Advanced Plus Security Protomartyr's ThinkPad Security Config 2019

Last updated
Dec 8, 2019
Windows Edition
Home
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Windows Defender
Malwarebytes Premium (lifetime license)
Firewall security
Microsoft Defender Firewall
About custom security
Hard_Configurator (recommended settings)
ConfigureDefender (max)
Firewall Hardening (recommended rules)
Auto-lock computer when idle (registry tweak)
CleanBrowsing DNS ('Security' filter)
Periodic malware scanners
Emsisoft Emergency Kit
HitmanPro Free
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chrome:
  • Chrome flags enabled for tighter security and new features
  • Cookie AutoDelete
  • HTTPS Everywhere - Encrypt All Sites Eligible enabled
  • Netcraft Extension
  • Privacy Possum
  • uBlock Origin (Medium mode; Block 3rd party requests) + Nano Defender Integration
  • Windows Defender Browser Protection

Firefox:
  • about:config tweaks for added security and privacy
  • Cookie AutoDelete
  • Emsisoft Browser Security
  • HTTPS Everywhere - Encrypt All Sites Eligible enabled
  • Netcraft Extension
  • Privacy Possum
  • uBlock Origin (Medium mode; Block 3rd party requests) + Nano Defender Integration
Maintenance tools
Autoruns by Sysinternals
CCleaner (Enhanced)
Revo Uninstaller
File and Photo backup
SyncToy with External HDD
System recovery
Windows Backup and Restore
Risk factors
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
Computer specs
ThinkPad S1 Yoga
Intel Core i5-4200U
Intel HD Graphics
8GB RAM
128 GB SSD (System)
256 GB SSD (Documents & Media)

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
@Protomartyr:

I'm not very fond of Windows Backup and Restore :unsure: :unsure: , I would suggest better Macrium Reflect Free or AOEMI Backupper, both are free and reliably.

As for "Virus and Malware Removal Tools", You may add: ZAM Free, remove MalWareBytes Free to this section (since You already have it as real-time solution), EmsiSoft Emergengy Kit and HitManPro Free.

Please kindly reflect Your changes editing Your config, and announcing them here, thanks for sharing :giggle:
 

notabot

Level 15
Verified
Oct 31, 2018
703
@Protomartyr:

I'm not very fond of Windows Backup and Restore :unsure: :unsure: , I would suggest better Macrium Reflect Free or AOEMI Backupper, both are free and reliably.

As for "Virus and Malware Removal Tools", You may add: ZAM Free, remove MalWareBytes Free to this section (since You already have it as real-time solution), EmsiSoft Emergengy Kit and HitManPro Free.

Please kindly reflect Your changes editing Your config, and announcing them here, thanks for sharing :giggle:

I use something else too because I needed different functionalities, but out of curiosity, what’s wrong with Windows Backup and Restore ?
 

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
Added:
- Emsisoft Emergency Kit

I love the portability of Emsisoft's program, so it was an instant add to my collection. Plus there was no email sign-up/registration needed. Just a simple download and install. I'm still trying to find official portable versions of HitmanPro and Zemana Anti-Malware. From what I saw in my search, both downloads were for trials.

Going to spend the weekend evaluating Macrium Reflect Free and AOMEI Backupper.

Also removed Malwarebytes from the 'Virus and Malware Removal Tools' section since I already have the Premium version listed under the 'Real-time' section.

Thank you for the suggestions @harlan4096 !
 
Last edited:

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
Added:
- Enabled auto lock of computer through registry

I'm usually pretty good at making sure I lock my laptop when I leave to do something but I've been forgetting lately. Decided to set my computer to auto-lock after being idle for 10 minutes. You can do this on Windows 10 Pro edition but not on the Home edition since there's no access to the Local Security Policy feature. To get around this, I just had to add a new DWORD value named InactivityTimeoutSecs and set it to 600 seconds. Got the job done! (y)

Also, I was doing a few scans before making a system image for this week. Windows Defender and Malwarebytes Premium reported everything was fine. Decided to run Emsisoft Emergency Kit that I just added today. To my surprise it picked up 2 Trojans in the 'C:\Windows\IULOGS\' directory. Not sure how long they've been there but I'm glad I got it off my system. Nice work, Emsisoft!
 

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
Added:
- HitmanPro Free (second opinion scanner)
- Nano Defender (to Firefox; already have it on Chrome)
- uBlock Origin (to Firefox; already have it on Chrome)

Removed:
- I don't care about cookies (browser extension; instead I integrated it into uBlock as a filter list)
- CanvasBlocker (browser extension)
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
What extensions do you think I should cut out

Here are my thoughts:
You don't need Windows Defender Browser Protection. You have Smartscreen which is enough unless you have very risky browsing habits, in which case you could add Bitdefender Trafficlight. But you already have a locked-down system so not really needed. You can get rid of Nano Defender and rely on µBO alone, or you could add the Nano Defender Integration filter list into uBO. And you can replace Decentraleyes, Canvas Defender and Privacy Badger with Privacy Possum which will make your attack surface smaller. PP does the job of all three of the others IMO.

