Advanced Plus Security Tiamati's Security Config 2019

Last updated
Oct 6, 2019
Windows Edition
Pro
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Bitdefender Total Security
VoodooShield Premium
Firewall security
Periodic malware scanners
  1. Zemana
  2. ESET free on-line scanner
  3. Emisoft Emergency Kit Scanner
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
  1. Brave (main browser):
    1. LasPass
    2. HTTPS everywhere
    3. Decentraleyes
    4. Windscribe VPN
  2. Firefox
    1. LastPass (free)
    2. HTTPS everywhere
    3. Ublock Origin
    4. Decentraleyes
  3. Chrome:
    1. LastPass (free)
    2. HTTPS everywhere
    3. Windscribe VPN extension
    4. ZenMate VPN extension
    5. Ublock Origin
Maintenance tools
Wise Care 365 (optimized on, auto clean)
File and Photo backup
Backup and Sync (Google)
System recovery
I'm looking for EaseUS todo backup
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
Computer specs
AMD Ryzen 5 1400@3.7Ghz
NVIDIA GeForce GTX 1060 3GB
GIGABYTE AB350M-DS2
1x8Gb DDR4 2400 Kingston
Samsung SSD 850 EVO 250GB
WDC WD500gb
WDC WD250gb
Seagate ST1000 external drive

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
Hello guys! I've made this account for a while now, and i'm trying to improve my knowledge about home PC security. I didn't know exactly how start, so i checked some posts mentioning some main configs (like Cruel Comodo?), but most part of the time i was lost cause i didn't know what they were. I made some research and realized that configs (like Cruel Comodo) was system configs from here, so i decided that here would be a nice point of start. I'll try to post what i know of my config and some doubts I have about it.

Basically,
1) Is Bitdefender still great? I've always loved it. I've been using it for the last 9 years without any problem. I noticed that bitfender is always put side by side with KIS on most tests, but here, most guys usually prefer KIS (what i can understand) or others AVs too like Eset, Emisoft, etc (AVs that i usually consider a "second line" of the best AVs, but it seems i'm wrong)

2) I started to use Voodoh because of a giveaway an year ago. I liked at the beginning, but later i was annoyed with the pop-ups everytime i installed something, or sometimes when i was running some softwares... Besides that, i didn't fully understand most part of options, and basically never saw it block anything else than my stuff. Recently, i decided to use it again, but idk if i'm doing it right or if i could use another (free) program.

3) I noticed a few post about H_C but i was in doubt if i really should use it, and if it could make my OS more annoying (like blocking something it shouldnt, or showing pop-ups more that it already does).

4) Should i use a AV chrome extension (like malwarebytes chrome extesion) if i already have another AV suite installed?

5) I'm not sure what device security topic is (smart screen on windows 10) cause i never really configured it... Idk if it's right.

6) I understand that VPN can encrypt the connection, but is there a point in using it ON all the time (and loose internet speed and expose your information to a VPN provider) if most of delicated info (like social network, e-mail, comunities) are already under HTTPS protocol?

7) A few more things, but it think that is more than enough for now.

PS: i'm not a native english speaker... if i was not clear in anything, let me know so i can explain it better.
 

notabot

Level 15
Verified
Oct 31, 2018
703
1) my view is any AV that's transparent enough to participate in tests and does well in tests is fine. Windows Defender is also very good.

3) H_C is great for desktop use, it can become cumbersome if you use your laptop for dev and have several runtimes and tools that in turn use stuff H_C blocks but even for dev Andy's other tool ConfigureDefender is super useful.

4) smart screen is a file reputation system, not related to device security, it's related to download security, ie if you download a file via Chrome it automatically gets the mark of the web and if you try to launch it, smartscreen will check its reputation.

4) Chrome has a. Safebrowsing b. ESET to check downloads. There's also the free microsoft "Windows Defender Browser Protection", above that it would be an overkill. Especially given that on top of that there's the OS' Smartscreen and WD's BAFS and WD's network protection ( which can be activated by H_C )

6) Unless you fear you are targeted, use VPN for what you don't want your internet provider to know you're viewing (and possibly sell to 3rd parties), e.g. healthcare related searches. https hides the full URL and encrypts the content but the domain name is still communicated unencrypted, so your internet provider can see it. Thus while your provider may not know which Mayo clinic page exactly you're looking at, they know you're looking up healthcare info as they know you're looking at Mayo clinic ( and maybe you want to rule out this info being sold to your insure or mortgage provider ). On top of https revealing the domain, your provider sets your DNS provider usually to be a provider-owner DNS server, so this info also leaks from there, VPNs eliminate the https domain name leak to your provider, most VPNs also eliminate the DNS one as well. Of course you need to trust that your VPN won't sell that data, otherwise you're just swapping one data broker for another.
 
