SECURITY: Complete sg09's Security Configuration - 2021

Last updated
Mar 10, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
OS edition
Pro
Login security
    • Password-less (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
Third-party router
Real-time protection
Emsisoft Anti-Malware, Malwarebytes Pro, Adguard Premium
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Malwarebytes Pro was installed last to make it compatible with other security softwares. All essential files, drivers were mutually excluded from manual and real-time scans.
Malware testing
No malware samples
Periodic security scanners
Very occasional scan with Eset Online Scanner, Avira PC Cleaner, Windows Defender, Dr. Web CureIt, Vba32 Check
Secure DNS
Google DNS
VPN
Windscribe, Adguard VPN
Password manager
Bitwarden, Sticky Password
Browsers, Search and Addons
Browsers:
Edgium, Firefox, Vivaldi
Extensions:
  1. Emsisoft Browser Security extensions
  2. Web Threat Shield by Webroot
  3. Video Download Helper
  4. Adguard, VPN & Password Manager extensions
Maintenance and Cleaning
CleanMem Pro, CCleaner Free Portable, HiBit Uninstaller, Shadow Defender
Personal Files & Photos backup
  • Desktop, Downloads, Documents etc. important folders are placed in non-system drives.
  • Essential files (~40 GB) are backed up to OneDrive realtime.
  • Rest files are occasionally backed up to External HDD. I anyway use the three non-system drives to keep all these files. So, no loss due to OS crash.
Personal backup routine
Automatic (scheduled)
Device recovery & backup
  • Macrium Reflect OS backup scheduled on bimonthly basis. (I install new software rarely).
  • Prefer to reset PC to clean state if system slows down or malfunctions (Happens biennially).
Device backup routine
Automatic (scheduled)
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Emails. 
  4. Shopping. 
  5. Banking. 
  6. Downloading software. 
  7. Multimedia. 
  8. Streaming. 
  9. App developer. 
Computer specs
Assembled Desktop
  • Intel i7-4770 CPU @ 3.40 GHz + Antec A40 PRO Fan
  • Intel DB85FL Motherboard
  • (8 + 8) GB RAM (Corsair, DDR3, 1600MHz)
  • Disks:
    1. 500 GB SSD (Samsung 860 EVO)
    2. 1 TB HDD (TOSHIBA MK1002TSKB)
    3. 2 TB HDD (Toshiba P300 HDWD120)
    4. 2 TB HDD (Seagate Barracuda ST2000DM001)
  • Bluetooth 4.0 (Kinivo), Wifi Adapter (D-Link)
  • Keyboard & Mouse (Amkette)
  • Monitor (AOC)
  • Cabinet (Cooler Master)
  • SMPS (Corsair)
Personal changelog
  • Added two more 2Tb non-system drives.
  • Added a non stock CPU cooler as CPU was heating up a lot.
  • Completely migrated from Lastpass to Bitwarden & Sticky Password.
Feedback Response

General feedback

Staff Notes
  1. This setup may cause performance issues, system instability or conflicts between programs, and can hinder the effectiveness of the installed antivirus products.

sg09

Level 2
Apr 3, 2019
69
Alright, this is my 2021's security configuration. There is not much change since I last updated my 2020's security configuration in the month of November.

I wanted to add just one 2Tb internal HDD. Instead added two. The other one was accidental. I had a dead external HDD which I thought of throwing away. However, upon seeing one YouTube video I stripped off its covers and found that it was the SATA adapter that had become buggy and the disk was perfectly alright. So, that external HDD became my other internal HDD. I now use it to store backups and media.

I finally decided about moving away from Lastpass after its latest change in plan. I was attempting to make a move for the last few years and actually bought a lifetime Sticky Password license way back in 2016 but wasn't using it. I was also trying out Bitwarden for the last 1 year. So, now after exporting lastpass passwords to these two password managers, I am using both simultaneously. This is because I am yet to decide on which one to stick to finally. There are some features in Sticky Password that I like, and there are some that I like in Bitwarden. So, its all bit too confusing for me. So far I am more inclined to Bitwarden because it is also supported on Linux (I have two Ubuntu Laptops). But, since I've already committed money on Sticky Password for lifetime, I am not so inclined to give up on it so soon.

Still using Webroot with Emsisoft as I have license for both for 1 year which I plan to use in full. NO conflicts have been observed so far. Webroot for all its unpopularity is in-fact doing a decent job for me. Twice it was able to detect and quarantine PUPs in software packages (only the PUPs) which Emsisoft was unable to detect (it was not a case of WSA acting first).

To all who are inquisitive as to why I am running two antimalwares as that can cause conflict, Webroot isn't like other antimalwares and according to them they are compatible with other antimalwares and adapt different technology to detect malwares alongside others.
Also being a Antimalware Fanboy I prefer to keep it a bit overkill. I have years of experience to run PC without any security softwares relying just on common sense but this is something I LOVE to have.

Recently, added Antec A40 Pro CPU cooler fan to my system. Earlier my CPU was heating upto 95° on full load and 55° on idle. Now that has improved a lot to 65° on full load and 35° on idle!
 
