SECURE: Basic Evjl's Rain's security config

Most recent changes
Apr 20, 2018
Operating System
Windows 10
Windows Edition
Pro
Build
1511
System type
64-bit OS
Security Updates
Check for Updates only - User interaction for download and installation
User Access Control
Never Notify
Device Firewall
3rd-party Firewall - Network security provided by a trusted vendor
Device Security
Windows Defender SmartScreen
User Account
Administrator - User has complete control over the device
Recent Security Issues
Not in a long time
Security Testing with Malware
Yes - Using a secure, isolated environment (ie. VM)
Real-time Web & Malware Protection
Comodo Firewall, Immunet, Syshardener, Quad9 DNS, SRP tweaks
Security Protection settings
Custom - Major changes for Better Performance
Virus and Malware Removal Tools
Zemana, HitmanPro, NPE, Emsisoft emergency kit
Browsers and Extensions
Google Chrome x64 (RAMdisk cache): ublock origin, Norton Safe Web, Notifier for Gmail, Google Translate, Violentmonkey, VTchromizer, h264ify, NanoDefender, Open link in same tab, pop-up as tab [Free], Windows Defender Browser Protection, Malwarebytes for Chrome
Web Privacy
1/ ublock origin: Steven Black's hosts, many others
Password Management
None
Default Web Search
Google, Duckduckgo
System Utilities collection
CCleaner+CCenhancer, auslogic disk defragmenter, Wise disk cleaner, Wise registry cleaner, IObit Uninstaller, Geek uninstaller, Revo Uninstaller, Syshardener, O&OShutup, WPD, utorrent pro, SumatraPDF, Foxit PhantomPDF, EagleGet, SoftPefectRAM Disk, Winrar, Everything Search Engine, Classic Shell, Run-by-Smartscreen
Personal data Backup
Dropbox, Google Drive
Intervals between Personal data backups
None
Disk Imaging Backup
Norton Ghost
Intervals between System Image backups
Occasionally
Device Specs
https://malwaretips.com/threads/rains-laptop.61841/#post-528136

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,293
OS
Windows 8.1
Antivirus
Avast
Hi, @Evjl's Rain ! How's your experience with CFW an ZAM Premium ? Are they great combo ? I'm going to install it on my system(if i don't change my mind) and
I 'm thinking about switching to Windows 8.1(It's hard to decide for now) :)
they work perfectly with each other without any conflict. super lightweight also
 

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,293
OS
Windows 8.1
Antivirus
Avast
CF is super low
ZAM may vary, it starts around 30-50MB and sometimes can reach 120MB if we run a lot of programs, rarely 400MB after we perform several scans
the solution is we can clean the ram occationally (cleanmem or minimem) or exit and restart ZAM, everything will be back to normal. I consider it a memory leakage but zemana said it is normal
don't worry about memory usage because it's not frequently for zam to get over 100MB

together in normal condition, this combo uses less memory than avast free alone, which is the second lightest AV on RAM usage, after webroot
 

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,293
OS
Windows 8.1
Antivirus
Avast
Installed:
- Avast free: File, web & behavior shields with some tweaks for performance (also disabled java, script, powershell)
- Sandboxie
- Vt Hash Check
- Windows Firewall: experimenting my own rules, blocked telemetries

Removed:
- Zemana Anti-malware, Comodo Firewall: want to try different setup less popups possible. I had to whitelist programs from CF's sandbox 10 times 2 days ago -> tired & angry
- KIS 2018: dislike the performance impact although app control was disabled, it was still partially active somehow. Never comes close to KFA or even KAV in terms of performance. RAM usage was much higher than KFA with the same modules enabled
 

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,293
OS
Windows 8.1
Antivirus
Avast
CFW is for masochist :p

but once the rules are set properly, popups become rare even in Paranoid mode.
haha, for me, even in safe mode, due to my behavior of installing apps every single day, CF is always in action because the apps are not yet classified as trusted although they are completely safe
 

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,293
OS
Windows 8.1
Antivirus
Avast
i'm more amused by the AutoKMS :p
I do have a student license for office 365 but it's toooooo slow. It took forever to open some documents even with all tweaks applied. I also hate the fact it installs everything and doesn't allow me to remove unneeded components. I take the risk to speed up my productivity
Office 2010 works the best for me but I'm using 2013 because 2013 has vietnamese proofing tool while they dropped the support for 2010 long ago :p
 
Joined
Nov 7, 2015
Messages
8
Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger. :cool::love:
 
Likes: AtlBo

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,293
OS
Windows 8.1
Antivirus
Avast
Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger. :cool::love:
you can uncheck this option, I think it will completely stop that popup
 

Attachments

d0ts

Level 1
Joined
Nov 9, 2017
Messages
23
OS
Windows 10
Antivirus
Emsisoft
I also hate the fact it installs everything and doesn't allow me to remove unneeded components.
You can use a tool named Configuration XML Editor in github to create a xml configure file and place it in the folder you placed the MS Office's setup.exe. Launch cmd and cd to that folder. Then run the following commands:
- To download the pre-required files for installing if you haven't:
Code:
setup.exe /download [name_of_xml_file].xml
-To install the office after pre-required files downloaded:
Code:
setup.exe /configure [name_of_xml_file].xml
I also got a student license for MS Office but now I'm somewhat in love with SoftMaker Office 2018 :p
Edit: added cmd to download pre-required files. I always have a backup of them from the first time install, thus forgot to mention :p
 
Last edited:
Likes: harlan4096

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,293
OS
Windows 8.1
Antivirus
Avast
updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd
 
Joined
Jun 23, 2017
Messages
158
OS
Windows 10
Antivirus
Avast
updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd
Does your Java blacklists persist with every Java update as the folder path changes with every version? Or can you block processes by folder/name in Process Lasso?
 
Likes: Der.Reisende