Latest changes
Sep 17, 2018
Windows Edition
Pro
System type
64-bit operating system; x64-based processor
Update and Security
Manual check for updates
User Access Control
Never notify (Disable UAC)
Firewall and Network protection
Microsoft Defender Firewall is active
User permissions
Administrator account
User account
Malware exposure
Malware samples are downloaded on a Virtual machine
Real-time Malware protection
Kaspersky Security Cloud free, Syshardener, Run-by-smartscreen (by Andy Ful)
Periodic scanners
Zemana, HitmanPro, NPE, Emsisoft emergency kit
Browser and Extensions
Chromium portable x64 (RAMdisk cache): ublock origin, Notifier for Gmail, Google Translate, h264ify, Windows Defender Browser Protection, Popup blocker (strict)
Privacy tools and VPN
1/ ublock origin: Steven Black's hosts, 1hosts & many others
Password manager
None
Search engine
Google, Duckduckgo
Maintenance tools
CCleaner+CCenhancer, auslogic disk defragmenter, Defraggler Wise disk cleaner, Wise registry cleaner, IObit Uninstaller, Revo Uninstaller, Syshardener, O&OShutup, WPD, SumatraPDF, EagleGet, SoftPefectRAM Disk, Winrar, Everything Search Engine, Classic Shell, Run-by-Smartscreen
Photos and Documents backup
Dropbox, Google Drive
Data Backup Schedule
No data backups
Backup and Restore
Norton Ghost
Backup Schedule
Once or more per month
Computer Specifications
https://malwaretips.com/threads/rains-laptop.61841/#post-528136

Garzaman

Level 3
Verified
SAP conflicted with comodo firewall. SAP can't disable its anti-exe module
they conflicts which completely froze my PC while they were loading on boot. Adding exclusion didn't help => PC was completely unusable and I had to remove SAP in safe mode
I am using KAF + SAP here (W8.1x64) together without any problems. Everything runs smoothly
I know you did a tutorial on how to set up KAF, but I can't find it, would you be so kind as to point out the link to me, please?
 

mekelek

Level 28
I am using KAF + SAP here (W8.1x64) together without any problems. Everything runs smoothly
I know you did a tutorial on how to set up KAF, but I can't find it, would you be so kind as to point out the link to me, please?
he has Comodo Firewall with KAF, and Comodo is conflicting with SAP, not KAF.
he has KAF set to scan files on access, and the rest is default afaik?
 

Evjl's Rain

Level 45
Verified
Trusted
Content Creator
Malware Hunter
I am using KAF + SAP here (W8.1x64) together without any problems. Everything runs smoothly
I know you did a tutorial on how to set up KAF, but I can't find it, would you be so kind as to point out the link to me, please?
here you are
ignore the tweak in Encrypted connections scanning, leave it as default (7.PNG)
SECURE: BASIC - Evjl's Rain's security config

correct tweak should be
1.PNG

if you want more speed, you can add this tweak but it will slightly reduce your PC security, but still extremely good. Do with your own risk. Settings -> file antivirus -> advanced settings -> Scan Mode -> on execution
Capture.PNG
 

Garzaman

Level 3
Verified

Evjl's Rain

Level 45
Verified
Trusted
Content Creator
Malware Hunter
Added;
- Immunet: lightning fast. Can't feel it running
- Windows Defender Browser Protection
- Malwarebytes for Chrome
- uBO extra malware/ad/tracker filters:
https://www.squidblacklist.org/downloads/dg-malicious.acl
1hosts.cf/1hosts
- Run-By-Smartscreen by Andy_ful (y) (the github link is still blocked by norton safe web :censored:)

Removed:
- KFA: although it's quite light, immunet is x3 lighter
- Some unnecessary UBO's filters (experimental)
 

mekelek

Level 28
Added;
- Immunet: lightning fast. Can't feel it running
- Windows Defender Browser Protection
- Malwarebytes for Chrome
- uBO extra malware/ad/tracker filters:
https://www.squidblacklist.org/downloads/dg-malicious.acl
1hosts.cf/1hosts
- Run-By-Smartscreen by Andy_ful (y) (the github link is still blocked by norton safe web :censored:)

Removed:
- KFA: although it's quite light, immunet is x3 lighter
- Some unnecessary UBO's filters (experimental)
you've replaced Kaspersky sigs for ClamAV sigs?
 

