Recent changes
Dec 25, 2019
Windows Edition
Home
Sign-in account
Sign in with local account
Log-in security
    • Account password
    • Windows Hello PIN
    • Windows Hello Fingerprint
Account permissions
Standard account
Security updates
Automatically allow security and feature updates
Windows UAC
Always notify
Malware samples
No - Malware samples are not purposely downloaded
Real-time Malware protection
Emsisoft Antimalware
Hard_Configurator [OS & firewall hardening]
Firewall protection
Microsoft Defender Firewall
RTP configuration
Emsisoft [default]
Hard_Configurator [@Andy Ful recommended enhanced & recommended firewall hardening ]
Periodic scanners
On demand scanners:
  • malwarebytes antimalware free
  • Hitman Pro free
VPN and Privacy
  • avast secureline vpn
  • cloudflare 1.1.1.1
Browser(s) and Add-ons
Hardened Chrome
  • ublock origin in medium mode
chrome://flags

- Anonymize local IPs exposed by WebRTC.
- Extension Content Verification - Enforce Strict
- Reduce default 'referer' header granularity.
- Block scripts loaded via document.write
- TLS 1.3 hardening for local anchors
- Enable GPU AppContainer Lockdown.
- Treat risky downloads over insecure connections as active mixed content
- Strict-Origin-Isolation
- Show Safety Tip UI when visiting low-reputation websites
- Secure DNS lookups
- Password Leak Detection
Maintenance tools
  • gpg encryption
  • bandizip archiver
  • notepad++
Photos and Files backup
  • macrium reflect free
File backup schedule
Manually managed on a weekly basis
Backup and rollback
macrium reflect free
Backup schedule
Manually managed on a weekly basis
Activity usage
  1. Financial and sensitive documents
  2. Generic web browsing
  3. Streaming audio and video content from the Internet
  4. Downloading files from unfamiliar sites
  5. Working from home
Computer hardware
Dell xps 13 9380
i5-8265U
UHD Graphics 620
8GB DDR3
256GB SSD

my phone:

Andy Ful

Level 65
Verified
Trusted
Content Creator
...
p.s. the current H_C configuration disables microsoft office macros. What should I do to temporarily enable macros to run in my spreadsheets?

thanks again
Thanks.:giggle:
You can enable macros by setting <Documents Anti-Exploit> to "Adobe" or "OFF". The first setting will harden only Adobe Reader (XI or DC). Next, use SwitchDefaultDeny tool to run "Documents Anti-Exploit" and set <MS Office> to ON1.
Finally, run Excel and allow macros with notification via:
Trust Center > Trust Center Settings > Macro Settings > Disable all macros with notification.

The above config will still harden the MS Office applications except for Excel macros.
The ON1 settings in "Documents Anti-Exploit" works for the particular User Account. If you want to harden another account, then the procedure must be repeated from it.(y)
 

LDogg

Level 32
Verified
Unless you know W/Firewall well, I would suggest an additional piece of software called Tinywall, under 2MB to download, easy learning curve, plenty of YouTube video to watch and stop the various threat below:

  1. Ransomware: Some ransomware must contact the C&C server before any encryption can take place. So, you get an outbound connection alert when ransomware runs. Block it and it won't be able to harm your data.
  2. Keyloggers: They can log almost anything. Problem occurs when the recorded data is transmitted to the cyber criminals who can misuse it. Damage can be prevented if you stop any malicious connection to happen from your end.
  3. Remote Access Trojan (RAT): Some RATs will operate by injecting directly into a legitimate Windows process like svchost, using this to connect out instead of some other executable that can be grossly apparent. Firewalls will not only block the hollowed process from connecting out, but they do it silently with any user input.
The rest looks simple and efficient!

~LDogg
 

LDogg

Level 32
Verified
beta tested the v3, i wasnt super fond of it, what you think about it? (i still prefer the ex-binisoft/Malwarebytes Windows Firewall Control, more granular to me)
MWFC is a great piece of software but if it blocks something the user doesn't understand, it can be a complete nightmare. I think for ease of use and minute amount of memory being used, I've always (now) suggested Tinywall.

~LDogg
 

mkoundo

Level 3
Verified
Removed
  • Avast free antivirus
  • Aomei Backupper (liking macrium very much....system restore in under 3 min!)
  • Zemana (started flagging foobar2k which I've been using for nearly 20 years....no thanks)
Added
  • Emsisoft Antimalware (default settings) - @Umbra & @oldschool convinced me....so far it's running very smoothly
Tweaked
  • H_C changed to profile "windows 10 recommended enhanced"
(y)(y):emoji_beer:
 

mkoundo

Level 3
Verified
Removed
  • Adguard browser extension
Added
  • Ublock origin - medium mode
1577256985643.png
1577257005692.png
1577257024650.png

1577294906169.png
Tweaked
  • Hardened Chrome
chrome://flags

- Anonymize local IPs exposed by WebRTC.
- Extension Content Verification - Enforce Strict
- Reduce default 'referer' header granularity.
- Block scripts loaded via document.write
- TLS 1.3 hardening for local anchors
- Enable GPU AppContainer Lockdown.
- Treat risky downloads over insecure connections as active mixed content
- Strict-Origin-Isolation
- Show Safety Tip UI when visiting low-reputation websites
- Secure DNS lookups
- Password Leak Detection
 
Last edited:
Top