D

Deleted member 178

Ok guys, since i got many requests for setting EIS for max protection, this is my guide:

Emsisoft AM

Behavior Blocker



Nothing to change , let all boxes ticked

Alert Setting



I wanna keep the cloud rating, so i let the community based alert reduction ticked, but i augmented/decreased the percentage to my needs; i also activate the Paranoid mode.

File Guard



"Scan all files when they are read" is the most important choice here; it will block the file even during a download or extraction.

Surf Protection



nothing special to say here, just do like the screenshot (or set to Alert if you want more contro)l

Hosts Rules



tick the 2 boxes, the nice features of EAM is the fact that you can add your own hosts rules to those already in place in EAM, personally i imported those of MVPS by clicking "Import Host Files" at the bottom of the tab.

Configuration



Nothing special here, follow the screenshot


That is all for EAM side


Online Armor Premium

Firewall

I have personally no special rules, so i let it by default unless i want to block a particular process/IP adress.

Domain



This is the "banking mode" configuration tab, all url entered will be either trusted, blocked or protected.

Program



The HIPS of OAP, if you are truly paranoid, untick "Automatically trust programs that Emsisoft deems trustworthy", personally i found Emsisoft quite paranoid so i let it ticked to avoid a shower of popups.

File and Registry



Here you protect your registry base and files, by editing rules, anyway just tick all the boxes.

Autorun

No setting here until a process is flagged then you can Allow, block and delete it.

Anti-keylogger:

same as Autorun

Host files



OAP can monitor any access to the Hosts File , a behavior commonly used by malwares to block you from antivirus websites.

just let the box ticked (in options)


Options -> Firewall



You can block all traffic during boot but you will have to wait that OAP will finish to load to get your internet access.

That is all for OAP

Note

This guide is the "default" paranoid mode , designed for all users and not for specific systems (with personal firewall/registry/files rules )

i will update the guide if i find something new.

Hope i helped you.
 

McLovin

Level 73
Verified
Trusted
Malware Hunter
I have a feeling that you use this kind of "Style" all the time? :p
 
D

Deleted member 178

McLovin said:
I have a feeling that you use this kind of "Style" all the time? :p
i admit it , no security soft is running without that kind of setup on my system. :D


sushiman said:
Good show umbra!!!!! love your work!!!!
Thanks Sushi ;)
 

MrExplorer

Level 28
Verified
i always use to save the tutorial i save the whole page but Umbra you always put a very small pics so when i download the page it download the small pics only
 
D

Deleted member 178

yes, i don't want people get overwhelmed by enormous pictures, if they want to see them, they just have to click on them ^^
 

McLovin

Level 73
Verified
Trusted
Malware Hunter
Umbra Corp. said:
yes, i don't want people get overwhelmed by enormous pictures, if they want to see them, they just have to click on them ^^
Aww, I like looking at the big pictures. :p
 

MrExplorer

Level 28
Verified
McLovin said:
Umbra Corp. said:
yes, i don't want people get overwhelmed by enormous pictures, if they want to see them, they just have to click on them ^^
Aww, I like looking at the big pictures. :p
Even me like looking at the big pictures :cool:
 
D

Deleted member 178

Littlebits said:
Just beware Max protection = Max false positives!!

Excellent guide for paranoid users.:D
Thanks "Parano is our motto" :D

Exact, i think paranoid users should be "normally" able to differentiate malwares from FPs ( at least i hope for them) ^^
 
I

illumination

When you say your running the firewall basically in "default", does this mean "standard mode" as well, or do you play with the "advanced mode" ?
 
D

Deleted member 178

advanced mode of course, since it is only available in OA premium (you pay for it) , by "default" i meant i didn't tweaked or add rules to the FW
 
I

illumination

Umbra Corp. said:
advanced mode of course, since it is only available in OA premium (you pay for it) , by "default" i meant i didn't tweaked or add rules to the FW
Understand that, i just did not see it mentioned of what mode you were running, in the "Paranoid" fashion.. :p

So i assuming you activate the File and Registry shield as well in advanced mode,as well as creating rules...
 
D

Deleted member 178

illumination said:
So i assuming you activate the File and Registry shield as well in advanced mode,as well as creating rules...
yes i activated them but didn't create any particular rules yet.
 
I

illumination

Umbra Corp. said:
illumination said:
So i assuming you activate the File and Registry shield as well in advanced mode,as well as creating rules...
yes i activated them but didn't create any particular rules yet.
I asked because i have a spare system up and running, and have EIS on it, and am trying your "paranoid" settings as they deem it ;) Adding a few extra tweaks as well.. :D
 
D

Deleted member 178

good,very good... http://malwaretips.com/Thread-Emsisoft-Mamutu-Overview-and-Guide?pid=92648#pid92648 :666:

how you feel EIS?
 
I

illumination

Umbra Corp. said:
good,very good... http://malwaretips.com/Thread-Emsisoft-Mamutu-Overview-and-Guide?pid=92648#pid92648 :666:

how you feel EIS?
It feels good so far :D Up and running smoothly! I have acquired a taste for EIS, just had the issue we spoke of before with the update's on my other system, but think i may have found a way around that as well :D
 
P

Plexx

illumination said:
It feels good so far :D Up and running smoothly! I have acquired a taste for EIS, just had the issue we spoke of before with the update's on my other system, but think i may have found a way around that as well :D
Comparing to your pc specs, hows the usage of EIS in terms of RAM, CPU, I/O, Boot time, Shutdown time, whilst on Idle, after updating, during full scanning?

Note: it will require a few steps to identify all the above.