Advanced Plus Security Vasudev's Security Config for 2k19

Last updated
Dec 14, 2019
Windows Edition
Home
Log-in security
Security updates
Block all updates
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Windows Defender, BD Traffic Light and Configure Defender
Firewall security
Microsoft Defender Firewall
About custom security
Whitelisted VMware vhd file folder.
Block at first sight and couple of others using Configuredefender.
Periodic malware scanners
KRD, Dr. web LiveCD,ESET LiveCD,EEK,HMP
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
uBO, Cookie Autodelete,BD Traffic Light, SC Currency converter, Google translate for FF,Default bookmark folder,HTTPS everywhere,Uget, User agent switcher, Auto tab discard, Google shortcuts and Side View.
Maintenance tools
CCleaner, Dism++, Bleachbit,Windows Disk Cleanup,Wise disk cleaner,System Ninja, 0Patch
File and Photo backup
On-site storage on external drives.
System recovery
MR Free and Lazesoft recovery PE
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Alienware 15 R2 w/ 6700HQ,980M 8GB GDDR5,16GB DDR4 RAM, 1xNVMe SSD,1xSATA SSD,AW Mouse,AW AGA,X Stand and 1TB HGST HDD 7.2k rpm.
Lenovo G500 with Pentium 2020M PCLGA w/ 6GB RAM and intel hd 2500 graphics.
Notes by Staff Team
  1. This setup configuration may put you and your device at risk!
    We do not recommend that other members use this setup. We cannot be held responsible for problems that may occur to your device by using this security setup.

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,224
Please consider to enable OS Security Updates, thanks for sharing :giggle:
I do only offline updating once Windows Insiders or Guinea Pigs have given green flag for update. MSFT floods my PC w/ useless driver updates and I use wub to prevent that.
I update all OS offline incl. Linux.
@Jack Can you add an option for Offline updates w/ win updates disabled?
 

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
To be honest, this config is way too cluttered. I would say start from scratch (keeping only the bare essentials like Smartscreen, Firewall, Windows Defender, uBlock Origin, QuadDNS, Macrium Reflect) and then try to add only what you think is a priority to you.
And please, enable the updates - if you are scared that the new versions might break things, choose the deferred distributions.
 

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,224
To be honest, this config is way too cluttered. I would say start from scratch (keeping only the bare essentials like Smartscreen, Firewall, Windows Defender, uBlock Origin, QuadDNS, Macrium Reflect) and then try to add only what you think is a priority to you.
And please, enable the updates - if you are scared that the new versions might break things, choose the deferred distributions.
DNS is configured at router side and on my PCs Smartscreen,uBO and WD is only things running aside from few applications.
MR PE is on my USB drive and so are my LiveCDs ISO.
I'm not scared of updates but I defer it and sometimes skip some patches and sometimes apply some out of band updates like the IE11 bug and had to update on Day 1. 99% of the time windows update is disabled since I keep track of them manually including latest driver updates through windows update catalog or WSUS. Same rule applies to my other PCs with W10 Pro. I simply distrust MSFT after v1809 fiasco and that's the reason I'm refusing to update to v1809 and beyond and sticking with v1803 until its EOL period.
 

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
I simply distrust MSFT after v1809 fiasco and that's the reason I'm refusing to update to v1809 and beyond and sticking with v1803 until its EOL period.
You'll be missing huge Windows 10 features which will not only improve the functionality of the system but also its security mechanisms.
 

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,224
You'll be missing huge Windows 10 features which will not only improve the functionality of the system but also its security mechanisms.
Not really, MSFT silently backports everything. Those new features in W10 are temporarily waiting to be removed in subsequent release w/o notice.
Then again, if there's a new version coming up this Spring I might try it in a VM. For now, v1709 is the base minimum for any application to target including driver, so for few years I'm good.
Did the same thing when v1709 was released and I was still on v1703 until v1803 was in Insiders release.
 
  • Like
Reactions: stefanos

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
Then again, if there's a new version coming up this Spring I might try it in a VM. For now, v1709 is the base minimum for any application to target including driver, so for few years I'm good.
You are, but that's not my point. You'll be missing Sets (which improve productivity), WD tamper protection, etc
It's too much of a compromise in my opinion. You're the one deliberately wanting to be on a outdated version just because one build had problems for some users.
 
  • Like
Reactions: Vasudev

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,224
You are, but that's not my point. You'll be missing Sets (which improve productivity), WD tamper protection, etc
It's too much of a compromise in my opinion. You're the one deliberately wanting to be on a outdated version just because one build had problems for some users.
If you check Program Data\Microsoft\Win defender\Platform you will see that WD is updated to latest consumer build using windows update to give same level of protection no matter what! Just use Configure Defender and see how strong the AV is.
Sets was the most interesting but not its worth the time and privacy because other users can get all your activity by pressing Win+Tab or Swipe up gesture.
 

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,224
Removed:
Kaspersky Free 2019
Kaspersky Secure connection.

Added:
WD v1812.5 and configure defender.
Updated most drivers to UWD/UWP drivers except Intel and nvidia drivers.

Detailed Specs of my systems and added External HDD for on-site backup as Data Backup option.
 
  • Like
Reactions: harlan4096

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,224
If you do offline updates then you are good to go.

Thanks for sharing.
That's the way it has been since I joined MT. I have limited bandwidth internet and daily limit is 1.5GB.
I might delay updating windows if there are problems but if there's none I'm always on latest update.
Added:
0Patch


Will be modding my BIOS w/ new RAID,GOP,microcode and unlocked menus on most PCs since they're EOL.
 

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
Removed:
Kaspersky Free 2019
Kaspersky Secure connection.

Added:
WD v1812.5 and configure defender.
Updated most drivers to UWD/UWP drivers except Intel and nvidia drivers.

Detailed Specs of my systems and added External HDD for on-site backup as Data Backup option.
Why did you remove Kaspersky? It's way better than WD.
 
  • Like
Reactions: Nevi and Vasudev

Vasudev

Level 33
Thread author
Verified
Nov 8, 2014
2,224
Sorry I didn't notice you were using a laptop. Yes Kaspersky is terrible for laptops when running on battery. But I've never had any false positives with Kaspersky till date.
On AC power, Kaspersky is even faster than ESET and very light. Rarely affected benchmark scores.
Any download from Mega is blocked and even modded drivers are blocked. I couldn't figure out why they were corrupt.
 
Last edited:
  • Like
Reactions: Wraith

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
That's the way it has been since I joined MT. I have limited bandwidth internet and daily limit is 1.5GB.
I might delay updating windows if there are problems but if there's none I'm always on latest update.
Added:
0Patch


Will be modding my BIOS w/ new RAID,GOP,microcode and unlocked menus on most PCs since they're EOL.
That's ok.
 
  • Like
Reactions: Vasudev

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
On AC power, Kaspersky is even faster than ESET and very light. Rarely affected benchmark scores.
Any download from Mega is blocked and even modded drivers are blocked. I couldn't figure out why they were corrupt.
U mean Kaspersky was blocking the downloads from MEGA?
I use ESET IS and KIS on two different desktops but to me ESET seems to be a bit lighter than Kaspersky. I mean launching of apps feel snappier on the PC with ESET.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top