Gabbs' BatPenguin Security

Discussion in 'Security Configurator' started by Gabbs, Jul 27, 2017.

  1. Gabbs

    Gabbs Member

    OS: Windows 10 Home (x64)
    UAC: Do Not Dim Desktop
    File Reputation: SmartScreen set to alert (WD Security Center)
    Recent Malware Attacks: More than a year ago
    Testing Malware Samples: Inside a Virtual Machine

    Real-time Malware Protection:

    SYS 1:
    KIS 2018
    Heimdal Pro (traffic scanning + malware engine + auto-patching)
    VoodooShield Pro (always ON)
    Covert Pro (privacy protection - used occasionally)
    Kerish Doctor (System files protection + Task Scheduler / Services monitoring especially against Fileless attacks)
    SYS 2:
    Private Firewall (high IS + low NS + process monitor + system anomaly detection)
    Windows Defender (tweaked)
    VoodooShield free

    On-demand Scanners:

    SCANNERS: Metadefender client (multi-engine) / Norton PE / McAfee GetSusp / Glarysoft MH Pro / Dr.Web CureIt / ZAL / Malwarebytes Anti-Malware / Panda Cloud Cleaner / HitmanPro / ESET OnlineScanner / ESET HFSReader / RunPEDetector / Rkill / AdwCleaner / BC Junkware Removal / McAfee Stinger / SecureAnywhere System Analyser
    MONITORS/EXPLORERS: CrowdInspect / SanityCheck / KillSwitch / Process Hacker / System Explorer / FolderChangesView / RegShot / HiJackThis / ESET SysInspector

    Browsers & Extensions:

    Yandex (with DNSCrypt encryption):
    Evernote Web Clipper
    Preferred Search Engine: Google, DuckDuckGo
    Password Manager: Cerebral Cortex
    Content Blockers: uMatrix, Yandex built-in, Heimdal Secure DNS

    Frequently used System Utilities:

    PRIVACY & SECURITY: Shadow Defender / AxCrypt / Windscribe VPN / Hard Configurator / Win10 Security Plus / Pro File Security Tools / ChrisPC DNS Switcher / FortiClient (vulnerability scan -> selective Windows update) in place of PortUp updater
    OTHER UTILITIES: Kerish Doctor / ProcessLasso Pro / Revo Uninstaller Pro / MiniTools Partition wizard / MiniTools Power Data Recovery / EaseUS MobiSaver / Complete Internet Repair / Windows Repair Toolbox

    Data Backup Software:
    Cloud (Drive app) / File History
    System Image Backup Software: Macrium Reflect (Scheduled backups)

    Other OS:
    ElementaryOS with FireJail, Sophos AV, non-GUI Windscribe VPN, VirtualBox for testing (NAT)

    1. The independent AV tests are absolute truth, and experienced users are aware of that. Also, with modified configurations (mostly defaults are tested), these tools can deliver varied level of protection.
    2. Test the sleepiness of your antivirus here.
    3. Compliment your security software. But have no more than 1 real-time AV (some are born incompatible, others may conflict at critical times)
    4. After uninstalling an antivirus, use their official 'removal tools' for clean removal
    5. Scan with a bootable-rescue-disc monthly or quarterly (prefer BD, Kaspersky, Avira, ESET & Dr.Web)
    6. Provide admin-rights with utmost care. Prefer Standard account
    7. Use lockdown / anti-executables if feasible alongside an AV
    8. Avoid trying cracks. Those can do more than what's in their name!
    9. Keep Auto-play always OFF. Write-protect your USB when porting
    10. Download programs from Vendor sites only
    11. During potentially risky activities, use sandbox or multi-protection (AM+blocker+anti-exploit+extensions)
    12. For ransomware protection, besides antivirus, WinAntiRansom/KasperskyAntiRansomTool/HMPA etc are nice options
    13. Important tips like low-risk activities, safe browsing, using Windows built-in mechanisms for security are already famous elsewhere. Let me link them here
    14. Do not share your credentials or personal information with others. These can be misused for hacking your stuff
    15. Use Sardu to create a Multiboot USB tool to include Multiple AV Rescue Discs, USB repair tools, Linux Distros(s) and some more portable apps. Write protect it then, as needed.
    16. Install a Linux distro for side-by healthy computing!
    Suggestions welcome :)
    Keep safe, be safe!
    wwd, jasonX, LowcyGier and 3 others like this.
  2. Google Adsense

  3. kram7750

    kram7750 Member Known Member

    Thanks for sharing your security configuration! :)

    Do you really use all of these scanners on-demand, or did you mean you have them in case they are needed? You only really need 1-3 on-demand scanners, 3 being a maximum on my recommendation at least. I would recommend you to use HitmanPro once a week and then maybe run a scan with AdwCleaner every now and then but that is just my advice.

