Rocco's Config - Any help please

[Koroke San]

You answered yourself with your own last paragraph, it is the users that will click "allow" essentially whitelisting, that find trouble. It is also the users that download a software, that do not check the installers that here recently, you will see, many hijacked browsers ect from. So this is why i stood with "guest accounts" and "back ups". No need for over kill security, that is advanced and will cause problems, to compound the already present problem of several users on one system.

hahah did u really read my whole comment? if u create a guest account, mostly family members get annoyed coz they can't install softwares means they don't have power of administrator. guest account is for them who are new to computers. limited account is for them who are medium & administrator for them who are advance . i already said create a limited account with UAC . lol i see many advanced users, they never do backup regularly & their pc are shared with other family members. also the advance user is aware that he/she daily messes up with his/her pc then he/she give time for creating backup but if they know they just surfing web for 30 minutes & shut down their pc then no need to do backup which means no need regular backup and sandboxie is not a overkill security nor CMF is. thnx

 

[Exterminator]

Thanks for sharing your config

 

[Koroke San]

lol, yup, too advanced for me to handle... This thread is about them, not me

Speaking of, if you would lik to continue this, PM, as of now, we are hijacking this guys thread.

yea i know brah it's advance for u not for me u talking about CMF only? many peoples use CIS ( included FW) and they all are not advance but they know to handle it. CMF only bugs out with HIPS when u install or use a new software in ur pc or when unknow file detect. if one of other family members infect PC then the advance user of family member can use best AV rescue CD like to clean infected files . and if advance users share his pc with others then he need to check his regularly pc with a on-demand scanner scan or it's AV scan . yes i like to continue this coz right now i'm so bored brah, glad u online with me. thnx

 

[Koroke San]

Facts:
at Koroke, never allow an HIPS in the hands of beginners; they will ask to remove it or click "allow" all the time; HIPS are definitely not for beginners

not every beginner click allow to unwanted application to run. trust me i saw many beginners , who get alerts when they saw any virus pop up alert, even it's FP they click to delete it coz it's a virus, they nothing know about virus so much but they have a concept in their mind that it's a " virus" & it gonna affect their pc so they usually blocked or delete it. and about HIPS , if it annoy users then u can simply disable it HIPS & use AV built HIPS. but since he wants some free security products i suggest him free firewall like Comodo & since CMF improves it BB, no need to put HIPS in safe mode. u can put it in clean pc mode or training mode. or if u share ur pc with lil kids or bro/sister then u can put password in CMF & even they try to allow it when HIPS pops up, then need to provide password, which they can't. if CMF don't have it's own password protect feature then i don't recommended it. thnx

 

[Deleted member 178]

The problem with HIPS and beginners is they easily screw their system when the HIPS ask for a decision. with beginners better prevent them to use advanced tools than fix the damages.

You dont give the car key to a 10 years old child even if he knows how to turn on the engine and control the direction

 

[Koroke San]

hmm he didn't mentioned he shared his pc with 10 years old child if so then i never recommended it. i'll recommended free AV with windows firewall. even that windows firewall pops up for suspicious & unwanted file, they will click & allow it. that's why i suggest create limited account & use CMF with password protect. they can't screw it up since CMF will ask password first.

Edit : my mistake, it's window defender not window firewall. thnx

 

[alexp79]

Hello
You should add a backup thing and maybe few firefox addon like adblock plus and last pass for password manager
Wot or webutation also (i prefer and use the second)

 

[Ink]

Windows Firewall doesn't do what you mentioned, it may ask very rarely for a program requesting Network access, but not for suspicious files.

 

[Koroke San]

oh i see, i typed mistake in my previous comment. I was very sleepy when i typed that comment. my mean was window defender not window firewall.

 

[rocco.007]

Great advise from all and many thanks. I am working through all options to configure my PC with something that I can easily work with within your peramitters.

 

[rocco.007]

Welcome aboard! Lets secure you computer so that you never see again how the Malware Removal Assistance forum looks...
Now, from now on it your duty to keep your family safe from malware. First lesson? Software can't always protect you so you need to learn how malware is distributed and avoid it. I have wrote awhile ago this article, and if you have the time, you should read it: http://malwaretips.com/blogs/how-to-easily-avoid-pc-infections/
Real-Time Protection:
You've got some tweaking to do to your Avast Antivirus:

1. Enable Hardened Mode
Hardened Mode is designed to make protection tougher without interfering with the computer usage much.
avast! by default checks suspicious files with DeepScreen within virtual environment to see how they behave. But if you use Hardened Mode, it starts to behave a bit differently.

