SECURE: Basic Evjl's Rain's security config

Most recent changes
Sep 17, 2018
Operating System
Windows 8.1
Windows Edition
Pro
System type
64-bit OS
Security Updates
Check for Updates only - User interaction for download and installation
User Access Control
Never Notify
Device Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
Malware on a secure VM - Full Network and File isolation
Real-time Web & Malware Protection
Kaspersky Security Cloud free, Syshardener, Run-by-smartscreen (by Andy Ful)
Security Protection settings
Custom - Major changes for Better Performance
Virus and Malware Removal Tools
Zemana, HitmanPro, NPE, Emsisoft emergency kit
Browsers and Extensions
Chromium portable x64 (RAMdisk cache): ublock origin, Notifier for Gmail, Google Translate, h264ify, Windows Defender Browser Protection, Popup blocker (strict)
Web Privacy
1/ ublock origin: Steven Black's hosts, 1hosts & many others
Password Management
None
Default Web Search
Google, Duckduckgo
System Utilities collection
CCleaner+CCenhancer, auslogic disk defragmenter, Defraggler Wise disk cleaner, Wise registry cleaner, IObit Uninstaller, Revo Uninstaller, Syshardener, O&OShutup, WPD, SumatraPDF, EagleGet, SoftPefectRAM Disk, Winrar, Everything Search Engine, Classic Shell, Run-by-Smartscreen
Data Backup
Dropbox, Google Drive
Frequency of Data backups
None
System Backup
Norton Ghost
Frequency of System backups
Occasionally
Device Specs
https://malwaretips.com/threads/rains-laptop.61841/#post-528136

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,717
OS
Windows 8.1
Antivirus
Avast
#1
All of these configurations are designed for PERFORMANCE AND USABILITY. Security is in the second place
SRP tweaks:

All other machines' fully automated configurations (for parents and friends who don't know much about computer)
- Windows 7 Pro/Ultimate (x86, x64)
- Avast Free (tweaked)
- CheckMAL Appcheck Anti-ransomware Free
- Unchecky
- Windows Firewall
- CocCoc browser/Chrome with uBlock Origin and uBlock Origin Extra + additional security filters
- Avira Browser Safety
- Windows Updates are disabled => broke or slowed down their machines significantly in the past + they don't want W10 or W10's upgrade nags
- CCleaner + CCEnhancer -> scheduled autoclean every Sunday 6PM

None of these machines have had malwares for years. Perhaps a few PUPs which hijacked the browsers
 
Last edited:

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,717
OS
Windows 8.1
Antivirus
Avast
#4
hehe CocCoc browser (Vietnamese chromium fork) :)
:D the best browser for vietnamese with built-in download accelerator + FB censorship bypassing :D
Thanks for sharing :)
I see a high security level and well-balanced, but sorry why is Windows update disabled? :)
because Windows Update broke/slowed down some of the machines and made them malfunctioned (+ some of them use cracked windows, not me :) ). It's like a malware for average users if they don't know what they are doing :D. I went to the computer repair shop last week and saw 6 people came to install W7 because they couldn't use W8.1 or 10 or they had annoying bugs (many people in my country can't speak/understand english). The computer guy also said my W10 was slow for all its power -> asked me to install W7 o_O (he was right but I knew he just wanted to get some extra $$$ for installing windows)
 
Joined
Feb 13, 2017
Messages
1,468
OS
Windows 10
Antivirus
Emsisoft
#5
:D the best browser for vietnamese with built-in download accelerator + FB censorship bypassing :D

because Windows Update broke/slowed down some of the machines and made them malfunctioned (+ some of them use cracked windows, not me :) ). It's like a malware for average users if they don't know what they are doing :D. I went to the computer repair shop last week and saw 6 people came to install W7 because they couldn't use W8.1 or 10 or they had annoying bugs (many people in my country can't speak/understand english). The computer guy also said my W10 was slow for all its power -> asked me to install W7 o_O (he was right but I knew he just wanted to get some extra $$$ for installing windows)
Yeah, for sure MS should work in better way before release some updates.
A few months ago I was blocked without being able to work because during the restart for the updates installation, the system went into loop mode.
At the end, forced shutdown :D
 

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,419
OS
Windows 10
Antivirus
Default-Deny
#6
The computer guy also said my W10 was slow for all its power -> asked me to install W7 o_O (he was right but I knew he just wanted to get some extra $$$ for installing windows)
Inded very common practice over there, they are very good at fixing hardware but in term of OS deployment and optimization, many are clueless :D
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,717
OS
Windows 8.1
Antivirus
Avast
#11
With enough care, this may be the simplest yet solid protection. Awesome :)
Do you have hardened mode (and if yes, which one) in AP enabled, having VDS alongside?
yes, I have hardened mode aggressive enabled
VS in autopilot can help to catch those malwares which are missed by HM. Sometimes, HM allows some new malwares for unknown reasons
 
Last edited:

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,717
OS
Windows 8.1
Antivirus
Avast
#13
probably scripts but scripts eventually download .exe in order to work, mostly

I saw HM blocked most undetected samples but slipped 1 sample => she stopped the video then
I don't know why it failed. Was the payload .exe missed by HM or did it use another kind of attack without an exe file?
 
Last edited: