NOLF92's Security Configuration

[NOLF92]

One question you have to ask yourself: How prone are you to get infected with Ransomware and other infections like those?

CIS HIPS can be a good approach, granted you fully configure it properly, because if you dont, you are in for some surprises.

If you do not really see yourself getting infected based on what you use your system for, its best to just keep a simple config instead of overloading it with possible protection which will not do anything unless you actively look for infections.

I've never been infected by ransomeware, and I'm very happy about that. And yeah, I'm quickly learning that COMODO IS takes some configuration, which is why I'm reading through some of the guides that Umbra and others have kindly provided. It's nuts how much more configuration options you get versus KASPERSKY (more of a turn up to highest setting, and leave-it-be type software). Thank you for feedback.

@Anti-Malware Reviwer -- thank you!

Currently experimenting with EMSISOFT Anti-Malware, as I got a free 1-year liscense that came with ADGUARD and I'm going to see how it compares with Malwarebytes Anti-Malware. Where do you all stand on the EMSISOFT AM vs MBAM front?

 

[Soulbound]

Eam + mbam I assume both in RT? If so overkill. If u use mbam on demand then its fine

 

[NOLF92]

Eam + mbam I assume both in RT? If so overkill. If u use mbam on demand then its fine

I'd prefer not to have both EAM + MBAM RT at the same time, as you say, could be overkill, and yeah, I could just go with MBAM on demand. Right now I'm running EMSISOFT Anti-Malware Premium w/o MBAM RT (mainly because I got a 1-year EAM liscense for free). The best thing I can do is keep experimenting with malware samples and whichever is the most consistent for my tastes, I'll make that one my designated RT.

So as it sits, Malwarebytes Anti-Malware (now free edition) has been downgraded to on-demand scanner, and EMSISOFT Anti-Malware is my primary real-time scanner. Also, due to questionable compatibility issues with CIS, I've temporarily removed MAE until I figure that out.

 

[Ink]

EMSISOFT Anti-Malware Premium

It's just Emsisoft Anti-Malware, no Premium.

I believe it's still a work in progress, but here's a link to the thread: Emsisoft A.M & E.I.S now include Exploit Protection - Ignore any results that include Emsisoft for Real World Exploit tests.

 

[NOLF92]

It's just Emsisoft Anti-Malware, no Premium.

I believe it's still a work in progress, but here's a link to the thread: Emsisoft A.M & E.I.S now include Exploit Protection - Ignore any results that include Emsisoft for Real World Exploit tests.

Ahg, I keep confusing it with Malwarebytes & Zemana. It's nice to hear that they now have exploit protection, now I don't feel so bad about dumping MBAE.

 

[Kantry123]

Why are you using 2 adblockers? i mean u r using uBlock and ADGUARD ..! use wither of them NOT both of them.

regards

 

[DracusNarcrym]

Great config. Everything is covered!

One note though, make sure you have at least one clean, full system backup image created with EaseUS Todo Backup Free, so that you can restore your system to its exact state, as it was when you created that system image. (but I think it's pretty obvious you have already covered this too )

Other than that, you're good to go!

Thanks for sharing your configuration with us!

 

[NOLF92]

Why are you using 2 adblockers? i mean u r using uBlock and ADGUARD ..! use wither of them NOT both of them.

regards

I could probably dump uBlock Origin. I need to do more in depth analysis of both AdGuard and uBlock's filters.

@DracusNarcrym - yep, I'm going to do one tonight. Thanks, by the way!

Dropped NoScript and replaced it with uMatrix. NoScript runs fine, but half the time it never remembers my configs. Also, I ended up removing uBlock Origin, not because it's a bad tool, but because ADGUARD seems to be working just as well, and it has a few extra privacy options.

 

[Soulbound]

I had page render issues with ublock. Tho adguard was fine I still went back to abp. Does what it needs without issues for me.
Mbam on demand is a good choice. Keep eam on rt. Its a good solution. Only reason I do not run is cause it does affect my system performance when I'm gaming. I don't just run one game at a time that's why

 

[NOLF92]

I had page render issues with ublock. Tho adguard was fine I still went back to abp. Does what it needs without issues for me.
Mbam on demand is a good choice. Keep eam on rt. Its a good solution. Only reason I do not run is cause it does affect my system performance when I'm gaming. I don't just run one game at a time that's why

The only reason I ever stopped using ABP was it was becoming a little boaty. They may have changed that since then, though.

- Backing up my computer now with EaseUS Todo Backup Free 9.0. The only thing I don't like about the free version is the fact that they intentionally make the process slow, and I can't transfer my backup to another computer. Not all that bad, but it's free, so whatever.

 

[Soulbound]

Paragon free or Macrium free will do the trick

 

[NOLF92]

Uninstalled Emsisoft Anti-Malware. I attempted to scan a malware sample and ever since, I can't load it, even after reinstalling it. Until I can figure out why this is happening, I've upgraded Malwarebytes to RT. Just for ****'s and giggles, I installed Emsisoft Emergency Kit, it worked very briefly, but then deactivated soon after. It could be something as simply as a registry problem, so I'm going to go ahead and start working on deleting old remnants, and later try a fresh install. I went ahead and added Crystal Security as a backup on-demand scanner, since I've had good luck with it in the past.

 

[Soulbound]

why not do this instead:

Delete all leftovers and clean up registry of security solutions.