Last edited by a moderator:

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
@Tiamati:
  • I find a bit overkill to use BitDefender IS + VooDooShield Premium at the same time... :unsure: :unsure: instead of run 2 resident applications I would apply default system mitigations via NVT SysHardener, or some via Hard Configurator.
  • As for "Disk Imaging Backup", You may add Macrium Reflect Free or AOEMI Backupper, both are free and reliably.
  • Info about W10 SmartScreen: What is SmartScreen and why is it running on my PC?
  • Info about Hard Configurator: Hard_Configurator — FAQ
Please kindly reflect Your changes editing Your config, and announcing them here, thanks for sharing :giggle:
 

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
Tyvm @notabot . Your explanations were very useful! I just didn't understand exactly the point 3).

"even for dev Andy's other tool ConfigureDefender is super useful."

What that would be?

@harlan4096

I find a bit overkill to use BitDefender IS + VooDooShield Premium at the same time... :unsure: :unsure: instead of run 2 resident applications I would apply default system mitigations via NVT SysHardener, or some via Hard Configurator.

As far as i know Bitdefender IS does not cover the type of protection Voodooshield cover, does it? If i had to choose between Syshardner and H_C, which one would be less intrusive in normal windows operation and which one is safer? If i use one of them, Voodooshield would be unnecessary?

BTW, those rules from Syshardner apllied to firewall, would be automatically applied to Bitdefender firewall too?

As for "Disk Imaging Backup", You may add Macrium Reflect Free or AOEMI Backupper, both are free and reliably.

The reason i'm not running a backup for now is because i don't have enough space to backup my main files (images+docs for example). If u have any ideas to bypass that problem (besides buying an new hd)...


Ty, i'll check it!
 

notabot

Level 15
Verified
Oct 31, 2018
703
Tyvm @notabot . Your explanations were very useful! I just didn't understand exactly the point 3).



What that would be?

@harlan4096



As far as i know Bitdefender IS does not cover the type of protection Voodooshield cover, does it? If i had to choose between Syshardner and H_C, which one would be less intrusive in normal windows operation and which one is safer? If i use one of them, Voodooshield would be unnecessary?

BTW, those rules from Syshardner apllied to firewall, would be automatically applied to Bitdefender firewall too?



The reason i'm not running a backup for now is because i don't have enough space to backup my main files (images+docs for example). If u have any ideas to bypass that problem (besides buying an new hd)...



Ty, i'll check it!

@Andy Ful , who is the author, is the most qualifier to answer this, but in any case you can download it from AndyFul/ConfigureDefender
 

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
  • Like
Reactions: [correlate]

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Basically,
1) Is Bitdefender still great? I've always loved it. I've been using it for the last 9 years without any problem. I noticed that bitfender is always put side by side with KIS on most tests, but here, most guys usually prefer KIS (what i can understand) or others AVs too like Eset, Emisoft, etc (AVs that i usually consider a "second line" of the best AVs, but it seems i'm wrong)

2) I started to use Voodoh because of a giveaway an year ago. I liked at the beginning, but later i was annoyed with the pop-ups everytime i installed something, or sometimes when i was running some softwares... Besides that, i didn't fully understand most part of options, and basically never saw it block anything else than my stuff. Recently, i decided to use it again, but idk if i'm doing it right or if i could use another (free) program.

4) Should i use a AV chrome extension (like malwarebytes chrome extesion) if i already have another AV suite installed?

Bitdefender has been one of the Top 3 AVs in professional testing for over a decade. But... it's had a few slips lately. And it is not doing well in Malware Hub. I think it's still great, you may just want to keep an eye on it.

I came to the same conclusion as you with VooDoo. I think it's excellent, and it's popular around MT with some smart people, but I finally had enough of it.

