MarzametaL's System Software Configuration (OEM)

[marzametal]

Modification:

• Uninstalled Sandboxie (system runs a lot smoother now, the lag I was experiencing while typing in text boxes has disappeared)
• Windows Service: Disabled BITS (the amount of spew this service was pushing was ridiculous. I watched Wireshark for about 20 minutes with BITS on...all I can say is YUCK! It's a tad difficult to call it "intelligent", since it is spewing crap to Akamai, Google etc... However, will have to re-enable BITS when it comes time for Windows Updates)
• UAC - again, set it to Disabled (after the fiasco with BITS, constantly seeing consent.exe in firewall logs pissed me off even further)
• Installed VirtualBox
  • 1 VM - Ubuntu 14.04.2
  • I was going to try MAC OSX, but decided not to since the word "pirated" had been associated with Yosemite Zone (Hackintosh version, customised for PC install)
  • Shadow Defender re-enters Shadow Mode after VM is set up

 

[marzametal]

I'm so over SpyShelter Premium. I'm so over Sandboxie. I'm so over key scramblers/antiloggers/encryptors. Malware this, virus that. What the hell is going on here!? All this talk about layered protection, covering all tiers, minimising impact on system by nerfing threat vectors, signed vs unsigned drivers (ooohhh like it matters, signed are just as deadly)... and to think, this is not Creative Writing 101, this is Internet Security. There are no do-overs, no backsies, no white-out on the screen, pretending like it never happened, no Men in Black stun guns! Oh no, they can see me, GIVE ME A VPN NOW! You think what Snowden knows is bad, don't you realise CDN's know more?! OK, lets buy this application, but accept (via force) updates via CDN's. Why, I didn't sign up for this. I paid YOU guys, so YOU give me the updates. Ummm no, suck it up princess!

You get told you need these packages, without them you are doomed. They all claim to be the best and the brightest, but all they do is turn the end user into a screen-slave, watching every move they make, THEY MAKE... you are perving on yourself, by yourself because of your OCD to block the living crap inbound/outbound, to/from our PC. Oh my, it's ok, I can make a backup and restore whenever I see fit. Don't you see, you are their tool now. You are their marketing agent and you don't get paid a damn thing for it either! You are their voice, and it isn't a voice of reason, it is a voice of insecurity. What do they provide us with in return? Garbage spewed out in silence via Windows BITS service, constant attention to make all applications compatible with one another, tweaks upon tweaks upon tweaks. Quicksand much...?

Are you kidding me? When was the last time you turned your PC on, knowing you would be spending the whole day without messing around with some form of security application, without some form of update/double check... Where has the fun gone, ladies and gentlemen? Up until recently, I used to think we were trapped, walking on thin ice. One wrong step, and BANG... "they" have all our information. Now, I see we are trapped under ice. All the damn what if's, could be's, if only's... that is what is wrong with the PC user today. Why aren't we backing ourselves to do the right thing? Are we really that corrupt online that we need so many installed applications just to breathe easy? For what, to minimise our digital fingerprint, to keep us anonymous, hidden, vague, misty in a cloud, fogged up like flatulent pensioner in a sauna...

Nothing can stop what is heading our way. It takes a day or three to set up a system without restores, but it only takes 2 hours to knock off 15 beers and massacre your PC during a drunken haze. Where was your HIPS when you needed it? That's right.

That's my 15 minutes of fame...

 

[frogboy]

I like it well written.

 

[marzametal]

Modification (uninstalled):

• spyshelter premium
• novirusthanks exe radar pro
• keyscrambler premium
• zemana antimalware paid
• peerblock
• slimjet
• virtualbox
• internet download manager
• eagleget

Lucky for me I had an image without these installed, sorta' still fresh... phew imagine the remnants in registry!

NOTE: Managed to figure out why Acronis True Image 2015 was acting up, not detecting backups. It all comes down to cluster sizes on external hard drives. System Information declared the sizes were 512b, however my partition application proved that was a lie. The sizes were indeed 4K. So, after a reduction, backup and reboot into recovery, the files were visible again. As we all must know by now, when it comes to Windows, take everything with a grain of salt.

 

[hjlbx]

... you are perving on yourself, by yourself because of your OCD to block the living crap inbound/outbound, to/from our PC. ...

You are their voice, and it isn't a voice of reason, it is a voice of insecurity.

