Mineria's Security Configuration

Last updated
Dec 31, 1969
Windows Edition
Pro
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Windows Defender
Firewall security
Microsoft Defender Firewall
Periodic malware scanners
Windows Defender
Emisoft Emergency Kit
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chrome x64
HTTPS-Everywhere
Microsoft Edge (using it only for Microsoft sites)
Maintenance tools
CCleaner + CCEnhancer
W10Privacy + own script
Geek Uninstaller
Bitsum Process Lasso Pro (licensed)
Ninite (to update a few programs)
Sysinternals Autoruns
File and Photo backup
Acronis True Image 2016 (licensed)
System recovery
Acronis True Image 2016 (licensed)
Computer specs
https://malwaretips.com/threads/minerias-gaming-rig.58269/

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
Security steps:
☑ BIOS set to UEFI with secure boot, all keys/signatures applied
☐ JAVA installed
☐ Silverlight installed
☑ Flash Player installed, only used for Raceroom Experience
☑ Custom DNS on PC and router
Norton ConnectSafe option C
Primary DNS address: 199.85.126.30
Secondary DNS address: 199.85.127.30

☑ Two factor authentication
MalwareTips, Microsoft, Google, Facebook and everywhere else where it is possible
☑ Windows tweaked and hardened
Own bat files, registry scripts and group policies
☑ Disable bloat
All part of features, services, drivers and protocols that I don't use/need like Filesharing, HomeGroup, Remote Desktop and so on are removed/disabled, but only so that it doesn't break other needed features

Disabled Services
AllJoyn Router Service
Application Layer Gateway Service
Bluetooth Handsfree Service
Bluetooth Support Service
Connected Device Platform Service
Certificate Propagation
Offline Files
Microsoft (R) Diagnostics Hub Standard Collector Service
Connected User Experiences and Telemetry
dmwappushsvc
Delivery Optimization
HomeGroup Listener
HomeGroup Provider
Windows Mobile Hotspot Service
Internet Explorer ETW Collector Service
Acronis Managed Machine Service Mini
Microsoft iSCSI Initiator Service
Net.Tcp Port Sharing Service
NVIDIA Streamer Network Service
NVIDIA Streamer Service
Peer Networking Identity Manager
Peer Networking Grouping
Program Compatibility Assistant Service
BranchCache
Peer Name Resolution Protocol
Routing and Remote Access
Remote Registry
Retail Demo Service
Remote Procedure Call (RPC) Locator
Smart Card
Smart Card Device Enumeration Service
Smart Card Removal Policy
Sensor Data Service
Sensor Service
Sensor Monitoring Service
Remote Desktop Configuration
Internet Connection Sharing (ICS)
Skype Updater
Microsoft Windows SMS Router Service.
Superfetch
Touch Keyboard and Handwriting Panel Service
Remote Desktop Services
Remote Desktop Services UserMode Port Redirector
Hyper-V Guest Service Interface
Hyper-V Heartbeat Service
Hyper-V Data Exchange Service
Hyper-V Remote Desktop Virtualization Service
Hyper-V Guest Shutdown Service
Hyper-V Time Synchronization Service
Hyper-V VM Session Service
Hyper-V Volume Shadow Copy Requestor
Windows Biometric Service
Windows Defender Network Inspection Service
Windows Defender Service
Windows Remote Management (WS-Management)
Windows Media Player Network Sharing Service
Windows Search

