At-Risk Fuzzfas' Security Configuration 2020

Last updated
Jan 19, 2020
Operating system
Log-in security
Security updates
Check for updates and Notify
User Access Control
Always notify
Real-time security
SecureAplus Freemium, WinPatrol, Tinywall, OSArmor v1.3, Secure Folders.
Firewall security
Microsoft Defender Firewall
Periodic malware scanners
Emsisoft Emergency Kit
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Opera
Maintenance tools
Wise Disk Cleaner, Wise Registry Cleaner.
File and Photo backup
Macrium Reflect Free, Blu-ray disc backup.
System recovery
Macrium Reflect.
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Ryzen 2600, 16GB Corsair 3000C15, Nvidia GTX1650 Super, Crucial MX500 500GB.
Notable changes
19/01/2020: Added OSArmor v1.3/ 20/01/2020: Added Secure Folders
Notes by Staff Team
  1. This computer configuration is using an unsupported operating system. If possible, we recommend to upgrade to an operating system that is supported by its developers to remain protected from the latest threats.

Step 1

Level 3
Verified
Sep 17, 2018
102
Windows 7 + WinPatrol.? Certainly, you have to have some very good browsing habits. etcetera to be sure with your config in this new year that begins.

INMHO, I would not trust SecureAPlus as the first line of defense, although I love it as a second layer.

P.S.: We have a computer running on W7 and will continue to do so for, I hope, a long time ;)
 

Fuzzfas

Level 3
Thread author
Verified
Well-known
Jan 8, 2013
109
You have considered upgrading to Windows 10, since your PC would have no problem with W10, and W7 will no longer have updates.
Thanks for sharing.(y)

I hate Win10 with a passion and i will only upgrade to it, when i will have no other choice. I prefer the Win7 beautiful GUI and organization. I couldn't care less about updates, i know people who still run WinXP and i have friends with cracked Win7 copies that haven't installed updates since SP1 and contrary to popular belief, they are not full of malware. My own Win7 is updated to end of November 2019.


Windows 7 + WinPatrol.? Certainly, you have to have some very good browsing habits. etcetera to be sure with your config in this new year that begins.

INMHO, I would not trust SecureAPlus as the first line of defense, although I love it as a second layer.

P.S.: We have a computer running on W7 and will continue to do so for, I hope, a long time ;)

My browsing habbits aren't very good, but i don't click at everything i see and i use Opera, which uses Chrome. I haven't seen live malware for ages. I was with MSE and winpatrol for years. I think SecureAplus is at least as good as MSE, if not for anything else, because of the HIPS. The las time i saw live malware was several years ago, when i had to put a 3rd party USB stick on the PC. At the time i had Comodo, WinPatrol Plus and an antivirus (i think it was Avira, but i am not sure). Comodo reacted immediately and WinPatrol caught the autostart entry. Avira kept sleeping merrily.

Morale of the story: If you don't let security unuware people near your PC, the likelihood of encountering live malware is very low.
For cases where i have to give access to "high risk" users to internet or insert their sticks, i have a secondary PC with runs MSE and NVT ERP (the last v3 beta).

When i first learnt about security, Process Guard was the "hot HIPS". I 've used everything since then (System Safety Monitor, Sandboxie, Shadow Defender, Comodo, Outpost Firewall, Online Armor, others that i don't even remember). At the end, you realize that malware isn't simply pouring out of the internet at every site you visit (even in XP days, if you made activeX manual prompts, you were virtually bulletproof) and by running the gazillion of "Fort Knox" applications, is just making your PC slow and the only gain is a psychological relief.

Nowdays, i only want to be able to tell that i got infected. If i get infected, i will just restore an image. But i actually never had to. If i download something suspicious, upload to virustotal. This pretty much covers everything. Oh, i also keep some backups of important things in optical media (Blu Rays). Good luck in infecting that!

P.S: WinPatrol Plus is useless at stopping anything, but it's very useful in alerting you about new startup entries or new services or modifications to host file. And it's extremely light, so i always run it along anything else.
 

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Update Your system, at least, to W8.1

In System Backup, You may add Macrium Reflect Free or AOEMI Backupper, both are free and reliable.

In Data BackUp, consider also to run manual backups of important data to external devices, and/or in cloud services.

In Virus and Malware Removal Tools, You may add HitManPro Free.

A PassWord Manager would be welcome also.

WinPatrol tool is out of development since 2017...

Please kindly reflect Your changes editing Your config, and announcing them here, thanks for sharing.
 

Fuzzfas

Level 3
Thread author
Verified
Well-known
Jan 8, 2013
109
Update Your system, at least, to W8.1

In System Backup, You may add Macrium Reflect Free or AOEMI Backupper, both are free and reliable.

In Data BackUp, consider also to run manual backups of important data to external devices, and/or in cloud services.

