Basic Security Spawn's W10 Security 2021

Last updated
Feb 9, 2021
How it's used?
Operating system
Windows 10
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Smart App Control
Network firewall
Real-time security
Microsoft Defender Antivirus
Firewall security
Microsoft Defender Firewall
About custom security
Configured via Local Group Policy Editor

Microsoft Defender Antivirus settings:
  • Block at First Sight
Microsoft Defender SmartScreen settings:
  • SmartScreen - Warn and prevent bypass
  • App Install Control - Warn me before installing apps from outside the Store
  • Site Control - Blocked from visiting potentially malicious sites [currently testing]
Periodic malware scanners
Malwarebytes AdwCleaner
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge
Using Bing.com for earning Reward Points.
Secure DNS
NordVPN DNS via native apps
Desktop VPN
NordVPN for Windows client:
  • Auto-connect
  • KillSwitch disabled
  • Split tunneling for OneDrive and Spotify apps
Password manager
Microsoft Passwords
Microsoft Authenticator
Maintenance tools
Storage Sense:
  • Scheduled weekly
  • Temp files excluding Downloads
Self-cleaning browser for Cache clearance
File and Photo backup
Microsoft OneDrive
System recovery
File copied to external drive, offline storage.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Sharing and receiving files and torrents
    • Streaming audio/video content from shady sites
Computer specs
MSI
Intel Core i7 (4th gen)
Nvidia 765M
8GB RAM
128 GB SSD (OS) + 1 TB HDD (DATA)
Notable changes
February 7th, 2021
  1. Fresh installation.

February 9th, 2021
  1. Uninstalled Opera GX - too many settings to configure and tweak.
  2. Uninstalled many optional Windows features
  3. Installed Microsoft 365, Steam, Epic Games, NordVPN app and addons.
February 18th, 2021
  1. Configured App & RTP with Group Policy Editor
What I'm looking for?

Looking for medium feedback.

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,592
Purchased brand new in 2014.

Fresh installation performed 7th February 2021.
Even tho it's quite natural to use OperaVPN when also using the browsers I still would highly advise against using it. It's not trustworthy at all. Correct me if I'm wrong, but I also think that it is just a proxy and does not encrypt any traffic. Read more about it here:
Also consider setting UAC to always notifiy.
Since you are an admin here on MalwareTips I'm pretty sure that you know the hardening tools of AndyFul. Why are you not using tools like ConfigureDefender or FirewallHardening? Apart from that, a real solid config without too many frills.
 

Ink

Administrator
Thread author
Verified
Jan 8, 2011
22,490
Did you consider buying a Chromebook? It should perform all tasks you have mentioned in your setup.
Thanks for the suggestion.

However I don't waste money on unnecessary technology. I can get away with using my Android Phone for most things, except Steam and Office apps.

The laptop hardware still works decent, see specs. Throwing it away will likely to end up in landfill, or recycled if lucky.

Most Chromebooks are encased in cheap plastics and have expiration dates for updates. It will become redundant far sooner than what I currently own.

It's also my secondary laptop.

With this software, you can use Standard User Account. You will not see the difference but the setup will be stronger.
Extra work with creating another user account.

Real nice Configuration(perhaps UAC always notify), thanks for sharing. :)
I can try this.
 

Ink

Administrator
Thread author
Verified
Jan 8, 2011
22,490
Since you are an admin here on MalwareTips I'm pretty sure that you know the hardening tools of AndyFul. Why are you not using tools like ConfigureDefender or FirewallHardening? Apart from that, a real solid config without too many frills.
I'm a little bit shocked that forum's admin setup isn't more hardened.

Or is this laptop only a second device beside e.g. desktop pc?
Relax! Give me time to set it up, I don't have time to sit at the laptop for 16 hours.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
...
The laptop hardware still works decent, see specs. Throwing it away will likely to end up in landfill, or recycled if lucky.
...
I suggested Chromebook because you said: "Spent a good 3 hours troubleshooting this unreliable OS". So, Chromebook could be a good solution when buying a new secondary laptop. Your laptop is 6 years old and will not work forever. Anyway, your laptop hardware is good, so I would probably do the same as you.:)
I do not want to convince you about the usability of Chromebooks. But, there are many Chromebooks built of very solid components (not cheap ones). Most Chromebooks launched in 2020 have 6-8 years Auto Update Expiration date. The price of a good Chromebook will be only slightly lower as compared to a good Windows Laptop - one pays for better performance, battery life, and security (but much worse universality).
...
Extra work with creating another user account.
...
Yes (a few minutes). But, it is worth your effort (only a suggestion).(y)
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
Every 6-8 months something always goes wrong, but I need Windows to use Steam.
Did you manually install Windows without the laptop firmware? I noticed an important performance improvement when doing so. But, having problems every 6-8 months is not good news. This can indicate that there are some memory problems (RAM, SSD) that cause data corruption. Similar problems can happen when the machine is suddenly powered off (poor power supply).:unsure:
I manage several computers with a similar setup (most are hardened) and there are 0 problems for several years.
 
Last edited:

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,592
I haven't gotten around to installing NordVPN. In general, I don't use them for most tasks. VPN is off.
Fair enough, but then I'd recommend not using a VPN in general instead of using OperaVPN which basically is only good for unblocking geo restricted content. Privacy wise it's just worse than not using a VPN at all. :)
 

Ink

Administrator
Thread author
Verified
Jan 8, 2011
22,490
Did you manually install Windows without the laptop firmware? I noticed an important performance improvement when doing so. But, having problems every 6-8 months is not good news. This can indicate that there are some memory problems (RAM, SSD) that cause data corruption. Similar problems can happen when the machine is suddenly powered off (poor power supply).:unsure:
I manage several computers with a similar setup (most are hardened) and there are 0 problems for several years.
Clean install Windows from the ISO file via Media Creation Tool. No firmware is installed manually, as the last updates from the manufacturers site provide for Windows 8.0 only.

Previous issues:
Through 2018 - Multiple power outages, connected over mains.
Late 2019 - Battery cells expanded, removed.
Early 2020 - Registry damage, created a new user account, based on @shmu26's recommendation.
Early 2021 - Unbootable, unknown reason. No Windows installation found via Troubleshooting/CMD Prompt.

As far as I know, these are mostly software problems. I have data backed on my external drive and the rest cloud sync'd.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
Clean install Windows from the ISO file via Media Creation Tool. No firmware is installed manually, as the last updates from the manufacturers site provide for Windows 8.0 only.

Previous issues:
Through 2018 - Multiple power outages, connected over mains.
Late 2019 - Battery cells expanded, removed.
Early 2020 - Registry damage, created a new user account, based on @shmu26's recommendation.
Early 2021 - Unbootable, unknown reason. No Windows installation found via Troubleshooting/CMD Prompt.

As far as I know, these are mostly software problems. I have data backed on my external drive and the rest cloud sync'd.
The two last events (especially the last) can be also caused by some disk/memory corruption. I assume that you did not use 3rd party tools to clean up the disk, Windows Registry, etc.
Did you check the reliability of your SDD and RAM modules? After 6 years they can produce some problems.:unsure:
 

sepik

Level 11
Verified
Well-known
Aug 21, 2018
505
I can share my experience. Couple of month ago, my friends' windows 10 suddenly started to behave stranglely, cortana did not work, cant open explorer etc strange anomalies. We scanned the system with various AV tools, no infection. SFC etc DISM stuff did not finish at all. After all, we ended to re-install windows 10. The same strange things happened. The SSD was 7 years old. That was the culprit. We ended to buy the new SSD system drive. All well now :D
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top