Disabled Features
IIS-FTPSvc
IIS-FTPExtensibility
MSMQ-Container
IIS-LegacyScripts
IIS-LegacySnapIn
IIS-FTPServer
MSMQ-Server
MSMQ-Multicast
MSMQ-DCOMProxy
NetFx4Extended-ASPNET45
MSMQ-Triggers
MSMQ-ADIntegration
MSMQ-HTTP
IIS-CGI
IIS-ISAPIExtensions
IIS-ISAPIFilter
IIS-ASPNET
IIS-ASPNET45
IIS-ASP
IIS-ServerSideIncludes
IIS-ManagementConsole
IIS-ManagementService
IIS-WMICompatibility
IIS-CustomLogging
IIS-BasicAuthentication
IIS-HttpCompressionStatic
Printing-PrintToPDFServices-Features
Printing-Foundation-LPDPrintService
Printing-Foundation-InternetPrinting-Client
FaxServicesClientPackage
Microsoft-Hyper-V-Services
Printing-Foundation-Features
Printing-Foundation-LPRPortMonitor
ScanManagementConsole
IsolatedUserMode
Client-EmbeddedShellLauncher
MultiPoint-Connector
DirectoryServices-ADAM-Client
RasCMAK
TIFFIFilter
TelnetClient
TFTP
WorkFolders-Client
Printing-XPSServices-Features
RasRip
MSRDC-Infrastructure
SMB1Protocol
Microsoft-Hyper-V-Management-PowerShell
Microsoft-Hyper-V
Microsoft-Hyper-V-Hypervisor
Microsoft-Hyper-V-All
Microsoft-Hyper-V-Tools-All
Microsoft-Hyper-V-Management-Clients
IIS-RequestMonitor
IIS-HttpTracing
IIS-Security
IIS-HealthAndDiagnostics
IIS-HttpLogging
IIS-LoggingLibraries
IIS-URLAuthorization
IIS-HttpCompressionDynamic
IIS-WebServerManagementTools
IIS-ManagementScriptingTools
IIS-RequestFiltering
IIS-IPSecurity
IIS-Performance
Windows-Identity-Foundation
Internet-Explorer-Optional-amd64
IIS-WebServerRole
SimpleTCP
SNMP
WMISnmpProvider
IIS-WebServer
IIS-ApplicationDevelopment
IIS-NetFxExtensibility
IIS-NetFxExtensibility45
IIS-CommonHttpFeatures
IIS-HttpErrors
IIS-HttpRedirect
IIS-IIS6ManagementCompatibility
IIS-DigestAuthentication
IIS-ClientCertificateMappingAuthentication
IIS-IISCertificateMappingAuthentication
WCF-TCP-PortSharing45
IIS-CertProvider
IIS-WindowsAuthentication
IIS-ODBCLogging
IIS-WebDAV
IIS-WebSockets
IIS-ApplicationInit
IIS-StaticContent
IIS-DefaultDocument
IIS-DirectoryBrowsing
WAS-NetFxEnvironment
WAS-ConfigurationAPI
IIS-HostableWebCore
IIS-Metabase
WAS-WindowsActivationService
WAS-ProcessModel
WCF-HTTP-Activation
WCF-TCP-Activation45
WCF-Pipe-Activation45
WCF-MSMQ-Activation45
WCF-NonHTTP-Activation
WCF-Services45
WCF-HTTP-Activation45

Installed Programs and Apps
Steam and my games not included since they didn't need to be reinstalled, on other disks.
7-Zip 16.02 (x64)
ACID Music Studio 10.0
Acronis True Image
Adobe Flash Player 11 Plugin
ASUS AI Suite 3
Audacity 2.1.2
AURA (Asus Graphics card)
CCleaner
Cakewalk Command Center
Discord
EZdrummer 2 64-bit
EZmix 64-bit
FANALeds
FANATEC Driver Package
Foxit Reader
G-Force Suite version 1.0
Google Chrome
HOST OpenAL
Intel(R) Management Engine Components
Intel(R) Network Connections
Microsoft ASP.NET MVC 4 Runtime
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 365
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64
Microsoft Visual C++ 2008 Redistributable - x86
Microsoft Visual C++ 2010 x64 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable
Microsoft Visual C++ 2012 Redistributable (x64)
Microsoft Visual C++ 2012 Redistributable (x86)
Microsoft Visual C++ 2013 Redistributable (x64)
Microsoft Visual C++ 2013 Redistributable (x86)
Microsoft Visual C++ 2015 Redistributable (x64)
Microsoft Visual C++ 2015 Redistributable (x86)
MiniNova Bundle 1.4
Movie Studio Platinum 12.0 (64-bit)
Notepad++
Novation USB Audio Driver
NVIDIA Graphics Driver
NVIDIA HD Audio Driver
NVIDIA Update
NVIDIA PhysX System Software
paint.net
Process Lasso
Skype™
Sound Blaster Z-Series
Toontrack Product Manager
TrackIR 5
USBD480
Vulkan Run Time Libraries
 
Last edited:

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
Dangerous to play with malwares on your real system, better do it in a VM.
Probably did set it wrong, I don't play with Malware on this system. :)

You referred to the Participate in Malware Hub setting? I might have misunderstood it as allowing CIS to submit unrecognized files, so edited the config and set it to No.
 
Last edited:

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
Really nice config without the need to spend money. Don't forget to update to Windows 10 Mobile.
I used NIS before but got tired of how Symantec approaches broken features and bugs in their software, so went with something free this time.
I have a 950XL, so it is on Windows 10 Mobile.
 