In Virus and Malware Removal Tools, You may add HitManPro Free.

A PassWord Manager would be welcome also.

WinPatrol tool is out of development since 2017...

Please kindly reflect Your changes editing Your config, and announcing them here, thanks for sharing.

1) You wish!
2) Oh, i forgot to write about that, i do use blue-ray media for important backup (why trust the "cloud").
3) Yeah, i used to have Hitman Pro, but i got tired of having multiple on demand scanners, cause they never found anything anyway, so i kept Emsisoft. But technically you 're right.
4) Oh, i have Keepass, i forgot to write it.
5) So is Win7, so they match perfectly! :ROFLMAO:

Ok, so i guess i will have to update my list! Oh, i added OSArmor v1.3 (i had tried subsequent version, but it caused BSOD and more slow down of PC, so i keep with that).
 

Sampei Nihira

Level 6
Verified
Well-known
Dec 26, 2019
287
Hi,
If you haven't uninstalled I.E.11 yet, you can block it with an OSA rule.
There are also the options that I use in my security configuration in case you don't like the above solutions and prefer to use I.E.11 for some reason.

 

Fuzzfas

Level 3
Thread author
Verified
Well-known
Jan 8, 2013
109
Hi,
If you haven't uninstalled I.E.11 yet, you can block it with an OSA rule.
There are also the options that I use in my security configuration in case you don't like the above solutions and prefer to use I.E.11 for some reason.


Thanks! I don't use IE really since ages. But, good to know anyway! (y)
 

Sampei Nihira

Level 6
Verified
Well-known
Dec 26, 2019
287
Staff note wrote:

This computer configuration is using an unsupported operating system. If possible, we recommend to upgrade to an operating system that is supported by its developers.

If these guys proved to:

  • Use the 0Patch Pro or Enterprise program.
  • Use the ESU paid program on non-Home OS.
  • Manually install from the MUC the Microsoft updates available for Windows 7 Embedded.
Would you change the tag?
 
  • Like
Reactions: [correlate]

Fuzzfas

Level 3
Thread author
Verified
Well-known
Jan 8, 2013
109
Staff note wrote:



If these guys proved to:

  • Use the 0Patch Pro or Enterprise program.
  • Use the ESU paid program on non-Home OS.
  • Manually install from the MUC the Microsoft updates available for Windows 7 Embedded.
Would you change the tag?


Don't worry, i didn't make this thread to get some "seal of approval". I 've even ran without AV at all. I have Win7 Pro. If i was desperate, i could pay for ESU, but i am not. There is even already a working "hack" tool that bypasses the ESU check and allows "free" ESU to anyone, but i can't post it here and i don't even bother to do it for myself.

The thread is more useful as a log of security configurations, just for the fan of it.
 
  • Like
Reactions: [correlate]

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Hey @Fuzzfas,
We all do agree that your computer is safe for now with Windows 7, this is why the tag is orange (At Risk) and not red (Danger). The truth is that you're now using an operating system will not receive security updates. Yes, you have all the right software to prevent an attack, however, you will always need to read articles on what new vulnerability has been discovered and use different methods to fix it. You've joined this community so you're interested in computer security, you won't get infected with malware, however, we cannot give you the SECURE label because the operating system is a weak point in your configuration.
Let me clear, if you would have run these programs on Windows 10 OS, you would have received the green label so you're setup is good. If it makes any difference the same setup on Windows XP or Vista would have meant a red "Danger" label.
 

Fuzzfas

Level 3
Thread author
Verified
Well-known
Jan 8, 2013
109
Hey @Fuzzfas,
We all do agree that your computer is safe for now with Windows 7, this is why the tag is orange (At Risk) and not red (Danger). The truth is that you're now using an operating system will not receive security updates. Yes, you have all the right software to prevent an attack, however, you will always need to read articles on what new vulnerability has been discovered and use different methods to fix it. You've joined this community so you're interested in computer security, you won't get infected with malware, however, we cannot give you the SECURE label because the operating system is a week point in your configuration.
Let me clear, if you would have run these programs on Windows 10 OS, you would have received the green label so you're setup is good. If it makes any difference the same setup on Windows XP or Vista would have meant a red "Danger" label.


I understand perfectly! Do not worry, i won't lose my sleep over a label, i understand this is a sort of "procedure" you have here, it's all fine. Let's say i like the "thrill of the risk". :ROFLMAO:
 

Fuzzfas

Level 3
Thread author
Verified
Well-known
Jan 8, 2013
109
Ok, one more, just because i just tried it with the rest and it doesn't seem to slow down at all... The last antiransomware line of defense: Secure Folders (just protecting 2 directories, one of which are my Macrium images -not that they have anything i can't replace, but they make life easier-).
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top