Advanced Plus Security Happy wife happy life setup

Last updated
Feb 6, 2020
Operating system
Windows 11
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Kaspersky Security Cloud FREE
Firewall security
Microsoft Defender Firewall
About custom security
Hard Configurator with default deny for dangereous file extension in user folders (allowing MSI, EXE and TMP) and blocking script processing sponsors/LOLbins (allowing execution when UAC elevated a process or running as Adminstrator).

Added Windows Defender Exploit Protection for Office programs and Edge browser (most important feature for all Microsoft signed script processing user programs is to enabled Code Integrity Guard and additionally set a 'do not allow child processes' for Word, Excel and PowerPoint).

Added DocumentsAntiexploit set MsOffice to ON2 (can't be overruled in trustcenter) and checked and hardened remaining setting of the Office Trustcenter manually (tighten trusted locations, disable unnecessary add-ins, macro's, active-X, use protected view etc).

Added a 'Traverse folder/ Deny Execute' Access Control List for Everyone in:
- Public User
- Startup folders (both ProgramData and AppData)
- Downloads folder
- Outlook Mail folder on second harddisk
- My Documents on second harddisk
- My Pictures on second harddisk
- My Videos on second harddisk

Windows 10 Pro - Group Policy hardening
- Disabled remote/assistance/sharing features and services
- Disabled stuff I don't use (gadgets, netmeeting, workspace, games, rss feeds, etc)
- Deny execution access on Removable disk & turn off autoplay
- Restricted HKCU legacy run (run/don't run, custom user interface, run at startup, legacy run)

.
Periodic malware scanners
Sysinternals Process Explorer and Autoruns and Microsoft's monthly Windows Malicious Software Removal Tool (MSRT).
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Opera hardened by setting most of the website permissions to block and uMatrix blocking third-party code references like scripts, frames and xmlhttprequest.

Edge with most website permission on default, disabled Smartscreen with added Adguard (using Peter Low blocklist and 20 User Rules for things missed by blocklist using Adguard's easy to use 'block ads on this website' rule creator feature )

.
Maintenance tools
Windows build-in
File and Photo backup
Windows Data Backup plus SyncBackfree monthly backup to USB
System recovery
Windows Image Backup
Risk factors
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Working from home
Computer specs
Notable changes
Running admin again, replaced Windows Defender for Kaspersky Free

Lenny_Fox

Level 22
Thread author
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
Thanks, forgot to mention running the monthly Windows Malicious Software Removal Tool (MSRT). I prefer to roll back to a clean image when programs in UAC protected folders are infected. When AV-finds poisoned documents and deletes them, I also check my documents backup (AV-scan).

Because my girlfriend uses the same setup, all custom security settings are geared towards reducing the attack surface while maintaining full functionality and compatibility
- setting software restriction policy for dangereous file extension while allowing MSI, EXE and TMP executables
- setting software restriction policy for script processing LOLbins, while allowing them to run elevated
- adding strong exploit protection designed by Microsoft for Microsoft (no compatibility issues, no functional restrictions)
- adding ACL restrictions on sub-folders which should not host executable code

To be honest, I would have stayed on all Microsoft security setup when the IT-guy had not convinced my girlfriend that Kaspersky is the best. This setup shows I am open minded by using an US operating systemwith a Russian AV, an US browser with a Russian Ad-blocker and a Chinese Browser-VPN with a third-party content blocker of a Canadian developer.
 
Last edited:

Dhruv2193

Level 10
Verified
Well-known
Nov 7, 2016
468
Good decision-using software from different countries and not being paranoid like many users who don't like software just because it is from a particular country.
 
  • Like
Reactions: Outpost

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top