Latest changes
Jul 28, 2020
Daily driver
My Primary device
Operating system
Windows 10 Home
OS version
19041.388
System type
64-bit operating system; x64-based processor
Security updates
Automatically allow security updates only
Windows UAC
Always notify
Firewall protection
Custom - Provided by a third-party security vendor
Account privileges
Administrator account
Account type
Sign in with local account
Account log-in
  • Windows Hello PIN
  • Account Password
  • Exposure to malware
    No malware samples are downloaded
    Real-time Malware protection
    • ESET Smart Security Premium , Version 13.2.15.0,.
    • Malwarebytes Premium, Version 4.1.0 .
    • VoodooShield Pro has "Overwatch."
    • UnChecky to prevent unwanted install boxes being checked.
    • Panda USB Vaccine.
    RTP configuration
    • ESET Smart Security Premium , Version 13.2.15.0, with minor tweaks to HIPS and, a few other minor items changed. (e.g. Cam & Mic blocked.)
    • Tweaks to Win Security(Standard.)
    Periodic scanners
    • HitmanPtro 3.8 - Commercial.

    These are used to maintain my system and other people's systems, as required:

    • Farbar's Recovery Scan Tool(x64 + x32.) - Updated as required, generally 3-5 days or when run.
    • Windows Defender Offline.
    • RKill.
    • Security Check.
    • Farbar Service Scanner.
    • MiniToolBox.
    • AdwCleaner
    • ESET SysRescue.
    • ESET Online Scanner.
    • Malwarebytes Anti-Rootkit.
    • AswMBR - Anti-Rootkit/Virus.
    • GMER - Anti-Rootkit.
    • Sophos Virus Removal Tool. - Still updated when last used.
    • Kaspersky TDSSKiller.
    • Emsisoft Emergency Kit - Installer.
    • Kaspersky Virus Removal Tool(s.)
    • Avira System Rescue ISO.
    • Kaspersky Rescue Disk ISO.
    • Bitdefender Rescue ISO.
    • Dr Web Rescue ISO.
    • SuperAntiSpyware Pro.
    • Panda USB Vaccine.
    • RemVBSWorm.
    • Rogue Killer Portable.
    • VirusTotal Uploader.
    • GlassWire
    • SysInternals Suite.
    • Probably more.
    Browser and Add-ons
    • Running with Edge at present.

    Extensions:

    • LastPass.
    • Malwarebytes Browser Protection.
    • Adblock Plus.
    Privacy tools and VPN
    • NordVPN
    Password manager
    LastPass.
    ESET.
    Search engine
    Anything from Google to The WayBack Machine, depending on needs.
    Maintenance tools
    • Mainly custom batch files to perform system checks, cleanup and, integrity.
    Photos and Files backup
    Files are backed up to secured, external HDDs as System Images and Backups. (Acronis and Windows 7 Backup/Restore capability in Windows 10. )

    File History to the "Cloud."

    Currently, adding RollbackRx Pro.
    File Backup schedule
    Once or multiple times per week
    Backup and Restore
    • Windows 7 Backup/Restore capability in Windows 10.
    • Acronis True Image.
    • Rollback Rx Pro.
    Backup schedule
    Once or more per week
    Computer Activity
  • Browsing the web and checking emails
  • Regularly installing new software every week
  • Downloading files from different websites
  • Office and other work-related software (Work from Home)
  • Recording and editing video or photos
  • Learning computer languages or creating apps
  • Computer Specifications
    • MSI PE60-6QE - Upgraded.
    • Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz - Patched.
    • NVIDIA GeForce GTX 960M.
    • 2 banks of 8GB=16GB Samsung DDR4 RAM @ 2133 MHz.
    • Samsung SSD 960 EVO 250GB.
    • WDC WD10JPVX-22JC3T0 HDD 931.5GB(~1TB.)
    • Enhanced Cooling.
    Your changelog
    • February - Ceased Malware Testing on this machine for now.
    • February 2020 - Changed from rotating ESET and Kaspersky. Now Running with ESET, solo.
    • March 2020 - Removed Steven Black's Unified Hosts as it is too slow with desired function level.
    • July 2020 - Adding Rollback Rx Pro.
    • 28th July 2020 - Zemana relegated to tools only.
    Staff notes

    This setup configuration may put your device at risk .
    We don't recommend that other members use this security setup. We cannot be held responsible for problems that may occur to your device by using this security setup.

    This setup may cause performance issues, system instability or conflicts between programs, and can hinder the effectiveness of all installed antivirus products.

    TRS-80

    Level 1
    Hi Everyone,

    This is my Overkill Security Config for 2020.

    Please, don't be concerned about multiple "gatekeeper" software running concurrently. I only have one active at a time in addition to my AV main, except for testing purposes.

    Malwarebytes combined with ESET seems to improve detections. Potential threats are frequently detected by ESET whilst Malwarebytes is scanning(accessing files.) These files were missed by each scanner when scanning without the aforementioned setup.

