Afrikaans: Afrikaans | Albanian: shqiptare | Amharic: አማርኛ | Arabic: عربي | Armenian: հայերեն | Assamese: অসমীয়া | Azerbaijani: Azərbaycan | Basque: euskara | Belarusian: беларускі | Bosnian: bosanski | Bulgarian: български | Burmese: မြန်မာ | Catalan: català | Cebuano: Cebuano | Chinese (Simplified): 简体中文 | Chinese (Traditional):中國傳統的 | Corsican: Corsu | Croatian: Hrvatski | Czech: čeština | Danish: dansk | Dutch: Nederlands | Esperanto: Esperanto | Estonian: eesti keel | Filipino: Filipino | Finnish: Suomalainen | French: Français | Galician: galego | Georgian: galego; | German: Deutsch | Greek: Ελληνικά | Gujarati: ગુજરાતી | Haitian Creole: Kreyòl ayisyen | Hausa: Hausa | Hawaiian: ʻŌlelo Hawaiʻ | Hebrew: עִברִית | Hindi: हिंदी | Hmong: Hmoob | Hungarian: Magyar | Icelandic: íslenskur | Igbo: Igbo | Indonesian: bahasa Indonesia | Irish: Gaeilge | Italian: Italian | Japanese: 日本 | Javanese: basa jawa | Kannada: ಕನ್ನಡ | Kazakh: қазақ | Khmer: ខ្មែរ | Kinyarwanda: Kinyarwanda | Korean: 한국인 | Kurdish: Kurdî | Kyrgyz: Кыргызча | Lao: ພາສາລາວ | Latin: Latinus | Latvian: latviski | Lithuanian: lietuvių | Luxembourgish: lëtzebuergesch | Macedonian: македонски | Malagasy: Malagasy | Malay: Melayu | Malayalam: മലയാളം | Maltese: Malti | Marathi: मराठी | Mongolian: Монгол | Nepali: नेपाली | Norwegian: norsk | Odia: ଓଡିଆ | Pashto: پښتو | Persian: فارسی | Polish: Polski | Portuguese: Português | Punjabi: ਪੰਜਾਬੀ | Romanian: Română | Russian: Русский | Samoan: Samoa | Scottish Gaelic: Gàidhlig na h-Alba | Serbian: Српски | Shona: Shona | Sindhi: سنڌي | Sinhala: සිංහල | Slovak: slovenský | Slovenian: Slovenščina | Somali: Soomaali | Spanish: Español | Sundanese: basa Sunda | Swahili: kiswahili | Swedish: svenska | Tajik: тоҷикӣ | Tamil: தமிழ் | Tatar: Татар | Telugu: తెలుగు | Thai: แบบไทย | Turkish: Türkçe | Turkmen: Türkmenler | Ukrainian: українська | Urdu: اردو | Uyghur: ئۇيغۇر | Uzbek: o'zbek | Vietnamese: Tiếng Việt | Welsh: Cymraeg | West Frisian: Westfrysk | Xhosa: isiXhosa | Yiddish: יידיש | Yoruba: Yoruba | Zulu: Zulu |

Windows 10 Secured Setup for new PC without using Internet

Main ëHome: http://www.TheCloudOSCenter.com

INTRODUCTION:
Setting up a new secured computer is critical. During setting, the live hacking processes can jam in anytime make your computer stucks with hacked code hiddenly. So, this page will help to setup a secured computer without using internet for working temporary while waiting for the Cloud OS -- Operating System (the Cloud OS was invented in 2021 is a promise OS to prevent hacking). For now, this page will help to temporary secure your works, especially for Engineers and Scientists to protect their works from hacking. The below procedures provide step by steps in order which make best to protect your computer while setting up your computer in Windows 10.
 IMPORTANT:
This setup to secure new PC without using Internet and not recommended for laptop. Laptops have more hidden devices and each brand may have different device drivers... Even without internet, you may encounter with high potential hacking of Windows built-in Services that communicating with external devices, USB devices like mouse & keyboards... HackedProcessKiller will help you identify strange or hacking processes easier. You can try this secured setup for your computer with your own risk.

Prepararation -- Windows 10 Secured Setup Temporary

  1. Prepare USB drive to store Java Runtime JRE, HackedProcessKiller & Setup Scripts.
  2. Download Java Runtime JRE to USB drive to install & run Java apps.
  3. Download existing HackedProcessKiller v1.21 application from www.TheCloudOSCenter.com
  4. Unzip HackedProcessKiller v1.21 to the USB drive with folder name 'HackedProcessKiller'.
  5. Download to USB drive.
  6. Unzip HackedProcessKiller-ConfigFiles.zip and copy 'HackedProcessNames.list' & 'HackedProcessGroup.list' to 'HackedProcessKiller' folder in USB drive.
  7. Download to USB drive which contains setup scripts.
  8. Unzip W10Setup[NoInternet].zip to the USB drive folder name 'W10Setup[NoInternet]'.
  9. Ready to use this USB right after 1st login to your Windows 10.
    Your USB should contains the followings -- HackedProcessKiller - (2 files), W10Setup[NoInternet] - (21 files) & jdk-6u45-windows-x64.exe:

