Latest Changes
Oct 19, 2018
Operating System
  • Windows 10
  • Windows Edition
    Education
    Version or Build no.
    1803
    System type
    64-bit operating system; x64-based processor
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Always Notify
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Standard
    Sign-in Accounts
    Malware Testing
    I do not participate in downloading malware samples
    Real-time Web & Malware Protection
    HMPA
    SRP
    Windows Firewall Control
    RTP - Custom security settings
  • Major changes for Better performance
  • Virus and Malware Removal Tools
    Zemana Portable
    HMPA
    Browsers and Extensions
    Google Chrome
    - HTTPS Everywhere
    - Bitwarden
    - AdGuard
    Privacy-focused Apps and Extensions
    Windscibe
    Password Managers
  • BitWarden
  • Web Search
  • DuckDuckGo
  • System Utilities
    Privacy Eraser
    Data Backup
    MEGA, OneDrive + HDD, SSD, USB
    Frequency of Data backups
    Monthly
    System Backup
    Macrium Reflect
    Frequency of System backups
    Occasionally

    Thales

    Level 5
    So I tried to make a minimalist but secure config here

    • Only a few installed apps mostly because there is no portable version or the shell integration is important
    • They don't start automatically. I turned them off!
    Performance
    • Uninstalled some windows features (IE, xboxlive, onenote, games, etc.)
    • Black Viper’s Windows 10 Service Configurations
    • Windows Defender is off
    • I disabled the auto start of all unnecessary programs and services
      • The system consumes 1,3 GB RAM after the login.
    Security
    • Basic security tweaks (autoplay disabled, smartscreen, UAC max etc.)
    • Security software tweaks: SRP, Windows 10 Shut up
    • Firewall: Inbound and outbound connections that do not match the rule are blocked
    • Only a few programs have Internet access
    • Windows Firewall Control is the only program that allowed to change the Firewall rules
    - I prefer redundant backup, so this way the chance to lose my data is extremely small

    System Backup
    • I can restore the whole system within 5 minutes with Macrium Reflect
    • The image file is uploaded to the cloud too
    Online Backup
    • MEGA (paid): sensitive files are encrypted with 7zip.
    • Non-sensitive files are not encrypted.
    • Mobile and PC sync.
    • OneDrive free
    Offline backup
    • 2 different SSD and 1 USB drive
    • Sensitive files are unencrypted but the whole partition/drive/usb is protected by Bitlocker
    Passwords
    • Bitwarden online password manager (browser extension)
    • My passwords have 2 backup. Physical and digital. The digital one is protected with cascade encryption and uploaded to the cloud.
    • I do not think the real privacy is achievable , so I don't really care. I am not a criminal and I focus on security instead of paying for placebo services. I protect my whole life from cyber stalkers.
    • VPN because I use sometimes open WIFI and I don't like my ISP.
    • I do not share any info or photos on the social networks anymore. I use a lookalike photo!
     
    Last edited:

    n0k0m3

    Level 1
    Either SecureAPlus or REHIPS, you don't need both

    Instead of WFC try to config ESET in training mode with safe browsing behavior for 2 weeks then swap back to interactive mode. IMO properly configured ESET is better than Windows Firewall alone

    Also you atm you can disable ESET HIPS as well
     

    Prorootect

    Level 53
    Verified
    Add some extensions/add-ons:

    Privacy Defense (both)
    BehindTheOverlay (both)
    Redirect Control (FF)
    BitBlock (FF)
    Restart (FF)
    Alert Control (Chrome)
    Dark Background and Light Text (FF)
    High Contrast (Chrome, tick Increased Contrast...)
    ... and I use
    Disable WebRTC (FF)
    Modal Remover (Chrome)
     
    Last edited:

    MeltdownEnemy

    Level 6
    Verified
    Either SecureAPlus or REHIPS, you don't need both

    Instead of WFC try to config ESET in training mode with safe browsing behavior for 2 weeks then swap back to interactive mode. IMO properly configured ESET is better than Windows Firewall alone

    Also you atm you can disable ESET HIPS as well
    IMO, ATM, TUK, TAK, PIK, PAK, (FF) I.D.O.N.T....K.N.O.W.N...W.H.A.T...Y.O.U..S.A.Y about of your initials. Lol what meaning is that? The websites should to learn to be humble and avoid this.
     
    Last edited:

    Thales

    Level 5
    - Removed everything unnecessary to assure my PC stays fast and efficient. No need sanboxie, noscript, ReHips, SecureAplus and similar stuff.
    - NoVirusThanks sysHardener is important part of my system. Also only a few programs have access to the Web.
    - No need anything else just my AV (Eset) and Voodooshield.

    If everything goes wrong (this has very little chance) I can restore my Pc completely within minutes.
     
    Last edited:

    Thales

    Level 5
    Removed
    - Eset
    - SysHardener

    NEW
    - OsArmor
    - FortiClient

    Switched to portable Apps to make my Os even lighter. I do not like unnecessary services!

