Latest Changes
Sep 15, 2019
Operating System
  • Windows 10
  • Windows Edition
    Education
    Version or Build no.
    1903
    System type
    64-bit operating system; x64-based processor
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Default
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Administrator
    Sign-in Accounts
    Microsoft (@outlook.com)
    Sign-in Options
  • Password
  • Windows Hello PIN (recommended)
  • Malware Testing
    I do not participate in downloading malware samples
    Real-time Web & Malware Protection
    Unmanaged Windows 10 Education native security tweaked with
    Andy_Ful's Hard_Configurator
    RTP - Custom security settings
  • Major changes for Increased security
  • RTP - Details of Custom security settings
    • Use maximum settings in Hard_Configurator SRP, Firewall_Hardener and Configure_Defender
    • Allow runonce.exe
    • Allow Windows 10 Security Center to be available in the tray notification area
    • Whitelist MSEdge.exe dev in ASR rules
    Virus and Malware Removal Tools
    Microsoft Malicious Software Removal Tool
    Browsers and Extensions
    Chromium Microsoft Edge
    Privacy-focused Apps and Extensions
    Adguard
    Password Managers
  • Bitwarden
  • Web Search
  • Bing
  • System Utilities
    Privazer
    Data Backup
    • OneDrive
    • Macrium Reflect Free
    Frequency of Data backups
    Always-on Sync
    System Backup
    With Macrium Reflect Free, take a single system image and retain it for recovery.
    Frequency of System backups
    Rarely
    Computer Activity
  • Online banking
  • Browsing web and email
  • Watch movies and other entertainment content on the Internet
  • Office and work related tasks
  • Programming
  • Computer Specifications
    • Dell XPS 15
    • i7 7700HQ
    • NVidia GeForce 1050
    • 32 GB (2 X 16 GB) HyperX Kingston 2400MHz DDR4 CL14
    • 512 GB Samsung M951 SSD NVMe PCIe
    • Matte non-Touch 1980 x 1020 display
    • Undervolt CPU
    9

    93803123

    Why do you need Microsoft Malicious Software Removal Tool on top of WD, also why allow runonce ?
    Microsoft Malicious Software Removal Tool is auto-installed by W10. It can be removed by the user if they wish. I just leave it. And I've never used it. I listed it only because of the Virus and Malware Removal Tools field above.

    runonce.exe must be allowed to run on systems that have an application that uses runonce to launch its interface, such as DropBox. If runonce.exe is blocked, then the DropBox tray icon\user interface will not launch.
     

    Andy Ful

    Level 48
    Verified
    Trusted
    Content Creator
    Do you feel this setup usable?
    I prepared H_C max settings for unsafe or vulnerable environment. :emoji_thinking:
    For most MT members the H_C Recommended Settings, or predefined profile Windows_10_MT_Windows_Security_hardening, will be well balanced between security and usability. (y)
     
    9

    93803123

    Do you feel this setup usable?
    I prepared H_C max settings for unsafe or vulnerable environment. :emoji_thinking:
    For most MT members the H_C Recommended Settings, or predefined profile Windows_10_MT_Windows_Security_hardening, will be well balanced between security and usability. (y)
    I have zero problems using maximum settings. Like none. Like, ever-ever.

    NVidia drivers install no problem.
    Windows Updates install no problem.
    Drivers via Windows Updates install no problems.
    MSEdge.exe dev updates install no problem.

    If I need to use something that is blocked by SRP, then I know how to launch it using Admin privileges. No problems.

    I use this PC. I do "stuff" on it. I don't have problems with it. If I had to install an IDE such as PyCharm, then I would have to whitelist a few processes by file path located in the User Profile directories because SRP would block them. To update PyCharm, I might have to run it with Admin privileges. So what. No big deal. Easy. No problems.

    Privazer uses wmic.exe, reg.exe, netsh.exe, and others. It runs as Admin automatically in the Admin account. No problems.

    For me, using SRP is ezpz. I don't get why others do not understand SRP. SRP is allow-block and ON-OFF. Like, there is next to nothing to learn. It is as simple as getting into the bathtub and splashing water to make bubbles.

    Problem ? So what ? Problem is no problem. Find out what is blocked and then allow it. LOL, what is so difficult about that ? Not every allow-block decision has the potential outcome of nuclear war or peace. Most are just really common sense decisions within the context of what is happening on the system.

    If you can read, and ride a tricycle, then you can use SRP, even at maximum settings.

    ezpz :ROFLMAO:
     
    Last edited by a moderator: