Basic Security spguru security config 2021

Last updated
Sep 2, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Smart App Control
Network firewall
Real-time security
Emsisoft Business Security
Firewall security
About custom security
None
Periodic malware scanners
None
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge, Google Chrome
Secure DNS
None
Desktop VPN
Mulvad
Password manager
Roboform
Maintenance tools
None
File and Photo backup
OneDrive, Google Drive, iCloud, DropBox
System recovery
Acronis True Image
Risk factors
    • Working from home
    • Browsing to popular websites
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
    • Coding and development
Computer specs
Custom Build

OS Name Microsoft Windows 10 Pro
Version 10.0.19043 Build 19043
Other OS Description Not Available
OS Manufacturer Microsoft Corporation
System Name KINESYS-DESKTOP
System Manufacturer Micro-Star International Co., Ltd.
System Model MS-7C75
System Type x64-based PC
System SKU Default string
Processor Intel(R) Core(TM) i9-10900K CPU @ 3.70GHz, 3696 Mhz, 10 Core(s), 20 Logical Processor(s)
BIOS Version/Date American Megatrends Inc. 2.50, 11/23/2020
SMBIOS Version 3.2
Embedded Controller Version 255.255
BIOS Mode UEFI
BaseBoard Manufacturer Micro-Star International Co., Ltd.
BaseBoard Product Z490-A PRO (MS-7C75)
BaseBoard Version 1.0
Platform Role Desktop
Secure Boot State Off
PCR7 Configuration Binding Not Possible
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume3
Locale United States
Hardware Abstraction Layer Version = "10.0.19041.1151"
User Name AzureAD\MattYoungstrom
Time Zone Central Daylight Time
Installed Physical Memory (RAM) 64.0 GB
Total Physical Memory 63.9 GB
Available Physical Memory 48.4 GB
Total Virtual Memory 86.9 GB
Available Virtual Memory 68.6 GB
Page File Space 23.0 GB
Page File C:\pagefile.sys
Kernel DMA Protection Off
Virtualization-based security Not enabled
Device Encryption Support Reasons for failed automatic device encryption: TPM is not usable, PCR7 binding is not supported, Hardware Security Test Interface failed and device is not Modern Standby, Un-allowed DMA capable bus/device(s) detected, TPM is not usable
Hyper-V - VM Monitor Mode Extensions Yes
Hyper-V - Second Level Address Translation Extensions Yes
Hyper-V - Virtualization Enabled in Firmware Yes
Hyper-V - Data Execution Protection Yes
What I'm looking for?

Looking for maximum feedback.

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,448
Config for custom build PC.
Basic but nice config. Still there are some things worth considering:

1. Set UAC to "Always notify"
2. Use an encrypted DNS provider like NextDNS or Quad9 which can also block malicious websites, trackers and ads (Many more options out there)
3. Use second opinion scanners than can detect potential threats that your antivirus could have missed. I personally recommend HitmanPro, Norton Power Eraser, AdwCleaner (for adware) and Kaspersky Virus Removal Tool.

Also, are you using any extensions in either Chrome or Edge?
 

spguru

New Member
Thread author
Mar 13, 2019
4
Basic but nice config. Still there are some things worth considering:

1. Set UAC to "Always notify"
2. Use an encrypted DNS provider like NextDNS or Quad9 which can also block malicious websites, trackers and ads (Many more options out there)
3. Use second opinion scanners than can detect potential threats that your antivirus could have missed. I personally recommend HitmanPro, Norton Power Eraser, AdwCleaner (for adware) and Kaspersky Virus Removal Tool.

Also, are you using any extensions in either Chrome or Edge?
Extensions for Edge:
Amazon Assistant
Dark Reader
Emsisoft Browser Security
Enhancer for YouTube
HTTPS Everywhere
Honey
JSON-Handle
Microsoft Editor: Spelling & Grammar Checker
Microsoft Power Automate
Microsoft Shopping Assistant
Office
OneNote Web Clipper
Roboform Password Manager

Extensions for Chrome:
Adobe Acrobat
Application Launcher for Drive
AwardWallet
Boomerang - SOAP & REST Client
Checker Plus for Gmail
Earny
Emsisoft Browser Security
Guru
Honey
Microsoft Power Automate
Roboform Password Manager
Safari Books Download
Scener
 

spguru

New Member
Thread author
Mar 13, 2019
4
Basic but nice config. Still there are some things worth considering:

1. Set UAC to "Always notify"
2. Use an encrypted DNS provider like NextDNS or Quad9 which can also block malicious websites, trackers and ads (Many more options out there)
3. Use second opinion scanners than can detect potential threats that your antivirus could have missed. I personally recommend HitmanPro, Norton Power Eraser, AdwCleaner (for adware) and Kaspersky Virus Removal Tool.

Also, are you using any extensions in either Chrome or Edge
3. Use second opinion scanners than can detect potential threats that your antivirus could have missed. I personally recommend HitmanPro, Norton Power Eraser, AdwCleaner (for adware) and Kaspersky Virus Removal Tool.

Do I need to have all of these and purchase them as well? Are there any concerns with contention with my Emsisoft instance running?
 
  • Like
Reactions: Kongo

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,448
3. Use second opinion scanners than can detect potential threats that your antivirus could have missed. I personally recommend HitmanPro, Norton Power Eraser, AdwCleaner (for adware) and Kaspersky Virus Removal Tool.

Do I need to have all of these and purchase them as well? Are there any concerns with contention with my Emsisoft instance running?
You don't have to use all of them. I personally think that HitmanPro + AdwCleaner would be a nice choice. HitmanPro is a paid product but can be used for free too. The scanning for malware itself is free, just the removal would cost money. If you know what you're doing you can just navigate to the folder where the malware was found and delete it manually in case malware was found on your system. AdwCleaner is a free tool and is great to remove adware and PUA's (potential unwanted applications)

And no, they wouldn't conflict with your antivirus as they are not scanning your system in real-time. You can manually scan your system once a week with those scanners to make sure that it's clean. :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top