    There are quite a few tools listed. These are NOT generally used on my own machine. They are present for use as required. This machine is multi purpose, as personal and some work plus, voluntary work.

    I am aware that running from a Standard Account is preferable to Administrator. In my circumstances, this is not workable.

    Changes from last year have been fairly minor.

    All constructive criticism graciously accepted.


    Cheers!


    @TRS-80
     
    Last edited:

    rockstarrocks

    Level 21
    Verified
    The title seems accurate, pretty overkill imo.
    "Potential threats are frequently detected by ESET whilst Malwarebytes is scanning(accessing files)" This means your browsing/downloading habits are very risky.
    Do you do malware testing?
    The list of second opinion scanner is too long, just pick 3 decent scanners at most. More is not always good, more scanner will also mean more FPs.
    Thanks for sharing your config :)
     

    TRS-80

    Level 1
    G'day @rockstarrocks

    Thank you, for your feedback. Much appreciated!

    Yes, the title is accurate, as you said.;)

    Perhaps, I should have been clearer when explaining about the detections by ESET when actively scanning with Malwarebytes. I should have said that this occurred on several occasions, after both pieces of software had previously failed to detect very old files I had stored and forgotten about. They were actually on an external drive I had scanned with both ESET and MWB, separately. The files involved were supplied by an educational institution as part of a course. They were not malware samples, nor, did they have anything to do with I.T. They were definitely not False Positives, however, they had failed to deploy(on this system, at least. I would rather a few FPs than having to clean up, anyhow.

    I do not download files in a "risky" manner. I have no want to invite trouble. Even when files come from a solid, proven site, I generally check links on V.T. prior to downloading. All downloaded files are immediately scanned, irrespective of the site involved. Please, do not draw inaccurate inferences regarding browsing or downloading habits. I do not have the time to waste wandering around the Web, browsing for amusement. The majority of my online time is spent on scientific research of a variety of types. The balance is spent here.

    The list of "second opinion scanners" is: HitmanPro. As stated, the remaining "tools" are used purely for maintenance of my system(s) and, the repair or troubleshooting of other computers. I probably should not have bothered including them. I only did include them as, previously, some member(s) mentioned that it was a good list for new users to be aware of. That was a straight(ish) copy/paste from last year's Security Config(the files are still present and many have been used, regularly. ) The majority of the tools are not installed, they are mainly Portable. Most serve different purposes. Some are diagnostic, some are removal tools. Few are what I would call "simple second opinion scanners." Its more of a case of comparisons, analysis and, having the correct tools for common jobs. Many of them also require frequent updating. Accordingly, I keep them handy for reference, too.

    I ceased malware testing earlier this year, mainly due to time constraints. One of the causes of these original time constraints was cleaning up following a total network compromise. That job alone involved a sophisticated breach across multiple devices. We managed to recover many tens of thousands of dollars, after the fact, on behalf of the victim; an elderly home user. This was a voluntary job. Multiple, listed tools were used for part of the initial investigations.

    The main reason for the Overkill Setup is due to having been targeted, numerous times, by well known Threat Actors. Since adopting a more paranoid approach I have had no further, major problems. I have had no active, uncontrolled malware infection since changing my posture.

    I have edited my original(2020) configuration to reflect the 'relegation' of Zemana to tool status.

    🚨Certainly, I do not believe anyone should and, I DO NOT advise anyone to copy my setup. What works for me may not work for others.🚨

    Thank you, for taking the time to read my Configuration and, taking the time to respond. I appreciate your concerns.

    I will always listen to other people's points of view. Its a good way to expand my knowledge and understanding.

    Cheers,


    @TRS-80 (y)
     

    Gandalf_The_Grey

    Level 32
    Verified
    If you need both ESET Smart Security and Malwarebytes Premium helped with Malwarebytes Browser Protection wouldn't it be better and lighter to the system to use Kaspersky internet Security together with its extension?

    For an increase in browser speed and more configuration options you could try uBlock Origin and Bitwarden.
    ublock Origin could be used as default but has a lot of other options and modes: gorhill/uBlock
    Bitwarden has just published its second audit results and is lighter than LastPass.
     

    Vitali Ortzi

    Level 19
    Verified
    Targeted ?
    Get a WPA 3 router
    Try a good IDS with good reporting like Zeek and an IPS like snort/Suricata and a layer 7 firewall in default deny config with good hardening.
    ditch windows use a hardened Linux distro / kernel .
    verify firmware hash.
    get a pixel with graphene OS use only apps from f droid .
    and check certificates and hash before download the image.

    Use TOR as a network wide proxy so all devices would have to use it for internet traffic .
    Dump any old and unverified/ unverifiable network devices .
    change every port to a random / non popular one and stealth it while disallowing port scanning.

    Make WiFi and local access. Network isolated from each other .
     

    TRS-80

    Level 1
    @Gandalf_The_Grey @Dave Russo @Vitali Ortzi @JoyousBudweiser

    G'day to everyone who has responded to this thread.

