Advanced Plus Security Minimalist's security configuration 2021

Last updated
Dec 12, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
Security updates
Check for updates and Notify
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Emsisoft Anti-Malware
Firewall security
Microsoft Defender Firewall
About custom security
Macrium: enabled and configured Macrium Image Guardian
Periodic malware scanners
HitmanPro and Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Firefox & uBlock Origin
Secure DNS
My ISP's
Desktop VPN
Mullvad
Password manager
KeePass
Maintenance tools
ShutUp10
CCleaner
File and Photo backup
Daily - Macrium Incremental file backup for important data.
Weekly - manually copying data and system images to external disks.
System recovery
Macrium Reflect
Risk factors
    • Working from home
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Sharing and receiving files and torrents
    • Requesting and accepting remote access
    • Gaming
    • Streaming audio/video content from shady sites
Computer specs
HP EliteDesk 800 G5 TWR
• Intel Core i7-9700 CPU @ 3.00GHz
• Intel UHD Graphics 630
• DDR4 32 GB @ 2667 MHz
• 2x 500 GB SSD + 4TB HDD
Notable changes
24.12.2020 - original post.
29.12.2020 - added information for new data entries.
30.12.2020 - added information about password manager.
1.1.2021 - set Quad9 for DNS server.
15.1.2021 - added CloudFlare to DNS servers list.
19.1.2021 - changed updates to manual.
24.1.2021 - enabled Macrium Image Guard.
31.1.2021 - added info about network firewall.
15.2.2021 - installed Trend Micro as real-time antimalware solution.
27.2.2021 - Installed Kaspersky Internet Security and enabled Trend Micro protections included in router.
7.3.2021 - replaced Kaspersky Internet Security with Emsisoft Anti-Malware.
21.6.2021 - installed KIS in "minimal mode".
8.8.2021 - installed ESET Internet Security
12.12.2021 - installed Emsisoft Anti-Malware
What I'm looking for?

Looking for medium feedback.

Minimalist

Level 9
Thread author
Verified
Well-known
Oct 2, 2020
449
After years of using either Kaspersky, ESET or Emsisoft I found another one that I like - Trend Micro. I found it thanks to @McMcbrad (y)

I love it's design and so far don't feel any slowdowns. I'll give it a try and see if I can stick with it for longer period. Will post an update when I come back to forums in April after Lent is over.
 

Minimalist

Level 9
Thread author
Verified
Well-known
Oct 2, 2020
449
Dropped Trend Micro? Any specific reason?
No I had no specific reason. It worked great on my system. I decided to use it's protections included in my router and use other AM on my system. That way their protections complement each other. Anyway Trend Micro is great AM and it has improved greatly since years ago I last tested it.
 

mkoundo

Level 8
Verified
Well-known
Jul 21, 2017
358
I usually test my images by attaching VHD, restoring an image to it and run it in Virualbox
hi, can you give some more details on this please.

I have succeeded in running the macrium rescue media iso in virtualbox but can't load the system image because I can't navigate to it.

thanks
 

Minimalist

Level 9
Thread author
Verified
Well-known
Oct 2, 2020
449
hi, can you give some more details on this please.

I have succeeded in running the macrium rescue media iso in virtualbox but can't load the system image because I can't navigate to it.

thanks
I usually do it the long way: I create VHD file in Disk management, attach that VHD file and restore Macrium image of my system to it. After restore I detach VHD and run Virtual Machine that uses that VHD file.

There is also an option to use viBoot, but so far I didn't try it: Macrium viBoot - KnowledgeBase v7 - Macrium Reflect Knowledgebase - KnowledgeBase v7 - Macrium Reflect Knowledgebase
 

Minimalist

Level 9
Thread author
Verified
Well-known
Oct 2, 2020
449

Minimalist

Level 9
Thread author
Verified
Well-known
Oct 2, 2020
449
Today I reinstalled Kaspersky. This time I'll go with "minimal" setup, disabling everything I think that I don't need.

Here is the list of changes I've made:

- uninstalled Kaspersky VPN
- disabled Software Updater, Application Manager, Private Browsing and Safe Money
- set Action on detection to Notify for all manual Scans, for Full scan I disabled scan of archives
- disabled Background scan after initial scan was performed

- File Anti-Virus: Files are scanned by extension; scan mode is set to On execution
- Web Anti-Virus: Light Heuristics Analysis enabled; disabled URL advisor
- Mail Anti-Virus: Light Heuristics Analysis enabled; disabled Attachment filter
- Firewall: Network type for my network is changed from Trusted to Local
- Application Control: option Trust Digitally Signed Applications is disabled
- Network Settings: Inject script into web traffic and Scan of encrypted connections are disabled

- Kaspersky Security Network feedback is disabled
- News notifications and Promotional materials are disabled
- On-Screen Keyboard and Secure Keyboard Input are disabled
- Dump Writing in Debug information section is disabled

Will see how it goes.
 
Last edited:

Minimalist

Level 9
Thread author
Verified
Well-known
Oct 2, 2020
449
I've been using this setup on and off in last month and I like it a lot. I reenabled option Perform recommended actions automatically since it was giving me too much prompts when installing updates and similar. Other options I left at minimum.
Overall things seems a little faster but it's barely noticeable. Webpages do load a little faster when script injection and https scanning are disabled.

I hope I'll stay with this setup for a while.
 

Minimalist

Level 9
Thread author
Verified
Well-known
Oct 2, 2020
449
I reenabled some options in KIS, making it less minimal. Here are changes from default that I left disabled:

- uninstalled Kaspersky VPN
- disabled Software Updater, Application Manager, Private Browsing and Safe Money
- set Action on detection to Notify for all manual Scans, for Full scan I disabled scan of archives
- disabled Background scan after initial scan was performed
- Application Control: option Trust Digitally Signed Applications is disabled
- Kaspersky Security Network feedback is disabled
- News notifications and Promotional materials are disabled
- Dump Writing in Debug information section is disabled
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top