Evjl's Rain

Level 45
Verified
Trusted
Content Creator
Malware Hunter
you've replaced Kaspersky sigs for ClamAV sigs?
immunet doesn't only have clamAV's signatures. Cisco have their own database
I disabled the clamAV's engine
I tested immunet in the hub. It did have good signatures compared to the more well-known AVs. Of course, poor post-execution protection
https://malwaretips.com/threads/3-10-17-14.75923/#post-676885
https://malwaretips.com/threads/2-10-17-12.75891/#post-676446
https://malwaretips.com/threads/28-9-17-15.75783/#post-675555
 

Rebsat

Level 6
Verified
Hi bro :emoji_innocent: it's good to see you again. I hope you are fine.
I have 2 questions, please :unsure: Thank you very much.



Question 1:
My security setup is: CF (cs settings) + Avast Free Antivirus (Evjl's Rain settings) so...
Do you recommend to add one of these or both of them: Syshardener and SRP tweaks into my above security setup? or doesn't need.



Question 2:
Based on your knowledge and experience; How well does CF (cs settings) protect the following components? and should I be worried about them?
1. MBR/GPT Protection
Protection from ransomwares and malwares modifying both MBR(Master Boot Record) and GPT(GUID Partition Table).

2. Network Drive Protection
Protect Network Drive files from ransomware destruction.

3. SMB Server Protection
Protect when ransomware damages files in shared folder.

4. Removable Drive Protection
Protect Removable drives from ransomware file encryption.

5. Exploit Guard
Protect vulnerabilities of web browsers and applications.
 
Last edited:

Evjl's Rain

Level 45
Verified
Trusted
Content Creator
Malware Hunter
hi, It's nice too see you again :)
you don't any of them because CF covers everything

syshardener is the only thing I recommened to add, use the default setting or you can check a few more if you want
you don't need SRP much because syshardener has some lite SRPs which are enough. More SRP = restriction so I don't recommend it
 

Andy Ful

Level 57
Verified
Trusted
Content Creator
CF (CS settings) or SRP is kind of default-deny setup, so it is reasonable to skip SRP if you have already installed CF. Even adding SysHardener is probably an overkill.
Do what you probably did in a daily life. You are much safer when living in the bunker, but I do not think that this was your choice.
 

Rebsat

Level 6
Verified
you don't any of them because CF covers everything
I am sorry for misunderstanding bro but my question specifically is...
Does CF (cs settings) include and cover these ransomware protection?
- MBR/GPT Protection
- Network Drive Protection
- SMB Server Protection
- Removable Drive Protection
- Exploit Guard
 
Last edited:

Evjl's Rain

Level 45
Verified
Trusted
Content Creator
Malware Hunter
I am sorry for misunderstanding bro but my question specifically is...
Does CF (cs settings) include and cover these ransomware protection?
- MBR/GPT Protection
- Network Drive Protection
- SMB Server Protection
- Removable Drive Protection
- Exploit Guard
CF kind of covers everything you mentioned
why? because you don't need those kinds of protection if you don't get infected and CF can prevent you from infection
when you are infected, malwares will start damaging the first 3 points you mentioned but if you don't get infected, malwares can't touch them

about exploits, CF has exploit protection-like feature but not a true exploit guard. However, exploit protection, IMO, is for paranoid users. We rarely get any exploit because we are home-users, not business users

basically, CF alone should be enough for almost everything
 

Evjl's Rain

Level 45
Verified
Trusted
Content Creator
Malware Hunter
Added:
- kaspersky security cloud free, tweaked for the best possible performance but good protection
+ scan mode: on execution
+ web anti-virus: low + some fine tweaks inside
+ disable code injection
+ disable the last 3 options in Performance tab, enable the rest
+ disable Mail & IM anti-virus: don't have such apps in my PC
+ enable PUP protection = Detect software that can be used....
- Google chrome -> chromium portable, much better
- "Downgrade" to Windows 8.1 -> big upgrade in performance

Real-time protection: kaspersky + syshardener + Run-by-smartscreen (by andy ful) as an anti-exe

Removed:
- comodo firewall
- immunet
- many chrome extensions for faster performance
 
Last edited:

Evjl's Rain

Level 45
Verified
Trusted
Content Creator
Malware Hunter
Hi bro. What happened to Comodo firewall in your latest security setup? I would greatly appreciated if you could explain to me any reasons behind removing Comodo firewall. Thanks alot.
hello, I would like to try more simple product :D
there is nothing wrong with comodo firewall and it's one of my favorite products for years
With CF, I must install a second signature-based cloud AV like immunet to supplement it because I don't trust myself and CF alone

Now I only use kaspersky cloud free as a single product without anything else to see how it perform performance-wise and protection-wise
 

Quassar

Level 12
Verified
Yea kaspersky had to public free version product after this all media bulk which atack thier company.... however i always more liked Avira :D

Any way from few years i more like hard Solid HIPS/SRP + virtualization than use scanners and Av wich mostly fail on fresh 0-day viruses.
but i still use them too ... its for me just like breath on cold :D
 
Top