Basic Security Evjl's Rain's security config

[Evjl's Rain]

only those 3

 

[Rebsat]

only those 3
View attachment 171653

Thanks bro for providing us with various security tweaks. Much appreciate it

 

[Evjl's Rain]

Thanks bro for providing us with various security tweaks. Much appreciate it

those are not really any security tweak. These are for convenience
they help to skip some annoying ads and bypass countdown of some websites like adfly

 

[Syafiq]

Hi, @Evjl's Rain ! How's your experience with CFW an ZAM Premium ? Are they great combo ? I'm going to install it on my system(if i don't change my mind) and
I 'm thinking about switching to Windows 8.1(It's hard to decide for now)

 

[Evjl's Rain]

Hi, @Evjl's Rain ! How's your experience with CFW an ZAM Premium ? Are they great combo ? I'm going to install it on my system(if i don't change my mind) and
I 'm thinking about switching to Windows 8.1(It's hard to decide for now)

they work perfectly with each other without any conflict. super lightweight also

 

[Syafiq]

@Evjl's Rain How's the RAM usage ?

 

[Evjl's Rain]

@Evjl's Rain How's the RAM usage ?

CF is super low
ZAM may vary, it starts around 30-50MB and sometimes can reach 120MB if we run a lot of programs, rarely 400MB after we perform several scans
the solution is we can clean the ram occationally (cleanmem or minimem) or exit and restart ZAM, everything will be back to normal. I consider it a memory leakage but zemana said it is normal
don't worry about memory usage because it's not frequently for zam to get over 100MB

together in normal condition, this combo uses less memory than avast free alone, which is the second lightest AV on RAM usage, after webroot

 

[Evjl's Rain]

Installed:
- Avast free: File, web & behavior shields with some tweaks for performance (also disabled java, script, powershell)
- Sandboxie
- Vt Hash Check
- Windows Firewall: experimenting my own rules, blocked telemetries

Removed:
- Zemana Anti-malware, Comodo Firewall: want to try different setup less popups possible. I had to whitelist programs from CF's sandbox 10 times 2 days ago -> tired & angry
- KIS 2018: dislike the performance impact although app control was disabled, it was still partially active somehow. Never comes close to KFA or even KAV in terms of performance. RAM usage was much higher than KFA with the same modules enabled

 

[Handsome Recluse]

Removed:
- Zemana Anti-malware, Comodo Firewall: want to try different setup less popups possible. I had to whitelist programs from CF's sandbox 10 times 2 days ago -> tired & angry

Knew this would happen the first time you had mentioned it.

 

[Deleted member 178]

Removed:
- Comodo Firewall: want to try different setup less popups possible. I had to whitelist programs from CF's sandbox 10 times 2 days ago -> tired & angry

CFW is for masochists

but once the rules are set properly, popups become rare even in Paranoid mode.

 

[Evjl's Rain]

CFW is for masochist

but once the rules are set properly, popups become rare even in Paranoid mode.

haha, for me, even in safe mode, due to my behavior of installing apps every single day, CF is always in action because the apps are not yet classified as trusted although they are completely safe

 

[Deleted member 178]

Chome LOL! The evjls rain caligraphy reminds me this draw
View attachment 171935 View attachment 171936

i'm more amused by the AutoKMS

 

[Evjl's Rain]

i'm more amused by the AutoKMS

I do have a student license for office 365 but it's toooooo slow. It took forever to open some documents even with all tweaks applied. I also hate the fact it installs everything and doesn't allow me to remove unneeded components. I take the risk to speed up my productivity
Office 2010 works the best for me but I'm using 2013 because 2013 has vietnamese proofing tool while they dropped the support for 2010 long ago

 

[learningexp]

Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger.

 

[Evjl's Rain]

Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger.

you can uncheck this option, I think it will completely stop that popup

 

[learningexp]

That solved my problem indeed. Cheers, and thanks for sharing you knowledge

 

[d0ts]

I also hate the fact it installs everything and doesn't allow me to remove unneeded components.

You can use a tool named Configuration XML Editor in github to create a xml configure file and place it in the folder you placed the MS Office's setup.exe. Launch cmd and cd to that folder. Then run the following commands:
- To download the pre-required files for installing if you haven't:

setup.exe /download [name_of_xml_file].xml

-To install the office after pre-required files downloaded:

setup.exe /configure [name_of_xml_file].xml

I also got a student license for MS Office but now I'm somewhat in love with SoftMaker Office 2018
Edit: added cmd to download pre-required files. I always have a backup of them from the first time install, thus forgot to mention

 

[Evjl's Rain]

Removed:
- Comodo Firewall

Added:
- Windows Firewall: blocked all connections of vulnerable processes
- Firewall App Blocker
- Sandboxie
- Norton Safe Web, Enhancer for Youtube (chrome extensions)

 

[Evjl's Rain]

updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd

 

[CoherentCrayon]

updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd

Does your Java blacklists persist with every Java update as the folder path changes with every version? Or can you block processes by folder/name in Process Lasso?