At-Risk TRS-80's Current 2020 Overkill Security Configuration

Last updated
Jul 28, 2020
How it's used?
For home and private use
Operating system
Windows 10
Log-in security
Security updates
Allow security updates
User Access Control
Always notify
Real-time security
  • ESET Smart Security Premium , Version 13.2.15.0,.
  • Malwarebytes Premium, Version 4.1.0 .
  • VoodooShield Pro has "Overwatch."
  • UnChecky to prevent unwanted install boxes being checked.
  • Panda USB Vaccine.
Firewall security
About custom security
  • ESET Smart Security Premium , Version 13.2.15.0, with minor tweaks to HIPS and, a few other minor items changed. (e.g. Cam & Mic blocked.)
  • Tweaks to Win Security(Standard.)
Periodic malware scanners
  • HitmanPtro 3.8 - Commercial.

These are used to maintain my system and other people's systems, as required:

  • Farbar's Recovery Scan Tool(x64 + x32.) - Updated as required, generally 3-5 days or when run.
  • Windows Defender Offline.
  • RKill.
  • Security Check.
  • Farbar Service Scanner.
  • MiniToolBox.
  • AdwCleaner
  • ESET SysRescue.
  • ESET Online Scanner.
  • Malwarebytes Anti-Rootkit.
  • AswMBR - Anti-Rootkit/Virus.
  • GMER - Anti-Rootkit.
  • Sophos Virus Removal Tool. - Still updated when last used.
  • Kaspersky TDSSKiller.
  • Emsisoft Emergency Kit - Installer.
  • Kaspersky Virus Removal Tool(s.)
  • Avira System Rescue ISO.
  • Kaspersky Rescue Disk ISO.
  • Bitdefender Rescue ISO.
  • Dr Web Rescue ISO.
  • SuperAntiSpyware Pro.
  • Panda USB Vaccine.
  • RemVBSWorm.
  • Rogue Killer Portable.
  • VirusTotal Uploader.
  • GlassWire
  • SysInternals Suite.
  • Probably more.
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
  • Running with Edge at present.

Extensions:

  • LastPass.
  • Malwarebytes Browser Protection.
  • Adblock Plus.
Maintenance tools
  • Mainly custom batch files to perform system checks, cleanup and, integrity.
File and Photo backup
Files are backed up to secured, external HDDs as System Images and Backups. (Acronis and Windows 7 Backup/Restore capability in Windows 10. )

File History to the "Cloud."

Currently, adding RollbackRx Pro.
System recovery
  • Windows 7 Backup/Restore capability in Windows 10.
  • Acronis True Image.
  • Rollback Rx Pro.
Risk factors
    • Browsing to popular websites
    • Downloading software and files from reputable sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
  • MSI PE60-6QE - Upgraded.
  • Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz - Patched.
  • NVIDIA GeForce GTX 960M.
  • 2 banks of 8GB=16GB Samsung DDR4 RAM @ 2133 MHz.
  • Samsung SSD 960 EVO 250GB.
  • WDC WD10JPVX-22JC3T0 HDD 931.5GB(~1TB.)
  • Enhanced Cooling.
Notable changes
  • February - Ceased Malware Testing on this machine for now.
  • February 2020 - Changed from rotating ESET and Kaspersky. Now Running with ESET, solo.
  • March 2020 - Removed Steven Black's Unified Hosts as it is too slow with desired function level.
  • July 2020 - Adding Rollback Rx Pro.
  • 28th July 2020 - Zemana relegated to tools only.
Notes by Staff Team
  1. This setup configuration may put you and your device at risk!
    We do not recommend that other members use this setup. We cannot be held responsible for problems that may occur to your device by using this security setup.

  2. This setup may cause performance issues, system instability or conflicts between programs, and can hinder the effectiveness of the installed antivirus products.

TRS-80

Level 1
Thread author
Aug 16, 2019
46
Hi Everyone,

This is my Overkill Security Config for 2020.

Please, don't be concerned about multiple "gatekeeper" software running concurrently. I only have one active at a time in addition to my AV main, except for testing purposes.

Malwarebytes combined with ESET seems to improve detections. Potential threats are frequently detected by ESET whilst Malwarebytes is scanning(accessing files.) These files were missed by each scanner when scanning without the aforementioned setup.

There are quite a few tools listed. These are NOT generally used on my own machine. They are present for use as required. This machine is multi purpose, as personal and some work plus, voluntary work.

I am aware that running from a Standard Account is preferable to Administrator. In my circumstances, this is not workable.

Changes from last year have been fairly minor.

All constructive criticism graciously accepted.


Cheers!


