Advanced Plus Security sg09's Security Configuration - 2019

[sg09]

Hey there!
This is the security config for my main desktop. I am a tech enthusiastic and security fanatic. I used to be a voracious tester of new antimalware applications. But nowadays time doesn't always cope up with passion, and that has forced me to stay calm with security configurations.

I had to do a full reset of Windows few months back and had been using Malwarebytes with Voodooshield since then. Voodooshield never impressed me that much but still persisted with it for these months but when I saw the post on AhnLab V3 Lite English Version on MT I first tested it on my old laptop (with Win7) and then installed it on my main PC.

I love free antivirus with zero ads and clean interface, a combination which is rare to find, and AhnLab V3 Lite offers just that. Liking it very much so far (I shall share my experiences later on the original thread) and so I wish to keep the current security configurations for much longer time.

My Malwarebyte Premium License is Lifetime. MCShield is a free software. I like MCShield as it has saved my PC in the past from USB based infections. I have used it with various other antimalware and it almost always is the first to pop-up with detection and cleanup, and most pleasingly it cleans not only the malware file but also the associated folders. It causes issues with genuine bootable USBs and CDs but otherwise it is pretty reliable.

I do not like Optimization tools in general but I have a liking for Kerish Doctor in particular, so when it came as a giveaway I couldn't resist myself to install it. I use CCleaner mostly to reduce junks.

For a change I have installed Smart Defrag pro (free from a Giveaway) although I do not believe much in this stuff. It is set to defrag locked filed during boot on a daily basis.

I uninstall programs very much occasionally. Still for the rare cases when the installation is for temporary reason I track the installation with Smarty Uninstaller Pro (free from a Giveaway). Otherwise I use Iobit Uninstaller Pro (free from a Giveaway) to take care of uninstallation leftovers and also to update important softwares.

I Purchased CleanMem pro during my Win7 days and still using it with the visual indicator. It gives me a peace of mind.

Process Lasso pro is there for additional performance enhancements. This is also a redundant thing considering my system configurations and the kind of work I do in it but simply installed it because it came as free in a giveaway and installing these software doesn't affect my PC's performance in any visible way.

 

[sg09]

Backup Plan

I've received the staff note: "This setup configuration doesn't have a backup plan", but I DO have a backup plan!

I do not have any personal files on system drive, as all the Library folders (Desktop, Documents etc.) are on non-system drives. So, there is no fear of data loss if OS crashes. Also some essential software settings/databases are backed up to non-system files. I can however recover accedentally left files on system drive using Linux based Live CDs.

In the past I used Macrium Reflect kind of software, but nowadays I don't prefer these because I would rather freshly install OS (using CD) or do a clean reset (Windows 10 feature), than restore system to a not-so-perfect state.

I don't mind installing the essential softwares again manually. After all, I do these format/reset thing once in a year or two. Furthermore I love to start afresh as these let me experience newer software, such as antivirus, utilities, media player, PDF reader etc.

I keep a list of my essential softwares with me so that in the new install I don't miss out on any essentials, such as Wordweb, Everything, CleanMem, Kindle, Bing Desktop etc. Also I keep a list of essential tweaks I do in my system, such as showing extensions of common file types, disabling autorun, adjusting Windows Privacy settings, personalize Windows look & feel etc.

All of my financial/academic/personal documents/eBooks, Important Photos, Essential Music collection is backed up realtime on OneDrive. I have 40 GB of free storage and 1 TB of storage from MS Office subscription, but I only use upto 40GB in total so far.

I have backups over 200 GB of the rest of files on Zoolz 1Tb lifetime cold storage.

The photos are backed up in HD resolution in Google's unlimited Photo storage.

I am not so reliant on external storage as three of my previous portable external HDD has damaged. Now I mostly use externally powered HDD for backup. I take this backup occasionally (once in 4-6 months) and that includes all Movie, Music and Image collection. These collections don't change often for me.

I know this might not be the most perfect backup plan but still it gives me the mix of best protection and productivity. In the past I was paranoid on security and backup but nowadays I keep these things on autopilot as much as possible.

 

[JM Safe]

Hello, good config, I saw you have a good backup for all your data and you prefer system reset than system image backup. If you will change your idea I would suggest Macrium Reflect Free or AOMEI Backupper.

Thanks for sharing.

 

[sg09]

Hello, good config, I saw you have a good backup for all your data and you prefer system reset than system image backup. If you will change your idea I would suggest Macrium Reflect Free or AOMEI Backupper.

Thanks for sharing.

Yes, I never felt the need for Macrium since Windows 10 came. Reset was in Windows 8 too but it was buggy iirc.

However it has just occurred to me after your suggestion that Macrium aided system backup is still useful for me in some critical times. For example, it may happen that my PC crash at an urgent time when I do not have the luxury of manual installation of all apps and adjustment of settings.

So, yes I might surely reconsider using Macrium or Backupper (I never used but know about it) in coming days. I shall update when I do that.

Thanks for going through my PC configuration and the suggestion.