1st Login -- Windows 10 Secured Setup new PC Temporary

  1. Plug the USB drive into your computer as soon as your computer is startup.
  2. Enter 'Command' in Search field right at 'Start' button, then select 'Run as administrator' as shown below.
  3. Check for USB drive letter, assume the USB drive shows as letter E:; then type 'E:' and press ENTER as shown.
  4. Locate '123-CREATE-SECURED-SETUP-FOLDER.bat' in USB folder 'W10Setup[NoInternet]';
    then type this filename and press ENTER to create secured folders into your C:\W10-SECURED-SETUP-FOLDER & C:\W10-SECURED-SW-FOLDER. Now you have 'C:\W10-SECURED-SETUP-FOLDER' contains your setup files from 'W10Setup[NoInternet]'; and 'C:\W10-SECURED-SW-FOLDER' to save your secured apps 'HackedProcessKiller'
    NOTES: You can just type: 123 then press 'Tab' key to have auto fill filename '123-CREATE-SECURED-SETUP-FOLDER.bat'.
  5. The secured folders have been created as shown below (You can view this later)
  6. Locate '1st-SetupScript[+RenamePC+Restart].bat' in USB folder 'W10Setup[NoInternet]'; then type this filename and press ENTER to stop Event Tracers, WiFi Networks & Devices.
  7. Then, Remove unwanted Enviroment Variables & Rename Computer & Network Name to your desired names by Goto 'Control Panel''System''Advanced System Settings'
  8. Snapshot of 'Advanced System Settings' panel.
  9. Snapshot of 'Computer & Network name' change panel
  10. Confirm your change of Computer & Network name and restart PC to take effect without extra settings.
    NOTES: With extra settings of disabling may cause changing of Computer & Network name does not effect.
    Any other settings will be done in next steps after this 1st restart.

2nd Login -- Windows 10 Secured Setup new PC Temporary

  1. Prepare for other settings after 1st Restart & keep the USB drive connected.
    (WARNING: This setup is not recommended for Laptop; laptop has much more hidden components and different from one to another brands)
  2. As soon as you login, Open 'Command Prompt' in Adminstrator mode as shown above and explore to 'C:\W10-SECURED-SETUP-FOLDER'; which already created at 1st login.
  3. Type the script name: '2nd-SetupScript[AfterReboot+DisableDevices].bat' at 'C:\W10-SECURED-SETUP-FOLDER'; press ENTER to run. (This script will disable devices, networking, stop services)
  4. Check for unwanted Enviroment Variables again
  5. Next, remove the 'Remote Assistance' option in panel
  6. Rename 'Adminstrator Account' Goto 'Local Group Policy Editor' to rename other unwanted built-in accounts:


  7. Goto 'Computer Management' to remove other unwanted accounts:





  8. Next, Goto: 'Control Panel ⇒ System and Security ⇒ System' check and disable the 'Devices' option in Device Manager;
    Make sure disable all the 'compliant devices' plus devices that you can able to disable except the current USB device for you key board/mouse.
    (If you accidentally disable your USB mouse device, just press ENTER key to open device panel then Tab key to enable button then press ENTER to re-enable)
    NOTES: Don't restart computer when Windows askes to when you disabling the devices.
  9. Next, Uninstall unwanted apps: Normally for new PC (not laptop) you can remove all pre-install apps,
    some apps are not allowed to uninstall but can disable running in background (Make sure keep the Calculator app so you can use it later)


    (WARNING: This setup is not recommended for Laptop; laptop has much more hidden components and different from one to another brands)
  10. Disable Windows Notifications: Click on icon below and select 'Manage Notifications'

    Select items on the left to disable notifications from this window 'Manage Notifications'

  11. Disable unwanted Windows Security Services:

    Disable Windows Security 'Firewall & NetworkProtection'

    Disable Windows Security 'Privacy Settings General'

    Disable Windows Security 'Privacy Settings Radios'

    Disable Windows Security 'Virus & Threat Protection'

  12. Enable hidden Accounts & System Files (Skip this step if you already know, and do it later)

  13. Unhide the hidden Windows System files to view all other accounts (NOTES: Skip this step if you already know)
  14. Goto 'C:\Users' folder and checkout all accounts that have been removed by '1st-SetupScript[+RenamePC+Restart].bat' in above step, and make sure only your account is shown. (Skip this step if you already know)
  15. Next, Registry Settings: To get to Registry Editor, press 'WindowsKey + R' then type: 'regedit' and press ENTER to open.
    Explore registry editor for the below 3 main entries then take ownership of these registry entries.

