Basic Security Evjl's Rain's security config

Last updated
Sep 17, 2018
Windows Edition
Pro
Security updates
Check for updates and Notify
User Access Control
Never notify (disabled)
Real-time security
Kaspersky Security Cloud free, Syshardener, Run-by-smartscreen (by Andy Ful)
Firewall security
Microsoft Defender Firewall
Periodic malware scanners
Zemana, HitmanPro, NPE, Emsisoft emergency kit
Malware sample testing
Browser(s) and extensions
Chromium portable x64 (RAMdisk cache): ublock origin, Notifier for Gmail, Google Translate, h264ify, Windows Defender Browser Protection, Popup blocker (strict)
Maintenance tools
CCleaner+CCenhancer, auslogic disk defragmenter, Defraggler Wise disk cleaner, Wise registry cleaner, IObit Uninstaller, Revo Uninstaller, Syshardener, O&OShutup, WPD, SumatraPDF, EagleGet, SoftPefectRAM Disk, Winrar, Everything Search Engine, Classic Shell, Run-by-Smartscreen
File and Photo backup
Dropbox, Google Drive
System recovery
Norton Ghost
Computer specs
https://malwaretips.com/threads/rains-laptop.61841/#post-528136

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
only those 3
Capture.PNG
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Thanks bro for providing us with various security tweaks. Much appreciate it ;)
those are not really any security tweak. These are for convenience :)
they help to skip some annoying ads and bypass countdown of some websites like adfly
 

Syafiq

Level 11
Verified
Top Poster
Well-known
May 8, 2017
536
Hi, @Evjl's Rain ! How's your experience with CFW an ZAM Premium ? Are they great combo ? I'm going to install it on my system(if i don't change my mind) and
I 'm thinking about switching to Windows 8.1(It's hard to decide for now) :)
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Hi, @Evjl's Rain ! How's your experience with CFW an ZAM Premium ? Are they great combo ? I'm going to install it on my system(if i don't change my mind) and
I 'm thinking about switching to Windows 8.1(It's hard to decide for now) :)
they work perfectly with each other without any conflict. super lightweight also
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
@Evjl's Rain How's the RAM usage ?
CF is super low
ZAM may vary, it starts around 30-50MB and sometimes can reach 120MB if we run a lot of programs, rarely 400MB after we perform several scans
the solution is we can clean the ram occationally (cleanmem or minimem) or exit and restart ZAM, everything will be back to normal. I consider it a memory leakage but zemana said it is normal
don't worry about memory usage because it's not frequently for zam to get over 100MB

together in normal condition, this combo uses less memory than avast free alone, which is the second lightest AV on RAM usage, after webroot
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Installed:
- Avast free: File, web & behavior shields with some tweaks for performance (also disabled java, script, powershell)
- Sandboxie
- Vt Hash Check
- Windows Firewall: experimenting my own rules, blocked telemetries

Removed:
- Zemana Anti-malware, Comodo Firewall: want to try different setup less popups possible. I had to whitelist programs from CF's sandbox 10 times 2 days ago -> tired & angry
- KIS 2018: dislike the performance impact although app control was disabled, it was still partially active somehow. Never comes close to KFA or even KAV in terms of performance. RAM usage was much higher than KFA with the same modules enabled
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
CFW is for masochist :p

but once the rules are set properly, popups become rare even in Paranoid mode.
haha, for me, even in safe mode, due to my behavior of installing apps every single day, CF is always in action because the apps are not yet classified as trusted although they are completely safe
 

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
i'm more amused by the AutoKMS :p
I do have a student license for office 365 but it's toooooo slow. It took forever to open some documents even with all tweaks applied. I also hate the fact it installs everything and doesn't allow me to remove unneeded components. I take the risk to speed up my productivity
Office 2010 works the best for me but I'm using 2013 because 2013 has vietnamese proofing tool while they dropped the support for 2010 long ago :p
 

learningexp

Level 1
Nov 7, 2015
13
Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger. :cool::love:
 
  • Like
Reactions: AtlBo

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Amazing thread, I learnt a lot, thanks @Evjl's Rain !
Got a bugging one though, can't get rid of this annoying popup every time I close the browser (which is sandboxed with sandboxie).
https://i.imgur.com/FT6mIoQ.png
Any workaround? I added sandboxie to "dont detect shellcode injections" I even tried with cmd.exe to no avail.

Changed my setup from KFA+ZAM to CF+Avast Free, so far so good, except for that bugger. :cool::love:
you can uncheck this option, I think it will completely stop that popup
 

Attachments

  • Capture.PNG
    Capture.PNG
    34.1 KB · Views: 608

d0ts

Level 1
Verified
Nov 9, 2017
23
I also hate the fact it installs everything and doesn't allow me to remove unneeded components.
You can use a tool named Configuration XML Editor in github to create a xml configure file and place it in the folder you placed the MS Office's setup.exe. Launch cmd and cd to that folder. Then run the following commands:
- To download the pre-required files for installing if you haven't:
Code:
setup.exe /download [name_of_xml_file].xml
-To install the office after pre-required files downloaded:
Code:
setup.exe /configure [name_of_xml_file].xml

I also got a student license for MS Office but now I'm somewhat in love with SoftMaker Office 2018 :p
Edit: added cmd to download pre-required files. I always have a backup of them from the first time install, thus forgot to mention :p
 
Last edited:
  • Like
Reactions: harlan4096

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd
 

CoherentCrayon

Level 4
Verified
Jun 23, 2017
183
updated some tweaks used for a while, too lazy to update them before:

1/ Process Lasso: disallowed wscript, cscript, powershell.exe, powershell_ise.exe, java.exe, javaw.exe
2/ Group Policy (SRP): blocked some extensions: .hta, .jar, .scr
3/ Regedit: blocked windows script host
4/ Windows Firewall:
- blocked all inbound connections
- block outbound: msra.exe, msha.exe, wscript, cscript, powershell, powershell_ise, conhost, cmd
Does your Java blacklists persist with every Java update as the folder path changes with every version? Or can you block processes by folder/name in Process Lasso?
 
  • Like
Reactions: Der.Reisende

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top