@TRS-80
 
Last edited:

brambedkar59

Level 29
Verified
Top Poster
Well-known
Apr 16, 2017
1,869
The title seems accurate, pretty overkill imo.
"Potential threats are frequently detected by ESET whilst Malwarebytes is scanning(accessing files)" This means your browsing/downloading habits are very risky.
Do you do malware testing?
The list of second opinion scanner is too long, just pick 3 decent scanners at most. More is not always good, more scanner will also mean more FPs.
Thanks for sharing your config :)
 

TRS-80

Level 1
Thread author
Aug 16, 2019
46
G'day @rockstarrocks

Thank you, for your feedback. Much appreciated!

Yes, the title is accurate, as you said.;)

Perhaps, I should have been clearer when explaining about the detections by ESET when actively scanning with Malwarebytes. I should have said that this occurred on several occasions, after both pieces of software had previously failed to detect very old files I had stored and forgotten about. They were actually on an external drive I had scanned with both ESET and MWB, separately. The files involved were supplied by an educational institution as part of a course. They were not malware samples, nor, did they have anything to do with I.T. They were definitely not False Positives, however, they had failed to deploy(on this system, at least. I would rather a few FPs than having to clean up, anyhow.

I do not download files in a "risky" manner. I have no want to invite trouble. Even when files come from a solid, proven site, I generally check links on V.T. prior to downloading. All downloaded files are immediately scanned, irrespective of the site involved. Please, do not draw inaccurate inferences regarding browsing or downloading habits. I do not have the time to waste wandering around the Web, browsing for amusement. The majority of my online time is spent on scientific research of a variety of types. The balance is spent here.

The list of "second opinion scanners" is: HitmanPro. As stated, the remaining "tools" are used purely for maintenance of my system(s) and, the repair or troubleshooting of other computers. I probably should not have bothered including them. I only did include them as, previously, some member(s) mentioned that it was a good list for new users to be aware of. That was a straight(ish) copy/paste from last year's Security Config(the files are still present and many have been used, regularly. ) The majority of the tools are not installed, they are mainly Portable. Most serve different purposes. Some are diagnostic, some are removal tools. Few are what I would call "simple second opinion scanners." Its more of a case of comparisons, analysis and, having the correct tools for common jobs. Many of them also require frequent updating. Accordingly, I keep them handy for reference, too.

I ceased malware testing earlier this year, mainly due to time constraints. One of the causes of these original time constraints was cleaning up following a total network compromise. That job alone involved a sophisticated breach across multiple devices. We managed to recover many tens of thousands of dollars, after the fact, on behalf of the victim; an elderly home user. This was a voluntary job. Multiple, listed tools were used for part of the initial investigations.

The main reason for the Overkill Setup is due to having been targeted, numerous times, by well known Threat Actors. Since adopting a more paranoid approach I have had no further, major problems. I have had no active, uncontrolled malware infection since changing my posture.

I have edited my original(2020) configuration to reflect the 'relegation' of Zemana to tool status.

🚨Certainly, I do not believe anyone should and, I DO NOT advise anyone to copy my setup. What works for me may not work for others.🚨

Thank you, for taking the time to read my Configuration and, taking the time to respond. I appreciate your concerns.

I will always listen to other people's points of view. Its a good way to expand my knowledge and understanding.

Cheers,


@TRS-80 (y)
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
If you need both ESET Smart Security and Malwarebytes Premium helped with Malwarebytes Browser Protection wouldn't it be better and lighter to the system to use Kaspersky internet Security together with its extension?

For an increase in browser speed and more configuration options you could try uBlock Origin and Bitwarden.
ublock Origin could be used as default but has a lot of other options and modes: gorhill/uBlock
Bitwarden has just published its second audit results and is lighter than LastPass.
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Targeted ?
Get a WPA 3 router
Try a good IDS with good reporting like Zeek and an IPS like snort/Suricata and a layer 7 firewall in default deny config with good hardening.
ditch windows use a hardened Linux distro / kernel .
verify firmware hash.
get a pixel with graphene OS use only apps from f droid .
and check certificates and hash before download the image.

Use TOR as a network wide proxy so all devices would have to use it for internet traffic .
Dump any old and unverified/ unverifiable network devices .
change every port to a random / non popular one and stealth it while disallowing port scanning.

Make WiFi and local access. Network isolated from each other .
 

TRS-80

Level 1
Thread author
Aug 16, 2019
46
@Gandalf_The_Grey @Dave Russo @Vitali Ortzi @JoyousBudweiser

G'day to everyone who has responded to this thread.

My apologies for the delay in responding. I have been in hospital, plus, not receiving notifications.

Thank you all for your input. It is gratefully accepted and appreciated. Now that I am aware it is here, I will think over the various suggestions. This will take some time and testing.

The MWB browser extension was used only due to other extensions auto-uninstalling. It is a temporary measure only at this point.

I have retained ESET rather than Kaspersky solely due to having considerable time remaining on the ESET licence. Kaspersky licence had expired. I will re-evaluate the situation again in the future. I do find ESET lighter on resources yet, good on defence, reporting and cooperating with other software.

