Advanced Plus Security Lightning_Brian's 2019 Security Config

Last updated
Nov 17, 2019
Windows Edition
Pro
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Norton Security Premium (paid - latest release), VoodooShield Premium (paid - latest release)
Firewall security
Periodic malware scanners
Norton Power Eraser (NPE), Emsisoft Emergency Kit (EEK), Malwarebytes Anti-Malware (Paid - real time disabled), AdwCleaner by Malwarebytes, Zemana Antilogger Premium (paid - latest release)
Malware sample testing
Browser(s) and extensions
Firefox: HTTPS Everywhere, AdGuard AdBlocker, Windscribe VPN, and NoScript
Maintenance tools
  1. 7-Zip (latest stable - free)
  2. Adguard Premium (paid - latest release - lifetime license)
  3. AOMEI Dynamic Disk Manager Pro Edition (paid - latest stable - lifetime license)
  4. AOMEI Parition Assistant Pro Edition (paid - latest stable - lifetime license)
  5. GlassWire Elite (paid - latest release/stable)
  6. Hard Disk Sentinel Pro (paid - latest release - lifetime license)
  7. Glary Utilities PRO (paid and latest release)
  8. VMware Workstation Pro 15 (paid - latest release - perpetual license for v15)
  9. Windscribe Pro (paid - latest release - lifetime license)
  10. Macrium Reflect Free (free - latest release)
  11. viBoot from Macrium Reflect (free - latest stable)
  12. AOMEI Backupper Pro (paid - latest release)
  13. Acronis True Image 2020 (paid and latest release - perpetual license for v2020)
  14. Shadow Defender [Lifetime License/Latest Release]
  15. Sandboxie (paid and latest release)
  16. Windows Repair from Tweaking.com (Free)
  17. BleachBit (Portable & Free)
  18. Zemana AntiMalware (Portable & Free)
  19. Revo Uninstaller v4 (Pro Portable - Paid - Paid for 2 years of updates!)
  20. Malwarebytes JRT (Portable & Free & Discontinued [still good for finding nasty stuff, but the end of life was April 26, 2018])
  21. SecureMyBit DHScan
File and Photo backup
Macrium Reflect Free (free - latest stable), AOMEI Backupper Pro (paid and latest stable), Acronis True Image 2019 (paid and latest release)
System recovery
Macrium Reflect Free (free - latest stable), AOMEI Backupper Pro (paid and latest stable), Acronis True Image 2019 (paid and latest release)
Risk factors
    • Gaming
    • Browsing to popular websites
    • Downloading malware samples
    • Browsing to unknown / untrusted / shady sites
    • Working from home
Computer specs
Custom build!

CPU - Intel i7-8700k CPU @ 3.70 GHz
GPU - NVIDIA GeForce GTX 1080 @ 8 GB GDDR5X
RAM - 48 GB DDR4 - 47.8 GB Usable!
SSD - Samsung 970 EVO 500GB - NVMe PCIe M.2 2280 SSD (MZ-V7E500BW)
HDD - WD Black 2TB Performance Desktop Hard Disk Drive - 7200 RPM SATA 6 Gb/s 64MB Cache 3.5 Inch - WD2003FZEX
Notes by Staff Team

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
742
Hello Everyone!

Below you will see my updated configuration for my new 2019 security config. As you can see I have made quite a few changes.

Large changes:

Upgraded from Windows 10 Home to Windows 10 Professional. From there I jumped to the latest build which is 1809!

New password manager: RoboForm for Business (highly secure and locked down)

You will also notice I spent some $$$$$ on my setup. Indeed I have spent quite a bit on my setup, but it all pays off. Some of the licensing is lifetime whereas others is on a yearly basis. Lifetime licenses are shown and stated as lifetime. VMware Workstation Pro is considered a lifetime license, but I had to purchase the v15 license to use v15.

You will also notice I have a new computer! Wooohoooo! I spent some money on it. The 2TB WD HDD came from a previous build. Everything else is brand new as well. I needed the RAM 48 GB (47.8 GB Usable) for my VM testing for various needs.

Hope you enjoy reading through everything. Let me know your thoughts!

Thanks!

