Advanced Plus Security Protomartyr's ThinkPad Security Config 2020

Last updated
Dec 3, 2020
How it's used?
For home and private use
Operating system
Windows 10
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Windows Defender
Firewall security
Microsoft Defender Firewall
About custom security
Hard_Configurator (recommended settings)
ConfigureDefender (max)
Firewall Hardening (recommended rules)
Cloudfare DNS (Malware Blocking)
Periodic malware scanners
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chrome:
Edge:
  • Tracking Protection set to 'Balanced'
  • uBlock Origin (default settings)
Maintenance tools
File and Photo backup
SyncToy with External HDD
System recovery
Risk factors
    • Browsing to popular websites
    • Logging into my bank account
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Streaming audio/video content from shady sites
Computer specs
ThinkPad S1 Yoga
Intel Core i5-4200U
Intel HD Graphics
8GB RAM
128 GB SSD (System)
256 GB SSD (Documents & Media)
Notable changes
Jan 16, 2020 - Disabled 'Encrypt All Sites Eligible' option in HTTPS Everywhere Chrome extension
Jan 16, 2020 - Removed Firefox
Feb 1, 2020 - Added Macrium Reflect Free
Feb 1, 2020 - Added Microsoft Edge (Chromium)
Feb 1, 2020 - Removed Spybot Anti-Beacon
Mar 8, 2020 - Removed Privacy Badger
Apr 2, 2020 - Switched from CleanBrowsing DNS to Cloudfare DNS (Malware Blocking)
May 1, 2020 - Added Bitdefender TrafficLight to Edge
May 1, 2020 - Added uBlock Origin to Edge
May 1, 2020 - Removed Netcraft Extension
May 12, 2020 - Removed Auto-lock computer when idle (registry tweak)
May 13, 2020 - Malwarebytes Premium - Disabled Malware and Ransomware real-time protection modules
May 21, 2020 - Malwarebytes Premium - Disabled Web Protection module
June 2, 2020 - Malwarebytes Premium - All real-time protection modules disabled
Sep 23, 2020 - Removed Bitdefender TrafficLight from Edge
Oct 2, 2020 - Removed Emsisoft Emergency Kit
Dec 3, 2020 - Updated to Windows Version 20H2

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,585
Updated:
- Malwarebytes Premium - Disabled Malware and Ransomware real-time protection modules

Testing to see if it impacts system performance. With just Web Protection and Exploit Protection enabled, the system does seem lighter.
My suggestion use Malwarebytes on demand.
Use my SEP config for firewall and host exploit mitigation only(this config is very light because it has no signatures in memory or proactive protection running or installed) .
And if you want Malwarebytes web protection run the extension .
For exploit protection H_C has many options to reduce the attack surface and block payloads.
If you really want extra protection twaek exploit guard and better if you can move to windows store apps.
 
Last edited:

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
Updated:
- Malwarebytes Premium - Disabled Web Protection module

I was recently experiencing connection issues when trying to visit sites. It would take 20-30 seconds to resolve hosts no matter what browser I used. The Web Protection module of Malwarebytes Premium was the culprit. Disabled the module and can now browse with no issues.

The only protection module I have enabled now is the Exploit Protection. It's probably not really needed as I have Hard_Configurator. Malwarebytes Premium is now removed from 'Real-time Web & Malware Protection' category to 'Virus and Malware Removal Tools'.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Updated:
- Malwarebytes Premium - Disabled Web Protection module

I was recently experiencing connection issues when trying to visit sites. It would take 20-30 seconds to resolve hosts no matter what browser I used. The Web Protection module of Malwarebytes Premium was the culprit. Disabled the module and can now browse with no issues.

The only protection module I have enabled now is the Exploit Protection. It's probably not really needed as I have Hard_Configurator. Malwarebytes Premium is now removed from 'Real-time Web & Malware Protection' category to 'Virus and Malware Removal Tools'.
It seems that just as Malwarebytes was improving 4.0 has caused a lot of performance issue not in 3.0.
 
Last edited:

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Updated:
- Malwarebytes Premium - All real-time protection modules disabled

For some reason, Malwarebytes refused to open/launch. Did a reinstall and have decided to just keep all modules turned off.
I had a lot of trouble installing it as a second opinion scanner today. It crashed when I tried disabling real time scanners. I think they broke something.
 
  • Like
Reactions: Protomartyr

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
I had a lot of trouble installing it as a second opinion scanner today. It crashed when I tried disabling real time scanners. I think they broke something.
Same here. Their removal tool is really easy to work with though so I'm glad for that.

I also noticed that activating Premium automatically registers itself as the main AV by default without any prompt that it's doing so. I wish they wouldn't do this as default behavior. At least notify the user so they can decide whether or not they want to keep Defender as the primary AV.
 
  • Like
Reactions: blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Same here. Their removal tool is really easy to work with though so I'm glad for that.

I also noticed that activating Premium automatically registers itself as the main AV by default without any prompt that it's doing so. I wish they wouldn't do this as default behavior. At least notify the user so they can decide whether or not they want to keep Defender as the primary AV.
Especially when installing the free version without a key.
 
  • Like
Reactions: Protomartyr

Brahman

Level 18
Verified
Top Poster
Well-known
Aug 22, 2013
892
@ Protomartyr Since you are using Chrome/ Chrome based browser in conjunction with cloudflare dns you can enable DOH in its settings for added security.
(To enable DoH in Chrome, start by typing or copy-pasting “chrome://flags/#dns-over-https” into the address bar and press Enter.


Open the drop-down menu to the right of “Secure DNS Lookups” and select “Enabled."
and restart chrome.)
Try the new firefox it is as fast as chrome now.
 

Protomartyr

Level 7
Thread author
Sep 23, 2019
314
Removed:
- Emsisoft Emergency Kit

Was doing scans with AV + second opinion scanners before I made my monthly system image backup. For some reason EEK refused to update. Didn't feel like troubleshooting so I removed it. I still have HitmanPro and Malwarebytes so I'm good.

EEK is still a great second opinion scanner that I'd recommend to anyone.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top