Advanced Plus Security Penguin Security Config 2019

[Penguin]

Hello everybody! It's Jake again This is my current configuration thread. I know it's ordinary and probably weak, I am open to all kind of suggestions since I don't know much about security but I want to learn!!

My PC is used mainly for gaming and Netflix, also social networking. And I tend to install programs a lot. Also it is used often by my parents, although it's in my room. I also do homework and projects for school on it.

Thank you for reading!! Best regards!!

 

[JM Safe]

Hello, I would want to suggest Macrium Reflect Free or AOMEI Backupper for system backup solution and for reliable data backup I would want to suggest you to use Google Drive.

Thanks for sharing.

 

[Moonhorse]

Administrator - User has complete control over the device

you should run standard user account instead, so you dont run everything as administrator because its risky bisky unless you know what you are doing

Data Backup
None
Frequency of Data backupsNoneSystem Backup
None
Frequency of System backupsNone

you probably want to have some kind of backup if you have files you keep on your pc, like pictures, videos, family /personal content

I use aomei backupper free myself

Virus and Malware Removal Tools

Theres plenty of these...some as example:
- malwarebytes antimalware
- zemana antimalware
- roguekiller
- emsisoft emergency kit
- norton power eraser
- hitmanpro

You could try out some of them, every of them are free. Just for on-demand scan once a month atleast

Password Management

Bitwarden is free one, its quality of life to have password manager . You can easily keep track of your passwords and have much stronger ones ( you can even use bitwarden to generate passwords for you ) and harder to bruteforce by bots


And lastly i want to ask, why are you using comodo DNS....is there some specific reason for it?
Anyways other members will guide you into right way, but i think youre fine with ublock origin + windows defender, there are many ways to harden your config ...but i dont want to start telling whats right and whats not, so lets wait for more answers from others

 

[oldschool]

You might add ConfigureDefender to make the most of Windows Defender. You may find it here: AndyFul/ConfigureDefender

You could also add VoodooShield as an extra layer of protection. It is easy to use and there is a free version. You may find it here: VoodooShield™ - The User-Friendly Toggling Computer Lock.

I see you use BleachBit, which is a nice utility - especially since you use Chrome. BB has lots of cleaning options but not for some newer browsers like Brave and Edge. FYI: There is a new Chromium version of Edge that is really nice and worth checking out. You may find it here: Microsoft Edge Insider It has advantages over Chrome even its evolving state of development, like Smartscreen protection and more.

 

[Ink]

As Windows Defender Antivirus is your Real-time Virus and Malware protection, it does not need to be listed under Virus and Malware Removal Tools.

Recommendations
Use a 3rd party security app for on-demand scanning, and as a second opinion to make sure your PC files remain malware-free.

• Malwarebytes for Windows - FREE License (Scan and Removal)
• HitmanPro Scanner - FREE License (No Removal)
• ESET Online Scanner - FREE License (Scan and Removal)
• Emsisoft Emergency Kit - FREE License (Scan and Removal)

Use a trusted Password Manager to securely store credentials and other sensitive log in information; ie. WiFi passphrase.

• LastPass
• Bitwarden

While it may seen using Chrome to save passwords, forms, payment and addresses is easy, it may not be as secure if you lose access to your Google account; compromised device, hacked password.

• Make sure to have enabled 2 Factor Authentication for all your Web, Social and Gaming accounts.

Consider making backups of your data to a portable hard drive or encrypted cloud storage.

 

[Penguin]

Hello, I would want to suggest Macrium Reflect Free or AOMEI Backupper for system backup solution and for reliable data backup I would want to suggest you to use Google Drive.

Thanks for sharing.

Thank you sir! I am checking AOMEI right now, but I don't understand what's the use for it if I hire Google Drive for backing up files, because the free version of AOMEI cannot clone the disk as far as I checked, so I would be only backing up data? Better hire Drive?

As well, I am intrigued by your title! "From Zemana". Where's that? I never heard of it. I'm from New York. It doesn't sound like a city I've visited!!