  • Like
Reactions: Dani Santos
H

hjlbx

I used NIS before but got tired of how Symantec approaches broken features and bugs in their software, so went with something free this time.
I have a 950XL, so it is on Windows 10 Mobile.

In terms of bug fixes, you went from bad to much worse. COMODO is renowned for not fixing bugs - or taking years to do so.

Despite this fact, COMODO is decent base-line protection.

Your config is good.
 

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
In terms of bug fixes, you went from bad to much worse. COMODO is renowned for not fixing bugs - or taking years to do so.

Despite this fact, COMODO is decent base-line protection.

Your config is good.
At least I don't have to pay them for not fixing the bugs.
Encountered one so far when it comes to Comodo which is remembering new rules, best workaround I found is to export the config, since it then asks to save the settings to the used profile, I think that's better than disabling part of the protection that causes it.

I tried some other suites like BitDefender Total Security 2016 and 360 Total Security, but didn't like them.

I could probably replace the AV in CIS with something else, but not sure what if so, with the current settings I use I won't get any better 0-day protection anyhow.
 
  • Like
Reactions: Cats-4_Owners-2
H

hjlbx

At least I don't have to pay them for not fixing the bugs.
Encountered one so far when it comes to Comodo which is remembering new rules, best workaround I found is to export the config, since it then asks to save the settings to the used profile, I think that's better than disabling part of the protection that causes it.

Not meant as any kind of criticism. Like I said, your config is good.

I used COMODO for a very long time. Beta tested, report bugs direct to Chief of COMODO Engineering, make feature requests to Melih directly, etc. I am very familiar with COMODO - the product, the company, the staff.

The "disappearing rules\objects" bug has existed for years at this point - and I think there is little hope that it will be fixed any time soon. If COMDOO fixes it in version 9\10, then I will be extremely surprised.
 

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
Good config. I'd only add to maybe add one more on-demand scanner.
Added Avast! Free Antivirus, currently running it active side by side to see if their are any performance and compatibility issues.
 

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
I'm in agreement with @Dani Santos' earlier comment,:rolleyes: yours is a configuration that makes good use of free software!

Comodo's Ice Dragon was once among the mozilla sourced browsers we'd used (nearly 3 years ago). At that time, & on our systems, it was nearly identical (in performance) to Firefox. The only serious drawback (then) were updates for security patches were not kept current enough. If that has changed since that time, I'd say that's terrific!:) If not, a worthy 64 bit browser alternative you can consider is called Cyberfox 8pecxstudios Cyberfox which is also available as a portable version to be extracted onto an external flash drive.

We'd used Avast! Premier on our own Windows 8.1 system a year ago, & prior to their inclusion of sandboxing protections. Even so, it's hardened modes, lightness on resources, along with both it's performance & reputation for excellent protection at no cost, further make this a worthy choice for testing upon your Windows 10. I hope it serves you well.

Thank you for sharing your configuration, it looks good to me too!:D

Edit: Is there a compatibility mode? Usually it is best to only run a single realtime AV protection at a time. Running one requires disabling the other which is a more efficient (& compatible) way to tell their differences.
 
Last edited:
  • Like
Reactions: frogboy

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
I'm in agreement with @Dani Santos' earlier comment,:rolleyes: yours is a configuration that makes good use of free software!

Comodo's Ice Dragon was once among the mozilla sourced browsers we'd used (nearly 3 years ago). At that time, & on our systems, it was nearly identical (in performance) to Firefox. The only serious drawback (then) were updates for security patches were not kept current enough. If that has changed since that time, I'd say that's terrific!:) If not, a worthy 64 bit browser alternative you can consider is called Cyberfox 8pecxstudios Cyberfox which is also available as a portable version to be extracted onto an external flash drive.

We'd used Avast! Premier on our own Windows 8.1 system a year ago, & prior to their inclusion of sandboxing protections. Even so, it's hardened modes, lightness on resources, along with both it's performance & reputation for excellent protection at no cost, further make this a worthy choice for testing upon your Windows 10. I hope it serves you well.

Thank you for sharing your configuration, it looks good to me too!:D

Edit: Is there a compatibility mode? Usually it is best to only run a single realtime AV protection at a time. Running one requires disabling the other which is a more efficient (& compatible) way to tell their differences.
IceDragon is currently at Firefox 44.0.0.11, while Firefox itself is up at 45.0.1.
I guess Cyberfox is a Firefox offspring as well? Waiting for FF x64 to get compatible with more plugins before jumping on, it is rather limited at the moment.

Neither Avast nor Comodo AV has a compatibility mode, going to see how COMODO takes Avast's hardened mode.
 
