S3cur1ty 3nthu5145t Configuration

[S3cur1ty 3nthu5145t]

Host System Analysis Tools
-Process Explorer "v16.21"
-Autoruns "v13.71"
-TCPview "v3.05"
-VT Uploader "v2.2"

Host Virtual Private Network
-Cyberghost Premium "v6.0.7.2738"

**********************************************

Virtual Machine:
-Vmware Workstation Pro "v12.5.7"
-Windows 10 pro "OS Build 10563.413"
-Windows default security
-Appguard "v4.4.6.1"

Virtual Machine System Analysis Tools:
-Process Explorer "v16.21"
-Autoruns "v13.71"
-Process Monitor "v3.33"
-TCPview "v3.05"
-PeStudio "v8.59"
-Regshot "v1.9.0"
-Folder Change View "v2.10"
-Microsoft Message Analyzer "v1.4"
-VT Check Hash "v1.59"
-Hashmyfiles "v2.23"

Virtual Machine On Demands
-Zemana AM Premium "v2.74.2.76"
-Emsisoft Emergency Kit "v2017.4.0.7437"

Virtual Machine Encrypted Local Storage
-Keepass Portable "2.35"

Virtual Machine Virtual Private Network
-CyberGhost Premium "v6.0.7.2738"

**********************************************

This set up is used both for personal and testing.

I have in both the Guest machine and Host, a copy of Appguard and Cyberghost Premium. Both copies of Appguard are placed into Lockdown mode while testing malware, the Host copy of Cyberghost is utilized for this purpose to mitigate any chances of malware disabling the copy in the Guest machine were i to use it. I utilize the copy of Cyberghost in the VM for research purposes when not using that snapshot for testing samples, this allows the host to still be connected normally and multi tasking to take place.

Aside from testing samples, i am also testing Appguard as well as the above mentioned research and i also utilize it for testing updates/upgrades of W10 before they ever hit my Host.

 

[Exterminator]

Looks good! Thanks for sharing your config

 

[Deleted member 178]

Good , another Appguard user

 

[brod56]

Good config.
I would add Zemana just for peace of mind, since you are not using any signature-based protection.
Thanks for sharing

 

[Deleted member 178]

Good config.
I would add Zemana just for peace of mind, since you are not using any signature-based protection.
Thanks for sharing

Windows Defender on Win10...

 

[brod56]

Windows Defender on Windows 10...

Not mentioned in the Real Time Malware Protection. I'm assuming he disabled it via Group Policy.

 

[S3cur1ty 3nthu5145t]

Not mentioned in the Real Time Malware Protection. I'm assuming he disabled it via Group Policy.

In my haste yesterday, i forgot to add it to the real-time protection field. It has been edited and added.

 

[Handsome Recluse]

The first letter on Enthusiast should've been E to not slow down people's reading and about your config: =)

 

[In2an3_PpG]

OS Build: 10563.296 ?

Why not update to Creators?

Other than that, nice config. Thanks for sharing.

 

[S3cur1ty 3nthu5145t]

OS Build: 10563.296 ?

Why not update to Creators?

Other than that, nice config. Thanks for sharing.

This is Creators update, version 1703.

 

[Malware Person]

nice configuration! i would recommend adding an on-demand scanner like Zemana or Malwarebytes, I also recommend adding HTTPS Everywhere to your browsers. Overall good configuration though!

 

[S3cur1ty 3nthu5145t]

nice configuration! i would recommend adding an on-demand scanner like Zemana or Malwarebytes, I also recommend adding HTTPS Everywhere to your browsers. Overall good configuration though!

Thank you for the comment and suggestions.

I am not a user of On-Demands for my system. I will post 2 reasons why this is to help curb any future recommendation.

1. Current AV's lack the ability to keep up with zero-day malware efficiently, meaning by the time they are able to push a signature out for a newer malware, it has been in the wild already, and may have been so for days. Using on-demand "real time protection" as a companion consumes more resources unnecessarily.

2. Used as a on-demand only "which they were designed to eradicate systems after infection" with my set up above is not necessary as well. If i get hit with an infection, because i do not store personal files on the machine, and keep it light and fast, it is actually easier and less time consuming for me to just wipe the system and 2 hours later be up and running again, instead of scanning the system, finding the malware, removing/deleting the malware which almost always leaves traces behind that need manual hunting, not to mention the corruption that could take place from the malware itself and or removal of, that will need repaired, which can be very time consuming.

Good , another Appguard user

It just makes no sense not too. Stop the infection before it occurs, no mess to clean up.

 

[brod56]

In my haste yesterday, i forgot to add it to the real-time protection field. It has been edited and added.

In that case I agree with you, no additional scanners needed.

 

[JM Safe]

I would add HTTPS Everywhere and Disconnect.

I would also add CCleaner Free.

Thanks for sharing.

 

[S3cur1ty 3nthu5145t]

As stated above, i was in a Haste setting up my configuration and it was unfinished, the full configuration of my set up is now listed in the original post above.

 

[S3cur1ty 3nthu5145t]

Added:
-Zemana AM Premium
-Emsisoft Emergency Kit
-VT Check Hash

In my Guest machine for testing purposes.

 

[S3cur1ty 3nthu5145t]

Added: Cyberghost to my Host

I had purchased a Cyberghost Premium Plus account and was able to not only set up both Host and Guest with a copy, but also mobile devices as well.

Changes are reflected in my config, which has one addition that will soon grace my Host, this also listed in my OP.

 

[S3cur1ty 3nthu5145t]

Both Host and Guest machines been updated to OS Build "10563.413" today, changes reflected in OP above.

 

[Dulan]

Thanks for sharing. It seems pretty robust.

 

[S3cur1ty 3nthu5145t]

Added: Hashmyfiles by Nirsoft to my Guest machine Lab.

My configuration is complete now, with all applications used and version numbers.