Advanced Plus Security TairikuOkami's Configuration 2021

[TairikuOkami]

Disabled IPv6, Telemetry, WSH, some services. Removed Powershell, Windows features except NET Framework.
I limited apps to connect only to their retrospective IPs to avoid malicious redirects, like in the CCleaner's case.
Browser is allowed to connect via HTTPS, Steam is forced to use HTTPS, emails are opened via webmail.
I use PatchMyPC/DriverEasy to keep software/drivers updated + Softpedia's Notifier for the rest.

Anti-ransomware - backup folder - denied access to SYSTEM, Users permissions are set to read only.
I turn off PC with Wise Cleaners + tweaks, to remove startup entries/policies and to restore my settings.
Browser's cache, Desktop, Downloads and Temp folders are stored in the RAMDisk, where malware likes to hide.
In case of an emergency (ransomware) I can hit Reset and Windows will boot with all those reset to the previous state.

Adguard


Malwarebytes Windows Firewall Control


Windows Calm Edition


Note to myself, why I can not ever use AdGuard DNS

 

[harlan4096]

Why WD disabled? I know this is a "rhetoric question" , but I would like You to expose here the answer and Your justifications

 

[TairikuOkami]

Why WD disabled?

It causes a terrible slow down, system feels sluggish overall, icons in explorer are loading one by one, it is like when I had my first PC with Windows 95. Whenever I enable it, it is the same. I would not mind running a realtime AV, but I have yet to find one, that would not bother me, Fortinet came close though. Hopefully a new cloud AV will emerge soon.

P.S. Not to mention AVs removing "normal" files like Nirsoft, Process Hacker and my tweaks. Exceptions do not exactly work, especially when you keep updating those files.

 

[TairikuOkami]

I have just tried out some AVs: BD blocked everything as mentioned, Sophos wanted me to restart (forever and ever), Kaspersky crashed my browser, same old same old.

I really like Kaspersky's icon, it reminds me of Panda AV's icon, it used to have. I would use it for that reason alone, but it just does not like me either.

EDIT: Comodo AV was the worst so far, it brought browsing to the crawl and I could not download nor save anything, not even screenshots, lol.

 

[harlan4096]

Are You sure is it because Kaspersky?

 

[TairikuOkami]

Are You sure is it because Kaspersky?

Yes, I visited paypal, tried to open certificates and crash, even with the web protection and SSL injection disabled, once uninstalled, all went back to normal.
I have not seen BSOD nor apps crash for years, I suppose, that is what AVs are good, one of the reason I stopped using them, it solved tons of random problems.

 

[harlan4096]

You have probably heavily tweaked system and browsers, maybe with too many restrictions... other users are not having the issues You are getting with KSCF ...

 

[TairikuOkami]

You have probably heavily tweaked system and browsers, maybe with too many restrictions...

Indeed, missing powershell causes confusion to some apps and I could not even restore backup, because SYSTEM was not allowed to access the file.

 

[TairikuOkami]

OK, after going through almost all free AVs, I am back with Panda Cloud. I almost got stuck with Adaware, but there are a few issues with it. For once, it does not report everything it does. It disabled showing hidden/system files and it blocked reverting the change (via tweaks), it has to be done manually to confirm it, so who knows, what else it hides?! But the most disturbing are definition updates. Roughly 500MB gets written per each update, that resulted in about 6GB written to my SSD in 6 hours, that is just insane. I stopped using Panda previously, because it slowed down browsing, but maybe the culprit was CleanbrowsingDNS. Either way it works with DoH and Quad9.

 

[ForgottenSeer 89360]

I’ve used all the programs you have mentioned without any issues, some of them even in VM... maybe as @harlan4096 says, this is due to system hardening and/or anti-exploit settings.

 

[ForgottenSeer 89360]

@TairikuOkami I brought the same issue with Bitdefender updates in the thread Bitdefender vs Eset...it’s not even 500, it’s about 700-800 on an hourly basis. I am glad to see someone else has noticed

 

[WhiteMouse]

@TairikuOkami I brought the same issue with Bitdefender updates in the thread Bitdefender vs Eset...it’s not even 500, it’s about 700-800 on an hourly basis. I am glad to see someone else has noticed

Maybe that's the reason why they sell their license cheap, so you can have some money left to buy a new SSD.

 

[Vitali Ortzi]

I really really love your config but I want to ask why not just use a hardened Linux operation system at this stage ?

 

[Vitali Ortzi]

It causes a terrible slow down, system feels sluggish overall, icons in explorer are loading one by one, it is like when I had my first PC with Windows 95. Whenever I enable it, it is the same. I would not mind running a realtime AV, but I have yet to find one, that would not bother me, Fortinet came close though. Hopefully a new cloud AV will emerge soon.

P.S. Not to mention AVs removing "normal" files like Nirsoft, Process Hacker and my tweaks. Exceptions do not exactly work, especially when you keep updating those files.

if you want an av you could use something like kaspersky and if you have false positive maybe eset
But both slow down the system a bit
Or you can use a whitelisting default deny security posture like comodo and voodoo But it can be a pain to manage if you're using scripts / unknown files in general

 

[TairikuOkami]

I really really love your config but I want to ask why not just use a hardened Linux operation system at this stage ?

Games. Maybe when SteamOS gets a better hardware support I will reconsider, but thus far, it is not really a choice. Besides, I do not think, I could handle linux, I am BFU, when it comes to computers, I like to copy/paste and that is about it. I just want to use a computer, I do not want to think about settings, software, hardware, just install and forget.

 

[Lenny_Fox]

@TairikuOkami

I tried Panda Cloud free, but I can't even download txt files because the security scan invoked by Windows gets an error. I guess a Panda program is blocked in user folders. It is the only AV which has this problem on my PC (tried Kasperskt Free, Bitdefender Free, Panda Free, Avira Free, AVG Free, Avast, Sophos Free and Symantec semi legal managed free)

 

[TairikuOkami]

I tried Panda Cloud free, but I can't even download txt files because the security scan invoked by Windows gets an error.

I have the opposite problem, it does not detect .txt. When I download eicar.com, it gets blocked, but eicar.txt can be downloaded/opened, it gets detected only when scanned.

 

[TairikuOkami]

Time to start the new year with something new, so I have switched to Edge. There are several annoyances (like it ignores removed interests), but overall it seems OK.

I like Yandex's GUI, but that is about it. It is a month behind in security updates. Spell check gets disabled at every launch, its protected mode is no use with password manager disabled. I used it mainly for dnscrypt, I switched to DoH and Yandex has removed it from flags, so it can not be even setup, like other hidden settings, eg the new anti-tracking.

By the way, anyone knows, what domain to allow to store cookies to get rid of this warning? It is probably causing an extremely slow browser's launch.

 

[Gandalf_The_Grey]

Time to start the new year with something new, so I have switched to Edge. There are several annoyances (like it ignores removed interests), but overall it seems OK.

I like Yandex's GUI, but that is about it. It is a month behind in security updates. Spell check gets disabled at every launch, its protected mode is no use with password manager disabled. I used it mainly for dnscrypt, I switched to DoH and Yandex has removed it from flags, so it can not be even setup, like other hidden settings, eg the new anti-tracking.

By the way, anyone knows, what domain to allow to store cookies to get rid of this warning? It is probably causing an extremely slow browser's launch.

I believe it is: ntp.msn.com
Mentioned here: How to speed up Edge and make it load faster

 

[ForgottenSeer 85179]

I change default site to a non randomized picture and don't get any performance decrease. You can try that