Where has the fun gone, ladies and gentlemen?

Are we really that corrupt online that we need so many installed applications just to breathe easy?

• Anyone OCD definitely needs to stay away from a computer.
  
• Computing is madness and I think anyone who is a die-hard forum participant is at least mildly neurotic.
  
• If it's no longer fun then don't do it.
• Yes on the corruption part. Absolutely not on the multi-app-digital-bunker part.

Maybe focus on the basics... your preferred, primary security software with nothing more than typical daily use in mind... and that's it.

If you try to prevent every potential threat using a,b,c,..., x, y, z softs then you will only drive yourself crazy.

It will be all right...

 

[jamescv7]

Actually if you are wanting to test application in an isolated environment then it will be really fun and way to explorer more, sometimes you don't need a lot of security aoftware installed on real system considering the awareness that you doing repeatedly without going to any problematic situation.

Reference can be useful to know the functionality of software and its a major decision of user who wanted to install and add another component and so on but of course we need to encourage them to limit the setup as it should be a reliable setup.

 

[frogboy]

Bit sad about you losing IDM and SlimJet as i think both are great softwares.

 

[marzametal]

Bit sad about you losing IDM and SlimJet as i think both are great softwares.

Both are ripper apps, but I am testing stuff out. I am my own worst enemy... lol

 

[marzametal]

For example, there was a lag experienced in this text box when typing full-on like a Data Entry receptionist. I couldn't for the life of me figure out why. However, I do have 3rd party apps that monitor stuff in IE11, such as AdGuard, Ghostery, Spyware Blaster. BUT, they are not apps that monitor typing, they're apps that monitor what is displayed and downloaded. So, I went into EAM and unticked Surf Protection. Damn that EAM is a powerful app. One untick and all is well again... muhahahaha

The sucky thing is, it has to be unticked every time. The decision to keep 2/3 protection modules does not stick through reboot... unless Shadow Defender has anything to say about it? Seriously, if SD can reverse work done in Sandboxie & VirtualBox, what cannot it do?

Modification:

• removed KeyPassX, installed LastPass - how annoying... manual username and password entry, via keyboard shortcuts! Linux doesn't have that problem...
• Installed SpyShelter Premium again
• Installed IDM again

Shadow Mode activated...

 

[луноход]

I'm so over SpyShelter Premium. I'm so over Sandboxie. I'm so over key scramblers/antiloggers/encryptors. Malware this, virus that. What the hell is going on here!? ...

lol! That was very enjoyable to read.

 

[marzametal]

Some things that caught my eye in recent days...

Software Licencing - there are various types of licences going around at the moment. Some of them are as follows...

• 1 Licence per PC
• 1 Licence per x amount of PC's
• 1 Licence with a year duration
• 1 Licence for a lifetime

I am not the brightest bulb in the shed, but enough is friggin' enough! How many times to di have to be burned before I go Osama on the software industry? Last year, it was Hitman Pro who burned me. I had a valid licence, but conducted one too many fresh installs, and ran out of licence activation slots. BANG. Waste of a purchase. Credit where credit is due, after explaining to their support staff what was going on, they freed up ONE SLOT. *shakes his head*... anal much?

More recently, yesterday... burned by Zemana Antimalware. This is a 1 licence per PC situation. I try to activate the application after an image restore (didn't have one with ZAM pre-installed) and I get a message... something about "this licence has been activated on more than 1 PC already". Up yours HitmanPro & Zemana! I banish you both to PrivaZers' "delete without a trace" option muhahahaha DIE!

C:\Windows\SoftwareDistribution\Download - this is where Windows Update stores backups and repositories to updates...

I have known about this for a while, but the impact never dawned on me till recently. It is easy to empty this directory, just use a decent system cleaner. However, as with life and everything in it, with a pro, comes a con.

• Pro: free up disk space, could be anywhere from 750MB through to 1.5GB
• Con: EVERY time, from this point onwards, you decide to perform a Windows Update; Windows will download the repositories to check your system for their presence! You can see this yourself while checking for updates, just refresh the directory display and the entries will increase after each refresh.

The ripple effect is sorta' big... it will mean a loooooooooooonger time taken to provide the user with a result of available updates, waste of bandwidth, and checking update history will be worthless. The screen will be empty if the Download folder is emptied.

