Latest Changes
Mar 26, 2019
Operating System
Windows 10
Windows Edition
Home
Build
1809 (17763.379)
System Architecture
64-bit OS
Security Updates
Automatic Updates - All security and feature updates
User Access Control
Always Notify
Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Standard - User has some control over the settings
Recent Security Incidents
In-progress with malware or privacy issues
Malware Testing
None - No Malware on host PC or VM
Real-time Web & Malware Protection
Windows Defender, appguard, shadow defender
Custom Settings For Real-Time Protection
Default - Settings are balanced for security and performance
Virus and Malware Removal Tools
EEK, HitmanPro, zam
Browsers and Extensions
Chrome
Web Privacy
CyberGhost VPN
Password Management
Bitwarden
Default Web Search
Google
System Utilities
Default windows utilities
Data Backup
Mega Cloud
Frequency of Data backups
Daily
System Backup
Macrium Reflect
Frequency of System backups
Regularly
Computer Activity
PC Gaming
Browsing web and email
Download files from different sources
Computer Specifications
i7-9700k
RTX 2080
DDR4 3200 16GB
SATA+Optane

yarr

Level 2
I've had a lot of trouble lately with Windows PCs acting funky or not working at all so I'm trying my best to make sure I'm more safe this time around. I'm definitely open to suggestions or trying new software. I've got licenses for a few things not on here like hmp.a, eset smart security, emsisoft antimalware and sandboxie ect. Looking forward to your input on how I could internet more safely
 
Last edited:
  • Like
Reactions: Jack

Deckard

Level 1
I've had a lot of trouble lately with Windows PCs acting funky or not working at all so I'm trying my best to make sure I'm more safe this time around. I'm definitely open to suggestions or trying new software. I've got licenses for a few things not on here like hmp.a, eset smart security and sandboxie ect. Looking forward to your input on how I could internet more safely
Hi,
The first thing is to try to identify the problem. The origin of the problem.
Are you sure your problem was not from the hardware?

I don't know Huorong IS5 but if you jump on beta security tools, especially for such a complete program (AV, firewall, HIPS), you can expect possibly/probably new problems.

The more you accumulate security softwares, the more you accumulate difficulties and possibly the redundancies.
 

yarr

Level 2
Hi,
The first thing is to try to identify the problem. The origin of the problem.
Are you sure your problem was not from the hardware?

I don't know Huorong IS5 but if you jump on beta security tools, especially for such a complete program (AV, firewall, HIPS), you can expect possibly/probably new problems.

The more you accumulate security softwares, the more you accumulate difficulties and possibly the redundancies.
I definitely think the problem ended up being hardware related. Thanks I removed the beta software. Also, HIPS is definitely my biggest concern at the moment
 
  • Like
Reactions: harlan4096

shmu26

Level 76
Content Creator
Trusted
Verified
Looking at your config, I didn't see an AV mentioned. Are you using Windows Defender? If so, please mention it.
By the way, Harlan's comment above (post 3) might still be relevant. You have three programs (Appguard, OSA, Syshardener) with significant overlap.
If you are trying to achieve a paranoid setup with an expert configuration, something like Umbra would do, then I can understand where you are coming from, but that requires expert knowledge of both your OS and the security programs themselves.
 

yarr

Level 2
Yeah windows defender, sorry I thought that and smartscreen are kind of the same thing. OSArmor has really minimal settings applied because appguard covers a lot of my worries but it's also very new to me so I mostly use OSArmor for things I'm not sure of because I find appguards configuration confusing. I like that osarmor has lots of YouTube videos for that. If they interfere with one another then I'll just have to pick one. Which would you say have the most significant overlap? Recent events have made me a bit paranoid tbh and I just want to feel safe again. I appreciate the input, these forums have been a significant help so far
 

shmu26

Level 76
Content Creator
Trusted
Verified
I find appguards configuration confusing
You are not the only one. You are with the 99%. :)
I cannot recommend Appguard -- even though I have done beta testing for them in the past, and I know the program pretty well -- because you need inside information in order to configure it properly. Otherwise, you can easily shoot yourself in the foot.

OSA is much better. If you want a paranoid setup, just enable all advanced settings, and make exceptions when you get prompts. You might need to use wildcards in your exceptions.

And use @Andy Ful's ConfigureDefender tool to tweak Windows Defender. There are some powerful settings in there, you just need to activate them.

I am not pushing this third suggestion, but maybe you want to look into @Andy Ful's complete configuring tool, called Hard_Configurator. It is very powerful. But it is not install-and-forget. It will give you a very effective default/deny setup, similar in many ways to Appguard. Both use Software Restriction Policy. Appguard is third-party, and H_C uses the built-in Windows SRP.
 

yarr

Level 2
He has actually been helping me with my current predicament quite a bit. Also, hard_configurator and appguard were the only things I could use to regain any significant amount of control of my system. OSArmor was acting if it was just an empty exe running in the background. That wasnt the only security app that acted this way either. I felt like I was thrown in the deep end, so this has been learning experience to say the least! Maybe I should give it another go because he really does seem to know what he's talking about, huh? :)
 

shmu26

Level 76
Content Creator
Trusted
Verified
He has actually been helping me with my current predicament quite a bit. Also, hard_configurator and appguard were the only things I could use to regain any significant amount of control of my system. OSArmor was acting if it was just an empty exe running in the background. That wasnt the only security app that acted this way either. I felt like I was thrown in the deep end, so this has been learning experience to say the least! Maybe I should give it another go because he really does seem to know what he's talking about, huh? :)
Andy knows what he is talking about, for sure.
Regarding Smartscreen and Windows Defender: WD works best in conjunction with Smartscreen, but they are really two different things. Smartscreen works no matter what AV you have, and it works even if you have no AV at all.
Hard_Configurator enhances Smartscreen and makes it even smarter.

