Advanced Security oldschool's 2022 laptop configuration

Last updated
Jul 2, 2022
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 11
OS edition
Login security
    • Password (Aa-Zz, 0-9, Symbols)
Primary sign-in
Local account
Primary user
Standard user - Limited permissions
Security updates
Default - allow security updates
Windows UAC
Maximum - always notify
Network firewall
ISP-issued router
Real-time protection
Microsoft Defender configured with Group Policy
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Highest setting with ASR rules enabled:
- block JS/VBS from launching downloaded executable content
- block execution of potentially obfuscated scripts
- block executable content from email client and webmail
- block credential stealing from Windows local security authority subsystem (lasass.exe)
- block process creations originating from PSExe and WMI commands
- use advanced protection from ransomware
- block persistence through WMI event subscription

Controlled Folder Access enabled with added folders:
- C:\Program Data\Microsoft\Windows\Start Menu
- C:\Users\oldshool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
- C:\Users\oldschool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

Custom exploit protection settings for all apps
Malware testing
No malware samples
Periodic security scanners
Secure DNS
Quad 9
Password manager
Browsers, Search and Addons
Brave Startpage | Brave Adblock | Emsisoft Browser Security
Firefox Startpage | µBO + Kees1958 lists | Emsisoft Browser Security | strict tracking | total cookie protection | Firefox Privacy or: How I Learned to Stop Hardening and Love Strict Tracking Protection
Edge Startpage | µBO + Kees1958 lists | Emsisoft Browser Security | Strict tracking protection
Maintenance and Cleaning
Windows built-in
Personal Files & Photos backup
Personal backup routine
Manual (maintained by self)
Device recovery & backup
Wiindows built-in | Aomei Backupper
Device backup routine
Manual (maintained by self)
PC activity
  1. Browsing the web. 
  2. Emails. 
  3. Shopping. 
  4. Downloading software. 
Computer specs
Lenovo L340 Intel(R) Core(TM) i3-8145U CPU @ 2.10GHz 2.30 GHz 8.00 GB RAM 1TB HDD
Personal changelog
22-1-9 Added VodooShield Pro v. 7.0
22-1-28 Removed TinyWall | Changed to Ghostery in Edge & Firefox
22-1-31 Removed VoodooShield
22-5-5 Removed VoodooShield
22-6-17 Switched to Bitdefender Free
22-6-23 Replaced Bitdefender with M$ Defender
22-7-1 M$ Defender configured via Group Policy to High + and added one ASR rule.
Feedback Response

General feedback


Level 67
Thread author
Top poster
Mar 29, 2018
New year. Same simple setup.

Edge flags:
Exploit protection (thanks to @Umbra). These haven't broken anything yet, e.g. extensions crashing.
- for Brave, Edge and Firefox:

Block low integrity images - ON
Block remote images - ON
Block untrusted fonts - ON
Control flow guard (CFG) - ON
Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED
Disable extension points - ON
Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED
Randomize memory allocations (Bottom-up ASLR) - ON
Validate exception chains (SEHOP) - ON
Validate handle usage - ON
Validate heap integrity - ON
Validate image dependency integrity - ON

ADD for Edge Chromium only:

Code integrity guard - ON (with or without Also allow images signed by M$ Store CHECKED)
Last edited:


Level 61
Top poster
Content Creator
Apr 24, 2016
I had printer issues after making exceptions. I uninstall when I encounter issues like this. Windows built-in = less problems.
Yes, a good decision (y)
Keeping things simple is lost art, but I can understand that on a security forum.
We hear of all those threats and there are so many toys to play with...


Level 4
Oct 4, 2019
It's just like every Windows before it. It does all the same stuff in pretty much the same way, but you'll tell yourself it's a solid step in the right direction as ultimately everyone will have to upgrade and it's stupid to be the last man standing if you're interested in technology, right?


Level 10
Jan 17, 2014
If you dont mind me asking, I've noticed your using Emsisoft's browser protection, I was wondering why as opposed to something like Malwarebytes?
In my admitted limited testing Emsisoft's was good but not quite on the level as Malwarebyte's
But great setup either way (y)(y)


Level 67
Thread author
Top poster
Mar 29, 2018
Upgraded to W11. I'm happy with it and see no reason to go back to 10.

And I was one of those put off by the early reports, thinking "W10 till '25"! ;)
There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance - that principle is contempt prior to investigation.
- Herbert Spencer