Advanced Plus Security Brambedkar59's Security Config 2024

Last updated
Jan 6, 2024
How it's used?
For home and private use
Operating system
Windows 11
Other operating system
2 older laptops running Win 10 (one with F-secure and other Kaspersky Free)
On-device encryption
N/A
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
    • Basic account password (insecure)
Security updates
Check for updates and Notify
Update channels
Allow stable updates only
User Access Control
Notify me only when programs try to make changes to my computer
Smart App Control
Off
Network firewall
Enabled
Real-time security
Kaspersky Free 2023
Firewall security
Microsoft Defender Firewall
About custom security
Idle scanning, inject script and https scanning disabled
Periodic malware scanners
Norton Power Eraser
EEK
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Common extension/Search in all browsers: Bitwarden, Google Search
Edge (Default): Adguard, BD TrafficLight, Lyrics Here, Shazam
Firefox (Secondary): Adguard
Chrome (Just in case above 2 doesn't work): Adguard
Secure DNS
NextDNS
Desktop VPN
Windscribe VPN
Password manager
Bitwarden
Maintenance tools
Biweekly run: Windows Built-in, CCleaner, WiseCare 365 (Rarely used), Driver Store Explorer [RAPR] (for deleting old drivers not needed)
For finding program updates: PatchMyPC, UCheck & RuckZuck
HiBit Uninstaller
File and Photo backup
Google Drive, OneDrive
System recovery
Hasleo Backup Suite
Risk factors
    • Browsing to popular websites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Sharing and receiving files and torrents
    • Gaming
    • Gaming with third-party mods
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
11400H (UV via ThrottleStop), 3050Ti (UV via G-Helper), 16 GB, 0.5TB + 1 TB NVMe, 1 TB & 4 TB HDD (for image backup and downloads)
Notable changes
Kaspersky Security Cloud Free -> Avira Prime
Avira Prime -> Kaspersky Security Cloud Free
Kaspersky Security Cloud Free -> MalwareBytes
MalwareBytes- > Emsisoft AM
Emsisoft AM -> Bitdefender TS
Bitdefender TS -> Kaspersky Free
Kaspersky Free -> MS Defender
MS Defender -> Kaspersky Free
What I'm looking for?

Looking for medium feedback.

Notes by Staff Team
  1. This setup configuration may put you and your device at risk!
    We do not recommend that other members use this setup. We cannot be held responsible for problems that may occur to your device by using this security setup.

brambedkar59

Level 29
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,882
  • Updated to 22H2 Build 22621.105 (Release preview channel)
  • Removed: Malwarebytes (few days ago)
  • Changed DNS from Adguard DNS to NextDNS, I was getting weird routing to Adguard DNS servers with ping above 250 ms for servers in Singapore, which normally is around 70-80ms from Delhi.
  • Added: enabled Enhanced Security in Edge with Strict Mode
 

brambedkar59

Level 29
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,882
Config is marked "At risk" :unsure:
Is it because of this "KSC: Script injection disabled, Do not scan encrypted connections- enabled, Secure input disabled (buggy makes keyboard unresponsive)"?
 

brambedkar59

Level 29
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,882
Changed DNS provider: Using Adguard DNS now

Reason: Really bad routing with NextDNS, even though the DNS servers are very close to my location the webpage loading performance get tanked overall. Reddit loading takes several seconds longer than it should.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,818
Changed DNS provider: Using Adguard DNS now

Reason: Really bad routing with NextDNS, even though the DNS servers are very close to my location the webpage loading performance get tanked overall. Reddit loading takes several seconds longer than it should.
Did you try turning on anonyzed ECS? It will help with geolocation of some CDNs. It may or may not help. Honestly since my ISP implemented DNSSEC and stopped redirecting misses on DNS lookups (because it breaks DNSSEC) I mostly use them. I haven’t found DNS adblocking to be the best route.
 

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,653
KSC: Script injection disabled, Do not scan encrypted connections- enabled, Secure input disabled
I tried your setup of Kaspersky and it's super light. Kaspersky's caching is unbeatable. Everything was very fast. Only downside that I found is when I browsed a malicious site, Kaspersky showed 37 notification of blocking the site one after another. Next time it showed 39 times. So that's the only downside of disabling script injection, HTTPS scanning and not using their browser extension. Shouldn't be much of a problem unless someone like me who often test malicious site.
 

brambedkar59

Level 29
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,882
I tried your setup of Kaspersky and it's super light. Kaspersky's caching is unbeatable. Everything was very fast.
Yup, it's really fast. Only the internet speed take a hit though even with my config, Bitdefender is much better in that regards.

So that's the only downside of disabling script injection, HTTPS scanning and not using their browser extension.
I am using the browser extension. I saw that behavior few times and it's annoying. Haven't found any solution to it so far. I really don't wanna enable the script injection/https scanning cause browsing suffers so much because of that.
 

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,653
Yup, it's really fast. Only the internet speed take a hit though even with my config, Bitdefender is much better in that regards.


I am using the browser extension. I saw that behavior few times and it's annoying. Haven't found any solution to it so far. I really don't wanna enable the script injection/https scanning cause browsing suffers so much because of that.
Last time I checked in default settings, using the extension caused even higher CPU usage while browsing sites where K does HTTPS scanning. I discussed with harlan about it and even wrote it in K's forum. But I didn't check with script injection and HTTPS scanning disabled.
 

brambedkar59

Level 29
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,882
Last time I checked in default settings, using the extension caused even higher CPU usage while browsing sites where K does HTTPS scanning. I discussed with harlan about it and even wrote it in K's forum. But I didn't check with script injection and HTTPS scanning disabled.
With script injection and HTTPS scanning disabled, I am only seeing 3-6% CPU usage in Edge task manager by Kaspersky extension when page starts loading, after that it goes down to 0%.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top