OSArmor was acting if it was just an empty exe running in the background. That wasnt the only security app that acted this way either.
When the system is already infected, that's a different situation. OSA and many other security apps are built to prevent infection, rather than diagnose and remove infection.
 

yarr

Level 2
So if I run OSArmor with your suggested settings I should be able to drop the other apps? At least until I have a better understanding of Hard_Configurator? I like the idea of using windows defender and optimizing the utilities windows has already provided us.
 
Last edited:

shmu26

Level 76
Content Creator
Trusted
Verified
So if I run OSArmor with your suggested settings I should be able to drop the other apps? At least until I have a better understanding of Hard_Configurator? I like the idea of using windows defender and optimizing the utilities windows has already provided us.
OSA makes syshardener unnecessary. Besides that, syshardener settings can be tricky to undo, sometimes.

However, OSA is still not a full default/deny, even if you flip all the protections on. So I can't say it covers everything. The main weakness it leaves is malware with a valid digital signature. It's relatively rare to encounter this on a home system, but it does exist. You can protect against even this on OSA by making custom rules, but it's not so simple.
 
Last edited:

yarr

Level 2
I use default syshardener config currently so hopefully I won't run into any major issues removing it. I wonder why NoVirusThanks doesn't have a support forum for that type of thing.

I noticed two things from your config I found interesting. Using a standard account is something I never considered, with a config l I'll le that do you have to set up your apps on the hidden administrator account? What added protection does this add? Second thing I noticed was you use Bouncer. I just learned about that a couple days ago when trying to find excubits mzwritescan demo, it really seems like a cool app. Oh and malware with valid signatures is something I'm currently concerned about because I haven't been able to make much sense of what happened to my network. Bottom line for me is that malware sucks and I'm going to be a scaredy cat for a little while longer! Haha
 

shmu26

Level 76
Content Creator
Trusted
Verified
I use default syshardener config currently so hopefully I won't run into any major issues removing it. I wonder why NoVirusThanks doesn't have a support forum for that type of thing.

I noticed two things from your config I found interesting. Using a standard account is something I never considered, with a config l I'll le that do you have to set up your apps on the hidden administrator account? What added protection does this add? Second thing I noticed was you use Bouncer. I just learned about that a couple days ago when trying to find excubits mzwritescan demo, it really seems like a cool app. Oh and malware with valid signatures is something I'm currently concerned about because I haven't been able to make much sense of what happened to my network. Bottom line for me is that malware sucks and I'm going to be a scaredy cat for a little while longer! Haha
Standard user account stops most malware from running. It makes it pretty hard for malware to get elevated privileges, which it usually needs. And it is the natural complement to Hard_Configurator. You can ask Andy about that.

I am too lazy most of the time to switch to the Admin account, so I do most installations etc by punching in the Admin password at the UAC prompt. There are cases where this won't work quite right, and it is not the ultimate secure way of doing things, but laziness is a fact of life. :)

I don't really need Bouncer but I enjoy that kind of a thing as it satisfies the paranoid in me. It is difficult and frustrating to learn how to use Bouncer right. Stay away from Excubits products unless you are willing to put in the effort it takes.
 

yarr

Level 2
Thanks for everything today! I've got a small surgery tomorrow so I've got to get to bed. I'll update the thread after I run through the apps once more.

I've got one last question though if you don't mind. When using a standard account do you disable the main admin account so its inactive after changing your main account to standard or does that not matter? I'm guessing you add a password to it during that time too. (I tried wording this paragraph in a less confusing way but failed each time lol)
 

shmu26

Level 76
Content Creator
Trusted
Verified
Thanks for everything today! I've got a small surgery tomorrow so I've got to get to bed. I'll update the thread after I run through the apps once more.

I've got one last question though if you don't mind. When using a standard account do you disable the main admin account so its inactive after changing your main account to standard or does that not matter? I'm guessing you add a password to it during that time too. (I tried wording this paragraph in a less confusing way but failed each time lol)
I leave my admin account running in the background when I switch to standard account (SUA), if that's what you mean. It doesn't hurt to leave it running in the background and makes it easier to switch back and forth.
 

Nevi

Level 3
Verified
As several has posted I think you are using too much protection. One good antivirus and Appguard should keep you safe. Maybe with HMP or EEK as on demand scanner (one or both). A standard account would be a good move too.
Good luck with your little procedure.
 

LDogg

Level 28
Verified
My advice:
  • With the Overkill you could easily get rid of OSA/Appguard and use Windows Defender with Configure Defender and Syshardener, whilst adding something like Tinywall/MWFC to compliment WF or an Antivirus firewall such as Comodo Firewall.
  • Have sensible browsing habits and teach yourself to look out for phishing attempts via sites and email, plenty of articles about and videos to help you with this
  • I know it's easy to get paranoid when dealing with an infection, but this actually makes your computer even more of a target, remember with a security config, sometimes less is more
  • Add ZAM Free 3.0
I hope you can 100% get passed your infection for your computer, I know how annoying this can be! MWT's forums are a kind place to get help and hopefully resolve your issue(s).

~LDogg