  • Like
Reactions: Cats-4_Owners-2

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
IceDragon is currently at Firefox 44.0.0.11, while Firefox itself is up at 45.0.1.
I guess Cyberfox is a Firefox offspring as well? Waiting for FF x64 to get compatible with more plugins before jumping on, it is rather limited at the moment.

Neither Avast nor Comodo AV has a compatibility mode, going to see how COMODO takes Avast's hardened mode.
*Smiling* It's kind of like using (2) quarterbacks on your team, but you only need (1) of them.

Here's a link you might try for Firefox 64 bit (developer edition)
 
  • Like
Reactions: frogboy

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
*Smiling* It's kind of like using (2) quarterbacks on your team, but you only need (1) of them.

Here's a link you might try for Firefox 64 bit (developer edition)
:) I know, just curios how they play together, probably sticking with CIS buildin AV, since I in the past experienced Avast crapping up when it ran alongside Comodo Firewall, mainly with major version changes.
I have tried the FF developer edition, it still lacks support for a few plugins
Here is what I got:

Adobe Flash Player
Java Runtime Environment
Silverlight Plug-In


NVIDIA 3D VISION (v. 7.17.13.6451)
Foxit Reader Plugin for Mozilla (v. 2.2.5.1228)
mycomgames3 component npmycomdetector.dll (v. 3.0.168.32465)
Microsoft Office 2016 (v. 16.0.6528.1017)
NVIDIA 3D Vision (v. 7.17.13.6451)


EDIT: Modified the AVAST installation so that the Mail Scanner is the only thing I have installed besides on-demand scanning.
Exclusion for the processes added to Comodo.
Although, E-mail scanning is probably not needed today.
 
Last edited:
  • Like
Reactions: Cats-4_Owners-2

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
Tried out Zemana AntiLogger Free, seems like a bad idea since it conflicts with CIS HIPS, the HIPS just allows everything when the AntiLogger is running.
 
  • Like
Reactions: Cats-4_Owners-2

Soulbound

Moderator
Verified
Staff Member
Well-known
Jan 14, 2015
1,761
what is your current hips and firewall settings in comodo? Im curious. @cruelsister has a guide on comodo which is recommended.

Avast is a decent av but unless you actually tweak it quite few things will go through.

not to say it can work along side cis because it can but I would personally use cav instead. Yes I know cav ain't the best in terms of detection but back in5.10 I used only cav not cis. Nowadays cis is going on a direction I personally don't like so I stopped recommending it since v7. Their hips ain't the same as before and like another user said its the time it takes to fix bugs.

if it woks for you great. If not there are good alternative combos just look around user configs section or ask @Umbra .

im the type that runs os firewall with either 3rd party av or wd. I did for sometime run a full suite but that was endpoint.
 
  • Like
Reactions: Cats-4_Owners-2

Mineria

Level 3
Thread author
Verified
Mar 19, 2016
128
what is your current hips and firewall settings in comodo? Im curious. @cruelsister has a guide on comodo which is recommended.

Avast is a decent av but unless you actually tweak it quite few things will go through.

not to say it can work along side cis because it can but I would personally use cav instead. Yes I know cav ain't the best in terms of detection but back in5.10 I used only cav not cis. Nowadays cis is going on a direction I personally don't like so I stopped recommending it since v7. Their hips ain't the same as before and like another user said its the time it takes to fix bugs.

if it woks for you great. If not there are good alternative combos just look around user configs section or ask @Umbra .

im the type that runs os firewall with either 3rd party av or wd. I did for sometime run a full suite but that was endpoint.
CIS FW is running in Safe Mode with all protection options enabled.
HIPS is running safe mode with all protection options enabled, not using cloud lookup neither trusting what trusted installers install, I wiped the list of trusted vendors and added the vendors of safe running processes manually, sandbox is on auto without file source tracking and virusscope tracks everything.
Avast is only doing mail scanning (only thing I installed from it) and used as on demand scanner, CAV stands for the rest.
So I'm basically getting warnings and sandboxed every time I download and run something new.
Only used and configurated Endpoint solutions for work, not really something I would run on my home PC.

I have to find another solution for a kid though, needs to be way more auto and allow games to be downloaded and installed without alerts and questions, yet it still needs to be "safe", maybe 360 Total Security, Glasswire and the rest of what I use in my configuration?
Since the kid won't have a clue what to allow and disallow. :)
 
Last edited:
  • Like
Reactions: Cats-4_Owners-2

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top