Basic Security somename Security Config 2021

Last updated
Jul 25, 2021
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
OS edition
Login security
    • Password (Aa-Zz, 0-9, Symbols)
Primary sign-in
Local account
Primary user
Standard user - Limited permissions
Other users
Other accounts are Admin users
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
None or Don't know
Real-time protection
Microsoft Defender configure with group policy
Software firewall
Windows Firewall (for Windows 8.1 or older)
Custom RTP, Firewall and OS settings
-block all incoming connections
-Hard_Configurator lists

Bitlocker setup on all drives with passphrases+tpm
Hard_Configurator recommended setup without default deny policy
core isolation, secure boot
bcdedit /set nx alwayson
print service disabled
swap disabled

(following config descriptions are from securitynigthmares config)
  • Data Execution Prevention (DEP) enforced to AlwaysOn
  • Microsoft Defender runs in a sandbox (AppContainer)
  • Windows Explorer:
    • Hidden files and folders - Show hidden files: activated
    • Hide extensions for known file types: deactivated
  • Windows Security -> App & Browser control -> Exploit-Protection -> Enable Random Arrangement for Images (Mandatory ASLR) enabled
  • Windows Updates -> Settings -> Downloads from other PCs deactivated
  • removed the following optional Windows features:
    • Internet Explorer 11
    • Internet Printing Service (under Print and Document Services)
    • Maths recognition
    • Microsoft Remote Help
    • OpenSSH Client
    • Paint 3D
    • SMB Direct
    • Windows Fax and Scan
    • Windows Hello Face Recognition
    • Windows Media Player
    • Windows PowerShell Integrated Scripting Environment
    • Working folder client
Malware testing
No malware samples
Periodic security scanners
standard windows intervalls
Secure DNS
none (edited)
nordvpn for file sharing (would rather get mullvad)
Password manager
Browsers, Search and Addons
edge mostly using wdag,
no addons, except sometimes ublock in wdag for watching youtube
Maintenance and Cleaning
win 10 disk cleanup
Personal Files & Photos backup
copy and paste (ctrl+c/v)
Personal backup routine
Manual (maintained by self)
Device recovery & backup
windows internal one
Device backup routine
Automatic (scheduled)
PC activity
  1. Browsing the web. 
  2. Browsing to unknown sites. 
  3. Downloading software. 
  4. File sharing and torrents. 
  5. PC and cloud gaming. 
  6. Multimedia. 
Computer specs
Ryzen 5 3600
AMD RX 5700
MSI B450M Mortar Max
48GB 3200mhz Ram
few nvme/sata ssds
Feedback Response

General feedback


New Member
Thread author
Jul 16, 2021
This is a quite insecure windows setup for gaming, filesharing and media consumption/creation, although I would like for it to become better in the future.
This setup will never reach good security, because of filesharing and light gaming, but it's not handling important personal data/transactions.
Work in progress, happy about feedback.

credits/thanks go to anupritaisno1, beerisgood-win10hardening, andy ful and more
Last edited:


New Member
Thread author
Jul 16, 2021
Yes, 48 gigs of ram (2x16 + 2x8, same specs/manufacturer/name otherwise). I was running QubesOS previously. I don't have control over the router. I think of the network as hostile/compromised, so I don't care about not having control over the router.
Last edited:


Staff member
Malware Hunter
Apr 28, 2015
Periodic security scanners: You may add here some 3rd party tools such as EmsiSoft E. Kit, HitManPro...

Personal Files & Photos backup: You may use cloud services

Device recovery & backup: You may add here a full system back solution such as Macrium Reflect / AOMEI Backupper


New Member
Thread author
Jul 16, 2021
48 gigs, wow, why so much?
Ram is cheap these days and I was using QubesOS before switching to Windows. When I built this pc, ram was expensive, so I went for 16gigs and added more later. Otherwise I would've gotten 32gb right away.
I am thinking about upgrading to Ryzen 3 for hardware shadow stack as well, but then I should probably invest some time into finding a decent motherboard. I'll proly wait.

Thanks for all the input (y)