Advanced Security Asterixpl Security Configuration 2022

Last updated
Jun 3, 2022
Use case
For personal use
Shared with
No one
Desktop OS
Windows 11
Windows OS SKU
Home
Login Unlock
    • Passwordless PIN or Biometrics
Sign-in with
Microsoft account
Primary user
Standard rights - Restricted permissions that prevent harmful changes
OS updates
Allow security updates
Windows UAC
Always notify
Network firewall
Always-on protection
F-Secure SAFE
VoodooShield Pro (AutoPilot Mode | Aggressive)
WhitelistCloud
Firewall
Microsoft Defender Firewall (Windows 11 or 10)
Custom RT/Firewall security
Modifying Windows 11:

Auto Play - disabled
O&O shut up 11 (recommended settings)
O&O app buster (slimmed-down system)
Malware testing
No malware samples
Periodic scanning
Once a month scan with the following scanners:
  • EMSISOFT Emergency Kit
  • Malwarebytes Anti Malware
  • Norton Power Eraser
  • Kaspersky Virus Removal Tool
Secure DNS
NextDNS
VPN
NO
Password manager
KeePass
Browsers and Extensions
MS EDGE as my main browser with add-ons :
  • AdGuard
Utilities for Maintenance
Once a week cleanup with the Hibit Uninstaller package tools.
Once a month with PrivaZer (portable version)
Occasionally using the cleaning tools built into Windows 11
Files & Photos backup
AOMEII Backuper PRO
Files & Photos backup routine
Automatic
Emergency recovery plan
Once every two weeks a copy of the entire system partition is made to an external drive.
Integrity of recovery plan
None
Tasks performed
    • Browsing the web
    • Browsing to unknown sites
    • Working from home
    • Receiving, sending and opening email attachments
    • Buying goods from online stores, entering card details and addresses
    • Logging into personal banking to check statements and payments
    • Downloading software from reputable sites
    • Watching movies and TV series via subscriptions
Computer specs
Brand and model:
ACER AN515-54-551F

CPU model:
Intel Core i5-8300H

GPU model:
NVIDIA GeForce GTX 1050

RAM type and size:
8 GB

Storage type and size:
512 GB SSD
Notable changes
03/21/2022 - MKS_VIR Internet Security + VoodooShield for free
03/22/2022 - Windows User Account Control - Maximum (always notify) added
13/04/2022 - Sandboxie Plus added
16/04/2022 - Simple Windows Hardening + Macrium Reflect Free added
17/04/2022 - Mozilla Firefox added
22/04/2022 - Deleted Mozilla Firefox, Sandboxie Plus. Added Opera
03/05/2022 - Testing AVIRA Free Antivirus for a few days
05/05/2022 - Comodo Secure Shopping added
06/05/2022 - Avira stays for good + VS PRO
10/05/2022 - TinyWall added
11/05/2022 - Delete TinyWall, added Windows Control Firewall
12/05/2022 - Test kit: MS Defender + DefenderUI (aggresive mode) + VodooShield Pro
16/05/2022 - AVIRA Free AV + VS Pro
21/05/2022 - Bitdefender TS + VS Pro
25/05/2022 - Bitdefender IS + VS Pro
08/09/2022 -
Microsoft Defender (DefenderUI Free | Recommended Profile) + VoodooShield (AutoPilot Mode | Aggressive) + WhitelistCloud
17/10.2022 - F -Secure SAFE
Feedback response

I am partially satisfied. General feedback is greatly appreciated, to make improvements to my overall security / privacy.

Asterixpl

Level 10
Thread author
Verified
Mar 19, 2022
496
Simple system hardening requires configuration? Or does it just install and forget?

I was disappointed with Aomei Backupper yesterday. I had the one year version from a promotion. I could not run the program - it ended up with a blue screen.

I removed it and installed Macrium Reflect Free
 
Last edited:

L0ckJaw

Level 19
Content Creator
Well-known
Feb 17, 2018
903
Proste utwardzanie systemu wymaga konfiguracji?. A może po prostu zainstaluj i zapomnij?

Wczoraj byłem rozczarowany Aomei Backupperem. Miałem roczną wersję z promocji. Nie mogłem uruchomić programu - skończyło się niebieskim ekranem.

Usunąłem go i zainstalowałem Macrium Reflect Free
Install and sometimes check it.

