- May 13, 2017
- 2,638
Plus my Windows Tweaks applied, which cripple Windows (sort of), but increase security, to sum it up:
As anti-malware tests regularly confirms, 99% of infections come either via an email or via a browser.
I open emails in txt and the browser is well protected. I can not use smartscreen, it blocks my files
Windows Defender Firewall is set to block inbound/outbound, no Windows processes are allowed.
Removed SearchUI.exe & Powershell. UAC with a password. "ValidateAdminCodeSignatures" is ON.
Disabled IPv6, WMI, WSH, almost all services & tasks, all Windows features, except NET Framework.
I turn off PC with Wise Cleaners + tweaks, to remove startup entries and restore my settings.
I have denied access to SYSTEM and set Users permissions to read only on a backup partition.
Yandex browser keeps running after closing, Cache Killer helps with that. Thanks @Sunshine-boy
Since 1803, it is no longer possible to uninstall network protocols, MS said: Because we say so ... .
So I have disabled their drivers, plus a few drivers related to remote management/sharing, thanks MS.
I have Server/Workstation disabled, that should take care of the "Client for Microsoft Network" & "File and Printer Sharing".
I have 2 short-stroked HDDs to improve their performance by ~30%. SSD is just a waste of money, it does not improve performance (no FPS gain in games), just loading times, there is not a single test proving otherwise. Better to buy more RAM, disable pagefile, to force games to load to RAM.
Mom's laptop: The same setup, but Windows Tweaks Light, FortiClient (Family WebFiltering enabled), WinFirewall Inbound ON, WinUpdates ON.
Please do not recommend following products:
Avira, Windows Defender - hardware killers.
Avast, AVG, Comodo, ZoneAlarm - cause BSOD.
Panda Dome - slows down and kills wireless internet.
KFA is a junkware with telemetry, KSC is picky about users.
CrowdStrike, ESET, Symantec have $$$ and also score well in test labs.
Malwarebytes - I would rather install malware than this junk PUPing everything.
As anti-malware tests regularly confirms, 99% of infections come either via an email or via a browser.
I open emails in txt and the browser is well protected. I can not use smartscreen, it blocks my files
Windows Defender Firewall is set to block inbound/outbound, no Windows processes are allowed.
Removed SearchUI.exe & Powershell. UAC with a password. "ValidateAdminCodeSignatures" is ON.
Disabled IPv6, WMI, WSH, almost all services & tasks, all Windows features, except NET Framework.
I turn off PC with Wise Cleaners + tweaks, to remove startup entries and restore my settings.
I have denied access to SYSTEM and set Users permissions to read only on a backup partition.
Yandex browser keeps running after closing, Cache Killer helps with that. Thanks @Sunshine-boy
Since 1803, it is no longer possible to uninstall network protocols, MS said: Because we say so ... .
So I have disabled their drivers, plus a few drivers related to remote management/sharing, thanks MS.
I have Server/Workstation disabled, that should take care of the "Client for Microsoft Network" & "File and Printer Sharing".
I have 2 short-stroked HDDs to improve their performance by ~30%. SSD is just a waste of money, it does not improve performance (no FPS gain in games), just loading times, there is not a single test proving otherwise. Better to buy more RAM, disable pagefile, to force games to load to RAM.
Mom's laptop: The same setup, but Windows Tweaks Light, FortiClient (Family WebFiltering enabled), WinFirewall Inbound ON, WinUpdates ON.
Please do not recommend following products:
Avira, Windows Defender - hardware killers.
Avast, AVG, Comodo, ZoneAlarm - cause BSOD.
Panda Dome - slows down and kills wireless internet.
KFA is a junkware with telemetry, KSC is picky about users.
CrowdStrike, ESET, Symantec have $$$ and also score well in test labs.
Malwarebytes - I would rather install malware than this junk PUPing everything.
Attachments
Last edited:
