Basic Security Evjl's Rain's security config

Last updated
Sep 17, 2018
Windows Edition
Pro
Security updates
Check for updates and Notify
User Access Control
Never notify (disabled)
Real-time security
Kaspersky Security Cloud free, Syshardener, Run-by-smartscreen (by Andy Ful)
Firewall security
Microsoft Defender Firewall
Periodic malware scanners
Zemana, HitmanPro, NPE, Emsisoft emergency kit
Malware sample testing
Browser(s) and extensions
Chromium portable x64 (RAMdisk cache): ublock origin, Notifier for Gmail, Google Translate, h264ify, Windows Defender Browser Protection, Popup blocker (strict)
Maintenance tools
CCleaner+CCenhancer, auslogic disk defragmenter, Defraggler Wise disk cleaner, Wise registry cleaner, IObit Uninstaller, Revo Uninstaller, Syshardener, O&OShutup, WPD, SumatraPDF, EagleGet, SoftPefectRAM Disk, Winrar, Everything Search Engine, Classic Shell, Run-by-Smartscreen
File and Photo backup
Dropbox, Google Drive
System recovery
Norton Ghost
Computer specs
https://malwaretips.com/threads/rains-laptop.61841/#post-528136

Garzaman

Level 3
Verified
Well-known
Nov 14, 2017
126
SAP conflicted with comodo firewall. SAP can't disable its anti-exe module
they conflicts which completely froze my PC while they were loading on boot. Adding exclusion didn't help => PC was completely unusable and I had to remove SAP in safe mode
I am using KAF + SAP here (W8.1x64) together without any problems. Everything runs smoothly
I know you did a tutorial on how to set up KAF, but I can't find it, would you be so kind as to point out the link to me, please?
 

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
I am using KAF + SAP here (W8.1x64) together without any problems. Everything runs smoothly
I know you did a tutorial on how to set up KAF, but I can't find it, would you be so kind as to point out the link to me, please?
he has Comodo Firewall with KAF, and Comodo is conflicting with SAP, not KAF.
he has KAF set to scan files on access, and the rest is default afaik?
 
  • Like
Reactions: Garzaman

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
I am using KAF + SAP here (W8.1x64) together without any problems. Everything runs smoothly
I know you did a tutorial on how to set up KAF, but I can't find it, would you be so kind as to point out the link to me, please?
here you are
ignore the tweak in Encrypted connections scanning, leave it as default (7.PNG)
SECURE: BASIC - Evjl's Rain's security config

correct tweak should be
1.PNG

if you want more speed, you can add this tweak but it will slightly reduce your PC security, but still extremely good. Do with your own risk. Settings -> file antivirus -> advanced settings -> Scan Mode -> on execution
Capture.PNG
 

Garzaman

Level 3
Verified
Well-known
Nov 14, 2017
126

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Added;
- Immunet: lightning fast. Can't feel it running
- Windows Defender Browser Protection
- Malwarebytes for Chrome
- uBO extra malware/ad/tracker filters:
https://www.squidblacklist.org/downloads/dg-malicious.acl
1hosts.cf/1hosts
- Run-By-Smartscreen by Andy_ful (y) (the github link is still blocked by norton safe web :censored:)

Removed:
- KFA: although it's quite light, immunet is x3 lighter
- Some unnecessary UBO's filters (experimental)
 

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
Added;
- Immunet: lightning fast. Can't feel it running
- Windows Defender Browser Protection
- Malwarebytes for Chrome
- uBO extra malware/ad/tracker filters:
https://www.squidblacklist.org/downloads/dg-malicious.acl
1hosts.cf/1hosts
- Run-By-Smartscreen by Andy_ful (y) (the github link is still blocked by norton safe web :censored:)

Removed:
- KFA: although it's quite light, immunet is x3 lighter
- Some unnecessary UBO's filters (experimental)
you've replaced Kaspersky sigs for ClamAV sigs?
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
you've replaced Kaspersky sigs for ClamAV sigs?
immunet doesn't only have clamAV's signatures. Cisco have their own database
I disabled the clamAV's engine
I tested immunet in the hub. It did have good signatures compared to the more well-known AVs. Of course, poor post-execution protection
https://malwaretips.com/threads/3-10-17-14.75923/#post-676885
https://malwaretips.com/threads/2-10-17-12.75891/#post-676446
https://malwaretips.com/threads/28-9-17-15.75783/#post-675555
 

Rebsat

Level 6
Verified
Well-known
Apr 13, 2014
254
Hi bro :emoji_innocent: it's good to see you again. I hope you are fine.
I have 2 questions, please :unsure: Thank you very much.



