Advanced Plus Security Gandalf_The_Grey's Security Config 2021

Last updated
Dec 21, 2021
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Microsoft Defender Antivirus
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Firewall security
Microsoft Defender Firewall
About custom security
Microsoft Defender Antivirus
  • ConfigureDefender 3.0.1.0: High settings
  • Simple Windows Hardening 1.0.1.0: Basic Recommended Settings and restrict SMB123
  • DocumentsAntiExploit 2.0.0.0: MS Office ON2
  • Controlled Folder Access: enabled
  • Core Isolation: Memory Integrity enabled
Windows 11 Pro
  • O&O ShutUp10++: almost all recommended settings...
  • O&O AppBuster: uninstalled apps I don't want or need
  • Samsung Magician: Full Performance Mode
  • Bitsum Process Lasso Pro: ProBalance enabled
Foxit PDF Reader
  • Protected View for all files, Safe Reading Mode enabled, JavaScript disabled
Periodic malware scanners
HitmanPro and AdwCleaner (for the kids)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge using Google search with uBlock Origin, Bitdefender TrafficLight, Bitwarden and Microsoft Editor as extensions
Secure DNS
From ISP (Ziggo)
Desktop VPN
AdGuard VPN
Password manager
Bitwarden browser extension
Maintenance tools
Autoruns, CCleaner, Disk Cleanup, PrivaZer, PatchMyPC, SUMo and Driver Easy
File and Photo backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
System recovery
Windows system image
Risk factors
    • Working from home
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Requesting and accepting remote access
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Notable changes
2020.12.29 Filled the new fields
2020.12.30 installed Ziggo Safe Online
2021.01.04 back to Microsoft Defender with Hard_Configurator and added SpywareBlaster
2021.01.06 removed SpywareBlaster and went with stronger H_C -setup
2021.02.01 back to simpler setup with ConfigureDefender and Simple Windows hardening. Added Process Lasso
2021.02.08 Filled the new fields, no changes to config
2021.02.12 Microsoft Defender caused problems, back to KSCF and removed Process Lasso
2021.03.03 Update Kaspersky Security Cloud Free to the latest version, removed HitmanPro and enabled Microsoft Defender periodic scanning.
2021.03.28 back to Microsoft Defender Antivirus
2021.04.25 back to Ziggo Safe Online
2021.05.03 back to Microsoft Defender Antivirus
2021.05.07 switched from the uBlock Origin to the AdGuard extension
2021.10.04 back to Ziggo Safe Online and uBlock Origin
2021.10.05 back to the AdGuard extension
2021.10.13 upgraded to Windows 11 and back to uBlock Origin
2021.10.24 back to Microsoft Defender enhanced by DefenderUI Pro
2021.10.26 back to Kaspersky Security Cloud Free and Simple Windows Hardening
2021.11.06 back to Ziggo Safe Online by F-Secure
2021.11.10 removed Simple Windows Hardening and added VoodooShield
2021.11.16 testing DefenderUI Free with the latest Voodooshield beta
2021.11.30 back to Ziggo Safe Online
2021.12.21 optimized system with Samsung Magician and Bitsum Process Lasso Pro and back to Windows built-in security
What I'm looking for?

Looking for maximum feedback.

F

ForgottenSeer 89360

This is a very solid configuration for a home user, thanks for sharing with us.

BTW what's HomeCare by Trend Micro on TP-Link Archer AX6000 router?

Update: I found it, seems like what Trend Micro offers with their secure router. It offers Intrusion Prevention, amongst other features. Very nice choice!
It should also be blocking malicious websites.
 
Last edited by a moderator:

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
This is a very solid configuration for a home user, thanks for sharing with us.

BTW what's HomeCare by Trend Micro on TP-Link Archer AX6000 router?

