Advanced Plus Security Devjit's Laptop Security Setup

[Wraith]

Thank you guys for all the help. I updated my config. Using Comodo Firewall with Kaspersky Free now. So far no hiccups and all runs well. I was a busy for the last couple of days assembling my gaming pc. And just when I bought the GTX 1070Ti Nvidia announces the RTX series (sigh). Do I need to make another post for the security config of my gaming desktop or can I edit this post to reflect the new setup?

 

[Moonhorse]

Thank you guys for all the help. I updated my config. Using Comodo Firewall with Kaspersky Free now. So far no hiccups and all runs well. I was a busy for the last couple of days assembling my gaming pc. And just when I bought the GTX 1070Ti Nvidia announces the RTX series (sigh). Do I need to make another post for the security config of my gaming desktop or can I edit this post to reflect the new setup?

If you have 2x systems running different config, guess you can make just config 2 thread and update both

About https everywhere, there seems to people advising to remove/adding it. Also so called secure browsers have built in extension doing same thing, so its up to you do you want to use that extension, since most browsers will connect to https anyways as first priority

 

[harlan4096]

Edit this config if it is the same system...

 

[Wraith]

Update: I'm back to using Windows Defender and Windows firewall. I used hard_configurator to configure defender and disable scripts, powershell and all those stuff. Now I need some lightweight companions for defender. I was considering voodooshield, OSArmor and HitmanPro.Alert. Will these be okay?

 

[oldschool]

Update: I'm back to using Windows Defender and Windows firewall. I used hard_configurator to configure defender and disable scripts, powershell and all those stuff. Now I need some lightweight companions for defender. I was considering voodooshield, OSArmor and HitmanPro.Alert. Will these be okay?

I've used WD+ H_C + Voodooshield, though I believe VS is even overkill with H_C. OSA would overlap/duplicate H_C. No experience with Hitman so I can't say. I suggest reading the H_C thread if you haven't already. You will see more about how it works and how it compares to some other options.

 

[harlan4096]

Update: I'm back to using Windows Defender and Windows firewall. I used hard_configurator to configure defender and disable scripts, powershell and all those stuff. Now I need some lightweight companions for defender. I was considering voodooshield, OSArmor and HitmanPro.Alert. Will these be okay?

If You changed the config, please kindly edit and announce the changes here, thanks.

 

[Wraith]

Thank you guys for the help. I have so much to learn here. I was browsing the forums and came upon some posts regarding ReHIPS. Currently trying it out on my laptop. What are your opinions about REHIPS?

 

[Deleted member 178]

I was browsing the forums and came upon some posts regarding ReHIPS. Currently trying it out on my laptop. What are your opinions about REHIPS?

Best sandbox apps ever (the paid version), and v2.5 will be even better.

 

[Wraith]

UPDATE: removed all resident protections. ATM using Avast Free with HMPA and NVT ERP v4 and Windows Firewall(along with all the other built in security features in Windows 10). Windows Firewall is set to block all Incoming Connections. Very light config and no system impact

 

[harlan4096]

Probably You don't need all those 3 at the same time (overkill): ATM using Avast Free with HMPA and NVT ERP v4...

Avast Free (Hardened Mode Aggressive)

Or

NVT ERP v4 (knowing well the product and tweaking it)

And I'm not sure if HMPA would be necessary... maybe as on demands scanner...

 

[Wraith]

In 14 days I have learnt a LOT from this forum by browsing through the various posts. I substituted HitmanPro.Alert with Sandboxie Free and Shadow Defender(trial) since HMPA was blocking installation of Kaspersky Secure Connection. So far am really impressed with Sandboxie and Shadow Defender. At $35 for lifetime license it looks like a deal-breaker for me and I may actually buy SD. So right now my setup stands at Avast Free(hardened mode aggressive), NVT ERP(lockdown mode), Sandboxie Free and Shadow Defender. I may substitute Avast with ESET Internet Security since I have a license for it on 1PC(don't know if I can use the same license on 2 PCs)

PS: just wanted to know that if ERP v4 final is released, will I still be able to use the beta version which I have now, since it's free and I know that the final version will be a paid product. :emoji_money_mouth:

 

[Deleted member 178]

About ERP v4, probably, the dev himself isn't even sure to make it paid. Anyway the actual beta does not require a license nor connect to any server, so you can use forever.

 

[Wraith]

Any suggestions on using Sandboxie and Shadow Defender together?