Then install one of the following (your pick)

*avast! (RT) + MBAM (On Demand) - custom install of avast, forgo bloatware, and you have a decent solution
*Avira free AV (RT) + MBAM (On Demand) - basically install and forget
*Panda Free Antivirus (link here) (RT) + MBAM (On Demand) - basically install and forget
*FortiClient (RT) + MBAM (On Demand) - basically install and forget
*360 Total Security by Qihoo (RT) + MBAM (On Demand) - Not a fan of the company behind but ok solution for casual user
*Comodo Internet Security (RT) + MBAM (On Demand) - if you like to tweak everything under the sun
and lastly: AVG Free (RT) + MBAM (On Demand)


Rocking one of the above configurations might look like bare bones but then again, unless you are actively looking for infections, any of the above will do its designated job.

No need to over complicate things and attempt to plug in every hole you can think off in terms of security when in the long run, will cause you issues.

 

[NOLF92]

My setup isn't really that heavy? Comodo, Malwarebytes, and Shadow Defender. The rest are on-demand, and can you really have too many of those?

 

[Soulbound]

My setup isn't really that heavy? Comodo, Malwarebytes, and Shadow Defender. The rest are on-demand, and can you really have too many of those?

I prefer simplicity over complication. Let me put it this way: I'm the exact opposite of @Umbra . The least installed on my system, the better, granted I know what im doing and I don't over complicate setups.


You had EAM previously and removed for a reason. You also upgraded MBAM to RT.
This is why I suggested 1 AV solution which is free + MBAM On Demand. less hassle, less complications in the long run.

Its ok to add on demand scanners, but tbh one and maybe 2 on demand scanners is more than enough.

 

[NOLF92]

I prefer simplicity over complication. Let me put it this way: I'm the exact opposite of @Umbra . The least installed on my system, the better, granted I know what im doing and I don't over complicate setups.


You had EAM previously and removed for a reason. You also upgraded MBAM to RT.
This is why I suggested 1 AV solution which is free + MBAM On Demand. less hassle, less complications in the long run.

Its ok to add on demand scanners, but tbh one and maybe 2 on demand scanners is more than enough.

I've always only had three (at the most) on-demand scanners at a time. The only thing I've ever switched is Emsisoft and Malwarebytes RT, and only because one stopped working after testing malware. My setup may appear overcomplex, but you should have seen my bloaty mess of a computer before I came here, lol.

 

[Soulbound]

I've always only had three (at the most) on-demand scanners at a time. The only thing I've ever switched is Emsisoft and Malwarebytes RT, and only because one stopped working after testing malware. This setup is very light, more so than most, so I'm failing to see the problem.

believe you misunderstood. no one said it was a problem.
you listed as you visit sites and download samples. it is never recommended to do it on your main system unless its a testing bed. you also previously said you would actively test them out, yet at a later post EAM stopped working after you chose to scan a malware sample.

You recently dropped some solutions upon some feedback.

Was only providing some feedback in how to keep it simple and have no headaches on the long run. No one is going to point the gun at you for not adopting any example of a combo which is given on a constructive feedback note.

Also, MBAM RT is far from being light. RAM is not the only thing that dictates light. its a conjuntion of system responsiveness, I/O Writting, CPU peaks during scan, idle and other operations etc.

 

[NOLF92]

believe you misunderstood. no one said it was a problem.
you listed as you visit sites and download samples. it is never recommended to do it on your main system unless its a testing bed. you also previously said you would actively test them out, yet at a later post EAM stopped working after you chose to scan a malware sample.

You recently dropped some solutions upon some feedback.

Was only providing some feedback in how to keep it simple and have no headaches on the long run. No one is going to point the gun at you for not adopting any example of a combo which is given on a constructive feedback note.

Also, MBAM RT is far from being light. RAM is not the only thing that dictates light. its a conjuntion of system responsiveness, I/O Writting, CPU peaks during scan, idle and other operations etc.

I don't how it's not light. Emsisoft added over 10 seconds in boot time. With MB, I'm back to 23 seconds. Plus, isn't Emsisoft like 290mb's, whereas MB is 66? Pardon my ignorance, I am admittedly a novice, new to this community, and barking more than I should be. And yes, I shouldn't be testing malware samples on my main system. Perhaps I should stop, at least until I get a better handle on this stuff.

 

[Soulbound]

EAM uses more RAM but when its scanning CPU is not that intense. Removal/cleaning however is another story depending on the system.
MBAM uses less RAM, yes, however CPU usage, I/O writing during cleaning and scanning process gets more intense.

Boot time impact is separate from lightness, contrary to many belief. If we talking about boot time, ESET, WD and WSA are the only ones i remember using that didnt have nearly any boot impact.

Get VirtualBox, install it, then create a Virtual Machine for windows and before you install anything and after updating the OS inside VM, create a snapshot.

That way, you can then install solutions, test its cleaning and removal capabilities (detection is not the most important on some solutions, but the additional methods they have such as ESET HIPS, EAM Behaviour Blocker, AVAST's range of tools etc). Something broke inside VM, restore snapshot (less than 1 minute) and your good to go again.

 

[NOLF92]

EAM uses more RAM but when its scanning CPU is not that intense. Removal/cleaning however is another story depending on the system.
MBAM uses less RAM, yes, however CPU usage, I/O writing during cleaning and scanning process gets more intense.

Boot time impact is separate from lightness, contrary to many belief. If we talking about boot time, ESET, WD and WSA are the only ones i remember using that didnt have nearly any boot impact.

Get VirtualBox, install it, then create a Virtual Machine for windows and before you install anything and after updating the OS inside VM, create a snapshot.

That way, you can then install solutions, test its cleaning and removal capabilities (detection is not the most important on some solutions, but the additional methods they have such as ESET HIPS, EAM Behaviour Blocker, AVAST's range of tools etc). Something broke inside VM, restore snapshot (less than 1 minute) and your good to go again.

Ahhh, I see. Thank you for clarifying that. Will check out virtualbox.