Advanced Plus Security Vasudev's Security Config for 2018

Last updated
Dec 25, 2018
Windows Edition
Home
Security updates
Check for updates and Notify
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
WD platform v1809.50
Firewall security
Periodic malware scanners
EEK,HMP. (Retiring MBAM and ZAM very soon)
Malware sample testing
Browser(s) and extensions
uBO, Cookie Autodelete,BD Traffic Light, SC Currency converter, S3.translator,Default bookmark folder,HTTPS everywhere,Uget, User agent switcher etc...
Maintenance tools
CCleaner, Dism++, Bleachbit,Windows Disk Cleanup,Wise disk cleaner,System Ninja
File and Photo backup
Macrium reflect PE
System recovery
Macrium reflect PE
Computer specs
https://malwaretips.com/threads/vasudevs-new-rig.64502/

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,251
Updated MEFW using some guides and remove the lock permanently. Dell delayed the update, so I took a long route to fix it.
Here's the guide if anyone's willing to try it. Be sure to check if your system supports the MEI FW update. I tested only on Skylake/Kabylake PCH-H series chips only.
New BIOS for 15R2/17R3 v1.4.4
Reverted back to older BIOS as per Intel's and Dell's guidance.
 

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
825
Updated to build 850 and finally moved to uGet as default download manager on Windows & Linux.
Added:
Dr. Web LiveCD
Changed title to reflect security settings for the year 2018.
@Jack Well, we might need to re-create security config for 2018 and above considering the fact 2017 had lot of exploits and vendors didn't provide fixes like BIOS updates, microcode patches. I think we must include an fields such as BIOS updated or not? MEI FW is updated and secured, Spectre/Meltdown patches etc..
Consider adding Avira / Kaspersky in place of Dr web as Live Cd..it is a bit high on Fp's ..
Use Norton Dns instead of Avira Browser Safety
(y) to go
 

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,251
Consider adding Avira / Kaspersky in place of Dr web as Live Cd..it is a bit high on Fp's ..
Use Norton Dns instead of Avira Browser Safety
(y) to go
Kaspersky doesn't work on Secure boot based system even with legacy mode turned ON, so it worked like ##### w/o detecting NVMe drive and other things because I ran it on cmd line since GUI was failing to run on EFI based systems. I have ESET, Dr. web and WD LiveCDs which worked like a charm on secure boot.
Dr. web acc. to me had worked great. In terms of scan time ESET was faster.
 

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,251
I use both of them
in his case of WD, he doesn't have a proper web filter beside google safebrowsing
more is better. I don't see any problem using both. Almost no speed difference
Oh I use Google DNS so Norton DNS isn't needed at all. BTW, Norton DNS was very slower than Google/OpenDNS.
 
  • Like
Reactions: Syafiq and DeepWeb

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
you can enable windows defender's web filter (google for the guide)
googleDNS doesn't provide any malware blocking ability

or you can try these following malware blocking DNSes, if Norton is slow for you, find an acceptable one. Obviously, they are slower than Google DNS. OpenDNS may give you the best speed compared to the others in this list but it's the poorest at malware blocking
  • OpenDNS Home- 208.67.222.222, 208.67.220.220
  • IBM Quad 9 - 9.9.9.9
  • SafeDNS - 195.46.39.39, 195.46.39.40
  • Adguard DNS - 176.103.130.130, 176.103.130.131
 
Last edited:

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,251
you can enable windows defender's web filter (google for the guide)
googleDNS doesn't provide any malware blocking ability

or you can try these following malware blocking DNSes, if Norton is slow for you, find an acceptable one. Obviously, they are slower than Google DNS. OpenDNS may give you the best speed compared to the others in this list but it's the poorest at malware blocking
  • OpenDNS Home- 208.67.222.222, 208.67.220.220
  • IBM Quad 9 - 9.9.9.9
  • SafeDNS - 195.46.39.39, 195.46.39.40
  • Adguard DNS - 176.103.130.130, 176.103.130.131
Thanks.
Did you know WD NIS update file has known Zero day protections and also some form of protection against unknown 0 day malware. You can find the log in this location C:\ProgramData\Microsoft\Windows Defender\Network Inspection System\Support
 
D

Deleted member 178

I believe you have it somewhere, but i don't remember the adress.
 

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,251
Refreshed FF profiles on all PCs and I was shocked to find the new lighter UI and immense speedup since I was using same profile from FF 48-->FF60.
 
  • Like
Reactions: harlan4096

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top