By Staff BoraMurdar's System 2022

Last updated
Mar 8, 2022
Use case
For personal use
Shared with
No one
Desktop OS
Windows 11
Windows OS SKU
Pro
Login Unlock
    • Passwordless PIN or Biometrics
Sign-in with
Microsoft account
Primary user
Administrator rights - Full permissions that can perform harmful changes
OS updates
Automatic updates
Windows UAC
Notify me only when programs try to make changes to my computer
Network firewall
Always-on protection
Kaspersky Security Cloud Free
- File AV / scan upon execution
- Web AV / Heuristics to High, Scan all URL's
- System Watcher / Block - Delete - RollBack
- Inject script into web traffic / disabled
- Password protected settings
- disabled all promo notifications
Firewall
Microsoft Defender Firewall (Windows 11 or 10)
Custom RT/Firewall security
Just added some context menu items for firewall settings like "allow this program" and "block this program"
Malware testing
No malware samples
Periodic scanning
ESET Online Scanner
Microsoft Defender Offline
Secure DNS
1.1.1.1
VPN
Windscribe (using it occasionally)
Password manager
Bitwarden / Online
KeePass / Offline
Browsers and Extensions
Microsoft Edge
- delete privacy upon closing the browser
- PUP enabled
- Tracking balanced
- Additional security for websites that I don't visit often
- Search engine DuckDuckGo

Extensions
- Adguard (almost everything enabled, without duplication of the lists)
- Bitwarden (maximum privacy settings)
- FastForward (for circumvention of the url shorteners and their adds)
Utilities for Maintenance
Disk Cleanup
Wise Disk Cleaner
HiBit Uninstaller Portable
RunAsSystem
RegSeeker
Everything Portable
Files & Photos backup
External HDD via FreeFileSync
MEGA
Files & Photos backup routine
Manual
Emergency recovery plan
Acronis Cyber Protect / Bootable ISO / always cold imaging and restoring
Integrity of recovery plan
Tasks performed
    • Working from home
    • Browsing the web
    • Receiving, sending and opening email attachments
    • Buying goods from online stores, entering card details and addresses
    • Logging into personal banking to check statements and payments
    • Downloading software from reputable sites
    • Connecting-to and giving access to remote computers
    • Watching movies and TV series via subscriptions
Computer specs
Lenovo IdeaPad 5 14ARE05

Ryzen 4300U
Integrated Vega
DDR4 3200 8GB RAM
Samsung NVMe 4x 8.0GT/s, 256GB
Feedback response

I am not satisfied. Critical feedback is greatly appreciated, to make drastic changes to my overall security / privacy and it’s settings.

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,656
Windows 11 Pro /hard removed all preinstalled apps but Microsoft Store, Snipping Tool, Calculator and Photos
Error Reporting disabled
Hibernation disabled
Indexing disabled
Media features disabled
Microsoft Defender disabled by Policy Editor
OOShutUp 10 and WPD - basically mostly these settings
probably something more I cannot remember to post now *follow the changelog :)



f2K5Q4L.png


A bootable USB containing:
Hiren's Boot CD (with the last free version of Parted Magic)
Hiren's Boot CD PE
Acronis Cyber Protect Office Premium (formerly True Image Premium)
ESET SysRescue Live
Slitaz Linux
and always updated versions of EEK, Hitman Pro, MalwareBytes, Tweaking.com Windows Repair, My own pack of ransomware decryption tools, Wise Disk Cleaner Portable, Avast AntiRootkit, RKill, etc.
Chainloading bootmanagers of each ISO to make them all work together.

More Info on this page
*YUMI version
The new tutorial coming soon
 
F

ForgottenSeer 92963

Why use 1.1.1.1 when 1.1.1.2 (No Malware) and 1.1.1.3 (No Malware & Adult) are offered for free also?


You also could check ping times for 9.9.9.9 , Quad9 DNS also provide good URL filtering.
 

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,656
Why use 1.1.1.1 when 1.1.1.2 (No Malware) and 1.1.1.3 (No Malware & Adult) are offered for free also?


You also could check ping times for 9.9.9.9 , Quad9 DNS also provide good URL filtering.
I don't want to overlap malware protection too much and I am an adult 😅
You can check out Ventoy to create multi-iso bootable USB drive without any effort basically.
Thanks, but sometimes I need to fix ancient PCs (1GB of RAM or less) and Ventoy only boots ISOs from RAM which can be insufficient and programs won't run properly.
Extracting ISOs and chanloading is more efficient and compatible.
 
F

ForgottenSeer 92963

Except something gets through DNS
When you would use cloudflare 1.1.1.2 in stead of 1.1.1.1 the cloudflare servers would block the IP-addresses which are malware. A DNS is supposed to provide the IP-address which belongs to the domain name your PC is requesting. This 'phonebook of the internet' process is running on the servers of cloudflare it can never overlap with protection you have running on your PC.
 

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,656
When you would use cloudflare 1.1.1.2 in stead of 1.1.1.1 the cloudflare servers would block the IP-addresses which are malware. A DNS is supposed to provide the IP-address which belongs to the domain name your PC is requesting. This 'phonebook of the internet' process is running on the servers of cloudflare it can never overlap with protection you have running on your PC.
This leads to nowhere. Long story short I use CloudFlare because it is faster than Google, Malware is handled by Kaspersky, ads by Adguard. I don't want anything mixed.
 
F

ForgottenSeer 92963

This leads to nowhere. Long story short I use CloudFlare because it is faster than Google, Malware is handled by Kaspersky, ads by Adguard. I don't want anything mixed.
1.1.1.2 is also Cloudflare :) You are using both Kaspersky Web AV and using Edge Smartscreen so you are mixing webprotection :)
 
F

ForgottenSeer 92963

Don't mix to much input though, there is a limit a human can process.
 
Last edited by a moderator:

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,656
Nice config Bora. Have you considered using some third party app to harden Windows settings? Like SysHardener, H_C, SWH?
Thx Robo, I actually have... But then I realized that my computing habits are now too boring for those 😅
For a quite some time I only work in MS Office, mail, online conferencing, backup data and imaging the system, and play some music for my toddler to dance. Shoping and banking are done in very rare occasions.

But still I like to read updated info and possibilities about hardening.

Actually I see that nothing has dramaticaly changed. People are still crying about BD RAM usage. (Inhales the good old aroma of MWT) 😎
 

RoboMan

Level 34
Verified
Top poster
Content Creator
Well-known
Jun 24, 2016
2,355
Thx Robo, I actually have... But then I realized that my computing habits are now too boring for those 😅
For a quite some time I only work in MS Office, mail, online conferencing, backup data and imaging the system, and play some music for my toddler to dance. Shoping and banking are done in very rare occasions.

But still I like to read updated info and possibilities about hardening.

Actually I see that nothing has dramaticaly changed. People are still crying about BD RAM usage. (Inhales the good old aroma of MWT) 😎
Yeah well, same old MT! LOL

Regarding system hardening, you might wanna take a look at some simple tool like SysHardener, since you do e-mailing it might save your asleep mind a really hard time by clicking a random attachment because you haven't had your moning coffee yet!
 

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,656
Yeah well, same old MT! LOL

Regarding system hardening, you might wanna take a look at some simple tool like SysHardener, since you do e-mailing it might save your asleep mind a really hard time by clicking a random attachment because you haven't had your moning coffee yet!
I will, thx. Some long-story short guide?
 
  • Like
Reactions: harlan4096
Top