Brian
 
Last edited:

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
I can see this config working well for you, but I wouldn't recommend it even for advanced users. Too much real time protection, too much utilities, too much on demand scanners.
I think you could simplify this and achieve the exact same protection.
 

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
742
I can see this config working well for you, but I wouldn't recommend it even for advanced users. Too much real time protection, too much utilities, too much on demand scanners.
I think you could simplify this and achieve the exact same protection.

@brod56 I'm paranoid!!! LOL I'll be the first to say it!

I wouldn't necessarily say too much real time protection. What I have set up does separate things - plus I have everything highly customized to the point I spent hours customizing everything so as to have no issues. I worked with the product manufactures and made sure nothing overlaps or gets snatched up.

As for on demand scanners.... Well I don't use them all the time, but when I do use them I would pick one and then just have it do a quick scan. Most scans with the on demand scanners take only seconds with my hardware configuration. For instance ZAL takes only about a minute or less on my system to conduct a full scan. In this instance it took about 38 seconds.

1546716758524.png

A Malwarebytes Premium scan with real time protection turned off takes under 1 minute. This is a full threat scan turned on not the hyper scan. A hyper scan would be done in under 20 seconds.

1546716929487.png

NPE is used as a fail safe against my current Norton subscription. I don't use it all that often. ADWcleaner again is used just to check to make sure Malwarebytes is doing its job. JRT is used rarely... However, still a great tool! EEK on the other hand I do use and use it quite often as a double check against everything just to make sure all is a ok.

GlassWire Elite (paid - latest release/stable) - very nice network monitoring tool. I got this a while back at a super great price. I would highly recommend everyone to look at least at the free version: GlassWire Network Security Monitor & Firewall Tool Features

The features are simply amazing of GlassWire Network Security Monitoring & Firewall Tools! Features:

  • Visual Network Monitoring
  • Internet Security
  • Network Time Machine
  • Discreet Alerts
  • Bandwidth Usage Monitor
  • Multiple Server Monitoring
  • Evil Twin Detection
  • Internet Privacy Protection
  • Ask to Connect
  • Lock down mode
  • Mini graph
  • Who’s on your WiFi or Network?
  • Firewall Profiles
  • Longer graph History
Little bit of a break down between GlassWire versions:

1546717342457.png

I'm a holder of an ELITE version which is sweet. I'm a Network Administrator myself so I go a little goofy with Network Security... Hence the rest of my configuration too. LOL!

I'd highly recommend everyone to look at the following:
  • Macrium Reflect Free (free - latest release)
  • viBoot from Macrium Reflect (free - latest stable)
Just wowzers!! Combine the free version of Macrium Reflect with a full backup and use viBoot and you could completely virtualize your computer! You would just use the image file from the Macrium Reflect backup that you created. BAM its now virtulized and you can change settings, install software, monkey around with various things all without making any changes to that original image (if you don't want to). Just a powerful combination there!

So someone out there is bound to say "Brian why in the world do you use so many backup tools!!!!!!!!!!!!!!????" Simple answer: Trust issues.... LOL! When you get burned once....Youch!! You wouldn't want that to ever happen again. I keep a good rolling backup. Macrium Reflect for a full system and data at least once a week. Acronis True Image - for a full system and data backup at least a different day of the week. AOMEI Backuppper Pro - for a full system and data backup at least a different day of the week.

I don't want to go into great detail what is backed up each day by each application, but I use two applications for continual backup to a rather large 256 GB double encrypted USB 3.1 flash drive. For a full data backup I have a rather large external drive that I use for backups and from there that gets duplicated out in a 3 + 2 + 1 format with high levels of encryption.

Cloud storage........WOOOOOOOBOYYYYYY! Now this I am always on the fence on. DO I use it? Yes....... Do I like it...EHHH Lots of manual work uploading those images. Especially when I'm wrapping those images in about 4 levels of varying degrees of encryption. I don't upload every image of my computer onto the cloud as it would eat up too much space. I will say that most of my AOMEI Backupper Pro images are backed up to the cloud using 4 levels of varying degrees of encryption. Main reason behind this is the data compression with AOMEI is second to none!

Needless to say: I mainly keep my stuff on heavily locked down and on secured backup drives. From there it goes into a fireproof vault (again paranoid).