    Take over registry ownership do these:
    1. Select registry entry & right-click.
    2. Click on 'Permissions...'.
    3. Click 'Advanced' button from new window.
    4. Click on 'Change' word on top to change owner.
    5. Type your account name, click 'Check Name' to make sure correct naming, then click 'OK'.
    6. Back to 'Advanced Security Settings for..' panel, click 'Disable inheritance' toggle to 'Enable inheritance', then click 'Apply' button.
    7. Then make sure check 'Replace all child..' check box, then click 'Disable inheritance' and select remove all inheritances.
    8. NOTES: Some registry entries need to click 'Remove' button to remove other accounts & confirm to remove all.
    9. Make sure to click 'Add' button to enter your account name when you finally take over the registry entry.



  16. After taking owership of registry entries, run this script to set/disable unwanted registry settings:
    Type this filename '3rd-SetupScript[XHackedApps+XSecurityNotifiers+RegEnable].bat' from the 'Command Prompt' in 'Adminstrator mode' at folder 'C:\W10-SECURED-SETUP-FOLDER'
    You can type: C:\W10-SECURED-SETUP-FOLDER\3rd then press 'Tab' key to fill the long name '3rd-SetupScript[XHackedApps+XSecurityNotifiers+RegEnable].bat'; then press ENTER to set registry and other secured settings.
  17. Now you can stop and delete Event Tracers from 'Performance Monitor':
    From Adminstrator Command Prompt, Type: C:\..\perfmon.msc

    Stop Event Tracers:

    Delete Event Tracers:

  18. Installing software & applications:
    1. Install Java JRE to run Java apps from USB device Browse USB drive and Double-Click on 'jdk-6u45-windows-x64.exe' to install.
    2. Start 'HackedProcessKiller' to check for hacked processes by locating 'C:\W10-SECURED-SW-FOLDER\HackedProcessKiller', right-click on 'StartHackedProcessKiller.bat', then select 'Run as administrator'.
    3. The HackedProcessKiller with expected view of 12 Windows processes (No other applications' processes showing for new setup PC).
      NOTES: you can select other strange processes, right-click and select a kill action.
    4. To install other software of applications, you should let this app HackedProcessKiller runs for about 3 minutes, then
      you can close to prevent installation interference.
    5. Install other software of applications like usual if you plan what software and applications to be installed.
    6. After complete the Installation of all software and applications, you should delete all the left-over...
  19. Seal or Protect your applications and folders:
    1. IMPORTANT: Plan no other software installations -- Then you can run script 'C:\W10-SECURED-SETUP-FOLDER\4th-SetupScript[InstalledYourApps+TakeFoldersOwnership].bat' to protect list of folders show in file 'FoldersOwnerTaker.bat'. You can add more software installed folders into this file as you wish to protect.
    2. IMPORTANT:Plan for more software installations -- Skip these steps and let 'C:\Users\%USERNAME%' open for more installations. However, you can protect other software/applications installed folder by protect one-by-one with this command from the Adminstrator Command Prompt 'C:\W10-SECURED-SETUP-FOLDER\W10TakeOwnerFolder.bat "[InputFolder]"'
      NOTES: [InputFolder] should be in double-quotes to handle spaces.
    3. Check for each secured folder: Select a folder, do right-click, select 'Properties', select 'Security' tab as shown below.
    4. You can also protect manually: From 'Security' tab, click 'Advanced' button, click 'Change' owner on top window, enter your account, then click 'Disable inheritance' to remove other accounts, then click 'Add' to add your account.
    5. Finally, setup HackedProcessKiller to run automatically when you login: You can check out further instructions in 'Help' menu and click on 'Application Configuration Instructions'.

RECOMMENDATIONS:

  1. Turn OFF computer instead of Restart.
  2. Save your works to a secured folder which only you have access like the folder 'C:\W10-SECURED-SW-FOLDER' in this setup created.
  3. Keep your setup PC with same monitor, keyboard and mouse as posible to prevent new devices inject hacked processes.
  4. Check for unusual processes in 'HackedProcessKiller' Windows Processes view when plugin new devices, mouse or keyboards.
  5. Secure your USB drive when only you using by removing other accounts from 'Properties ⇒ Security ⇒ Advanced' like protecting folders.
  6. When your USB drive or hard drive become un-accessiable, you can try to add your account again for your drive to gain back access.
  7. The 'HackedProcessKiller' app provides flexiable and customizable commands, and you can add into 'HackedProcessKiller.cmd' run once when app starts or 'HackedProcessKiller[m].cmd' (m: minutes periodically running) for more personal customizable protection. Also, don't forget to turn on 'Hacked Box Dumper' from 'File ⇒ [X]: Enable/Disable Hacked Box Dumper'; also enable for next login.

IMPORTANT:
Reset PC for any reason to start over

If you encounter any issues or want to start the settings over again for any reason, you can reset your PC and go thru Windows setup again as long as you can able to login.
(NOTES: For Desktop or mini PC, there should be a way for you to do hard reset by pin in a hole...)
Main ëHome: http://www.TheCloudOSCenter.com

[Last updated: 2024-05-21 -- Henry V. Pham]

Copyright© 2021[⨢] by www.TheCloudOSCenter.com. All Rights Resevered.