Personal PC security settings = Optimization + Security
Optimization: Antivirus software + firewall (prompt attack) + prevent malicious plug-ins (plugin-proof software) + prevent some social engineering + do not visit pornographic websites + update patches
The method to close port 139 is to select the "Internet Protocol (TCP/IP)" attribute in "Local Connection" in "Network and Dial-up Connection", enter "Advanced TCP/IP Settings" and "WINS Settings" and "Disable NETBIOS for TCP/IP". If you check it, you will turn off port 139 and prohibit RPC vulnerabilities.
"Service" () is prohibited
Automatic Updates Enable download and installation of important Windows updates from Windows Update. If the service is disabled, the operating system can be manually updated on the Windows Update Web site.
Clipbook enables the "Scrapbook Viewer" to store information and share it with remote computers. If this service terminates, Scrapbook Viewer will not be able to share information with the remote computer. If this service is disabled, any service that depends on it will not start.
Computer Browser maintains the update list of computers on the network and provides the list to the computer for specified browsing. If the service is stopped, the list will not be updated or maintained. If the service is disabled, any services that directly depend on this service will not be started.
Distributed Transaction Coordinator coordinates transactions across multiple databases, message queues, file systems and other resource managers. If this service is stopped, these transactions will not occur. If this service is disabled, other services that explicitly depend on this service will not start.
DNS Client resolves and buffers the domain name system (DNS) name for this computer. If this service is stopped, the computer will not be able to resolve the DNS name and locate the Active Directory domain controller. If this service is disabled, any service that explicitly relies on it will not start.
Error Reporting Service collects, stores and reports exceptional application crashes to Microsoft. If this service is deactivated, the error report only occurs when kernel errors and certain types of user mode errors. If this service is disabled, any service that depends on it will not be enabled.
Fast User Switching Compatibility
Help and Support Enable the Help and Support Center to run on this computer. If the service is stopped, the Help and Support Center will not be available. If the service is disabled, any services that directly depend on this service will not be started.
Human Interface
Human Interface Device Access enables universal input access to humanistic interface devices (HIDs), which activates and saves predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is terminated, the hot button controlled by this service will no longer run. If this service is disabled, any service that depends on it will not start.
IPSEC Services provides end-to-end security between clients and servers on the TCP/IP network. If this service is disabled, the TCP/IP security between the client and the server on the network will be unstable. If this service is disabled, any service that depends on it will not start.
Messenger transmits NET SEND and sirens service messages between the client and the server. This service has nothing to do with Windows Messenger. If the service is stopped, the sirens message will not be transmitted. If the service is disabled, any services that directly depend on this service will not be started.
MS Software Shadow Copy Provider
Net Logon
Network DDE
Network DDE DSDM
NT LM Security Support Provider(Manual)
Portable Media Serial Number Service
Print Spooler (the printer that needs to be connected is automatically disabled otherwise)
Remote Desktop Help Session Manager
Remote Procedure Call (RPC) Locator
Remote Registry*
Routing and Remote Access
Secondary Logon
Server supports the sharing of this computer through the network's file, print, and named pipes. If the service is stopped, these features are not available. If the service is disabled, any services that directly depend on this service will not be started.
Smart Card
SSDP Discovery Service
System Event Notification
System Restore Service
Task Scheduler
Telnet* allows remote users to log in to this computer and run programs, and supports a variety of TCP/IP Telnet clients, including UNIX and Windows-based computers. If this service is stopped, the remote user cannot access the program and any service that directly depends on it will start fail.
Terminal Servicess*
Uninterruptible Power Supply
Windows Image Acquisition (WIA) provides image capture for scanners and cameras.
WMI Performance Adapter provides performance library information to clients on the network from the Windows Management Instrumentation (WMI) provider. This service only runs when the Performance Data Assistant is activated.