~Brian
 

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
742
Thank you for sharing:giggle:

Thanks @bribon77

Very good config, Brian!
Thanks for sharing.

@JM Security Thank you! Thanks for developing some of the super great system software I use! Hats off to you!

Thanks for sharing. but I was tired of reading your security systems :)

@stefanos Your welcome! Indeed a long read isn't it... I'm a Network Administrator so yeah... I do go a little over kill. However, I have a lot of customized tweaks on my computer to ensure things work together quite well. I forgot to add some other tweaks... such as USB protection! Woops! I'll put that in my next edit later on.

Very nice and informative configuration, thanks for sharing :)

@stepseven84 Thank you! I live in a state of paranoia! hahaha All jokes aside I just like to keep a very locked down system.

I think Comodo Firewall with cruelsister settings will outperform GlassWire firewall.

@SumTingWong You know... That may be right... I may have to look into this and see if I want to make the change over.


@JM Security You & ME!? Welcome to the land of paranoia! hahaha

Agree with brod56..
You crazy dude @Lightning_Brian

@CyberTech hahahha Yeah............I'm crazy! And I know it! LOL If you read this I hope it would help explain why...! haha
brod56 said:
I can see this config working well for you, but I wouldn't recommend it even for advanced users. Too much real time protection, too much utilities, too much on demand scanners.
I think you could simplify this and achieve the exact same protection.
@brod56 I'm paranoid!!! LOL I'll be the first to say it!

I wouldn't necessarily say too much real time protection. What I have set up does separate things - plus I have everything highly customized to the point I spent hours customizing everything so as to have no issues. I worked with the product manufactures and made sure nothing overlaps or gets snatched up.

As for on demand scanners.... Well I don't use them all the time, but when I do use them I would pick one and then just have it do a quick scan. Most scans with the on demand scanners take only seconds with my hardware configuration. For instance ZAL takes only about a minute or less on my system to conduct a full scan. In this instance it took about 38 seconds.



A Malwarebytes Premium scan with real time protection turned off takes under 1 minute. This is a full threat scan turned on not the hyper scan. A hyper scan would be done in under 20 seconds.



NPE is used as a fail safe against my current Norton subscription. I don't use it all that often. ADWcleaner again is used just to check to make sure Malwarebytes is doing its job. JRT is used rarely... However, still a great tool! EEK on the other hand I do use and use it quite often as a double check against everything just to make sure all is a ok.

GlassWire Elite (paid - latest release/stable) - very nice network monitoring tool. I got this a while back at a super great price. I would highly recommend everyone to look at least at the free version: GlassWire Network Security Monitor & Firewall Tool Features

The features are simply amazing of GlassWire Network Security Monitoring & Firewall Tools! Features:


  • Visual Network Monitoring
  • Internet Security
  • Network Time Machine
  • Discreet Alerts
  • Bandwidth Usage Monitor
  • Multiple Server Monitoring
  • Evil Twin Detection
  • Internet Privacy Protection
  • Ask to Connect
  • Lock down mode
  • Mini graph
  • Who’s on your WiFi or Network?
  • Firewall Profiles
  • Longer graph History
Little bit of a break down between GlassWire versions:



1546717342457-png.205360


I'm a holder of an ELITE version which is sweet. I'm a Network Administrator myself so I go a little goofy with Network Security... Hence the rest of my configuration too. LOL!

I'd highly recommend everyone to look at the following:

  • Macrium Reflect Free (free - latest release)
  • viBoot from Macrium Reflect (free - latest stable)
Just wowzers!! Combine the free version of Macrium Reflect with a full backup and use viBoot and you could completely virtualize your computer! You would just use the image file from the Macrium Reflect backup that you created. BAM its now virtulized and you can change settings, install software, monkey around with various things all without making any changes to that original image (if you don't want to). Just a powerful combination there!

So someone out there is bound to say "Brian why in the world do you use so many backup tools!!!!!!!!!!!!!!????" Simple answer: Trust issues.... LOL! When you get burned once....Youch!! You wouldn't want that to ever happen again. I keep a good rolling backup. Macrium Reflect for a full system and data at least once a week. Acronis True Image - for a full system and data backup at least a different day of the week. AOMEI Backuppper Pro - for a full system and data backup at least a different day of the week.