 

[Andy Ful]

It would be good if you could decide what setup is OK for you: default-deny, or default-allow with some restrictions. The first is the simplest, and most secure, but it would be convenient only in a semi-closed software configuration.
If you like default-allow setup then OSArmor would be probably the more comprehensive solution than Hard_Configurator (the last is strong when configured with default-deny SRP settings)
If you like frequently installing the new applications then forget temporarily about default-deny. You will probably come back later to default-deny, when your learning phase will be over.
Anyway, if you like experimenting, then you can try: ReHIPS, SpyShelter, Sandboxie, Shadow Defender, Comodo Firewall, and OSArmor. Please, be prepared to do some fresh Windows installations, because installing many security programs, makes the system to work strangely.

 

[Andy Ful]

Any suggestions on using Sandboxie and Shadow Defender together?

Shadow Defender is often used to protect the system (OS + disk boot sectors) against malware persistence, but it allows running any malware until reboot.
Sandboxie (paid) can be used to protect the vulnerable applications. The default sandbox is OK, but most malware can run in the sandbox and spy you. Anyway, you can also prepare a very restrictive sandbox separately for the concrete application. So for example, nothing in the sandbox can access the Internet or nothing except the application itself can run in the sandbox.
Sandboxie and Shadow Defender can be also used for trying applications without bloating the system - you have to run the application installer in the default sandbox or in the Shadow Mode.

 

[Wraith]

UPDATE:
I had to do a PSID Revert and a Secure Erase of my SSD since it was acting up lately. Before I install Windows 10, I just need some opinions. I will update the config once I am done.. I am looking for a lightweight security setup that will not slow down the laptop. Windows Defender seems to thrash my SSD a lot, I don't know why. For the realtime protection, I will be having OSArmor. For the antivirus, which one would you guys prefer between Panda Dome Free and Avast Free. Avast seems to have a lot of telemetry and shows a lot of ads, which sometimes is distracting. Also I think that Panda will be lighter than Avast, although I may be wrong. And as for hardening of Windows, I have found two tools- NVT Sys Hardener and Hard_Configurator. Which of these would you guys choose? Or can I use both?

 

[Andy Ful]

UPDATE:
Windows Defender seems to thrash my SSD a lot, I don't know why.

That is strange, although some people reported the similar issue.
On my system with Windows 10 Pro + WD, there is about 2GB disk writes per day - this includes also web browsing and other standard activities. I can check disk writes easily, because I use ShadowDefender.
I think that about 0.5 GB can be related to WD. I do not include disk reading activity, because it does not harm SSD.
How did you found that WD is the only reason for the above problem?

 

[Wraith]

That is strange, although some people reported the similar issue.
On my system with Windows 10 Pro + WD, there is about 2GB disk writes per day - this includes also web browsing and other standard activities. I can check disk writes easily, because I use ShadowDefender.
I think that about 0.5 GB can be related to WD. I do not include disk reading activity, because it does not harm SSD.
How did you found that WD is the only reason for the above problem?

It's just that the laptop feels sluggish even when I'm watching any movie or a youtube video. When I check task manager, I find antimalware service executable consuming around 30% cpu and 80% disk. I did use configure defender to set WD Protection from Normal to High. Maybe that's the reason for this behaviour.

 

[Deleted Member 3a5v73x]

It's just that the laptop feels sluggish even when I'm watching any movie or a youtube video. When I check task manager, I find antimalware service executable consuming around 30% cpu and 80% disk. I did use configure defender to set WD Protection from Normal to High. Maybe that's the reason for this behaviour.

No, Configure_Defender isn't the problem, Windows Defender is. Really, just move away from that built-in hog and build some light AV around Andy's Hard_Configurator's SRP. I don't understand why people keep torturing themselves with Windows Defender.

 

[Andy Ful]

It is a well known issue, that Windows Defender can cause slowdowns on some computers. There were many posts about this behavior. But on many computers, WD is OK even with small resources and average CPU. Generally, it is also confirmed on AV Labs performance tests.
Consuming 30% CPU resources is not normal. The Quick or even the Full Scan can usually consume about 30% of CPU resources on computers with CPU like the old Intel i3 processor and 4GB RAM. I noticed a better behavior on Windows 10 ver. 1803, because on earlier versions the Full Scan usually consumed 50%. If WD is not scanning, then there should not be any slowdowns.
In my case, I can see occasional slowdowns during Windows Updates, WD updates, and updates from Microsoft store. In most cases, I can see that Windows Defender CPU consumption is simply 0%.
Anyway, if WD is not working, then the light AV + any default-deny setup with script blocking + document protection will be OK.