Question 1:
My security setup is: CF (cs settings) + Avast Free Antivirus (Evjl's Rain settings) so...
Do you recommend to add one of these or both of them: Syshardener and SRP tweaks into my above security setup? or doesn't need.



Question 2:
Based on your knowledge and experience; How well does CF (cs settings) protect the following components? and should I be worried about them?
1. MBR/GPT Protection
Protection from ransomwares and malwares modifying both MBR(Master Boot Record) and GPT(GUID Partition Table).

2. Network Drive Protection
Protect Network Drive files from ransomware destruction.

3. SMB Server Protection
Protect when ransomware damages files in shared folder.

4. Removable Drive Protection
Protect Removable drives from ransomware file encryption.

5. Exploit Guard
Protect vulnerabilities of web browsers and applications.
 
Last edited:

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
hi, It's nice too see you again :)
you don't any of them because CF covers everything

syshardener is the only thing I recommened to add, use the default setting or you can check a few more if you want
you don't need SRP much because syshardener has some lite SRPs which are enough. More SRP = restriction so I don't recommend it
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
CF (CS settings) or SRP is kind of default-deny setup, so it is reasonable to skip SRP if you have already installed CF. Even adding SysHardener is probably an overkill.
Do what you probably did in a daily life. You are much safer when living in the bunker, but I do not think that this was your choice.
 

Rebsat

Level 6
Verified
Well-known
Apr 13, 2014
254
you don't any of them because CF covers everything

I am sorry for misunderstanding bro but my question specifically is...
Does CF (cs settings) include and cover these ransomware protection?
- MBR/GPT Protection
- Network Drive Protection
- SMB Server Protection
- Removable Drive Protection
- Exploit Guard
 
Last edited:

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
I am sorry for misunderstanding bro but my question specifically is...
Does CF (cs settings) include and cover these ransomware protection?
- MBR/GPT Protection
- Network Drive Protection
- SMB Server Protection
- Removable Drive Protection
- Exploit Guard
CF kind of covers everything you mentioned
why? because you don't need those kinds of protection if you don't get infected and CF can prevent you from infection
when you are infected, malwares will start damaging the first 3 points you mentioned but if you don't get infected, malwares can't touch them

about exploits, CF has exploit protection-like feature but not a true exploit guard. However, exploit protection, IMO, is for paranoid users. We rarely get any exploit because we are home-users, not business users

basically, CF alone should be enough for almost everything
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Added:
- kaspersky security cloud free, tweaked for the best possible performance but good protection
+ scan mode: on execution
+ web anti-virus: low + some fine tweaks inside
+ disable code injection
+ disable the last 3 options in Performance tab, enable the rest
+ disable Mail & IM anti-virus: don't have such apps in my PC
+ enable PUP protection = Detect software that can be used....
- Google chrome -> chromium portable, much better
- "Downgrade" to Windows 8.1 -> big upgrade in performance

Real-time protection: kaspersky + syshardener + Run-by-smartscreen (by andy ful) as an anti-exe

Removed:
- comodo firewall
- immunet
- many chrome extensions for faster performance
 
Last edited:

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Hi bro. What happened to Comodo firewall in your latest security setup? I would greatly appreciated if you could explain to me any reasons behind removing Comodo firewall. Thanks alot.
hello, I would like to try more simple product :D
there is nothing wrong with comodo firewall and it's one of my favorite products for years
With CF, I must install a second signature-based cloud AV like immunet to supplement it because I don't trust myself and CF alone

Now I only use kaspersky cloud free as a single product without anything else to see how it perform performance-wise and protection-wise
 

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
Yea kaspersky had to public free version product after this all media bulk which atack thier company.... however i always more liked Avira :D

Any way from few years i more like hard Solid HIPS/SRP + virtualization than use scanners and Av wich mostly fail on fresh 0-day viruses.
but i still use them too ... its for me just like breath on cold :D
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top