Advanced Plus Security Brambedkar59's Security Config 2024

[ForgottenSeer 100397]

Why is this setup considered insecure?

I guess the setup status is automatically determined based on certain parameters. A setup that appears insecure may not actually be insecure in practice. For instance, I rely on Comodo Firewall, customized and without an antivirus. An antivirus wouldn't provide any additional protection to my setup (it would only affect usability for me). If I'm correct, it/MT would label my setup without AV as insecure, and adding the weakest AV to the setup would make the status secure. Similar to Windows Security, it would notify me to install AV and show a secure status after installation.

 

[brambedkar59]

Finally switched over to Hasleo Backup Suite, seems pretty stable, tried both adding Boot menu and creating recovery USB drive and they both worked out of the box. (bootable media needed Intel IRST drivers, which Hasleo did ask while creating it). Backup time for creating full system image was similar to AOMEI.

Changes: Removed AOMEI Backupper Standard

Win 11 updated to build 22631.2861 (Updated on last month's patch Tuesday)

 

[Vasudev]

Finally switched over to Hasleo Backup Suite, seems pretty stable, tried both adding Boot menu and creating recovery USB drive and they both worked out of the box. (bootable media needed Intel IRST drivers, which Hasleo did ask while creating it). Backup time for creating full system image was similar to AOMEI.

Changes: Removed AOMEI Backupper Standard

Win 11 updated to build 22631.2861 (Updated on last month's patch Tuesday)

Is it better than Macrium Reflect PE. I wanted disk imaging with windows and linux partitions.

 

[brambedkar59]

Is it better than Macrium Reflect PE. I wanted disk imaging with windows and linux partitions.

Only reason I moved to Hasleo from AOMEI Backupper Standard was because it supports Rapid Delta Restore, which Macrium Reflect already supports (pls correct me if I am wrong). So, I don't see any reason for you to move away from Macrium.

 

[Vasudev]

Only reason I moved to Hasleo from AOMEI Backupper Standard was because it supports Rapid Delta Restore, which Macrium Reflect already supports (pls correct me if I am wrong). So, I don't see any reason for you to move away from Macrium.

Yeah thanks. I'm using free version of PE image. Just wanted a different alternative. I use the personal version in Sergei Strelec Win 11PE.

 

[brambedkar59]

Yeah thanks. I'm using free version of PE image. Just wanted a different alternative. I use the personal version in Sergei Strelec Win 11PE.

I don't think free version had RDR.

Macrium Reflect, AOMEI Backupper and Hasleo Backup Suite - GUIDES

Quickie Macrium - backup and/or creating bootable Rescue Media guide... Restore from a backup, from within Windows... Quickie Macrium - using Bootable Rescue Media guides... Restore from a backup, using the bootable Rescue Media... Fix Windows Boot problems with the bootable...

www.elevenforum.com

 

[brambedkar59]

Trying out AVG Internet Security and AVG secure VPN. Thanks to @nickstar1

Removed Kaspersky Free, WFC, Windscribe VPN, Malwarebytes VPN

 

[oldschool]

Trying out AVG Internet Security and AVG secure VPN. Thanks to @nickstar1

Removed Kaspersky Free, WFC, Windscribe VPN, Malwarebytes VPN

I'd use AVG if I wasn't using Defender. Hope you like it.

 

[brambedkar59]

I'd use AVG if I wasn't using Defender. Hope you like it.

I like it so far. No slowdowns, apps launch fast, and websites have no delay (all compared to previous setup Kaspersky + WFC).
Regarding websites scanning, does AVG not do MITM for scanning HTTPS connections? I can see it is enabled in the settings but when I checked the website certificate it shows actual certificate and not the one used by AVG.

 

[oldschool]

Regarding websites scanning, does AVG not do MITM for scanning HTTPS connections?

I think it does, but I'm not certain.

 

[brambedkar59]

I think it does, but I'm not certain.

Maybe there is another way of doing HTTPS scanning without doing MITM

Spoiler

 

[oldschool]

Maybe there is another way of doing HTTPS scanning without doing MITM

Certificates are above my pay grade. @SeriousHoax could tell you for sure.