    Advice above is just my recommendation, down to you to take my advice or not. :)
    wwd, jasonX, LowcyGier and 2 others like this.
  4. Gabbs

    Gabbs Member

    Do you really use all of these scanners on-demand, or did you mean you have them in case they are needed? --> Both.
    Of course I will use the type of scanner(s) I think I will need in case of any suspicion or verification. Each have different potentials, varied effectiveness and some have clearly different purposes as you might know Visa. Thanks for the recomendation.
    Without any suspicion, I just don't perform on-demand scans, simple! If I need, I'l use the one I trust will hunt the pebbles among the diamonds ;)
  5. Gabbs

    Gabbs Member

    In the safe practices spoiler, I've got a missing "not" as I'm a fast thinker :read: commonly causing such oversights!
    As you can expect, I meant to say "The independent AV tests are not the absolute truth,....".
  6. Trim

    Trim MTAC Moderator Staff Member Member Of Month - Tweakbytes Defender

    A good config, maybe a bit overkill, but all main layers are well covered.
    Thanks for posting that!
    wwd, LowcyGier, Gabbs and 1 other person like this.
  7. Gabbs

    Gabbs Member

    It can be an overkill :)
    I decided to try the 6 month trial of Heimdal Pro on both and it blocked quite some connections the common extensions didn't (including a potentially tracking server of WPS office). The traffic scanning is an overlap with KIS and there's some browsing slowdown visible. I'll evaluate it for some more days.

    I was fortunate to get a 1 yr license of VDS from a friend of mine and its one of the best! There are slick chances of KIS network trusting a bad file (I've seen 2 such samples) allowing it to freely use process injection etc. or a missed RW activity.
    VDS can help provide an insight through VoodooAI and the multi-engine detection names (if threat detected) can be guiding towards blocking the malware beforehand.
    Kerish was simply for maintenance, yet I choose to deny any services or scheduled tasks not relevant to a current installation / those that are not known / those that pop out of the blue. I do not use the Anti-malware of Kerish.
    My use of sandboxing is very limited.
    wwd, LowcyGier and RGiskardR like this.
  8. RGiskardR

    RGiskardR Malware Tester Silver Member

    Check in this forum the reviews section, I ran a slight review of HDP some months ago ;) also running along side KTS2017...
    wwd, Trim, LowcyGier and 1 other person like this.
  9. Gabbs

    Gabbs Member

    Awesome. Are you on the 6 month trial? Did you have an experience with VectorN recently added?

    I just read the wonderful review made, left a message awaiting approval.
    Mostly a DNS + Traffic pattern analyser + a limited AV module. I've faced occasional connection failures due to the Firewall therein (I've unchecked "Automatically Disable Traffic Filtering" on connection drop). I might make a video review soon :)
    wwd, LowcyGier and RGiskardR like this.
  10. RGiskardR

    RGiskardR Malware Tester Silver Member

    Not testing it currently in any of my systems... also tested it during months at "Posing Box" and phishing protection is "a bit weak"...
    wwd, Trim, LowcyGier and 1 other person like this.
  11. jasonX

    jasonX Giveaways Moderator Staff Member

    Deep arsenal there. Thanks for sharing.
    VDS - VoodooShield huh....soon we will be graced by VoodooShield PRO again here at the giveaways section! Stay tuned!
    LowcyGier, wwd, Trim and 2 others like this.
  12. Gabbs

    Gabbs Member

    @jasonX thank you. VDS is the savior in any activity, including when you temporarily disable your AV suite. I needed to sometimes with BTS Beta :)

    Why don't we invite DanB from VDS here?
    LowcyGier, wwd and RGiskardR like this.

Share This Page