Danger SomeRandomCat Security Configuration 2021

Last updated
Jan 31, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
Security updates
Check for updates and Notify
User Access Control
Never notify (disabled)
Smart App Control
Network firewall
N/A
Real-time security
Comodo - Firewall/Auto-Containment/HIPS - Most options enabled + Safe mode for Firewall/HIPS
-Application Vendor Rating disabled

Kaspersky Total Security - Security Network Cloud / AV (Or Cloud Security Free has same options that I use)

WiseVector (Coded to work along-side Kaspersky AV)

HitmanPro.Alert (Anti-Malware real-time protection disabled) All exploit protection enabled
Firewall security
About custom security
Many Microsoft services disabled using:
- Win 10 Tweaker (All options besides Windows update service, and Security center service)
-Device Security: Core Isolation Memory integrity on, and Exploit protection on.

Temp files ran in RAM via ImDisk.

Manual MS Updates as deemed worthy (Using WuMgr). There have been instances in the past where MS updates actually brought on telemetry leaks, so I like to educate myself on each update before applying it.

VeraCrypt - System Encryption. Open source and technically audited/patched twice (Fork of TrueCrypt). I trust this much more than Bitlocker.

Notes:
-This is a personal statement, but I personally have a good amount of faith in Jetico, and am a fan of their Volume Encryption, especially since it works with TPM, but I am waiting for their release that includes the ability to double up on utilizing SSD hardware encryption + software encryption overlay before I purchase a license. SSD encryption has a history of having backdoors/security leaks, but since new versions have been 'patched' and it adds 0% bottleneck, using it underneath the software encryption just makes sense. Worse case the software encryption would still be effective, and best case it provides a second layer of encryption at no cost.

-When Comodo gets around to patching the disappearing rules bug, I will go back to explicitly configuring HIPS/Firewall rules to allow all safe/trusted applications to only be allowed to access exactly what they need to. My perceived benefit of fine-tuning every process so tightly would be that if any type of exploit were to somehow leak though, it would theoretically have a much harder time doing anything afterwards.
Right now I have it basically allow or deny using 'low alert' and 'safe mode'.
Periodic malware scanners
Kaspersky Total Security (Or Cloud Security Free)
WiseVector
HitmanPro
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Brave + uBlock Origin Extension. Brave 'Shields' set to aggressive/strict blocking with no issues on any sites I frequent.
Secure DNS
Pushed DNS from Torguard
Desktop VPN
TorGuard - Killswitch/Forced VPN
Password manager
Manual.
Maintenance tools
BCWIpe:
- Free Space management (Wipe Free Space in Less Time with BCWipe 6.0 from Jetico | Jetico)
-Transparent Wiping (Transparent Wiping overview) Outstanding features by Jetico. I'm a big fan.

Total Uninstall Pro - On every new application install. I manually browse through the installation report and remove (and exclude from future scans) any entries related to security software. Once I got in the habit of this, it became second nature. Big fan of this software as well.

Macrium Reflect:- After fresh Windows install I imaged the system partition. I repeated this process after installing all drivers, again after running Blackbird/Win 10 Twaker, again after installing all utility software (Such as 7Zip, iCue, Notepad++, etc), and again after installing security software. This allows me to easily revert back or between any of these images rapidly as I please.

Notes:
In the past I have used Shadow Defender, I am a big fan of that software as well and have a license for it, but choose not to use it for the time being, because I am too lazy to enter all the registry exceptions required to allow Kaspersky and Comodo to update without my intervention. Instead I use Reflect in the manner I described above and find it suits my tastes a bit better.
File and Photo backup
External HD for backups or important documents.
System recovery
Macrium Reflect (See maintenance section for more details).
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Browsing to unknown / untrusted / shady sites
    • Sharing and receiving files and torrents
    • Working from home
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
    • Downloading malware samples
Computer specs
Z170-Deluxe, 32 GB RAM, 1TB SSD EVO x 2, GTX 1070 ROG, i7-6700 4.0GHz +15% OC + Externals and Flash drives.
Notable changes
1.Added note: "Or Cloud Security Free"
2.Added details on Sandboxie, Brave, Windows Update GUI, Reflect, and 3.Comodo configuration that I left out the first time around.
4.Device Security: Core Isolation Memory integrity on, and Exploit protection on.
5. Disabled Comodo application vendor rating.
6. Stopped using Sandboxie, started using HitmanPro.Alert, and stopped using Blackbird (Blackbird is great, but I have a few small issues with it and the developer seems a bit MIA).
What I'm looking for?

Looking for medium feedback.

Notes by Staff Team
  1. This setup may cause performance issues, system instability or conflicts between programs, and can hinder the effectiveness of the installed antivirus products.

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,531
Started using HitmanPro.Alert (Anti-Malware real-time scanner disabled) and stopped using Sandboxie.
WiseVector StopX + Comodo Firewall + HitmanPro.Alert (With real-time protection enabled) would be a really strong combo imo. Do you really need Kaspersky for anything? WiseVector for a wide variety of threats. Comodo for network protection and sandboxing function and even behavioural analysis via VirusScope of a file if missed by WiseVector. And Exploit protection + risk mitiagation can be handled by HitmanPro.Alert. I can't see the added value of using Kaspersky tbh. If you have a specific reason it would be appreciated if you could share it with me. :)
 

SomeRandomCat

Level 3
Thread author
Well-known
Dec 23, 2020
124
Well, for one, I see value in utilizing Kaspersky's cloud network. For two, WiseVector programmers have literally went out of their way to make sure it runs perfectly along-side Kaspersky real-time scanning.

Since there is no noticeable performance hit on my system and there are no compatibility issues between them, I just don't see any reason not to.

Edit: I did have to manually enter an exception for BCWipe in HitmanPro.Alert registry settings. Other than that, I'm really digging HMPA... the keyboard encryption is an added bonus.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,223
Since there is no noticeable performance hit on my system and there are no compatibility issues between them, I just don't see any reason not to.
The common problem with incompatibilities is that they are usually not visible and can appear randomly from time to time. Sometimes, they can happen after software or system updates. Usually, the users blame the newly installed applications or Windows Updates. If you are lucky then you can happily use this setup for a year without visible issues and next you will see the BSOD or application crash.
But, you are probably ready to face such problems, so be safe.:)
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top