 

[TairikuOkami]

Maybe there is another way of doing HTTPS scanning without doing MITM

Yes, disable it and let AV use it's realtime. HTTPS scanning will scan the content before it is run, AV will scan it afterwards, so it is really about how paranoid you are. Sandbox will take care of it.

 

[brambedkar59]

Yes, disable it and let AV use it's realtime. HTTPS scanning will scan the content before it is run, AV will scan it afterwards, so it is really about how paranoid you are.

Thanks for replying but that was not what I was asking. Because websites were loading pretty fast, I checked the website certificates to see if they were issued by AVG (Idk how AVG does it but Kaspersky HTTPS scanning used its own certificates for that website). None of the certificates seem to be from AVG (I checked on 6-7 websites). I disabled extension and still same. I am using Edge.

Sandbox will take care of it.

I can't seem to find any setting related to sandbox in AVG. I know Avast used to have a sandbox, but are you sure AVG does too now?

 

[SeriousHoax]

Maybe there is another way of doing HTTPS scanning without doing MITM

Spoiler

View attachment 283937

Yeah, Avast uses another method (using SSLKeyLogFile) for HTTPS scanning on Chrome, Edge and Firefox. It is explained here:

Spying on HTTPS

When I launched Chrome on Thursday, I saw something unexpected: While most users probably would have no idea what to make of this, I happened to know what it means– Chrome is warning me that …

textslashplain.com

The advantage is that it is faster than the other usual alternate method used by other products (though ESET on most websites is basically equally fast in my experience).
On browsers like Brave, Opera, Vivaldi, Avast uses the other method so on those browsers you will see the Avast certificate. I measured the speed difference between the two methods, and I can assure you that the SSLKeyLogFile method is indeed slightly faster.

 

[brambedkar59]

Yeah, Avast uses another method (using SSLKeyLogFile) for HTTPS scanning on Chrome, Edge and Firefox. It is explained here:

Spying on HTTPS

When I launched Chrome on Thursday, I saw something unexpected: While most users probably would have no idea what to make of this, I happened to know what it means– Chrome is warning me that …

textslashplain.com

The advantage is that it is faster than the other usual alternate method used by other products (though ESET on most websites is basically equally fast in my experience).
On browsers like Brave, Opera, Vivaldi, Avast uses the other method so on those browsers you will see the Avast certificate. I measured the speed difference between the two methods, and I can assure you that the SSLKeyLogFile method is indeed slightly faster.

Thanks for the link it was a good read. TIL something new.

 

[SeriousHoax]

Thanks for the link it was a good read. TIL something new.

Regarding speed, it's always one of the slowest in AV-Test's webpage loading speed for whatever reasons:

Test AVG Internet Security 24.2 & 24.3 for Windows 11 (241202)

The current test AVG Internet Security 24.2 & 24.3 for Windows 11 (241202) from April 2024 of AV-TEST, the leading international and independent service provider for antivirus software and malware.

www.av-test.org

 

[brambedkar59]

Regarding speed, it's always one of the slowest in AV-Test's webpage loading speed for whatever reasons:

Test AVG Internet Security 24.2 & 24.3 for Windows 11 (241202)

The current test AVG Internet Security 24.2 & 24.3 for Windows 11 (241202) from April 2024 of AV-TEST, the leading international and independent service provider for antivirus software and malware.

www.av-test.org

This is why Performance results from AV comparatives seem more realistic to me.

 

[oldschool]

Thanks for the link it was a good read. TIL something new.

Indeed. Thanks @SeriousHoax

 

[blackice]

The one issue I had with AVG was I had demonstrably lower CPU performance only in gaming situations. CPU scores 3DMark were about 8% lower. And FPS in high FPS games like Fortnite and Call of Duty were also 8% or so slower. I even submitted all the screenshots I had showing this to them. That was 2022. I tested again in 2023 a year or so later and it hadn’t changed. Not a big deal, and I’m not sure if it’s still the case these days.