Latest Changes
Jul 13, 2019
Operating System
  • Windows 10
  • Windows Edition
    Home
    Build Version
    1903
    System Architecture
    64-bit
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Always Notify
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Standard
    Sign-in Accounts
    Microsoft (@outlook)
    Sign-in Options
  • Password
  • Malware Testing
    None - No Malware on host PC or VM
    Real-time Web & Malware Protection
    Kaspersky Free Antivirus
    OSArmor
    Custom Settings For Real-Time Protection
    Custom - Major changes for Increased Security
    Custom Settings For Real-Time Protection Details
    Kaspersky on default settings; excluded my banking site from kaspersky certifications to have visible cert on that site

    Osarmor on default settings, some custom rules

    Windows security settings, browsers & extensions, exploit protection for msedge.exe, code integrity guard.
    Virus and Malware Removal Tools
    Malwarebytes adwcleaner
    Emsisoft emergency kit
    Zemana antimalware
    Malwarebytes adwcleaner
    Browsers and Extensions
    Microsoft edge developer;
    - Ublock origin
    - Bitwarden

    chrome :/flags;
    Smooth Scrolling - disabled
    GPU rasterization - enabled
    Enable AppContainer Lockdown - enabled
    TLS 1.3 downgrade hardening - enabled
    Parallel downloading - enabled
    Mark non-secure origins as non-secure - mark as actively dangerous
    Simplify HTTPS indicator UI - disabled
    Enable GPU AppContainer Lockdown. - enabled
    PDF Isolation - enabled
    Enable lazy image loading - enabled
    Enable lazy frame loading - enabled
    Block unsafe downloads over insecure connections - enabled
    Limit Media Autoplay - enabled
    Microsoft Edge tracking prevention - enabled =strict
    Web Privacy
    Verisign DNS
    Password Manager
    Bitwarden
    Web Search
    Bing
    System Utilities
    Geek uninstaller
    Process explorer
    Data Backup
    External drive
    Frequency of Data backups
    Monthly
    System Backup
    Aomei backupper Free
    Frequency of System backups
    Regularly
    Computer Activity
  • PC Gaming
  • Online banking
  • Browsing web and email
  • Install new programs on a weekly basis
  • Watch movies and other entertainment content on the Internet
  • Shared device is used by family members
  • Computer Specifications
    Asus m5A97
    AMD FX-6300 @ 3.8ghz
    MSI GTX-970
    HDD 1TB
    8GT Kingston Ram, @1600Hz

    Moonhorse

    Level 26
    Verified
    Content Creator
    24.4.2019 several config changes
    New products highlighted

    Realtime protection:
    -Windows defender ( controlled folder protection enabled)
    -Configure defender ( high settings)
    -Runbysmartscreen
    -Documents anti-exploit
    -appcheck antiransomware free

    i wanted to have anti-exploit for chrome and documents are only protected so i went with appcheck, wich is very lite, around 4mb idle usage. Free doesnt protect office
    212740


    on-demand scanners

    -Malwarebytes free
    -Adwcleaner
    -Zemana free 3.0
    -Roguekiller

    Google chrome:
    • Nano adblocker
    • Nano defender
    • Blocksi (block unrated, block all ''sketchy domains'')
    • Https everywhere ( encrypt all sites (Ease) ) Thought first this is completely useless to have, but since i use it with TOR, i have found it needed
    • Netcraft
    • Bitwarden
    Chrome flags enabled:
    • block downloads over insecure connections
    • Anonymize WebRTC
    • Disable smooth scrolling
    • Enable GPU appcontainer lockdown
    • Enable appcontainer lockdown
    • TLS 1.3 downgrade hardening
    • NoState Prefetch
    • Parallel downloading
    • Mark non-secure origins as non-secure
    • PDF Isolation
    • Enable lazy image loading
    • Enable lazy frame loading
    DNS: Cleanbrowsing ( has servers on eu ) Neustar has in USA

    System cleanup tools : Privazer
     

    Moonhorse

    Level 26
    Verified
    Content Creator
    30.4.2019 ...literally wanted to swap back to windows defender because of edge browser + application guard, since im planning to use microsoft edge + windows defender after may update

    Realtime protection:
    - windows defender
    - hard_configurator on recommended settings
    - configure defender on high settings
    - controlled folder access enabled
    - application guard applied to microsoft edge canary

    Browsers and Extensions:
    Microsoft edge canary;
    - Smartadblocker
    - Noscript
    - Https everywhere (ease)
    - Bitwarden