Malwarebytes Browser Guard (MBG) is a good extension and can assist in ways that your AV cannot. MBG works within the browser for many of its functions, particularly those which depend on analyzing website behavior for heuristically/behaviorally blocking things like persistent ad popups, and several other categories of threats/undesirable websites. Website behavior cannot be analyzed outside the browser.
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
I liked at the beginning, but later i was annoyed with the pop-ups everytime i installed something, or sometimes when i was running some softwares... Besides that, i didn't fully understand most part of options, and basically never saw it block anything else than my stuff.

There is a Disable/Install mode but it requires one to remember to use it prior to installs. Familiarity with all the settings is important with VS or any software and usually requires some time to get acquainted and use it comfortably. I rarely get alerts but I live under a rock. @Burrito :D

ConfigureDefender would work even using bitdefender as main AV (realtime protection)?

No, it's a GUI for Windows Defender and requires it to be enable. But really you don't need VS with BD. Just add a bit of hardening as @harlan4096 advises and call it a day. My motto: Stay safe, not paranoid! (y):D
 

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
which one would be less intrusive in normal windows operation and which one is safer? If i use one of them, Voodooshield would be unnecessary?

The reason i'm not running a backup for now is because i don't have enough space to backup my main files (images+docs for example). If u have any ideas to bypass that problem (besides buying an new hd)...
My humble opinion would be SysHardener would be less intrusive than VS, since You'll have only 1 resident protection and system mitigations from SH...

About System BackUp, of course my suggestions needs an external drive for sure...
 

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
Bitdefender has been one of the Top 3 AVs in professional testing for over a decade. But... it's had a few slips lately. And it is not doing well in Malware Hub. I think it's still great, you may just want to keep an eye on it.

I came to the same conclusion as you with VooDoo. I think it's excellent, and it's popular around MT with some smart people, but I finally had enough of it.

Malwarebytes Browser Guard (MBG) is a good extension and can assist in ways that your AV cannot. MBG works within the browser for many of its functions, particularly those which depend on analyzing website behavior for heuristically/behaviorally blocking things like persistent ad popups, and several other categories of threats/undesirable websites. Website behavior cannot be analyzed outside the browser.

Ty @Burrito! I checked malware hub before, and that was precisely the reason i questioned Bitdefender (besides i realized it was consuming much more RAM than others AVs). Talking about that, I recently had to work on an old notebook with 4gb RAM and decided to uninstall bitdefender free edition and get the Kaspersky cloud system free. While bitdefender was eating almost 200 Mb of RAM, Kaspesky got less than 60 Mb... Anyway, ty for all your help.

There is a Disable/Install mode but it requires one to remember to use it prior to installs. Familiarity with all the settings is important with VS or any software and usually requires some time to get acquainted and use it comfortably. I rarely get alerts but I live under a rock. @Burrito :D
I've been tring to do this, but i always forget :emoji_cold_sweat:

No, it's a GUI for Windows Defender and requires it to be enable. But really you don't need VS with BD. Just add a bit of hardening as @harlan4096 advises and call it a day. My motto: Stay safe, not paranoid!

Ty @oldschool . I've already saw another posts from you at the forum and always noticed you defend this idea. I have to agree with you. Sometimes people (including me) get systems so overprotected, that the OS itself sucks, blocking everything, getting intrusive popups, etc.

My humble opinion would be SysHardener would be less intrusive than VS, since You'll have only 1 resident protection and system mitigations from SH...
Ty, i'll check it so
About System BackUp, of course my suggestions needs an external drive for sure...
That is what i thought :p. I've already considered backing up only the OS, but i dont see why doing this if it would be almost the same as installing a fresh windows - in case i needed it.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Please use a form of system backup; Ease ToDo, Aomei or Macrium Reflect will help you a lot. Plus second this by using a cloud option such as Dropbox or Onedrive for your important files you want backed up twice.

Overall an ok setup, thank you very much.

~LDogg
 

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
Please use a form of system backup; Ease ToDo, Aomei or Macrium Reflect will help you a lot. Plus second this by using a cloud option such as Dropbox or Onedrive for your important files you want backed up twice.

Overall an ok setup, thank you very much.

~LDogg
Ty @LDogg, but let me ask you one thing. If i enable system backup from AOMEI and for some reason i lost all my files (except my system backup), what would be the difference in installing all my apps and windows again from a fresh windows install or using the system backup recovery? As far as i know - but i may be wrong - system backup only backups the windows main files, right?
Anotação 2019-09-29 182947.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top