Remember friend: Stay safe, not paranoid. (y) :D
 

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
You can get rid of Nano Defender and rely on µBO alone, or you could add the Nano Defender Integration filter list into uBO.

This has been something that I've never found a clear answer to. I have always thought importing the Nano Defender Integration filter list into uBO was enough.

However, through my search it seems that the extension needs to be installed as well? See this ghacks article (link), this reddit thread (link), and finally the developer's installation instructions (link). That's why I have the extensions installed along with uBlock Origin. I might do some testing with the Nano Defender extension uninstalled to see if it still works with just the filter lists alone.

Bitdefender Traffic Light has been an extension I've seen recommended quite often that I've never gotten a chance to test out. Same with Privacy Possum. I'll be testing these two extensions this week and removing the other redundant/unneeded extensions.

Thanks for your recommendations!
 
Last edited:

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
This has been something that I've never found a clear answer to. I have always thought importing the Nano Defender Integration filter list into uBO was enough.

However, through my search it seems that the extension needs to be installed as well? See this ghacks article (link), this reddit thread (link), and finally the developer's installation instructions (link). That's why I have the extensions installed along with uBlock Origin. I might do some testing with the Nano Defender extension uninstalled to see if it still works with just the filter lists alone.

Bitdefender Traffic Light has been an extension I've seen recommended quite often that I've never gotten a chance to test out. Same with Privacy Possum. I'll be testing these two extensions this week and removing the other redundant/unneeded extensions.

Thanks for your recommendations!

About Nano Integration - The 1st and 3rd instructions you reference are in agreement. I use that method. Honestly, I don't run into many anti-adblock walls (I can't remember the last one I saw) and I've done pretty well with µBO alone as it has improved greatly with the recent updates. Do your own testing and see what you think.

BDTL has done well in @Evjl's Rain testing here Q&A - [Updated 29/12/2018] Browser extension comparison: Malwares and Phishings and members I trust advise it as well.

Privacy Possum - Fingerprinting is a multi-faceted problem and I doubt any single or multiple extensions can give 100% protection. This is just my view based on what I've read. My view of Privacy Badger is that even with the claimed improvements with the recent update, the extension doesn't give me enough feedback/info relative to claimed improvements. I don't do technical testing so I can't give fully qualified answers on questions of privacy protection, but I've decided for myself to keep it simple. Less is more thinking. I figure if I cut out a majority or just a whole bunch of tracking methods and keep a lean browser attack surface, then I can live with the results - whatever they may be. So ublock origin and PP is enough for me. Let me know what your experience is after you do some testing. (y) (y)

BTW, I use uBO in medium mode so that does the heavy lifting for me.
 
Last edited:

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
Added:
- Bitdefender Traffic Light (Chrome & Firefox browser extensions)
- Privacy Possum (Chrome & Firefox browser extensions)

Removed:
- Decentraleyes (Chrome & Firefox browser extensions)
- Malwarebytes Browser Guard (Firefox browser extension; using Bitdefender Traffic Light instead so my extensions match with Chrome)
- Nano Defender (Chrome & Firefox browser extensions; using the Nano Defender Integration filter lists in uBlock Origin instead)
- Privacy Badger (Chrome & Firefox browser extensions)
- Windows Defender Browser Protection (Chrome browser extension)
 
Last edited:

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Added:
- HitmanPro Free (second opinion scanner)
- Nano Defender (to Firefox; already have it on Chrome)
- uBlock Origin (to Firefox; already have it on Chrome)

Removed:
- I don't care about cookies (browser extension; instead I integrated it into uBlock as a filter list)
- CanvasBlocker (browser extension)
Fantastic changes, and solely for privacy aspects just use Privacy Possum, does a lot of blockage under one tin.

~LDogg
 

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
Removed:
- Firefox Multi-Account Containers
- Temporary Containers (Firefox browser extension)

I run Firefox in permanent incognito mode now, so those extensions weren't needed.
 
F

ForgottenSeer 823865

There is nothing wrong about Windows7 Backup & Restore. On my end, It never failed a restore, unlike all the other 3rd party softs I used. However it is very slow, and due to how I use my systems, I can't make it my main imaging soft. So i use it only as a failsafe, if the others fails.
 

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
@Umbra Yeah Windows 7 Backup & Restore has never failed me.

I didn't realize 3rd party software used compression methods to make the backup image smaller. I've come to find out that some even have the option to verify the integrity of a backup. These two features are very intriguing so I've been meaning to try an alternative backup imaging software once I get a new external HDD. Macrium Reflect Free and AOMEI Backupper are two programs that I have on my 'To Test' list.

Which ones do you personally recommend?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top