Hardened Mode: Moderate
Under normal conditions, if avast! decides that some file is too suspicious by various characteristics, it then throws it into the DeepScren for further scanning. But if Moderate Hardened Mode is enabled, avast! automatically blocks files that are detected as suspicious by preliminary analysis.
In most cases DeepScreen checks the file and if it doesn't find obvious malicious problems with it, those files are started automatically after analysis. But Hardened Mode (Moderate) blocks it right there.

Hardened Mode Agressive
This mode behaves a bit differently. It actually relies on analysis on a very small scale and mostly relies on a huge whitelist database located in avast! Cloud. If file is located within the cloud and flagged as safe, it will allow to run it. If it's not found or marked as bad, it will block it. So, at least based on my experience, Aggressive Mode is actually much more secure and also a lot less intrusive. Only time that it will cause problems is with some very rare old software or very very new software that isn't used by thousands of users. Usually some very specialized programs used by only few users.
Moderate mode often feels a bit too paranoid (despite its name) because it often blocks safe programs just because they exhibit local suspicious file characteristics that are basically ignored by the Aggressive mode.

To enable Avast's Hardened mode to go:
Open Avast, click on Settings, then on Antivirus and check "Enable Hardened Mode", then put a check-mark on Aggressive or Moderated as you wish.
View attachment 7700
2.Enable PUP Detection:
A PUP (potentially unwanted program) is a program that may be unwanted, such as spyware, despite the possibility that users consented to download it. This usually includes: toolbars, browser hijackers or adware (ad-supported software)

1. Open Avast, click on Settings, then on Active Protection and click on the gear next to the Files System.
2. In the "Sensitivity", select "Scan for potentially unwanted software (PUPs)".

Next, you will need to do the same for the Web Shield so lets do it.
Click on Settings, then on Active Protection and click on the gear next to the Web Shield. Then select Sensitivity and check "Scan for potentially unwanted software (PUPs)".

3. Enable Warn when downloading files with poor reputation.
In the Web Shield field, you can enable "Warn when downloading files with poor reputation", and it does what it says.. it will warn you when you are downloading a file with a low reputation...
To enable it, click on Settings, then on Active Protection and click on the gear next to the Files System. Then select Web Shield and check Warn when downloading files with poor reputation..

Browser Protection:
Adblock Plus: https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/
You need an adblocker becauser apart from the simple fact that most ads are annoying, some of them might even lead you to adware or potentially unwanted programs. This add-on will block all the ads from a web page, making it look very clean and neat!

WOT (Web of Trust): https://addons.mozilla.org/en-US/firefox/addon/wot-safe-browsing-tool/
To help you avoid malicious sites you can use Web of Trust (WOT) a website rating browser plugin. After you add it to your browser make sure you only visit websites rated "Green" by WOT. Here is how it works:

​

Virtualization
A virtualization software will allow you to browse the web or run another application in a completely safe environment. This is especially useful when visiting high-risk web sites, whether accidentally or deliberately, as the Web browser will be completely contained within the virtual enviroment, preventing any damage to your computer.
A sandbox can also be used to run any other applications which you think may be suspect - you can run the program inside the sandbox to determine whether or not it is safe while remaining completely protected against any malicious actions that it may try to carry out.
I strongly advise you to install Sandboxie and use it for when you're browsing the Internet or running shady or unknown programs. Sandboxie (Free/Paid) - link
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

​

Always run suspicious of freshly downloaded files in a Sandboxie to verify that he download isn't compromised! Sandboxie will replicate perfectly your operating system so all the files should run without any problems in it.
If you learn how to properly use Sandboxie, then you really decrease your chances of gettings an infection, I'm always running my web browser sandbox just to be on the safe side.....


Welcome... That's it for now.. I'm waiting for you reply for more..

Great advice. Simple and clear. Will revert for any advice later, I'm sure. Many thanks