    My apologies for the delay in responding. I have been in hospital, plus, not receiving notifications.

    Thank you all for your input. It is gratefully accepted and appreciated. Now that I am aware it is here, I will think over the various suggestions. This will take some time and testing.

    The MWB browser extension was used only due to other extensions auto-uninstalling. It is a temporary measure only at this point.

    I have retained ESET rather than Kaspersky solely due to having considerable time remaining on the ESET licence. Kaspersky licence had expired. I will re-evaluate the situation again in the future. I do find ESET lighter on resources yet, good on defence, reporting and cooperating with other software.

    The cooling was installed prior to purchase. It is (very simply) additional ducted copper mass to aid in heat dissipation via several multi-speed fans. Exhaust remains via twin ports at the rear. The trade off is weight and fan noise. When all fans are operating the machine sounds like a Vulcan Bomber on take-off roll. The laptop is not easily lifted with one hand.

    As far as I am aware, WPA 3 Routers have some compatibility issues with our telephone(NBN) system here. Hopefully, with relocation due in April next year this may be able to be resolved and implemented. I have to plead guilty to being a little light on my research in this area.

    Since being heavily targeted following an act of idiocy by a family member, all electronic equipment has been replaced. This extends from the Gateway right through all devices capable of network connection. Admittedly, this occurred quite some time ago.

    Thank you all for taking the time to respond with valid and useful information.

    At present, I am rather time poor. I will respond to any further entries as I am able.

    Cheers,


    @TRS-80
     

    Vitali Ortzi

    Level 19
    Verified
    @Gandalf_The_Grey @Dave Russo @Vitali Ortzi @JoyousBudweiser

    G'day to everyone who has responded to this thread.

    My apologies for the delay in responding. I have been in hospital, plus, not receiving notifications.

    Thank you all for your input. It is gratefully accepted and appreciated. Now that I am aware it is here, I will think over the various suggestions. This will take some time and testing.

    The MWB browser extension was used only due to other extensions auto-uninstalling. It is a temporary measure only at this point.

    I have retained ESET rather than Kaspersky solely due to having considerable time remaining on the ESET licence. Kaspersky licence had expired. I will re-evaluate the situation again in the future. I do find ESET lighter on resources yet, good on defence, reporting and cooperating with other software.

    The cooling was installed prior to purchase. It is (very simply) additional ducted copper mass to aid in heat dissipation via several multi-speed fans. Exhaust remains via twin ports at the rear. The trade off is weight and fan noise. When all fans are operating the machine sounds like a Vulcan Bomber on take-off roll. The laptop is not easily lifted with one hand.

    As far as I am aware, WPA 3 Routers have some compatibility issues with our telephone(NBN) system here. Hopefully, with relocation due in April next year this may be able to be resolved and implemented. I have to plead guilty to being a little light on my research in this area.

    Since being heavily targeted following an act of idiocy by a family member, all electronic equipment has been replaced. This extends from the Gateway right through all devices capable of network connection. Admittedly, this occurred quite some time ago.

    Thank you all for taking the time to respond with valid and useful information.

    At present, I am rather time poor. I will respond to any further entries as I am able.

    Cheers,


    @TRS-80
    Yes ESET is lighter then Kaspersky but Kaspersky is stronger by default.

    Anyway good to hear you are well 😊👍
     

    Dave Russo

    Level 13
    Verified
    @Gandalf_The_Grey @Dave Russo @Vitali Ortzi @JoyousBudweiser

    G'day to everyone who has responded to this thread.

    My apologies for the delay in responding. I have been in hospital, plus, not receiving notifications.

    Thank you all for your input. It is gratefully accepted and appreciated. Now that I am aware it is here, I will think over the various suggestions. This will take some time and testing.

    The MWB browser extension was used only due to other extensions auto-uninstalling. It is a temporary measure only at this point.

    I have retained ESET rather than Kaspersky solely due to having considerable time remaining on the ESET licence. Kaspersky licence had expired. I will re-evaluate the situation again in the future. I do find ESET lighter on resources yet, good on defence, reporting and cooperating with other software.

    The cooling was installed prior to purchase. It is (very simply) additional ducted copper mass to aid in heat dissipation via several multi-speed fans. Exhaust remains via twin ports at the rear. The trade off is weight and fan noise. When all fans are operating the machine sounds like a Vulcan Bomber on take-off roll. The laptop is not easily lifted with one hand.

    As far as I am aware, WPA 3 Routers have some compatibility issues with our telephone(NBN) system here. Hopefully, with relocation due in April next year this may be able to be resolved and implemented. I have to plead guilty to being a little light on my research in this area.

    Since being heavily targeted following an act of idiocy by a family member, all electronic equipment has been replaced. This extends from the Gateway right through all devices capable of network connection. Admittedly, this occurred quite some time ago.

    Thank you all for taking the time to respond with valid and useful information.

    At present, I am rather time poor. I will respond to any further entries as I am able.

    Cheers,


    @TRS-80
    Hope you are well,may the Lord bless you
     
    Top