Wireless Zero Configuration (Wireless Network Configuration Service) Enables the automatic configuration of the IEEE 802.11 adapter. If this service is stopped, automatic configuration will not be available. If this service is disabled, all services that explicitly depend on it will not be started.
Modify the registry
Backup Regedit first and export
1. Register editing and deactivate: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistrytools"=dword:00000001
Enable: Group Policy >> User Configuration >> Administrative Module >> System >> Standard >> Block Access to Registry Editing Tools >> Disable >> OK. (If you enable it, modify the registry as above)
2. Close sharing
Method 1 ***Batch Processing or Computer Management > Shared Folders
Method 2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] autodisconnect 0 Close Default f is on
Accelerate the power boot
[HKEY_CURRENT_USER\Control Panel\Desktop] AutoEndTasks 1 HungAppTimeout is 3000
Accelerate shutdown
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control] WaitToKillServiceTimeout is 4000
Accelerate menu display
[HKEY_CURRENT_USER\Control Panel\Desktop] MenuShowDelay is 0
Clear DLL file
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
Add an item AlwaysUnloadDLL Change the default value to 1
Hide the disk letter
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] New DWORD value The name is NoDrives FFFFFFF-All 10-E 8-D 4-c
Show delete this DWORD value
NTFS Encrypts Files Folder Properties > Advanced > Select "Encrypted Content to Protect Data" to protect personal privacy by multiple accounts
Group Policy
Group Policy >> User Configuration >> System (Standard) Click "Do not run the specified Windows application" Enable Add (disable otherwise)
Group Policy >> Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer “Disable the automatic installation of Internet Explorer Components” (The software will not be automatically installed*)
Local security settings
Security Settings >> Account Policy >> Account Locking Policy Account Locking Value is 3 (0 is not locked)
Security Settings >> Local Policy >> User Rights Assignment “Accessing this computer from the network” Leave only Administrators
Security Settings >> Local Policies >> Security Options Change Login Methods, etc.
Set a double password
Administrator name change and Guest password change login method
syskey Update syskey Password
Optimization: Antivirus software + firewall (prompt attack) + prevent malicious plug-ins (plugin-proof software) + prevent some social engineering + do not visit pornographic websites + update patches
The method to close port 139 is to select the "Internet Protocol (TCP/IP)" attribute in "Local Connection" in "Network and Dial-up Connection", enter "Advanced TCP/IP Settings" and "WINS Settings" and "Disable NETBIOS for TCP/IP". If you check it, you will turn off port 139 and prohibit RPC vulnerabilities.
"Service" () is prohibited
Automatic Updates Enable download and installation of important Windows updates from Windows Update. If the service is disabled, the operating system can be manually updated on the Windows Update Web site.
Clipbook enables the "Scrapbook Viewer" to store information and share it with remote computers. If this service terminates, Scrapbook Viewer will not be able to share information with the remote computer. If this service is disabled, any service that depends on it will not start.
Computer Browser maintains the update list of computers on the network and provides the list to the computer for specified browsing. If the service is stopped, the list will not be updated or maintained. If the service is disabled, any services that directly depend on this service will not be started.
Distributed Transaction Coordinator coordinates transactions across multiple databases, message queues, file systems and other resource managers. If this service is stopped, these transactions will not occur. If this service is disabled, other services that explicitly depend on this service will not start.
DNS Client resolves and buffers the domain name system (DNS) name for this computer. If this service is stopped, the computer will not be able to resolve the DNS name and locate the Active Directory domain controller. If this service is disabled, any service that explicitly relies on it will not start.
Error Reporting Service collects, stores and reports exceptional application crashes to Microsoft. If this service is deactivated, the error report only occurs when kernel errors and certain types of user mode errors. If this service is disabled, any service that depends on it will not be enabled.
Fast User Switching Compatibility
Help and Support Enable the Help and Support Center to run on this computer. If the service is stopped, the Help and Support Center will not be available. If the service is disabled, any services that directly depend on this service will not be started.