 

[harlan4096]

Please kindly reflect Your changes in the config and announce them here, thanks for sharing

 

[sg09]

Please kindly reflect Your changes in the config and announce them here, thanks for sharing

Sure, I will. I haven't made any changes so far. I added something which forgot in the first place.

 

[LDogg]

After seeing your reasoning on backups, I think this is a good config for yourself!

~LDogg

 

[sg09]

1. Purchased & Installed Adguard Premium Lifetime License. So, removed the adblocker extensions from the browsers.
2. Installed Shadow Defender but kept it out of startup launching. Will launch if need to test a new software or do some adventurous experiments.
3. Installed Macrium Reflect and created a backup of the Operating System. Also created a Rescue USB. I've plans to create new backups monthly.
4. Purchased Windscribe custom plan for a month. I may not renew it.
5. Recently ran malware scan with Trend Micro HouseCall & F-Secure Online Scanner. I'll scan with these tools rarely.
6. I've Sticky Password Lifetime License. I plan to switch from LastPass to Sticky Password in future.

 

[Ink]

1. Purchased & Installed Adguard Premium Lifetime License. So, removed the adblocker extensions from the browsers.

You can still continue to use Adguard AdBlocker in the browser with Integration mode | AdGuard Knowledgebase

 

[sg09]

You can still continue to use Adguard AdBlocker in the browser with Integration mode | AdGuard Knowledgebase

Interesting! Uninstalled the extensions mainly to improve browser performance. I'll try reinstalling for one browser to see how it works now.

 

[sg09]

Replaced AhnLab V3 Lite with Emsisoft Antimalware Home. I like AhnLab V3 Lite & will start using that again once Emsisoft license expires.

Also added Rogue-Killer Antimalware Premium.

 

[FrFc1908]

Replaced AhnLab V3 Lite with Emsisoft Antimalware Home. I like AhnLab V3 Lite & will start using that again once Emsisoft license expires.

Also added Rogue-Killer Antimalware Premium.

Straight overkill, you do not need so much real-time protection, if you ask me.

 

[sg09]

Straight overkill, you do not need so much real-time protection, if you ask me.

Rouge-killer premium doesn't have realtime protection, although it stays in the tray all the time.
So, mainly Emsisoft Home & MBAM Premium is offering real-time protection.

 

[harlan4096]

Probably You should disable MWB 3 resident protection.

 

[sg09]

Probably You should disable MWB 3 resident protection.

Apparently there is no conflict and the drivers and folders of each are excluded in each software. I have a pretty powerful PC and my regular work is light, so I can't feel any difference other than a bit slowdown in system boot time.


I know if black swan scenario strikes, no definition based software can protect me against zero day malware, but I still prefer to have the odds in favor with at least two offline-definition based software (one being officially compatible with other full-blown antivirus). I just can't bear the annoyance of HIPS cum whitelisting software's pop-up, else I would use only those kind of software.


I know my setup is a bit Overkill but it was intentional. I like security softwares & that's the only reason I haven't switched completely from Windows. I have adequate common sense and can easily use a Windows system without any resident real-time antivirus or Whitelisting-cum-HIPS software and remain without infection. I have done that many times in the past when I got bored with the antivirus softwares, and may do that again in the future. Currently, I am in a bit of a security heavy mindset.


Hope you understand.

 

[blackice]

Apparently there is no conflict and the drivers and folders of each are excluded in each software. I have a pretty powerful PC and my regular work is light, so I can't feel any difference other than a bit slowdown in system boot time.


I know if black swan scenario strikes, no definition based software can protect me against zero day malware, but I still prefer to have the odds in favor with at least two offline-definition based software (one being officially compatible with other full-blown antivirus). I just can't bear the annoyance of HIPS cum whitelisting software's pop-up, else I would use only those kind of software.


I know my setup is a bit Overkill but it was intentional. I like security softwares & that's the only reason I haven't switched completely from Windows. I have adequate common sense and can easily use a Windows system without any resident real-time antivirus or Whitelisting-cum-HIPS software and remain without infection. I have done that many times in the past when I got bored with the antivirus softwares, and may do that again in the future. Currently, I am in a bit of a security heavy mindset.


Hope you understand.

MBAM3 Premium can work with most AVs in real time. It’s a complimented layered approach. It has good Anti Exploit and web filtering. I’ve used it with Defender and ESET without problems. Since Emsisoft has a hit or miss extension at this point it isn’t a terrible idea. As long as you don’t mind the slight performance impact and have memory to spare it won’t hurt anything. I kind of like it complementing Defender.

 

[sg09]

MBAM3 Premium can work with most AVs in real time. It’s a complimented layered approach. It has good Anti Exploit and web filtering. I’ve used it with Defender and ESET without problems. Since Emsisoft has a hit or miss extension at this point it isn’t a terrible idea. As long as you don’t mind the slight performance impact and have memory to spare it won’t hurt anything. I kind of like it complementing Defender.

Yes I like Malwarebytes webprotection the most. I haven't seen any detection in the anti-exploit although read that it is pretty strong.