Predrag's current configuration

Most recent changes
Dec 31, 1969
Operating System
Windows 10
Windows Edition
Enterprise
Build
1607 (14393.576) Enterprise-N 2016 LTSB
System type
64-bit OS
User Access Control
Always Notify - For App installs, Modify system & User settings
Device Firewall
3rd-party Firewall - Network security provided by a trusted vendor
Device Security
Windows Defender SmartScreen
User Account
Recent Security Issues
Not in a long time
Security Testing with Malware
No - Malware is avoided where possible
Real-time Web & Malware Protection
Emsisoft Antimalware Full;
Zemana AntiLogger Premium (Lifetime);
Comodo Firewall w/ Defense+
Security Protection settings
Virus and Malware Removal Tools
Himan Pro;
MBAM;
Browsers and Extensions
Mozilla Firefox (uBlock Origin Advanced + custom filters | NoScript)
Vivaldi (uBlock Origin Advanced + custom filters)
Chrome (uBlock Origin Advanced + custom filters)
Web Privacy
uBlock origin (Advanced); NoScript
Password Management
No
Default Web Search
Google
System Utilities collection
CCleaner
Personal data Backup
Manually
Intervals between Personal data backups
Weekly
Disk Imaging Backup
Paragon Hard Disk Manager
Intervals between System Image backups
Occasionally
Device Specs
https://malwaretips.com/threads/predrags-workstation.65413/
Joined
Apr 16, 2016
Messages
56
OS
Windows 10
Antivirus
Emsisoft
#1
Well, this was my standard setup so far. As I'm planning to upgrade to W10 soon, I want to expand/alter this accordingly. Especially after a company I work for has had a close encounter with Locky Ransomware. I am hoping to learn a lot from more experienced users here.

That's it for now.

Best Regards,
Predrag

EDIT: Updated the security configuration as I moved to W10 Enterprise LTSB. We'll see how this configuration goes, so far I am pleased with the overall system speed and responsiveness. Also, I am starting to slowly get used to using Vivaldi browser - Chrome experience and security with (almost) Firefox like customization - Tabs on the side being the most important one.

I would like to hear some opinions about this configuration, and especially about Vivaldi browser - any good/bad experiences out there?
 
Last edited:

pablozi

Level 22
Trusted
Joined
Jun 14, 2011
Messages
1,186
#2
Hi!
Nice setup, however you can consider setting UAC to max and OS updates to "automatic".
My second thought is Admuncher - do you really need it since you have uBlock Origin? Isn't AdMuncher a dead product?
 
Joined
Aug 30, 2015
Messages
1,811
OS
Windows 10
Antivirus
Emsisoft
#5
Looks good consider adding Zemana Anti-Malware as another On Demand Scanner in conjunction with MBAM and HitmanPro.
Setting updates and UAC to max is good too. Optional but possibly upgrade to Windows 10. Very good security.
 
Likes: Noxx

Tornado

New Member
Joined
Nov 22, 2015
Messages
1,078
#6
Looks good, apart from:
  • Comodo Internet Security and Sophos Home - Two real-time AVs?
  • OS updates - Manual, you could make it automatic.
 
Joined
Apr 16, 2016
Messages
56
OS
Windows 10
Antivirus
Emsisoft
#7
Hey there,

thanks for replying and liking. As I said, I want to upgrade soon, but I can't do a fresh install right now, as I'm up to neck with work. I tried a "Click-to-upgrade-from-Win-8" on another PC, and ended up with a disastrously slow system, so that's not an option. Also, I am waiting for Enterprise-N-ltsb license that should arrive next week, as I can't put up with "latest-features-through-update" bs - I need a solid, stable system without it constantly doing something in the background with possible sudden incompatibilities.

Hi!
Nice setup, however you can consider setting UAC to max and OS updates to "automatic".
My second thought is Admuncher - do you really need it since you have uBlock Origin? Isn't AdMuncher a dead product?
Setting UAC to the max, as well as working in non-admin account after finishing the entire setup is the plan, as well. I started writing a step-by-step notes for myself, as I'm likely to forget something at the last moment. Regarding the ad-muncher, it's gonna go - as it was made free, I wanted to try browsing without ABP slowing the FF down. It was only after that I discovered uBlock Origin, but never got to remove the ad-muncher. It's one of those "Bah, I'm going to do a fresh install anyway next week" situations. I don't have to mention that that day still didn't arrive, lol. Seriously now, I the plan is already in motion, so - soon.

Config looks good! Have you considered upgrading to Windows 10?
Thanks, yes.

Looks good consider adding Zemana Anti-Malware as another On Demand Scanner in conjunction with MBAM and HitmanPro.
Setting updates and UAC to max is good too. Optional but possibly upgrade to Windows 10. Very good security.
Yeah, I heard a lot of good stuff about Zemana from all around. I am thinking of it, although I'm a sucker for a free setup :D. I want to try as much as possible to utilize the system hardening, adding srp's and gpo's, setting read/write permissions right, and so on - it requires some extra planning and learning, but it will pay off either way in the end, I believe. Although, if I stumble on some ridiculous offer for it (like I did last night for BitDefender Total security 2016, 3 PC's, 1 year for 20$ :eek:) I will definitely buy it. Same goes for HitmanProAlert.