    About SUA
    Unfortunatelly I can't use SUA because Microsoft messed up the last updates and the start menu or anything else connected to the start menu (notifications, search, wifi clock etc) don't work anymore. My admin account is old but updated, so it works however if I make a new SUA account it won't work properly.
    Maybe later I will wipe everything and make a fresh install but right now I don't have patient to do that. :(

    Like always any feedback would be appreciated!
     
    • Like
    Reactions: harlan4096

    Thales

    Level 5
    still have my ESET license. It also light and efficient and I'm using it on my mobile device for a good reason.
    I wanna see how my system responds. For example opening the FortiClient window (console) is very slow compared to the ESET.
    Need more test but we will see :)
     
    • Like
    Reactions: Moonhorse

    Thales

    Level 5
    Now it's time to test "Amanda" Experimental build I.

    Most important changes:
    - Only a few programs installed
    - Everything else is portable and up to date
    - Most useless windows features are uninstalled
    - SUA works but still have the start menu problem. Whatever, I know how to handle the system without it. at least for now...

    What to do in this build:
    - Tweak the system to use less memory and turn off some useless services
    - Wait for Microsoft to fix the Start Menu issue :mad:


     
    Last edited:
    • Like
    Reactions: harlan4096

    Moonhorse

    Level 26
    Verified
    Content Creator
    Dont you notice any ping issues with forticlient? It filters throught their own proxy and you cant even conf it, decreasin network speed
     

    Thales

    Level 5
    Yes I did. I still don't know if it is really the forticlient or something else.
    Sometimes everything is fine but sometimes I can't do anything that requires Internet access.
     

    Moonhorse

    Level 26
    Verified
    Content Creator
    Yes I did. I still don't know if it is really the forticlient or something else.
    Just disable web filtering for while and you see. It really does affect only browser not like in games or anything else, but i just find it annoying even you cant see any delay while browsing web

    If you care about web filtering, you should try k9 and disable forticlients own

    Or just go with eset + k9
     

    Thales

    Level 5
    Now after a lot of work and test I have a new Experimental build (No2). It works like charm, super FAST and LIGHT and also secure.
    I fixed a lot of problems and reverted some changes that didn't work. I still need to fix and improve some major and minor features but the system is ready to use as it is. The codename is "Amanda" and she looks gorgeous. I wish I could show the log-in screen too!
    Here is the complete change list.

    "Amanda" Experimental build 1
    Performance
    - Uninstalled some windows features (IE, xboxlive, OneNote, games, etc.)
    - Nvidia control panel is tweaked and game ready
    - Windows Defender is disabled
    - Most of my apps are portable
    - The system can be restored completely within 4-5 min

    Security
    - Basic security tweaks (autoplay disabled, smartscreen, UAC max etc.)
    - Installed security software: FortiClient + OSArmor + Voodooshield
    - Firewall: Inbound and outbound connections that do not match the rule are blocked
    - Only a few programs have Internet access
    - On-demand scanner: Hitman pro

    Problems to improve and fix (2Dos)
    * Untouched, default inbound connections
    * SUA is not working properly. The start menu works only with the admin account
    * Using the admin account is not safe even if I know what I'm doing
    * The system is not lightweight enough
    * Portable qBittorrent is very very sloooooooowwwwwww
    * High latency problem

    "Amanda" Experimental build 2
    Performance
    - Uninstalled some windows features (IE, xboxlive, onenote, games, etrc.)
    - Nvidia control panel is tweaked and game ready
    - Most of my apps are portable
    - The system can be restored completely within 4-5 min
    - Black Viper’s Windows 10 Service Configurations

    Security
    - Basic security tweaks (autoplay disabled, smartscreen, UAC max etc.)
    - Security software: Windows Defender + OSArmor + Voodooshield
    - Firewall: Inbound and outbound connections that do not match the rule are blocked
    - Only a few programs have Internet access
    - Inbound connection is extremely limited (system update only)
    - On-demand scanner: Hitman pro + Norton Power Eraser
    - Windows Firewall Control (the only program that allowed to change the Firewall rules)
    - SRP installed and works properly

    SUM Fixes and important changes
    - THE SYSTEM NOW IS SUPER LIGHTWEIGHT AND FAST
    - FortiClient replaced with the Built-In Windows Defender
    - SUA works properly and I use it
    - Revo Uninstaller portable (Geek Uninstaller portable deleted)
    - Using Black Viper’s Windows 10 Service Configurations
    - Another on-Demand scanner: Norton power Eraser portable
    - Latency problem fixed
    - Installed qBittorrent and deleted the portable version

    Problems to improve and fix (2Dos)
    * Need to test the portable VPN client to avoid connection drops
    * OSArmor GUI doesn't start (This is just the GUI, the tweaks are still work)
    * More light system and security tweaks