Human Interface
Human Interface Device Access enables universal input access to humanistic interface devices (HIDs), which activates and saves predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is terminated, the hot button controlled by this service will no longer run. If this service is disabled, any service that depends on it will not start.
IPSEC Services provides end-to-end security between clients and servers on the TCP/IP network. If this service is disabled, the TCP/IP security between the client and the server on the network will be unstable. If this service is disabled, any service that depends on it will not start.
Messenger transmits NET SEND and sirens service messages between the client and the server. This service has nothing to do with Windows Messenger. If the service is stopped, the sirens message will not be transmitted. If the service is disabled, any services that directly depend on this service will not be started.
MS Software Shadow Copy Provider
Net Logon
Network DDE
Network DDE DSDM
NT LM Security Support Provider(Manual)
Portable Media Serial Number Service
Print Spooler (the printer that needs to be connected is automatically disabled otherwise)
Remote Desktop Help Session Manager
Remote Procedure Call (RPC) Locator
Remote Registry*
Routing and Remote Access
Secondary Logon
Server supports the sharing of this computer through the network's file, print, and named pipes. If the service is stopped, these features are not available. If the service is disabled, any services that directly depend on this service will not be started.
Smart Card
SSDP Discovery Service
System Event Notification
System Restore Service
Task Scheduler
Telnet* allows remote users to log in to this computer and run programs, and supports a variety of TCP/IP Telnet clients, including UNIX and Windows-based computers. If this service is stopped, the remote user cannot access the program and any service that directly depends on it will start fail.
Terminal Servicess*
Uninterruptible Power Supply
Windows Image Acquisition (WIA) provides image capture for scanners and cameras.
WMI Performance Adapter provides performance library information to clients on the network from the Windows Management Instrumentation (WMI) provider. This service only runs when the Performance Data Assistant is activated.
Wireless Zero Configuration (Wireless Network Configuration Service) Enables the automatic configuration of the IEEE 802.11 adapter. If this service is stopped, automatic configuration will not be available. If this service is disabled, all services that explicitly depend on it will not be started.
Modify the registry
Backup Regedit first and export
1. Register editing and deactivate: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistrytools"=dword:00000001
Enable: Group Policy >> User Configuration >> Administrative Module >> System >> Standard >> Block Access to Registry Editing Tools >> Disable >> OK. (If you enable it, modify the registry as above)
2. Close sharing
Method 1 ***Batch Processing or Computer Management > Shared Folders
Method 2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] autodisconnect 0 Close Default f is on
Accelerate the power boot
[HKEY_CURRENT_USER\Control Panel\Desktop] AutoEndTasks 1 HungAppTimeout is 3000
Accelerate shutdown
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control] WaitToKillServiceTimeout is 4000
Accelerate menu display
[HKEY_CURRENT_USER\Control Panel\Desktop] MenuShowDelay is 0
Clear DLL file
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
Add an item AlwaysUnloadDLL Change the default value to 1
Hide the disk letter
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] New DWORD value The name is NoDrives FFFFFFF-All 10-E 8-D 4-c
Show delete this DWORD value
NTFS Encrypts Files Folder Properties > Advanced > Select "Encrypted Content to Protect Data" to protect personal privacy by multiple accounts
Group Policy
Group Policy >> User Configuration >> System (Standard) Click "Do not run the specified Windows application" Enable Add (disable otherwise)
Group Policy >> Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer “Disable the automatic installation of Internet Explorer Components” (The software will not be automatically installed*)
Local security settings
Security Settings >> Account Policy >> Account Locking Policy Account Locking Value is 3 (0 is not locked)
Security Settings >> Local Policy >> User Rights Assignment “Accessing this computer from the network” Leave only Administrators
Security Settings >> Local Policies >> Security Options Change Login Methods, etc.
Set a double password
Administrator name change and Guest password change login method
syskey Update syskey Password