The cooling was installed prior to purchase. It is (very simply) additional ducted copper mass to aid in heat dissipation via several multi-speed fans. Exhaust remains via twin ports at the rear. The trade off is weight and fan noise. When all fans are operating the machine sounds like a Vulcan Bomber on take-off roll. The laptop is not easily lifted with one hand.

As far as I am aware, WPA 3 Routers have some compatibility issues with our telephone(NBN) system here. Hopefully, with relocation due in April next year this may be able to be resolved and implemented. I have to plead guilty to being a little light on my research in this area.

Since being heavily targeted following an act of idiocy by a family member, all electronic equipment has been replaced. This extends from the Gateway right through all devices capable of network connection. Admittedly, this occurred quite some time ago.

Thank you all for taking the time to respond with valid and useful information.

At present, I am rather time poor. I will respond to any further entries as I am able.

Cheers,


@TRS-80
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
@Gandalf_The_Grey @Dave Russo @Vitali Ortzi @JoyousBudweiser

G'day to everyone who has responded to this thread.

My apologies for the delay in responding. I have been in hospital, plus, not receiving notifications.

Thank you all for your input. It is gratefully accepted and appreciated. Now that I am aware it is here, I will think over the various suggestions. This will take some time and testing.

The MWB browser extension was used only due to other extensions auto-uninstalling. It is a temporary measure only at this point.

I have retained ESET rather than Kaspersky solely due to having considerable time remaining on the ESET licence. Kaspersky licence had expired. I will re-evaluate the situation again in the future. I do find ESET lighter on resources yet, good on defence, reporting and cooperating with other software.

The cooling was installed prior to purchase. It is (very simply) additional ducted copper mass to aid in heat dissipation via several multi-speed fans. Exhaust remains via twin ports at the rear. The trade off is weight and fan noise. When all fans are operating the machine sounds like a Vulcan Bomber on take-off roll. The laptop is not easily lifted with one hand.

As far as I am aware, WPA 3 Routers have some compatibility issues with our telephone(NBN) system here. Hopefully, with relocation due in April next year this may be able to be resolved and implemented. I have to plead guilty to being a little light on my research in this area.

Since being heavily targeted following an act of idiocy by a family member, all electronic equipment has been replaced. This extends from the Gateway right through all devices capable of network connection. Admittedly, this occurred quite some time ago.

Thank you all for taking the time to respond with valid and useful information.

At present, I am rather time poor. I will respond to any further entries as I am able.

Cheers,


@TRS-80
Yes ESET is lighter then Kaspersky but Kaspersky is stronger by default.

Anyway good to hear you are well 😊👍
 

Dave Russo

Level 21
Verified
Top Poster
Well-known
May 26, 2014
1,042
@Gandalf_The_Grey @Dave Russo @Vitali Ortzi @JoyousBudweiser

G'day to everyone who has responded to this thread.

My apologies for the delay in responding. I have been in hospital, plus, not receiving notifications.

Thank you all for your input. It is gratefully accepted and appreciated. Now that I am aware it is here, I will think over the various suggestions. This will take some time and testing.

The MWB browser extension was used only due to other extensions auto-uninstalling. It is a temporary measure only at this point.

I have retained ESET rather than Kaspersky solely due to having considerable time remaining on the ESET licence. Kaspersky licence had expired. I will re-evaluate the situation again in the future. I do find ESET lighter on resources yet, good on defence, reporting and cooperating with other software.

The cooling was installed prior to purchase. It is (very simply) additional ducted copper mass to aid in heat dissipation via several multi-speed fans. Exhaust remains via twin ports at the rear. The trade off is weight and fan noise. When all fans are operating the machine sounds like a Vulcan Bomber on take-off roll. The laptop is not easily lifted with one hand.

As far as I am aware, WPA 3 Routers have some compatibility issues with our telephone(NBN) system here. Hopefully, with relocation due in April next year this may be able to be resolved and implemented. I have to plead guilty to being a little light on my research in this area.

Since being heavily targeted following an act of idiocy by a family member, all electronic equipment has been replaced. This extends from the Gateway right through all devices capable of network connection. Admittedly, this occurred quite some time ago.

Thank you all for taking the time to respond with valid and useful information.

At present, I am rather time poor. I will respond to any further entries as I am able.

Cheers,


@TRS-80
Hope you are well,may the Lord bless you
 

TRS-80

Level 1
Thread author
Aug 16, 2019
46
G'day @Vitali Ortzi , @Dave Russo ,

Thank you both for your kind well wishes!

I'm doing pretty well, thank you. Just in for a lube and oil change. :D A bit of tinkering with my ticker. This happens when you are at a fairly ancient age.

Update: Rethinking Security Configuration.

I am definitely blessed. Thank you!

Take care and give the bad dudes a hard time.

Cheers,

@TRS-80 (y):coffee:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top