 

[harlan4096]

Please kindly reflect Your changes editing Your config, and announcing them here, hanks for sharing

 

[Penguin]

And thanks everybody for your comments! You're very kind. I have checked Google Drive plans and I liked a 100GB plan where I can store my info, pictures and documents and have them syncrhonized in real time, for 20 bucks a year. Sounds nice.

I am also checking AOMEI Backupper! As for the password manangers... I will take a little while to investigate how they work because I am a bit lost here hehe!!

I added ESET Scanner as a secondary opinion scanner too!

How can I turn my account into a standard account?

Oh and @Moonhorse I use Comodo DNS because I saw in an article it was good against malware? Should I remove?

I also installed ConfigureDefender!! And I think I enabled it? I just hit HIGH SETTINGS and rebooted

Thanks everyone again!!

 

[JM Safe]

Thank you sir! I am checking AOMEI right now, but I don't understand what's the use for it if I hire Google Drive for backing up files, because the free version of AOMEI cannot clone the disk as far as I checked, so I would be only backing up data? Better hire Drive?

As well, I am intrigued by your title! "From Zemana". Where's that? I never heard of it. I'm from New York. It doesn't sound like a city I've visited!!

I am a Jr. Malware Analyst from Zemana: Zemana - AntiMalware and AntiLogger Protection
About data backup it is highly recommended to backup important data also to cloud backup services for reliable backups. Google Drive is one of the most secure and you have 15 GB for free.

 

[oldschool]

How can I turn my account into a standard account?

You already are using Administrator Account, so go to Settings > Accounts > Family & Other Users (I think it's called) > Select "Add other ..." and then follow prompts. I think I've got most of it correct. You will find your way.

 

[harlan4096]

@Penguin: also in "Web Privacy", You may add also a VPN service (If necessary).

 

[Moonhorse]

Oh and @Moonhorse I use Comodo DNS because I saw in an article it was good against malware? Should I remove?

Protection against malware is probably next to zero, i would use either cloudflare dns for speed or just neustar (usa) or cleanbrowsing (eu) for malware/phishing protection , dependent where youre living at

 

[Penguin]

I've spent these days wondering through others' security configurations, seeing what I could adapt, so I've managed to bring these changes to mine:

• UAC: set to maximum (always notify)
• Second Opinion Scanner: added Kaspersky Virus Removal Tool
• Browser&Extensions: added Firefox as a secondary backup browser, and added HTTPS Everywhere and Canvas Defender as extensions.
• Privacy and content blocker: Replaced uBlock with system-wide AdGuard (still on trial, I'm seeing if it's worth it!)
• Password Management: added Bitwarden and trying to make it work, still a bit hard to understand but we'll make it through!
• System Utilities: added CCleaner as a secondary system utility tool and blocked all incoming and outcoming connections through Windows Firewall
• Data Backup: decided and bought Google Drive 100GB to store in the cloud all my precious data
• System Image: Bought a secondary HDD and cloned my system for the very first time (hopefully I did it alright!), will do every month

 

[LDogg]

Looks like you've applied the right changs to your system!

My advice:

• Add ZAM Free 3.0
• Add Tinywall or MWFC as a compliment for Window Firewall for more advanced control

Everything else looks set. Thanks for sharing.

~LDogg

 

[Penguin]

Looks like you've applied the right changs to your system!

My advice:

• Add ZAM Free 3.0
• Add Tinywall or MWFC as a compliment for Window Firewall for more advanced control

Everything else looks set. Thanks for sharing.

~LDogg

Thank you very much sir for these recommendations!

Question: MWFC adds anything to WF despite notifications? I mean, doesn't WF know which connections to allow/block? Or is it a necessary complement?

 

[oldschool]

Question: MWFC adds anything to WF despite notifications? I mean, doesn't WF know which connections to allow/block? Or is it a necessary complement?

WF allows all outbound connections by default. MS's default configuration is meant for average users. If you wish to have more (and more easily) control over outbound connections then use a 3rd party GUI like WFC or Tinywall. I prefer the latter because of its simplicity and lack of pop-ups. Others prefer to have alerts regrading any connection. You may read more about Tinywall here: Discuss - TinyWall 2.1.7