SECURE: Basic Evjl's Rain's security config

Most recent changes
Sep 17, 2018
Operating System
Windows 8.1
Windows Edition
Pro
System type
64-bit OS
Security Updates
Check for Updates only - User interaction for download and installation
User Access Control
Never Notify
Device Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
Malware on a secure VM - Full Network and File isolation
Real-time Web & Malware Protection
Kaspersky Security Cloud free, Syshardener, Run-by-smartscreen (by Andy Ful)
Security Protection settings
Custom - Major changes for Better Performance
Virus and Malware Removal Tools
Zemana, HitmanPro, NPE, Emsisoft emergency kit
Browsers and Extensions
Chromium portable x64 (RAMdisk cache): ublock origin, Notifier for Gmail, Google Translate, h264ify, Windows Defender Browser Protection, Popup blocker (strict)
Web Privacy
1/ ublock origin: Steven Black's hosts, 1hosts & many others
Password Management
None
Default Web Search
Google, Duckduckgo
System Utilities collection
CCleaner+CCenhancer, auslogic disk defragmenter, Defraggler Wise disk cleaner, Wise registry cleaner, IObit Uninstaller, Revo Uninstaller, Syshardener, O&OShutup, WPD, SumatraPDF, EagleGet, SoftPefectRAM Disk, Winrar, Everything Search Engine, Classic Shell, Run-by-Smartscreen
Data Backup
Dropbox, Google Drive
Frequency of Data backups
None
System Backup
Norton Ghost
Frequency of System backups
Occasionally
Device Specs
https://malwaretips.com/threads/rains-laptop.61841/#post-528136

Syafiq

Level 10
Verified
Joined
May 8, 2017
Messages
475
OS
Windows 10
Antivirus
Default-Deny
Hi, @Evjl's Rain ! How's your experience with CFW an ZAM Premium ? Are they great combo ? I'm going to install it on my system(if i don't change my mind) and
I 'm thinking about switching to Windows 8.1(It's hard to decide for now) :)
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,715
OS
Windows 8.1
Antivirus
Avast
Hi, @Evjl's Rain ! How's your experience with CFW an ZAM Premium ? Are they great combo ? I'm going to install it on my system(if i don't change my mind) and
I 'm thinking about switching to Windows 8.1(It's hard to decide for now) :)
they work perfectly with each other without any conflict. super lightweight also
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,715
OS
Windows 8.1
Antivirus
Avast
CF is super low
ZAM may vary, it starts around 30-50MB and sometimes can reach 120MB if we run a lot of programs, rarely 400MB after we perform several scans
the solution is we can clean the ram occationally (cleanmem or minimem) or exit and restart ZAM, everything will be back to normal. I consider it a memory leakage but zemana said it is normal
don't worry about memory usage because it's not frequently for zam to get over 100MB

together in normal condition, this combo uses less memory than avast free alone, which is the second lightest AV on RAM usage, after webroot
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,715
OS
Windows 8.1
Antivirus
Avast
Installed:
- Avast free: File, web & behavior shields with some tweaks for performance (also disabled java, script, powershell)
- Sandboxie
- Vt Hash Check
- Windows Firewall: experimenting my own rules, blocked telemetries

Removed:
- Zemana Anti-malware, Comodo Firewall: want to try different setup less popups possible. I had to whitelist programs from CF's sandbox 10 times 2 days ago -> tired & angry
- KIS 2018: dislike the performance impact although app control was disabled, it was still partially active somehow. Never comes close to KFA or even KAV in terms of performance. RAM usage was much higher than KFA with the same modules enabled
 

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,257
OS
Windows 10
Antivirus
Default-Deny
Removed:
- Comodo Firewall: want to try different setup less popups possible. I had to whitelist programs from CF's sandbox 10 times 2 days ago -> tired & angry
CFW is for masochists :p

but once the rules are set properly, popups become rare even in Paranoid mode.
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,715
OS
Windows 8.1
Antivirus
Avast
CFW is for masochist :p

but once the rules are set properly, popups become rare even in Paranoid mode.
haha, for me, even in safe mode, due to my behavior of installing apps every single day, CF is always in action because the apps are not yet classified as trusted although they are completely safe
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,715
OS
Windows 8.1
Antivirus
Avast
i'm more amused by the AutoKMS :p
I do have a student license for office 365 but it's toooooo slow. It took forever to open some documents even with all tweaks applied. I also hate the fact it installs everything and doesn't allow me to remove unneeded components. I take the risk to speed up my productivity
Office 2010 works the best for me but I'm using 2013 because 2013 has vietnamese proofing tool while they dropped the support for 2010 long ago :p
 
Joined
Nov 7, 2015
Messages
8
Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger. :cool::love:
 
Likes: AtlBo

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,715
OS
Windows 8.1
Antivirus
Avast
Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger. :cool::love:
you can uncheck this option, I think it will completely stop that popup
 

Attachments

d0ts

Level 1
Joined
Nov 9, 2017
Messages
23
OS
Windows 10
Antivirus
Emsisoft
I also hate the fact it installs everything and doesn't allow me to remove unneeded components.
You can use a tool named Configuration XML Editor in github to create a xml configure file and place it in the folder you placed the MS Office's setup.exe. Launch cmd and cd to that folder. Then run the following commands:
- To download the pre-required files for installing if you haven't:
Code:
setup.exe /download [name_of_xml_file].xml
-To install the office after pre-required files downloaded:
Code:
setup.exe /configure [name_of_xml_file].xml
I also got a student license for MS Office but now I'm somewhat in love with SoftMaker Office 2018 :p
Edit: added cmd to download pre-required files. I always have a backup of them from the first time install, thus forgot to mention :p
 
Last edited:
Likes: harlan4096

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,715
OS
Windows 8.1
Antivirus
Avast
updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd
 

steel9

Level 4
Verified
Joined
Jun 23, 2017
Messages
172
OS
Windows 10
Antivirus
Kaspersky
updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd
Does your Java blacklists persist with every Java update as the folder path changes with every version? Or can you block processes by folder/name in Process Lasso?
 
Likes: Der.Reisende