Most recent changes
Dec 31, 1969
Operating System
Windows Edition
Home
Build
always latest
System type
64-bit OS
Security Updates
Disabled - No security or feature updates
User Access Control
Never Notify
Device Firewall
3rd-party Firewall - Network security provided by a trusted vendor
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Recent Security Incidents
No malware or privacy issues
Malware Testing
Malware on a secure VM - Full Network and File isolation
Real-time Web & Malware Protection
Avast Premier (HM aggressive), Voodooshield Pro, Shadow Defender
Security Protection settings
Virus and Malware Removal Tools
Zemana portable, herdProtect, Emsisoft EK, VirusTotal Uploader, Hitman Pro
Browsers and Extensions
Google Chrome x64, uBlock Origin, Avira Browser Safety, Popup Blocker (strict), Checker Plus for Gmail™, h264ify, Violentmoney, VTchromizer, uBlock Origin Extra, GIFUR
Web Privacy
ublock origin with adguard malware filters and some other malware filters
Password Management
no
Default Web Search
Google
System Utilities collection
CCleaner (CCenhancer-ed), Privazer, DiskMax, Spybot Anti-beacon, O&O ShutUp, Everything
Data Backup
Windows built-in
Frequency of Data backups
System Backup
Norton Ghost (Hirenboot CD)
Frequency of System backups
Occasionally
Device Specs
https://malwaretips.com/threads/rains-laptop.61841/

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
#81
If you have time remove process lasso and see how it behaves. Your system 100% has a program messing with cpu cycles.
I tried with and without process lasso
I opened chrome the first time after a boot, CPU jumped up to 99-100%
without HMP.A, I did the same, opened chrome the first time after a boot, chrome started noticeably faster with less CPU and disk activity. I think it was because HMP.A isolated/monitored/injected to chrome something that made it slower. I also noticed whatever I do, watching movies, streaming that required constant disk read & write, HMP.A was scanning/monitoring all the activities (1-6% CPU usage + 1-5MB/s reported from task manager) for the interception of possible harms. Without heavy browsing or streaming, HMP.A was almost completely silent
I'm a multitasking user and do a lot of stuffs using my laptop with 5400rpm HDD. This might the reason for the significant impact of HMP.A due to my slow-speed HDD

Are you using a desktop with a 7200rpm HDD or an SSD? I think we can not notice any performance impact running HMP.A on a desktop
@venustus he also confirmed the impact on his machine :) thank you sir
 

SHvFl

Level 35
Content Creator
Verified
Joined
Nov 19, 2014
Messages
2,406
Operating System
Windows 10
#82
I tried with and without process lasso
I opened chrome the first time after a boot, CPU jumped up to 99-100%
without HMP.A, I did the same, opened chrome the first time after a boot, chrome started noticeably faster with less CPU and disk activity. I think it was because HMP.A isolated/monitored/injected to chrome something that made it slower. I also noticed whatever I do, watching movies, streaming that required constant disk read & write, HMP.A was scanning/monitoring all the activities (1-6% CPU usage + 1-5MB/s reported from task manager) for the interception of possible harms. Without heavy browsing or streaming, HMP.A was almost completely silent
I'm a multitasking user and do a lot of stuffs using my laptop with 5400rpm HDD. This might the reason for the significant impact of HMP.A due to my slow-speed HDD

Are you using a desktop with a 7200rpm HDD or an SSD? I think we can not notice any performance impact running HMP.A on a desktop
@venustus he also confirmed the impact on his machine :) thank you sir
I am not defending HMPA. I don't even care about HMPA and find their constant updates and issues annoying so i never use it.
What i am trying to tell you is to investigate cpu usage in general without HMPA because it seems you are on the high end compared to mine.
Sure I am on an ssd but cpu usage will not be affected by it. Something else is giving you cycles. My cpu is almost half the power you have with me having turbo disabled and you say browser load uses 65% when i am at max 40%(i assume you test with 1 tab trying to open and not 100).
Anw it's up to you if you want to investigate depending on what older images you have. Take care.
 

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
#84
I love your config :). But one thing quick:


This is why rootkits exist.
thank you for reminding me that. So what is your opinion about rootkit protection? avast has a rootkit scanning schedule on startup enabled be default, is it good enough? :)
 
W

Wave

Guest
#85
thank you for reminding me that. So what is your opinion about rootkit protection? avast has a rootkit scanning schedule on startup enabled be default, is it good enough? :)
Well it's good enough for you, but if you get infected by a real rootkit then it's time to format and reinstall the OS - a real rootkit will obtain root privileges (the term "root" is from Linux however on Windows that would be the equivalent of kernel-mode code execution), therefore then it can over-power any protection mechanisms which exist on the system at a software-level entirely.

There's only so much you can do regarding "rootkit protection": scan for manipulations in the Windows Kernel structures (SSDT hooking, DKOM), identify suspicious modules loaded within user-mode processes, etc.