C:\Windows\Installer - this is where software packages/applications store their MSI and EXE files...

Now hang on a minute Dr Phil... what is a piece of software doing installing its install files in this directory? what would happen if I empty this directory? It's funny how you learn from your mistakes (sometimes) hahaha! This Installer directory should remain untouched as well. There are applications out there that store their installer files in that directory, and if these files go missing for whatever reason; upgrading the program or uninstalling/reinstalling the program become a nightmare and a half!

Some applications that have Installer remnants are as follows...

• ASUS SonicMaster
• Acronis True Image 2015
• AdGuard for Windows (installer, not extension/addon)
• Fresco Logic USB 3.0 Driver

So, the lesson here? If you plan to use it, then don't touch this directory.

 

[marzametal]

I got sick and tired of this Hardened Windows setup... so I went back to Loose-As-A-Goose setup with some tweaks. Pretty much, it is a replica of my config, albeit with most Windows Services receiving no tampering (relying solely on W7FwAS + WFC). Relax, I had to do some tweaking; some apps were simply screaming for attention!

Spoiler

• tweaked startup settings via CCleaner (some stubborn apps needed unticking in their GUI)
• removed acronis from right click menu's (via nirsoft apps)
• plugged hole in flash player directory (replaced "Flash Player" directory with a file called "Flash Player")

• Disable Link-Local Multicast Name Resolution (LLMNR) & IGMP connections...
  • 1 - HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient\EnableMulticast = 0
  • 2 - HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\IGMPLevel = 0
  • 3 - HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents = 0

• netsh int tcp set heuristics disabled
• netsh interface tcp set global autotuninglevel=normal
• netsh interface ipv6 set privacy state=disable
• netsh interface ipv6 6to4 set state state=disabled
• netsh interface ipv6 isatap set state state=disabled
• netsh interface ipv6 set teredo disabled
• netsh interface ipv6 set global icmpredirects=disabled
• netsh interface ipv4 set global icmpredirects=disabled
• netsh interface ipv6 set global taskoffload=disabled
• netsh interface ipv4 set global taskoffload=disabled
• netsh interface ipv6 set global mldlevel=none
• netsh interface ipv4 set global mldlevel=none

• HKLM\SOFTWARE\Microsoft\DirectplayNATHelp\DPNHUPnP\UPnPMode = 2
  • Device Manager...
    • /Network, disable Wan Miniport IPv6
    • /Non-Plug and Play Drivers /Remote Access IPv6 ARP Driver > Properties > Driver tab >: Change Startup Type from System to Disable
    • /Non-Plug and Play Drivers / NETBT > Properties > Driver tab > Stop it and change Type from 'System' to 'Disabled'. (disables NETBIOS totally) partially closes port 445)
  • Windows Services...
    • Disable "UPnP Devive Host", "SSDP Discovery", "Server", "Acronis Services x 3", "Windows Defender" & "NVIDIA Services x 2

So, now I have an option ready for a fresh start... just in case I crack the shizzles again and start to remove apps... I am tempted to try and put together a freeware/freemium setup. Thoughts?

 

[Alexstrasza]

A freeware setup is certainly feasible - just don't go too overboard and then end up with your head in the gutter like post #63

My own setup is not freeware (far from it - I use 4 different paid-for solutions), but I don't use too many software at once and is still considered solid.

 

[marzametal]

A freeware setup is certainly feasible - just don't go too overboard and then end up with your head in the gutter like post #63

My own setup is not freeware (far from it - I use 4 different paid-for solutions), but I don't use too many software at once and is still considered solid.

I was thinking the same thing... best I leave things be, or else.... lol

 

[hjlbx]

I was thinking the same thing... best I leave things be, or else.... lol

Marin you are a certified Master Re-configuration Expert (MRE+).

 

[marzametal]

Marin you are a certified Master Re-configuration Expert (MRE+).

That is going on my resume!! Promotion and pay rise, here we come!

EDIT: Now I want a system just for beta-testing, lol... woe is me.

EDIT: Actually, I am going to restore my pre-installed OS (still Windows 7 x64, but with bloatware), slim it down and attempt to reproduce the current setup on it (some of the ASUS apps are great!)... something to do, eh? lol...

