- May 13, 2017
- 2,692
Zemana works (HMP still not), but I hate, that you have to manually remove a driver, after you uninstall Zemana. It might cause compatibility problems.
What is the point of the firewall? Without the firewall all ports are closed, that is better than stealthed, because you will not get repeated requests. There are very few apps, which keep ports open for incoming requests and if you run them you trust them and you would allow them in a firewall anyway. A router will stop unsolicited traffic and its SPI Firewall takes care of illegitimate requests without any CPU overhead, which might be caused by a software firewall. Blocking potential malware outbound requests means, you have already lost, because you are infected. Even MS knows that, thus it does not enable it by default.Whats the reason why no firewall?
Might moreso be because it's too inconvenient and requires a high skill floor.Even MS knows that, thus it does not enable it by default.
It is hard to sum it up, but I will give it a go and I will also try to address other settings, that I have omitted in the original post.@TairikuOkami on your original post , you should explain with simple words what your various tweaks (Windows, Network, etc...) does (no need details just general big lines) , so basic users won't tell you are crazy
I use similar tweaks on other computers, just lighter version, still safe enough. That worm requires WSH and it looks like it creates a startup entry in "Command Processor" plus it alters some policies, I remove both, so I would not worry about it.Do you not have other computers on your network, what if they get an adventurous worm like we saw Friday?
malwr.com/analysis/MjBlNjdjMWFmZGNkNDQzZDlkMmJhNjU2NmQ5YjgwZWU
I browse internet, listen to radio, play games on steam, nothing really bothersome.Also with your tweaks is your system still easily usable or a pain?
A backup solution is fundamental also in case of an infection.I do not really like/need system imaging. I do clean install every time the new Windows Upgrade is released (twice a year).
I do not block ADs, only on youtube, because it disrupts listening to playlists. Adguard does not offer any purely youtube filter.Why do you disable easylist/english and its cosmetic filtering on Adguard?
That's hard to believe, in all seriousness though,you are even worse than me
Basically he started like every tweakers, found some on forums, experimenting some of his own, then adapted all of them to fit his system and needs , then with time learned what they exactly does on his system.(I don't know if building the tweaks made you a expert or if you build the tweaks because you are an expert.)
takeown /f "%ProgramFiles%\AVAST Software\Avast\wsc_proxy.exe" /a
icacls "%ProgramFiles%\AVAST Software\Avast\wsc_proxy.exe" /inheritance:r /remove "Administrators" "Authenticated Users" "Users" "System"
netsh advfirewall firewall add rule name="Avast instup DNS" dir=out action=allow protocol=UDP remoteip=84.200.70.40,84.200.69.80 remoteport=53 program="%ProgramFiles%\AVAST Software\Avast\setup\instup.exe"
netsh advfirewall firewall add rule name="Avast instup TCP" dir=out action=allow protocol=TCP remoteip=2.16.0.0-2.23.255.255 remoteport=80,443 program="%ProgramFiles%\AVAST Software\Avast\setup\instup.exe"
netsh advfirewall firewall add rule name="Avast Svc DNS" dir=out action=allow protocol=UDP remoteip=84.200.70.40,84.200.69.80 remoteport=53 program="%ProgramFiles%\AVAST Software\Avast\AvastSvc.exe"
netsh advfirewall firewall add rule name="Avast Svc TCP" dir=out action=allow protocol=TCP remoteip=5.45.58.0-5.45.58.255,77.234.41.0-77.234.41.255 remoteport=80,443 program="%ProgramFiles%\AVAST Software\Avast\AvastSvc.exe"
netsh advfirewall firewall add rule name="Avast UI DNS" dir=out action=allow protocol=UDP remoteip=84.200.70.40,84.200.69.80 remoteport=53 program="%ProgramFiles%\AVAST Software\Avast\AvastUI.exe"
netsh advfirewall firewall add rule name="Avast UI TCP" dir=out action=allow protocol=TCP remoteip=5.45.58.0-5.45.58.255,77.234.41.0-77.234.41.255 remoteport=80,443 program="%ProgramFiles%\AVAST Software\Avast\AvastUI.exe"
System Restore is known to have restored a lot of malware, just like any other system imagining, it backups everything, good and bad. Some threats can not be detected by AV/cloud. They can be dormant for months, even years, so it would be hard to tell, if the image is really clean. I would never use it, but it is fine for system repairs.RISKY badge guaranteed.
A backup solution is fundamental also in case of an infection.
System Restore is known to have restored a lot of malware, just like any other system imagining, it backups everything, good and bad. Some threats can not be detected by AV/cloud. They can be dormant for months, even years, so it would be hard to tell, if the image is really clean. I would never use it, but it is fine for system repairs.