The chances of you running into a real rootkit like this these days are slim; I mean if someone like @Wave is out to catch you then there's nothing you can do but if a normal malware author is targeting you then it's cool beans because they are normally just dumb and stupid these days. :p

Have you noticed how we went from regular MBR infections and PE infection viruses to dumb .NET crap in the wild (in the space of a few years)?

A lot of malware out in the wild is complete rubbish and sometimes improperly working more often than not IMO
 

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
#86
Disabled:
- Voodooshield
Installed:
- Zemana Antimalware with Pandora
Uninstalled:
- Bitdefender Trafficlight: a bit higher CPU usage and much much weaker than avira. Avira could block all tested links in malc0de while BD blocked nothing
 

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
#87
Uninstalled:
- Zemana Antimalware: disappointment in Realtime protection + pandora. The scanner > realtime protection. The tested system was only clean/safe in 1/4 tests. The system was only safe after being scanned by System scan + userdata scan
Thanks to silversurfer, avast in HM aggressive kept his tested VM safe in those 4 tests
ZAM needs to improve their realtime protection. Seems like it just automatically allows all child processes after the parent process is not detected

Re-enabled:
- Voodooshield Pro - Autopilot mode
 

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
#91
I've thought about this move for some time now. CF's resource impact can get very heavy at times, so that's holding me back.
it's exceptable for a sandbox solution
I'm still new to CF but the resource usage has been OK for me so far
 
Joined
Jan 10, 2013
Messages
37
#92
it's exceptable for a sandbox solution
I'm still new to CF but the resource usage has been OK for me so far
I have been using a combination of Comodo Internet Security and cFosSpeed for multiple purposes since last 8 years now and the firewall function has been simply amazing so far. loads of attempts blocked so far.

You need to also remember that it is not just these firewall apps that can block the hacks but also a combination of multiple things including our common sense and alertness for the activities that we do and respond to over the internet.
 

SHvFl

Level 35
Content Creator
Verified
Joined
Nov 19, 2014
Messages
2,406
Operating System
Windows 10
#93
it's exceptable for a sandbox solution
I'm still new to CF but the resource usage has been OK for me so far
CF it's actually pretty light. Would put it in lower usage than VS for cpu usage and but a bit more ram which most of us have plenty this days.

BTw remember to enable proactive profile if you use the sandbox or else it sucks.
 
Joined
Jan 17, 2017
Messages
153
#95
Disabled:
- Voodooshield Pro
- Disabled avast's firewall

Installed:
- Comodo Firewall - some personal tweaks
Removed:
- Comodo Firewall: BSODs, BSODs, & BSODs

Re-enabled:
- Avast's firewall
- Voodooshield Pro
Pretty much made the exact same moves at the exact same times. CF did not perform well on my PC either. I'm using VS Pro + Windows firewall. Are you getting any performance impact with Avast firewall over Windows Firewall?
 

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
#96
Pretty much made the exact same moves at the exact same times. CF did not perform well on my PC either. I'm using VS Pro + Windows firewall. Are you getting any performance impact with Avast firewall over Windows Firewall?
I don't see any impact on system performance
avast's firewall is extremely lightweight and easy to use after a short period of getting used to it. Still lighter than windows firewall + WFC

I saw avast's firewall silently blocked some unknown IPs, which is good. Not sure if WF can do the same
 

TerrakionSmash

Level 17
Verified
Joined
Nov 17, 2016
Messages
844
Operating System
Other OS
Antivirus
Sophos
#97
I don't see any impact on system performance
avast's firewall is extremely lightweight and easy to use after a short period of getting used to it. Still lighter than windows firewall + WFC

I saw avast's firewall silently blocked some unknown IPs, which is good. Not sure if WF can do the same
Hmmm. Weird. I never see comments on WF's heaviness.
 
Likes: _CyberGhosT_

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
#98
Hmmm. Weird. I never see comments on WF's heaviness.
no I meant Binisoft's Windows firewall control :)
that one + WF is supposed to be heavier

However, avast firewall sometimes uses a high amount of CPU but the system was still responsive
 

OTMS

Level 1
Joined
Jan 29, 2015
Messages
35
Operating System
Windows 10
Antivirus
ESET
#99
Great config,i like your setup.
If you still using shadow defender + voodoo shield..why together?
and i'm also using this uBlock filters too,working like a charm :)
 

Evjl's Rain

Level 39
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,800
Operating System
Windows 8.1
Antivirus
Avast
Great config,i like your setup.
If you still using shadow defender + voodoo shield..why together?
and also using this ublock filters too,working like a charm :)
because sometimes I really want to run some unsafe apps so I must allow them via VS. in this case shadow defender can save the day if the unsafe apps break something
I just ran Shadow defender 1 time over the past few months