C:\Windows\WinSxS\amd64_microsoft-windows-powershell-exe_31bf3856ad364e35_10.0.19041.1_none_1f070c37a19029ff\powershell.exe
C:\Windows\WinSxS\amd64_microsoft-windows-gpowershell-exe_31bf3856ad364e35_10.0.19041.1_none_ee822d264112a470\powershell_ise.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe Target:
File rules: *.ps1 --- Create / Read / Modify / Delete --- all set to "Deny" as default verdict
Note that without that Powershell tweak, #Netwalker would trash the system easily, not getting even noticed by Huorong. You could create protected folders via HIPS, but I experienced them to not always be protected by HIPS.
Periodic malware scanners
Norton Power Eraser (free by default)
HitmanPro (free)
Microsoft SysInternals AutoRuns and TCPView (free by default)
Mister Group System Explorer (free by default)
As the PC is also used for online banking, a security check (TCPView, SystemExplorer, AutoRuns) before logging in into sensitive pages is done.
Malware Testing is performed within ShadowDefender environment. Because of that, the PC is free of any personal stuff, currently Steam is installed, however no login data is saved on the machine (for no software), everything is backupped on eHDD after creation, and is only plugged in on demand and after security check.
As the PC is also used for online banking, a security check (TCPView, SystemExplorer, AutoRuns) before logging in into sensitive pages is done.
Malware Testing is performed within ShadowDefender environment. Because of that, the PC is free of any personal stuff, currently Steam is installed, however no login data is saved on the machine (for no software), everything is backupped on eHDD after creation, and is only plugged in on demand and after security check.
Thank you
Happy you like it!
It worked out fine over time, so I kept it, I’m for sure paranoid in terms of security, but I want lightweightness also
Default ones, works fine so far, almost nothing went trough so far, Brave also brings it’s own.
I did block some notification on MT (cookies IDK) manually via AdGuard, which used to reappear every new Browser session (mine is set to clear everything on closure).
I wasn‘t sure technically
My internet connection is provided by a mobile hotspot from my iPhone, no extra VPN on it.
As streaming (apart from YT) is not deducted from monthly data, there was no reason to pay for a local WiFi.