    Web Privacy
    Chrome flags enabled:
    • block downloads over insecure connections
    • Anonymize WebRTC
    • Disable smooth scrolling
    • Enable GPU appcontainer lockdown
    • Enable appcontainer lockdown
    • TLS 1.3 downgrade hardening
    • NoState Prefetch
    • Parallel downloading
    • Mark non-secure origins as non-secure
    • PDF Isolation
    Search engine swapped to duckduckgo, due it wont sencore searches like google does

    Something notable:
    - lazy image
    - lazy frame
    ://flags caused some sites to be completely un-usable

    Edit 1: did change from edge canary to edge developer, due no need to whitelist with H_C like in canary
     
    Last edited:

    Moonhorse

    Level 26
    Verified
    Content Creator
    15.5.2019

    Im back to comodo antivirus; block mode

    Notable changes:
    Microsoft edge developer as mainbrowser. My extension list is huge but has everything covered

    Comodo antivirus in block mode ( after first boot WD was on, should i disable it manually? )

    DNS changed to Verisign DNS
     

    Moonhorse

    Level 26
    Verified
    Content Creator
    Alright sorry for spam, i kinda rushed ( as always)

    I moved back to chrome, due some ://flags

    I moved to ublock origin in medium mode as @oldschool suggested on forums / this thread . The computer is family pc, but im whitelisting important sites manually

    I have added pictures of blocksi + comodo rules

    I have updated chrome ::/flags
     

    Moonhorse

    Level 26
    Verified
    Content Creator
    22.5.2019

    Updated to windows 1903, without issues

    To avoid any antivirus issues im staying with windows defender, but decided to add configuredefender on high settings

    - tampering protection enabled ( new feature) aswell controlled folder access is enabled.
    - Appcheck anti-ransomware free as filler ( i like the gui and it has anti-exploit)
    - documents anti-exploit by andy, since appcheck requires pro version for office

    Using system built-in tools for defragling and manually clearing chrome histories etc for now
    I know my extension list is still the same, but i think thats fine as i need them and in overall they cover everything
     

    Moonhorse

    Level 26
    Verified
    Content Creator
    26.6.2019

    Did some config changes

    tldr;

    +Kaspersky Free antivirus
    +Appcheck anti-ransomware free
    +Documents antiexploit by andys, because appcheck dont protect office
    +Run by smartscreen - from andy

    + edge canary as mainbrowser
    - ublock origin
    - bitwarden

    + updated ''password'' as sign-in protection
    + did remove chrome::/flags that didnt exist on canary anymore
     

    Moonhorse

    Level 26
    Verified
    Content Creator
    Did complete swap on my config . 12.7.2019

    Realtime protection:
    - AVG antivirus free; heurestic on high, pup defense mode enabled
    - Comodo firewall; cruelsister settings


    Mozilla firefox;
    - Ublock origin
    - Netcraft
    - Bitwarden password manager
    - Https Everywhere (strict mode)

    About:config;
    - media.peerconnection.enabled = FALSE
    - security.tls.version.min = 3
    - privacy.resistFingerprinting = TRUE
    - Network.trr.mode = 2 , because of cloudflare DNS

    and CCleaner as system utility
     

    Moonhorse

    Level 26
    Verified
    Content Creator
    I lasted a day with buggy comodo firewall , so i reverted back to config wich really works
    small tldr;

    Realtime protection:
    - Kaspersky Free Antivirus
    - OSArmor
    - Windows security settings > browsers & extensions, > exploit protection for msedge.exe= code integrity guard.

    Microsoft edge developer;
    - Ublock origin
    - Bitwarden

    chrome :/flags;
    Smooth Scrolling - disabled
    GPU rasterization - enabled
    Enable AppContainer Lockdown - enabled
    TLS 1.3 downgrade hardening - enabled
    Parallel downloading - enabled
    Mark non-secure origins as non-secure - mark as actively dangerous
    Simplify HTTPS indicator UI - disabled
    Enable GPU AppContainer Lockdown. - enabled
    PDF Isolation - enabled
    Enable lazy image loading - enabled
    Enable lazy frame loading - enabled
    Block unsafe downloads over insecure connections - enabled
    Limit Media Autoplay - enabled
    Microsoft Edge tracking prevention - enabled =strict

    DNS = verisign
    Default search engine = Bing

    System utilities:
    - geek uninstaller
    - process explorer

    sorry for spam