SECURITY: Complete Lenny_FoX Desktop Config 2021

Last updated
Dec 11, 2020
About
Personal, primary device
Desktop OS
Windows 10
Login security
    • Password (Aa-Zz, 0-9, Symbols)
Primary sign-in
Local account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Default - notify when programs attempt to make changes
Real-time protection
  1. Microsoft Defender Attack Surface Reduction rules and Anti-Exploit
  2. Kaspersky Cloud Free (no HTTPS scanning)
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
1. UAC - deny elevation of unsigned binaries
2. Software Restriction Policy (similar to SimpleWindowsHardening)
3. Microsoft Defender ASR rules & Exploit protection hardening
4. Kaspersky Cloud Free (https scanning disabled)
5. Using Quad9 (DNS), Trend Micro Smart Home (router), browser (Smartscreen/Safe Browsing)
Malware testing
No malware samples
Periodic security scanners
windows malicious software removal tool, Autoruns64, ProcessExplorer
Browsers, Search and Addons
Edge browser for daily browsing
  • for searching & surfing: strict mode, with @BeerIsGood Edge list
  • for booking & buying: default mode with no-extensions.
Chrome browser with BulletVPN and uMatrix as webrequest firewall
Maintenance and Cleaning
ProcessExploreer and Autoruns64
Personal Files & Photos backup
Syncback Free and Windows Backup (yes 2x backup)
Personal backup routine
Device recovery & backup
Syncback adhoc, usually three to five times per day, Windows Backup monthly, Syncback to USB offline HD also once a month
Device backup routine
PC activity
  1. Browsing the web. 
  2. Banking. 
  3. Working from home. 
  4. Streaming. 
Computer specs
Intel I7 950 with 8 GB Ram, 2 SSD drives and 2 HDD drives (1TB and 2TB)
Personal changelog
Replaced router

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,127
6,457
After mirroring my grirfirend's laptop config for over a year, I am confident that setup works flawlessly (Simple Windows Hardening plus Configure Defender on Max).

So it started to itch and I went back to using group policy again (for Software restriiction Policies and Defender Exploit Protection) and decided to give the combo Spyshelter Free Hips+Fw and WideVectorStopX a run.
 
Last edited:

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,127
6,457
@Jan Willy

I never look at CPU memory usage (old i7-950 with 8 GB Ram), sorry. My benchmark is startup of browser and the combo Spyshelter + WiseVector launch Edge on average 0.1 or 0.2 second faster (1.4 - 1.5 WD and 1.3-1.4 WV+SS), but repetive lanches are 0.1 second slower. For reference on my PC Avast with file shield only (all other modules not installed) launches Edge in 1.5 to 1.6 second and Bitdefender free in 1.6 to 1.7.
 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,127
6,457
Update: Spyshelter Free FW+HIPS (auto allowing Microsoft signed) and WiseVector StopX (excluded advanced proetction for MS Office, Edge and Explorer) with WD Explpoit Protection blocking non Microsoft DLL's in Office Programs + Explorer + Edge and Attack Surface Reduction rules runs really really well.

WiseVectorStopX is the only AV I know which has an option to exclude injecting the AV's userland DLL for user specified programs. This way I can fully utilize Microsoft Defender Exploit protection for Microsoft programs. This combo survived the two day trial (which makes it on parr with Kaspersky Free).

(y)(y)(y) to WV and SS
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
1,115
6,530
Hehehe, besides the bug that you found in an old version that has already been fixed in the version below, what other bugs did you find to give you the impression that VS is buggy as hell? Please let me know and I will fix them!

 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,127
6,457
@danb

I used the one downloaded from your website and updated it, so when I downloaded old version you can't blame me for it.

To be fair: It is not nice to post buggy as hell, just because I was disappointed. Free is free and people should take a gift as it is, not complain when it is not to their liking, so I apologize for that (and changed the test)

One other bug:
Free is allowed for three rules, but I can add as many rules as I like using the create rule from blocked program option

One other I was not able to get working (but that could be me)
Creating allow rules on signature. To be fair even Microsoft uses certificates with an expired date, so I get an not valid certificate error when creating a certifcate rule. Also the thumprint of a certifcate seems to taken into consideration (making creating allow rules of another program of same signer impossible for me).
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
1,115
6,530
@danb

I used the one downloaded from your website and updated it, so when I downloaded old version you can't blame me for it.

