SECURE: Basic Evjl's Rain's security config

Most recent changes
Sep 17, 2018
Operating System
Windows 8.1
Windows Edition
Pro
System type
64-bit OS
Security Updates
Check for Updates only - User interaction for download and installation
User Access Control
Never Notify
Device Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
Malware on a secure VM - Full Network and File isolation
Real-time Web & Malware Protection
Kaspersky Security Cloud free, Syshardener, Run-by-smartscreen (by Andy Ful)
Security Protection settings
Custom - Major changes for Better Performance
Virus and Malware Removal Tools
Zemana, HitmanPro, NPE, Emsisoft emergency kit
Browsers and Extensions
Chromium portable x64 (RAMdisk cache): ublock origin, Notifier for Gmail, Google Translate, h264ify, Windows Defender Browser Protection, Popup blocker (strict)
Web Privacy
1/ ublock origin: Steven Black's hosts, 1hosts & many others
Password Management
None
Default Web Search
Google, Duckduckgo
System Utilities collection
CCleaner+CCenhancer, auslogic disk defragmenter, Defraggler Wise disk cleaner, Wise registry cleaner, IObit Uninstaller, Revo Uninstaller, Syshardener, O&OShutup, WPD, SumatraPDF, EagleGet, SoftPefectRAM Disk, Winrar, Everything Search Engine, Classic Shell, Run-by-Smartscreen
Data Backup
Dropbox, Google Drive
Frequency of Data backups
None
System Backup
Norton Ghost
Frequency of System backups
Occasionally
Device Specs
https://malwaretips.com/threads/rains-laptop.61841/#post-528136

shmu26

Level 67
Content Creator
Verified
Joined
Jul 3, 2015
Messages
5,655
OS
Windows 10
It's not an easy question to answer
because tweaked KIS is certainly enough but it's much heavier than my current setup due to application control
if I disable the app control, it's not KIS anymore
moreover, I dislike KIS's firewall because of its inherited settings. When I block explorer.exe connection (Windows explorer) -> I use Windows explorer to open an app which requires internet connection, the app is also blocked because the settings are inherited from windows explorer -> have to manually unblock it -> quite annoying
and when I want to block an app in public network while allow it to connect in Home network, it's impossible. Block in Public = block everything

I think I would choose my current setup although comodo firewall is quite noisy sometimes
Another limitation of KIS firewall is you can't block outgoing for a specific application but allow ingoing. Correct?
 

ZeroDay

Level 26
Verified
Joined
Aug 17, 2013
Messages
1,544
OS
Linux
Antivirus
Isolation
It's not an easy question to answer
because tweaked KIS is certainly enough but it's much heavier than my current setup due to application control
if I disable the app control, it's not KIS anymore
moreover, I dislike KIS's firewall because of its inherited settings. When I block explorer.exe connection (Windows explorer) -> I use Windows explorer to open an app which requires internet connection, the app is also blocked because the settings are inherited from windows explorer -> have to manually unblock it -> quite annoying
and when I want to block an app in public network while allow it to connect in Home network, it's impossible. Block in Public = block everything

I think I would choose my current setup although comodo firewall is quite noisy sometimes
Thank you for the quick reply. I've just re-installed Windows 10 pro, installed all my updates and a few security tweaks then created a system image using Macrium. I'm undecided on whether to go with KIS or CF+KFA. I've used both before but I just can't decide which setup to go for out of the 2 options for the very same reasons you mentioned above. I'm running Windows defender at the moment so I'm also considering adding SAP or Voodooshield alongside WD and WFC. I'm way too indecisive when it comes to my security setup lol. Thanks again for the fast reply.
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,720
OS
Windows 8.1
Antivirus
Avast
Added:
- Zemana Anti-Malware: enabled pandora
- SafeDNS: acceptable speed and detection rate in my region
- Norton Safe Web
- hphosts EMD (ubO)
- upgraded to Windows 10 v1511 (November update, Threshold 2): extremely fast and stable. May update to Spring creators when it's stable
- updated some SRPs
1.PNG

Removed:
- Kaspersky free & avast free: despite all intense tweaks, speed never comes close to ZAM, very far distance
- Avira Browser Safety: waiting for the new version, detection & speed are not so great now
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,720
OS
Windows 8.1
Antivirus
Avast
Removed:
- ZAM: memory leak!!!
- SafeDNS: weak
- Neustar free recursive: very aggressive despite being great, blocked some site and couldn't whitelist/ignore to visit. Switched to a less aggressive one
- ESET NOD32: after installation, immediately couldn't load on boot. Very buggy. Couldn't uninstall -> must have used the official removal tool. Not light as expected, slowed down boot time significantly

Added:
- Kaspersky Free: tweaked for the best possible performance
- Quad9 DNS
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,720
OS
Windows 8.1
Antivirus
Avast
AV suites are things of the past, they are weak, bloated and resources hog.
but it simply works for me
I find too many troubles using signature-less solutions
sig-less products are always having problems with false positives and blocking safe programs

therefore, I tweaked KFA to reach maximum performance it can get like disabling all useless shields and enabling on-execution scanning only
 
Last edited:

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,427
OS
Windows 10
Antivirus
Default-Deny
sig-less products are always having problems with false positives and blocking safe programs
There is no such thing as False Positives with anti-exe/SRPs because they don't have signatures, they just block or prompt legit-or-not executables, it is to the user to set rules/policies for files/directories.

The main con is that the user must know about Windows' processes, so indeed less suitable for beginners.
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,720
OS
Windows 8.1
Antivirus
Avast
There is no such thing as False Positives with anti-exe/SRPs because they don't have signatures, they just block or prompt legit-or-not executables, it is to the user to set rules/policies for files/directories.

The main con is that the user must know about Windows' processes, so indeed less suitable for beginners.
yes, I count the blocked safe programs = FPs
it's suitable for users who want to lockdown their PCs but not suitable for the ones who don't want to
all SRPs and anti-exes failed me because they prevented my daily programs from running, specially SRP

usability is markedly reduced with sig-less solutions
I foudn the combinations between sig and sig-less programs work best for me because I have more control and flexibility while sig-less only gave me too much control which can be annoying
 
Likes: Sunshine-boy

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,427
OS
Windows 10
Antivirus
Default-Deny
all SRPs and anti-exes failed me because they prevented my daily programs from running, specially SRP
Just a matter of "how-to-setup", you have a learning curve to follow. Of course, if you don't like to do so, AV are indeed a simpler solution.
 

mekelek

Level 28
MH Trial
Verified
Joined
Feb 24, 2017
Messages
1,709
OS
Windows 10
Antivirus
Kaspersky
but it simply works for me
I find too many troubles using signature-less solutions
sig-less products are always having problems with false positives and blocking safe programs

therefore, I tweaked KFA to reach maximum performance it can get like disabling all useless shields and enabling on-execution scanning only
you could try replacing KFA with SecureAPlus if you're using it only for signatures.
people has been complaining about the latest ESET release causing issues similar to yours, you might want to try an earlier version.
 

Evjl's Rain

Level 38
Content Creator
AV-Tester
Verified
Joined
Apr 18, 2016
Messages
2,720
OS
Windows 8.1
Antivirus
Avast
you could try replacing KFA with SecureAPlus if you're using it only for signatures.
people has been complaining about the latest ESET release causing issues similar to yours, you might want to try an earlier version.
SAP conflicted with comodo firewall. SAP can't disable its anti-exe module
they conflicts which completely froze my PC while they were loading on boot. Adding exclusion didn't help => PC was completely unusable and I had to remove SAP in safe mode