Last edited:

silversurfer

Level 73
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,241
Such as? :unsure: I have already excluded files, folders, drivers in both. Webroot states that it supports coexistence.

Possible case: simultaneously detection of the same file as malware, you cannot control which AV detects first!

Anyway, as I said above, it's always up the user to decide what he will using, we can just trying to warn/inform...
 

sg09

Level 2
Apr 3, 2019
69
Why 2 security solutions running?
Just because I have licenses for both. Also I prefer to keep one compatible anti-malware alongside a full fledged AM. If not for Webroot I would've installed Malwarebytes AM for which I have a lifetime license. Also I don't see any system performance impact probably because the configuration is good enough.
 

SecureKongo

Level 21
Verified
Malware Tester
Feb 25, 2017
1,059
Such as? :unsure: I have already excluded files, folders, drivers in both. Webroot states that it supports coexistence.
Even if you are not having conflicts, I highly doubt that Webroot will add any significant layer of protection to your config. Running two web filtering extensions isn't a good approach either. Remove Webroot and its web shield and maybe change your DNS to NextDNS if you want more web protection that doesn't require an extension. Google DNS is definitely not the best option out there considering speed and privacy/security.
 

sg09

Level 2
Apr 3, 2019
69
it's always up the user to decide what he will using, we can just trying to warn/inform...
I understand and respect that. Just trying to understand your viewpoint.
Possible case: simultaneously detection of the same file as malware, you cannot control which AV detects first!
Exactly that's what Webroot says won't happen with their product.
SecureAnywhere is able to recognize other virus protection software on your computer as one of “the good guys.” This means SecureAnywhere won’t block with on-access scanning or try to break through legitimate lockouts. In this way, potential software conflicts, and the resulting system slowness and vulnerability, can be avoided.
 

sg09

Level 2
Apr 3, 2019
69
maybe change your DNS to NextDNS if you want more web protection that doesn't require an extension. Google DNS is definitely not the best option
Thanks, I wasn't aware of NextDNS. I was using Adguard DNS and it was breaking too many useful sites. Google DNS was mainly kept for better performance with most sites.

I highly doubt that Webroot will add any significant layer of protection to your config
This is true. It was just a paranoia on my side, I accept. Periodically I use such overkill setups and sometimes I move to standard setups.

Frankly, I have been dealing with malwares and antimalware softwares long enough to have a confidence to use PC even without any protection and still have no infections. My overkill setups are a byproduct of my fanboy nature to AM softwares. I just love them and so still using Windows.
Running two web filtering extensions isn't a good approach either
This I am planning to do. Webroot doesn't allow disabling its extension. Maybe need to search for some hacks to disable it. One thing I like about Webroot's plugin is the checkmarks after Google search results (just like Bitdefender TrafficLight)
 
Last edited:

SecureKongo

Level 21
Verified
Malware Tester
Feb 25, 2017
1,059
My overkill setups are a byproduct of my fanboy nature to AM softwares
I feel that point. In my case I used to switch between security software multiple times a month. 😄
This I am planning to do. Webroot doesn't allow disabling its extension.
You can simply delete it within your browser and it won't install itself again. At least that was the experience I made when I last used it.
 

Digmor Crusher

Level 11
Verified
Jan 27, 2018
505
Just because I have licenses for both. Also I prefer to keep one compatible anti-malware alongside a full fledged AM. If not for Webroot I would've installed Malwarebytes AM for which I have a lifetime license. Also I don't see any system performance impact probably because the configuration is good enough.
Don't be confused by the name Emsisoft Anti - Malware, its an anti-virus despite the name, so is Webroot, you are running 2 anti-virus which is highly not recommended.
 

Spawn

Administrator
Verified
Staff member
Jan 8, 2011
21,129
Alright, this is my 2021's security configuration.

Twice it was able to detect and quarantine PUPs in software packages (only the PUPs) which Emsisoft was unable to detect (it was not a case of WSA acting first).
Try adding Malwarebytes AdwCleaner to your on-demand scanners, it can find adware and unwanted software. It's completely free to download and use.
 

sg09

Level 2
Apr 3, 2019
69
@Spawn I already have MBAM as my on-demand scanner. Isn't AdwCleaner a part of MBAM? Also how come a on-demand cleaner will prevent the installation of PUPs incorportated in installers.
 

SecureKongo

Level 21
Verified
Malware Tester
Feb 25, 2017
1,059
@Spawn I already have MBAM as my on-demand scanner. Isn't AdwCleaner a part of MBAM? Also how come a on-demand cleaner will prevent the installation of PUPs incorportated in installers.
It is from the same company but MBAM currently doesn’t has the AdwCleaner database included. I’d also recommend you to check it out. Also, it doesn’t protect from PUP‘s it just removes them.
 

sg09

Level 2
Apr 3, 2019
69
It is from the same company but MBAM currently doesn’t has the AdwCleaner database included. I’d also recommend you to check it out.
Thanks I didn't know that MBAM doesn't have the database included. I downloaded & ran a scan and it detected a PUA folder, which MBAM didn't detect, and let me remove it. Wonder why haven't MBAM still amalgamated AdwCleaner's databases. It has been 4.5 year since MBAM acquired AdwCleaner!
 
Top