Update: I found it, seems like what Trend Micro offers with their secure router. It offers Intrusion Prevention, amongst other features. Very nice choice!
It should also be blocking malicious websites.
Thanks, here is link explaining HomeCare:
EDIT: added a screenshot from my router:
Schermafbeelding 2020-12-24 185740.jpg
 
Last edited:
F

ForgottenSeer 89360

I tested AVs abilities to block dodgy websites a while ago and it looks like Trend Micro evaluates the reviews of shopping websites. Shopping platforms with bad reviews on Facebook for example, get blocked regardless of the fact that they don't serve malware or phishing. Having their web-filtering on a router level provides extra layer of safety.
Example of dodgy shopping platform blocked by Trend: Online Shopping for Dresses,Shoes and Bags-moonalano.com

Edit: Screenshot added.
Capture[735].PNG
 
Last edited by a moderator:

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
I tested AVs abilities to block dodgy websites a while ago and it looks like Trend Micro evaluates the reviews of shopping websites. Shopping platforms with bad reviews on Facebook for example, get blocked regardless of the fact that they don't serve malware or phishing. Having their web-filtering on a router level provides extra layer of safety.
Example of dodgy shopping platform blocked by Trend: Online Shopping for Dresses,Shoes and Bags-moonalano.com
I added a screenshot from HomeCare on my router in my post above you.
It's a great extra layer, but with a laptop it works only when I'm home (most of the time nowadays).
It even blocked some spam page on my work laptop today.
That page isn't blocked for me and is not flagged at VirusTotal:
 
F

ForgottenSeer 89360

It's blocked by Trend Micro home products, it looks like someone has read the Facebook reviews. Maybe this category just isn't covered in the router, but since you are mostly away it's not that important anyway. Trend Micro is still good in filtering out malware-related webpages.
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
It's blocked by Trend Micro home products, it looks like someone has read the Facebook reviews. Maybe this category just isn't covered in the router, but since you are mostly away it's not that important anyway. Trend Micro is still good in filtering out malware-related webpages.
No, it was an error in your link possibly by the forum software.
The https link is okay, the http link manually typed by me gets blocked but only by HomeCare on my router, not by the rest of my config.
 

ErzCrz

Level 22
Verified
Top Poster
Well-known
Aug 19, 2019
1,152
Great set-up! I'd been playing around with various solutions this past week but keep coming back to the same solution as yours. Sadly my ISP router isn't as fancy though I can block categories via DNS (Sky shield).I suppose having been caught out by ransomeware a few years back, leads me to being paranoid and I end up going back to Comodo but H_C blocks and checks new files and locks down the system,

Anyway, great setup, I'll be following suit.

E
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Great set-up! I'd been playing around with various solutions this past week but keep coming back to the same solution as yours. Sadly my ISP router isn't as fancy though I can block categories via DNS (Sky shield).I suppose having been caught out by ransomeware a few years back, leads me to being paranoid and I end up going back to Comodo but H_C blocks and checks new files and locks down the system,

Anyway, great setup, I'll be following suit.

E
Thanks, my ISP provided router is also not fancy and has bad WIFI coverage, that's why I let them set it in bridge mode and added my own TP-Link router.
Now I have extra protection (HomeCare by Trend Micro on the router) and great wifi coverage for these times that I work from home and both my kids are following school lessons via Teams in their own bedrooms.

I can certainly understand that having been caught by ransomware makes you paranoid.
Do you know how you got it and why your security failed that time?

I have been using and testing various free solutions myself (F-Secure Safe (free through my ISP), Kaspersky Security Cloud Free and Comodo Firewall.
Thanks to all the tests done and discussions posted here and of course my own experience I always come back to built-in protection enhanced by some extra tools.

I think a good AV, an up-to-date chromium-based browser with an adblocker and regularly performing backups could do a lot to protect you.
Personally, I like the extra protection given by OneDrive with Microsoft 365 ransomware protection when you pay for Microsoft (Office) 365.
 

ErzCrz

Level 22
Verified
Top Poster
Well-known
Aug 19, 2019
1,152
Thanks, my ISP provided router is also not fancy and has bad WIFI coverage, that's why I let them set it in bridge mode and added my own TP-Link router.
Now I have extra protection (HomeCare by Trend Micro on the router) and great wifi coverage for these times that I work from home and both my kids are following school lessons via Teams in their own bedrooms.