On a side note, I am also looking at Sandboxie, Voodoo shield, Bouncer, NoVirusThanks-ExeRadarPro, or the multiengine SecureAplus... All interesting new approaches to securing the endpoint (well this last one is not entirely new, but nvm)

Looks good, apart from:
  • Comodo Internet Security and Sophos Home - Two real-time AVs?
  • OS updates - Manual, you could make it automatic.
Yes, I haven't really explained well - Comodo's Antivirus is disabled, I run the Firewall with D+ mostly custom rules and Sandbox with Viruscope ON. Only Sophos is Realtime - I must say, I am pleasantly surprised by this one. It's a bit of a pain to set the excluded folders and files (persistent little guy with browser control), but after a bit of fiddling around, I quite like it.
Regarding the updates, I kind of had a little rage episode when I desperately needed to send a project correction urgently, and Windoze decided a session beforehand to leave only the Update-and-shutdown option. When I turned it on, I had to wait 45mins for it to finish updating. The client had to wait as well, which sucked, so I switched it to manual afterwards.

So, a question: Anyone noticed the trend lately that eastern AV's have better/faster definitions for zero-day malware? Coincidentally (of course), eastern based malware are prevalent ATM, and I wonder if anyone had some experience with these AVs - Qihoo or Baidu or Kingsoft, for example? Do you thnk it's worth adding them to your setup somehow - purely because of the signatures/response speed?

Thanks in advance,
Predrag
 
Joined
Apr 16, 2016
Messages
56
OS
Windows 10
Antivirus
Emsisoft
#8
I installed the aforementioned Bitdefender Total 2016 on wifes Laptop with Win10 - I really didn't expect it to run so smooth and so light on it. Security wise, I only heard the best about it, so we'll see. Perhaps it ends up on my machine as well, together with all the tweaks and layers mentioned above.
The only thing I have to warn you about is that BD installs it's own certificate for SSL/TSL data encryption, which ends up not being recognized by the browser when visiting https websites - BD is effectively being seen as MITB. BD support says that this issue was fixed, and if it happens we should turn off SSL scanning. No need for that really, just manually import the certificate into the browser and you're good to go - thanks to the Billy S from BD forum - here's how:

Found this, it worked.
QUOTE (Savoy @ November 4, 2015, 7:11 PM) <{POST_SNAPBACK}>
Rebonsoir, Well, after much wasted time on this problem, I think I found a solution! (It would be good in future Firefox -portable- working with BitDefender ...) If it serve other people, I indicate here the process I followed: 1) for Windows 7: Start / certmgr.msc / Authorities certification trusted root / Certificates right click the BitDefender certificate / All tasks / Export / Next / Next / (choose a location and name the file) 2) Under Firefox Portable:Options / Advanced / View certificates / Import / (change the previously exported file and tick three boxes) Everything works flawlessly, as before . I'm proud of myself ;-))) Jerome, Savoie.
 
Likes: pablozi

jamescv7

Level 61
Trusted
Joined
Mar 15, 2011
Messages
12,638
OS
Windows 10
Antivirus
Microsoft
#9
So, a question: Anyone noticed the trend lately that eastern AV's have better/faster definitions for zero-day malware? Coincidentally (of course), eastern based malware are prevalent ATM, and I wonder if anyone had some experience with these AVs - Qihoo or Baidu or Kingsoft, for example? Do you thnk it's worth adding them to your setup somehow - purely because of the signatures/response speed?
@Predrag Radjenovic: In my view, origin of the threats may one of the factor where fast response time may occur however very slight on the impact. AV's contains robotic components to gather numerous sources around the web so for there are times that identical countries contain more samples.

Now in the case of adding to a setup then make background check to yourself if what are your habits done in the internet. ;)
 
Likes: Tornado

Tornado

New Member
Joined
Nov 22, 2015
Messages
1,078
#10
For Maximum Security:
  1. Enable UAC to 'Always Notify'.
  2. Add HTTPS Everywhere to your browsers.
  3. Change Windows Updates to 'Automatic'.
  4. Enable these in uBlock Origin:
ublock.PNG
 
Joined
Apr 16, 2016
Messages
56
OS
Windows 10
Antivirus
Emsisoft
#11
EDIT: Updated the security configuration as I moved to W10 Enterprise LTSB. We'll see how this configuration goes, so far I am pleased with the overall system speed and responsiveness. Also, I am starting to slowly get used to using Vivaldi browser - Chrome experience and security with (almost) Firefox like customization - Tabs on the side being the most important one.

I would like to hear some opinions about this configuration, and especially about Vivaldi browser - any good/bad experiences out there?
 
Likes: Logethica
Joined
Jun 24, 2016
Messages
584
OS
Windows 10
#12
Hey @Predrag Radjenovic :)
I really like your Config...
As you know Bitdefender is a top AV of late...Zemana is a top AM....and uBlock is Awesome IMO..
Personally I am a fan of an Anti-EXE,with Voodooshield being my favourite.
Unfortunately I am yet to use Vivaldi,so cannot give you feedback on it.
 
Likes: davisd

jamescv7

Level 61
Trusted
Joined
Mar 15, 2011
Messages
12,638
OS
Windows 10
Antivirus
Microsoft
#13
@Predrag Radjenovic : Well I use Vivaldi for about a month from now and overall the reliability is good alongside of quick responsiveness.

However loading times sometimes takes longer, likely because of customization and interface.
 
Joined
Apr 16, 2016
Messages
56
OS
Windows 10
Antivirus
Emsisoft
#14
Well, I noticed a flaw in BitDefender Total Security 2016. After customizing the settings a bit, I ran into an error that obviously wasn't fixed for a while. Namely, I was unable to change Explorer options of showing/hiding hidden files. After digging through different forums for a while, the "solution" was to put back the Intrusion Prevention module setting from Medium to Permissive, as was on default. The forum reply was back from 2012, I think.
BD support told me it was because of MBAM real time protection (which I don't have, although I have MBAE free, so perhaps the effects are the same). Anyway, I'm too busy now to stretch that discussion to infinity, so I marked the issue as solved. Perhaps it's nothing serious, but it still feels kinda mehh...