I don't want to go into great detail what is backed up each day by each application, but I use two applications for continual backup to a rather large 256 GB double encrypted USB 3.1 flash drive. For a full data backup I have a rather large external drive that I use for backups and from there that gets duplicated out in a 3 + 2 + 1 format with high levels of encryption.

Cloud storage........WOOOOOOOBOYYYYYY! Now this I am always on the fence on. DO I use it? Yes....... Do I like it...EHHH Lots of manual work uploading those images. Especially when I'm wrapping those images in about 4 levels of varying degrees of encryption. I don't upload every image of my computer onto the cloud as it would eat up too much space. I will say that most of my AOMEI Backupper Pro images are backed up to the cloud using 4 levels of varying degrees of encryption. Main reason behind this is the data compression with AOMEI is second to none!

Needless to say: I mainly keep my stuff on heavily locked down and on secured backup drives. From there it goes into a fireproof vault (again paranoid).

~Brian
 

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
@JM Security Thank you! Thanks for developing some of the super great system software I use! Hats off to you
Thank you for your kind words my friend, unfortunately my software are currently discontinued as I don't have enough time to develop, however SecureMyBit DHScan doesn't need to be updated because it doesn't use signatures but heuristic analysis.
 

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
742
I see you're passionate about security :) I love your enthusiasm.
Glasswire is a very good product indeed.

@brod56 Thank you! That means a lot. You should see me in a college lecture hall in front of 150+ students talking about security! LOL!!! I get really passionate when talking about security then. hahha Enthusiasm x 100! No one is sleeping when I'm talking lol. Plus add in a few funny stories and they all will not forget about some great tips and what not.

Thank you for your kind words my friend, unfortunately my software are currently discontinued as I don't have enough time to develop, however SecureMyBit DHScan doesn't need to be updated because it doesn't use signatures but heuristic analysis.

@JM Security My friend you have done a good job with all of your software. I hope you go back into development later on JM Security!

Very true about SecureMyBit DHScan! It is a very nifty tool!

All, what do you think about me breaking down my security applications in a numbered list? Do you like this? I know hate is as strong word, but do you dislike this? Think I should just do one big list so it is a smaller scroll? Let me know your thoughts and I'll take it into configuration. @harlan4096 What are your thoughts?

Note: Forgot a few other security side stuff...This will come in my next addition/update to my security configuration in a while.

~Brian
 

Lightning_Brian

Level 15
Thread author
Verified
Top Poster
Content Creator
Sep 1, 2017
742
@harlan4096 which browser extensions do you think is overkill?

  • HTTPS Everywhere - encrypts your communications with many major websites, making your browsing more secure
  • AdGuard AdBlocker - main adblocker
  • Windscribe VPN - used in conjunction with my main VPN - double hop for added security
  • Norton Safe Web - in conjunction to my main AV - supposed to be good
  • NoScript - stops scrips! NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank).NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser. --- I could get this off my configuration as I am no longer using JAVA nor Flash on my computers. However, I don't want any execution to occur either without my knowledge. However, it does "[block] all scripts, plug-ins, and other code on Web pages"
  • and every once in a while uBlock Origin to compare against Adguard AdBlocker -- again just checking against AdGuard - not on in real time all the time. When using uBlock Origin I have AdGuard AdBlocker turned off.

As for Real time protection...

Each one is known to work with one another - at least within my configurations. However, I cannot speak to everyone's configuration who uses it.

Norton Security (main AV/Firewall/security)

ZAL - anti logger - Keystroke Logging Protection - SSL (Secure Sockets Layer) sniffing malware that captures data before it goes into HTTPS encryption (such as Man-in-the-Middle attacks)

VoodooShield - COMPUTER LOCK + MACHINE LEARNING / AI + MULTI-ENGINE BLACKLIST SCAN (as per their website and from my use) - this I could see is a bit over kill there

I have been using these three application for a long time now and never ever had a issue in my VM testing with malware samples nor actual issues on my physical computer. Could I get away with Norton Security and VoodooShield? Most certainly! However, ZAL adds an extra layer of security. With my hardware resources I barely notice the applications from even running.

Thanks for your insight @harlan4096 ! Let me know your thoughts.

~Brian
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top