To be fair: It is not nice to post buggy as hell, just because I was disappointed. Free is free and people should take a gift as it is, not complain when it is not to their liking, so I apologize for that (and changed the test)

One other bug:
Free is allowed for three rules, but I can add as many rules as I like using the create rule from blocked program option

One other I was not able to get working (but that could be me)
Creating allow rules on signature. To be fair even Microsoft uses certificates with an expired date, so I get an not valid certificate error when creating a certifcate rule. Also the thumprint of a certifcate seems to taken into consideration (making creating allow rules of another program of same signer impossible for me).
Sorry, I wasn’t blaming you, I was just explaining that this bug had already been fixed. That bug appeared recently with VS 6.0 when I replaced VT with WLC… I had to make A LOT of changes to VS’s Rules. We will be working out small bugs like this for probably another couple of months, but they will be easy fixes and nothing that we could have avoided. And unless it is a major bug, I really like to wait as long as possible for public releases simply because when we release a version to the public, then everyone has to update VS, including businesses with a lot of users.

No problem at all… I am used to people getting mad at me when they are disappointed that VS has a small bug or does not work the way they want it to. It is quite peculiar, but VS is the only product that I am aware of where this happens. Just curious, can anyone think of any other product where users are extremely disappointed and pissed at the dev when there is a bug in the product? I would also be curious why people think this happens most often with VS. I have a theory why this happens, but we can save that for another day. I know I am always highly disappointed when VS has a bug or does not work as expected, but all I can do is try my best, and keep moving forward when most sane people would have given up a long time ago ;).

Yeah, someone reported the bug where free users can add unlimited rules a while back, but for some reason I thought it was a good idea to leave it as it was so they could add as many rules as they wanted… kind of like the infamous WinRAR trial ;). But really I should fix this one way or the other.

We probably should just remove the valid certificate check altogether (I already removed it for all of the hardwired rules in VS), and just leave the verified certificate check. But when I was fixing this bug a couple of weeks ago it made the most sense at the time to leave the valid certificate check for now.

We could have an option for the signer name instead of the thumbprint, but obviously that would be easy to bypass for the well-known signers. If you can think of a way we can do this safely, I would be happy to make the change. Thank you!
 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,127
6,457
@danb
When new program has same signer name and certificate is okay, you could add a minimum AI requirement of for instance 90, instead of same signer owner. You could make exception (no AI minimum score requirement) for a few Microsoft specific signers (e.g Windows and Microsoft co-signed system stuff).
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
1,115
6,530
Thank you for the suggestion... I will look over all of the signature features to see if there is a better way we can do this. I agree, thumbprints are kind of a pain because there can be many in an organization.
 

mazskolnieces

Level 3
Jul 25, 2020
116
598
No problem at all… I am used to people getting mad at me when they are disappointed that VS has a small bug or does not work the way they want it to. It is quite peculiar, but VS is the only product that I am aware of where this happens.
Completely false. Just look through MalwareTips and look at the backlash against every product out there for this or that bug. VS isn't being unfairly targeted. The forum beehive mindedness is being applied to it the same as any other security or non-security product.
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
1,115
6,530
Completely false. Just look through MalwareTips and look at the backlash against every product out there for this or that bug. VS isn't being unfairly targeted. The forum beehive mindedness is being applied to it the same as any other security or non-security product.
PLEASE, I beg you, PLEASE provide a couple of links that demonstrates where people get really mad at the dev because of a simple bug. I honestly take it as a compliment and assume they are highly disappointed because they love VS's concept but absolutely hate it when there are bugs (like I do). Perhaps you can shed some light as to why this happens A LOT with VS. You have spent a lot of time pondering security software and emotional attachment.
 
Top