By Staff Team BoraMurdar's System 2022

Last updated
Mar 8, 2022
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 11
OS edition
Pro
Login security
    • Password-less (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Default - notify when programs attempt to make changes
Network firewall
ISP-issued router
Real-time protection
Kaspersky Security Cloud Free
- File AV / scan upon execution
- Web AV / Heuristics to High, Scan all URL's
- System Watcher / Block - Delete - RollBack
- Inject script into web traffic / disabled
- Password protected settings
- disabled all promo notifications
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Just added some context menu items for firewall settings like "allow this program" and "block this program"
Malware testing
No malware samples
Periodic security scanners
ESET Online Scanner
Microsoft Defender Offline
Secure DNS
1.1.1.1
VPN
Windscribe (using it occasionally)
Password manager
Bitwarden / Online
KeePass / Offline
Browsers, Search and Addons
Microsoft Edge
- delete privacy upon closing the browser
- PUP enabled
- Tracking balanced
- Additional security for websites that I don't visit often
- Search engine DuckDuckGo

Extensions
- Adguard (almost everything enabled, without duplication of the lists)
- Bitwarden (maximum privacy settings)
- FastForward (for circumvention of the url shorteners and their adds)
Maintenance and Cleaning
Disk Cleanup
Wise Disk Cleaner
HiBit Uninstaller Portable
RunAsSystem
RegSeeker
Everything Portable
Personal Files & Photos backup
External HDD via FreeFileSync
MEGA
Personal backup routine
Manual (maintained by self)
Device recovery & backup
Acronis Cyber Protect / Bootable ISO / always cold imaging and restoring
Device backup routine
Manual (maintained by self)
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Emails. 
  4. Shopping. 
  5. Banking. 
  6. Downloading software. 
  7. Remote assistance. 
  8. Multimedia. 
Computer specs
Lenovo IdeaPad 5 14ARE05

Ryzen 4300U
Integrated Vega
DDR4 3200 8GB RAM
Samsung NVMe 4x 8.0GT/s, 256GB
Feedback Response

Most critical feedback

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,654
Windows 11 Pro /hard removed all preinstalled apps but Microsoft Store, Snipping Tool, Calculator and Photos
Error Reporting disabled
Hibernation disabled
Indexing disabled
Media features disabled
Microsoft Defender disabled by Policy Editor
OOShutUp 10 and WPD - basically mostly these settings
probably something more I cannot remember to post now *follow the changelog :)



f2K5Q4L.png


A bootable USB containing:
Hiren's Boot CD (with the last free version of Parted Magic)
Hiren's Boot CD PE
Acronis Cyber Protect Office Premium (formerly True Image Premium)
ESET SysRescue Live
Slitaz Linux
and always updated versions of EEK, Hitman Pro, MalwareBytes, Tweaking.com Windows Repair, My own pack of ransomware decryption tools, Wise Disk Cleaner Portable, Avast AntiRootkit, RKill, etc.
Chainloading bootmanagers of each ISO to make them all work together.

More Info on this page
*YUMI version
The new tutorial coming soon
 
F

ForgottenSeer 92963

Why use 1.1.1.1 when 1.1.1.2 (No Malware) and 1.1.1.3 (No Malware & Adult) are offered for free also?


You also could check ping times for 9.9.9.9 , Quad9 DNS also provide good URL filtering.
 

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,654
Why use 1.1.1.1 when 1.1.1.2 (No Malware) and 1.1.1.3 (No Malware & Adult) are offered for free also?


You also could check ping times for 9.9.9.9 , Quad9 DNS also provide good URL filtering.
I don't want to overlap malware protection too much and I am an adult 😅
You can check out Ventoy to create multi-iso bootable USB drive without any effort basically.
Thanks, but sometimes I need to fix ancient PCs (1GB of RAM or less) and Ventoy only boots ISOs from RAM which can be insufficient and programs won't run properly.
Extracting ISOs and chanloading is more efficient and compatible.
 
F

ForgottenSeer 92963

Except something gets through DNS
When you would use cloudflare 1.1.1.2 in stead of 1.1.1.1 the cloudflare servers would block the IP-addresses which are malware. A DNS is supposed to provide the IP-address which belongs to the domain name your PC is requesting. This 'phonebook of the internet' process is running on the servers of cloudflare it can never overlap with protection you have running on your PC.
 

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,654
When you would use cloudflare 1.1.1.2 in stead of 1.1.1.1 the cloudflare servers would block the IP-addresses which are malware. A DNS is supposed to provide the IP-address which belongs to the domain name your PC is requesting. This 'phonebook of the internet' process is running on the servers of cloudflare it can never overlap with protection you have running on your PC.
This leads to nowhere. Long story short I use CloudFlare because it is faster than Google, Malware is handled by Kaspersky, ads by Adguard. I don't want anything mixed.
 
F

ForgottenSeer 92963

This leads to nowhere. Long story short I use CloudFlare because it is faster than Google, Malware is handled by Kaspersky, ads by Adguard. I don't want anything mixed.
1.1.1.2 is also Cloudflare :) You are using both Kaspersky Web AV and using Edge Smartscreen so you are mixing webprotection :)
 
F

ForgottenSeer 92963

Don't mix to much input though, there is a limit a human can process.
 
Last edited by a moderator:

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,654
Nice config Bora. Have you considered using some third party app to harden Windows settings? Like SysHardener, H_C, SWH?
Thx Robo, I actually have... But then I realized that my computing habits are now too boring for those 😅
For a quite some time I only work in MS Office, mail, online conferencing, backup data and imaging the system, and play some music for my toddler to dance. Shoping and banking are done in very rare occasions.

But still I like to read updated info and possibilities about hardening.

Actually I see that nothing has dramaticaly changed. People are still crying about BD RAM usage. (Inhales the good old aroma of MWT) 😎
 

RoboMan

Level 34
Verified
Top poster
Content Creator
Well-known
Jun 24, 2016
2,344
Thx Robo, I actually have... But then I realized that my computing habits are now too boring for those 😅
For a quite some time I only work in MS Office, mail, online conferencing, backup data and imaging the system, and play some music for my toddler to dance. Shoping and banking are done in very rare occasions.

But still I like to read updated info and possibilities about hardening.

Actually I see that nothing has dramaticaly changed. People are still crying about BD RAM usage. (Inhales the good old aroma of MWT) 😎
Yeah well, same old MT! LOL

Regarding system hardening, you might wanna take a look at some simple tool like SysHardener, since you do e-mailing it might save your asleep mind a really hard time by clicking a random attachment because you haven't had your moning coffee yet!
 

BoraMurdar

Community Manager
Thread author
Verified
Staff member
Well-known
Aug 30, 2012
6,654
Yeah well, same old MT! LOL

Regarding system hardening, you might wanna take a look at some simple tool like SysHardener, since you do e-mailing it might save your asleep mind a really hard time by clicking a random attachment because you haven't had your moning coffee yet!
I will, thx. Some long-story short guide?
 
  • Like
Reactions: harlan4096