 

[marzametal]

So, finally I have this pre-installed ASUS OS up and running. I removed approx. 6.5GB of bloatware and 6GB of ASUSware (I left some because they are so damn goooood! PLUS 3GB was a copy of the DVD driver installation disc). However, the ones left behind DO NOT add up to the 6GB I cannot recover. Oh well, OEM OS had a C drive partition of 45GB; the ASUS OS C drive partition, I am afraid had to be boosted to 50GB

MiniTools Partition Wizard worked its magic, and I tell ya' what.. Acronis True Image 2015 on the pre-install, runs like Usain Bolt after demolishing a pack of jalapeno peppers. It only took 3 minutes to detect my WD 2TB e-HDD, compared to 10-12 mins on the OEM OS.

*laughs in his head* the only tweaks so far performed are the ones in the spoiler from post #73... so far

 

[marzametal]

Marin's 2nd System Configuration

NOTE #1: It is a system config, not a security system config... yet! Still barebones from the anti-x standpoint...
NOTE #2: Down the track, it is highly possible that I run W7HP ASUS OS and W7HP OEM OS as dual-boot...

Operating System: Windows 7 Home Premium SP1
OS Architecture: 64-bit (x64)
Computer Knowledge: Medium
Last malware infection date: Less than 1 year ago
Malware Samples and Phishing sites: No, I do not download Malware or Phishing sites
Number of users for this PC: Single user account (Private)
User Account Control settings: Notify me only when programs try to make changes to my computer (Do not dim my desktop)

Real-Time Protection:
Firewall Software: Windows 7 Firewall with Advanced Security + Windows Firewall Control
Virtualisation: Shadow Defender 1.4.0.518
On-demand Scanners: None
Privacy software: Cryptostorm VPN

Backup and Recovery: Acronis TrueImage 2015
Web Browser(s): Internet Explorer 11

Extensions and Plugins:
IE11: AdGuard for Windows, Spyware Blaster, Ghostery, LastPass for Windows

Any other software: PrivaZer, CCleaner, Internet Download Manager, MiniTool Partition Wizard Professional

------------------
Previous Config - Windows 7 OEM direct from Microsoft
Current Config - Windows 7 that came pre-installed on my ASUS N53SV notebook

 

[marzametal]

Actually if you are wanting to test application in an isolated environment then it will be really fun and way to explorer more, sometimes you don't need a lot of security aoftware installed on real system considering the awareness that you doing repeatedly without going to any problematic situation.

Reference can be useful to know the functionality of software and its a major decision of user who wanted to install and add another component and so on but of course we need to encourage them to limit the setup as it should be a reliable setup.

Thanks for the wise words Mr Community Superstar

So, my TO DO list...

1. Work on current config
2. Work on @Moose 's request - Sandboxie vs Shadow Defender
3. Think about the above quote some more...

 

[hjlbx]

Marin's 2nd System Configuration

NOTE #1: It is a system config, not a security system config... yet! Still barebones from the anti-x standpoint...
NOTE #2: Down the track, it is highly possible that I run W7HP ASUS OS and W7HP OEM OS as dual-boot...

Operating System: Windows 7 Home Premium SP1
OS Architecture: 64-bit (x64)
Computer Knowledge: Medium
Last malware infection date: Less than 1 year ago
Malware Samples and Phishing sites: No, I do not download Malware or Phishing sites
Number of users for this PC: Single user account (Private)
User Account Control settings: Notify me only when programs try to make changes to my computer (Do not dim my desktop)

Real-Time Protection:
Firewall Software: Windows 7 Firewall with Advanced Security + Windows Firewall Control
Virtualisation: Shadow Defender 1.4.0.518
On-demand Scanners: None
Privacy software: Cryptostorm VPN

Backup and Recovery: Acronis TrueImage 2015
Web Browser(s): Internet Explorer 11

Extensions and Plugins:
IE11: AdGuard for Windows, Spyware Blaster, Ghostery, LastPass for Windows

Any other software: PrivaZer, CCleaner, Internet Download Manager, MiniTool Partition Wizard Professional

------------------
Previous Config - Windows 7 OEM direct from Microsoft
Current Config - Windows 7 that came pre-installed on my ASUS N53SV notebook

Marin, that's a really good system config. Why don't you stick with it for a while.

Then just add/remove various AV.

IF you want malware test setup, what you have above is perfect - but lose the VPN.

I use Emsi and Shadow Defender. Loads of fun watching the malwares with utilities.