I am using it together with Bitdefender Total Security, rock solid combination.

 

silversurfer

Level 85
Verified
Honorary Member
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
8,117
Wouldn't adding simple windows hardening to my security kit be paranoia on my part already ?

Voodoo Shield free helps to protect in similar way like OS hardening but offers more "features" as real-time protection.
Simple Windows Hardening does work with tweaks only to harden Windows 10/11
Both together it's what we call "overkill" but in my view slightly overkill :D

Yes.
Simple System Hardening requires some special setup ?. Or just install and forget?
Just turn on SRP. You can may change a few details on Windows Hardening.

SWH.png
 

Gandalf_The_Grey

Level 64
Verified
Honorary Member
Top poster
Content Creator
Well-known
Apr 24, 2016
5,387
I agree with @silversurfer it's a little bit overkill and it depends on what you want.

Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.
From Andy's GitHub page:
  1. Run SWH - the restrictions are automatically configured.
  2. Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.
  3. If MS Office is installed, then it is recommendable to make some additional hardening:
    • open Excel and block macros without notification (do it on each user account),
    • apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).
    • This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender
  4. If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).
Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.
VoodooShield is active protection and will inform you when something gets blocked.

I would choose one or the other.
 

Asterixpl

Level 10
Thread author
Verified
Mar 19, 2022
496
I agree with @silversurfer it's a little bit overkill and it depends on what you want.

Simple Windows Hardening is passive, set and forget, when something gets blocked look at the logs.
From Andy's GitHub page:
  1. Run SWH - the restrictions are automatically configured.
  2. Log OFF the account or reboot is required, depending on what restrictions were applied before running SWH.
  3. If MS Office is installed, then it is recommendable to make some additional hardening:
    • open Excel and block macros without notification (do it on each user account),
    • apply in SWH the "Paranoid Extensions" (Settings >> Protected SRP Extensions).
    • This is not necessary when ASR rules for MS Office, Adobe Reader, and WMI are enabled with Microsoft Defender as the main Antivirus. The ASR rules can be configured by using the ConfigureDefender tool: ConfigureDefender/H_C_HardeningTools at master · AndyFul/ConfigureDefender
  4. If necessary, then also other applications from the H_C_HardeningTools repository can be used to increase the security (RunBySmartScreen, FirewallHardening, and DocumentsAntiExploit).
Please keep updated your system/software. Use SWH on the default settings for some time, until you will be accustomed to it. Most users will probably do not see any difference, but rarely a legal script or file with unsafe extension will be blocked by SWH settings. You can use blue buttons View Blocked Events and Manage the Whitelist to recognize and whitelist the blocked files. Please be careful, if you are not certain that the blocked file is safe, then wait one day or two before whitelisting it.
VoodooShield is active protection and will inform you when something gets blocked.

I would choose one or the other.

I will leave two for now - VS and SWH. I'll keep watching. I do not use MS Office
 

Asterixpl

Level 10
Thread author
Verified
Mar 19, 2022
496
As of today, I already have everything I need to work safely on my laptop.
Since I'm with you on the forum, my software has changed completely. I don't mean just laptop security anymore, but also other programs - replacements for the original ones.
Thanks to your advice I managed to make an interesting set
I am pleased with this fact
 

Asterixpl

Level 10
Thread author
Verified
Mar 19, 2022
496
I used this procedure to disable telemetry in Firefox
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.updatePing.enabled = false
browser.newtabpage.activity-stream.feeds.telemetry = false
browser.newtabpage.activity-stream.telemetry = false
browser.ping-centre.telemetry = false
toolkit.telemetry.bhrPing.enabled = false
toolkit.telemetry.enabled = false
toolkit.telemetry.firstShutdownPing.enabled = false
toolkit.telemetry.hybridContent.enabled = false
toolkit.telemetry.newProfilePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.shutdownPingSender.enabled = false
toolkit.telemetry.unified = false
toolkit.telemetry.updatePing.enabled = false
toolkit.telemetry.reportingpolicy.firstRun = false
toolkit.telemetry.unified = false
toolkit.telemetry.archive.enabled = false
devtools.onboarding.telemetry.logged = false
toolkit.telemetry.bhrPing.enabled = false
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true
datareporting.healthreport.uploadEnabled = false
datareporting.policy.dataSubmissionEnabled = false
datareporting.sessions.current.clean = true
 
Top