SECURITY: Complete blackice's 2021 Security Configuration

Last updated
Feb 17, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
OS License Type
Home
Login security
    • Passwordless (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary account rights
Administrator permissions
Other accounts rights
N/A - Single user account
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
Personal router w/ firewall & filtering
Real-time protection
Microsoft Defender
NoVirusThanks OSArmor
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Configure Defender - High
OS Armor - a few additional items ticked in the settings
Malware research
No - malware samples are not downloaded
Periodic scanners
Malwarebytes, EEK, ESET online scanner, HitmanPro
DNS
NextDNS
VPN
IVPN
Password manager
1Password
Browsers, Search and Addons
Chrome -
Ad blocking from ControlD DNS DoH
1Password
Malwarebytes Browser Guard

Edge Chromium -
Ad blocking from ControlD DNS DoH
1Password

Firefox -
Ad blocking from ControlD DNS DoH
1Password
Malwarebytes Browser Guard
PC maintenance
HWiNFO
Process Explorer
Everything
Bandizip
Personal Files & Photos backup
File History
Personal backup routine
Automatic (scheduled)
Device recovery & backup
Macrium Reflect
Device backup routine
Automatic (scheduled)
PC activity
  1. Browsing the web. 
  2. Shopping. 
  3. Banking. 
  4. PC and cloud gaming. 
  5. Streaming. 
Computer specs
Ryzen 7 5800X
ASUS TUF Gaming X570-Pro Wifi
32GB G.Skill Trident Neo 3600 cl16
RTX 3070 DUAL OC
500GB WD SN550 NVME
1TB WD SN550 NVME
500GB WD Blue SSD
1TB WD Blue HDD
Personal changelog
DNS: Cloudflare->Quad9
2/17/21 - AVG Internet Security
2/20/21 - Removed Brave, updated PC Maintenance section
3/3/21 - Removed AVG
Added Microsoft Defender
3/22/21 - Keeping NextDNS so added it
Added Bitdefender Internet Security
4/15/21 - Removed Bitdefender IS
Added Microsoft Defender
4/19/21 - Added Malwarebyte Premium just kidding it’s broken, Defender still.
4/29/21 - Changed DNS to ControlD (by WIndscribe)
Removed adblockers in browsers, Added HitmanPro
5/10/21 - Back to NextDNS
Feedback Response

General feedback

blackice

Level 32
Verified
Apr 1, 2019
2,142
You can also try the new beta, which according to Avast has Real-Time Protection performance improvements. It also has a built-in tool for performance reporting. It may be worth checking out.
Unfortunately adding as an exclusion made no difference. I’m wondering if it’s the nvidia driver that it’s not liking. May give the beta a whirl to report the performance issues. I tried a similar diagnostic tool for a Bitdefender issue and they couldn’t replicate my issue.
 
F

ForgottenSeer 89360

Unfortunately adding as an exclusion made no difference. I’m wondering if it’s the nvidia driver that it’s not liking. May give the beta a whirl to report the performance issues. I tried a similar diagnostic tool for a Bitdefender issue and they couldn’t replicate my issue.
Hopefully they will be able to fix that.
 

blackice

Level 32
Verified
Apr 1, 2019
2,142
Added - Bitdefender IS and NextDNS

Bitdefender's Firewall seems to not cause random increased pings in games anymore, and gave me the highest cinebench23 score I've had. Going to roll with it for a bit since I have the license and it is performing well. They also appear to have started using TLS 1.3 certs when filtering TLS 1.3 connections instead of downgrading to 1.2.
 

SecureKongo

Level 18
Verified
Malware Tester
Feb 25, 2017
889
Added - Bitdefender IS and NextDNS

Bitdefender's Firewall seems to not cause random increased pings in games anymore, and gave me the highest cinebench23 score I've had. Going to roll with it for a bit since I have the license and it is performing well. They also appear to have started using TLS 1.3 certs when filtering TLS 1.3 connections instead of downgrading to 1.2.
Which blocklist(s) do you have enabled in NextDNS if I may ask?
 

blackice

Level 32
Verified
Apr 1, 2019
2,142
And what are your impressions of this list? Doesn't it seem too big to you?
Well since it is hosted on the DNS, it doesn’t really matter. I have had less problems than with AdGuard or NextDNS filters.

Edit: it does get my wife’s Wayfair app to ask her to turn off her adblocker. I am having trouble figuring out the tracker it’s blocking. Which I think is abhorrent that a store you’re shopping at to spend money wants to monetize their app with adds or tracking. But it’s not a deal breaker as the app is still usable most of the time.
 
Last edited:

blackice

Level 32
Verified
Apr 1, 2019
2,142
I got Malwarebytes Premium to register with security center and survive a couple restarts so it seems fixed, thanks to @SecureKongo . I am going to give this a spin with MS Defender doing periodic scans. Between Edge Smartscreen/Bitdefender Trafficlight, Malwarebytes scanning network connections, my router using ESET web filtering, and DNS malware blocking from NextDNS I think I am pretty well protected from my own slip ups. Otherwise I have vanilla browsing habits and Malwarebytes seems the lightest solution I've tried yet. We'll see if it throws any false positives or if I get horrifically infected, but I'm guessing not. So far all the gaming benchmarks show a slight improvement over Defender.
 

blackice

Level 32
Verified
Apr 1, 2019
2,142
I got Malwarebytes Premium to register with security center and survive a couple restarts so it seems fixed, thanks to @SecureKongo . I am going to give this a spin with MS Defender doing periodic scans. Between Edge Smartscreen/Bitdefender Trafficlight, Malwarebytes scanning network connections, my router using ESET web filtering, and DNS malware blocking from NextDNS I think I am pretty well protected from my own slip ups. Otherwise I have vanilla browsing habits and Malwarebytes seems the lightest solution I've tried yet. We'll see if it throws any false positives or if I get horrifically infected, but I'm guessing not. So far all the gaming benchmarks show a slight improvement over Defender.
Also forgot to note, this is running along side OSArmor which also provides some peace of mind.
 
Last edited:

blackice

Level 32
Verified
Apr 1, 2019
2,142
Interesting. Which AV had the best benchmark on your system so far among the ones you tried?
Windows Defender, ESET, and Bitdefender were about the same, within margin of error. Malwarebytes is consistently approximately 3% faster for CPU frame rates. It’s hard to tell though because since my last motherboard update CPU performances dropped slightly, but became more consistent. I haven’t tested ESET since the update, but I would guess they are all still about even.
 

CyberTech

Level 34
Verified
Nov 10, 2017
2,307
I got Malwarebytes Premium to register with security center and survive a couple restarts so it seems fixed, thanks to @SecureKongo . I am going to give this a spin with MS Defender doing periodic scans. Between Edge Smartscreen/Bitdefender Trafficlight, Malwarebytes scanning network connections, my router using ESET web filtering, and DNS malware blocking from NextDNS I think I am pretty well protected from my own slip ups. Otherwise I have vanilla browsing habits and Malwarebytes seems the lightest solution I've tried yet. We'll see if it throws any false positives or if I get horrifically infected, but I'm guessing not. So far all the gaming benchmarks show a slight improvement over Defender.
tenor.gif
 
Top