I can certainly understand that having been caught by ransomware makes you paranoid.
Do you know how you got it and why your security failed that time?

I have been using and testing various free solutions myself (F-Secure Safe (free through my ISP), Kaspersky Security Cloud Free and Comodo Firewall.
Thanks to all the tests done and discussions posted here and of course my own experience I always come back to built-in protection enhanced by some extra tools.

I think a good AV, an up-to-date chromium-based browser with an adblocker and regularly performing backups could do a lot to protect you.
Personally, I like the extra protection given by OneDrive with Microsoft 365 ransomware protection when you pay for Microsoft (Office) 365.
Cool.

It was researching some things online and opened a word document link. Was using chrome and Comodo at the time but just with the default setup. It was partially blocked but files still got corrupted along with shadowcopy backup. Anyway, I think H_C or a tweaked Comodo or even the browser tweaks and uBlock would have protected me better. At present just tinkering with CIS in Proactive mode but it's more approving legitimate actions than anything else.

A lot to be said for built-in protection tweaked with H_C locks down the system well and the CD/FH tweaks makes it just as good as the competition out there. I don't use Controlled Folder but I do backup docs to OneDrive weekly.
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Cool.

It was researching some things online and opened a word document link. Was using chrome and Comodo at the time but just with the default setup. It was partially blocked but files still got corrupted along with shadowcopy backup. Anyway, I think H_C or a tweaked Comodo or even the browser tweaks and uBlock would have protected me better. At present just tinkering with CIS in Proactive mode but it's more approving legitimate actions than anything else.

A lot to be said for built-in protection tweaked with H_C locks down the system well and the CD/FH tweaks makes it just as good as the competition out there. I don't use Controlled Folder but I do backup docs to OneDrive weekly.
I hope as regular users we will get access to Application Guard for Office in the future.
Looks for me as a good solution against the threat you faced.
Controlled folder access is a mild nuisance on my mostly static system (not being a gamer) and is like it seems easily bypassed so no real loss there when not using it.
Backups are (as you are already doing) the best defense against ransomware.

Be sure to test them because when I was using the automatic OneDrive sync not all files got backupped using file history (my second backup method) because of the OneDrive Files On-Demand feature. Problem solved after disabling that feature.
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,134
This is a very solid configuration for a home user, thanks for sharing with us.

BTW what's HomeCare by Trend Micro on TP-Link Archer AX6000 router?

Update: I found it, seems like what Trend Micro offers with their secure router. It offers Intrusion Prevention, amongst other features. Very nice choice!
It should also be blocking malicious websites.
Yes, Trend Micro is also available in other routers (eg. Asus, Linksys etc) and for FREE. They are very generous in their free offering as compared to BitDefender (as NetArmor subscription) in Netgear routers. In exchange Trend Micro will collect all your personal info
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
I really like your simple yet effective configuration. Have you considered using Adguard Desktop? And what is your default DNS?
I have licenses for AdGuard desktop, but I don't like it's HTTPS filtering done by a root certificate and have to install another program.
Furthermore, one click on the interface of uBlock Origin shows me what's connected and what's filtered or blocked.
I prefer uBlock Origin in this mode: Browser Add-on - uBlock0rigin in Medium mode for Lighter and Stronger Protection, with Less websites breakage and hassle
I sometimes switch between the AdGuard extension and uBlock Origin but generally I prefer uBlock Origin because it has the least impact on browsing.
My AdGuard licenses are used on the 4 Android phones in my household and our iPad.

My default DNS is the one provided by my ISP (Ziggo) because it's simply the fastest for me.
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
How are your experiences with Driver Easy Pro if can ask? the reviews are quite mixed and I'm not sure if its worth purchasing.
I find it difficult to say. It's good but not great. Finds updated drivers but not for all, for example I don't get an updated Realtek Audio driver, but I get the latest Nvidia driver. What is good that I have no issues with drivers not fit for the different laptops here in my household. I had such problems with for example Snappy Driver Installer.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top