Advanced Plus Security Gandalf_The_Grey's Security Config 2021

Last updated
Dec 21, 2021
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Microsoft Defender Antivirus
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Firewall security
Microsoft Defender Firewall
About custom security
Microsoft Defender Antivirus
  • ConfigureDefender 3.0.1.0: High settings
  • Simple Windows Hardening 1.0.1.0: Basic Recommended Settings and restrict SMB123
  • DocumentsAntiExploit 2.0.0.0: MS Office ON2
  • Controlled Folder Access: enabled
  • Core Isolation: Memory Integrity enabled
Windows 11 Pro
  • O&O ShutUp10++: almost all recommended settings...
  • O&O AppBuster: uninstalled apps I don't want or need
  • Samsung Magician: Full Performance Mode
  • Bitsum Process Lasso Pro: ProBalance enabled
Foxit PDF Reader
  • Protected View for all files, Safe Reading Mode enabled, JavaScript disabled
Periodic malware scanners
HitmanPro and AdwCleaner (for the kids)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge using Google search with uBlock Origin, Bitdefender TrafficLight, Bitwarden and Microsoft Editor as extensions
Secure DNS
From ISP (Ziggo)
Desktop VPN
AdGuard VPN
Password manager
Bitwarden browser extension
Maintenance tools
Autoruns, CCleaner, Disk Cleanup, PrivaZer, PatchMyPC, SUMo and Driver Easy
File and Photo backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
System recovery
Windows system image
Risk factors
    • Working from home
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Requesting and accepting remote access
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Notable changes
2020.12.29 Filled the new fields
2020.12.30 installed Ziggo Safe Online
2021.01.04 back to Microsoft Defender with Hard_Configurator and added SpywareBlaster
2021.01.06 removed SpywareBlaster and went with stronger H_C -setup
2021.02.01 back to simpler setup with ConfigureDefender and Simple Windows hardening. Added Process Lasso
2021.02.08 Filled the new fields, no changes to config
2021.02.12 Microsoft Defender caused problems, back to KSCF and removed Process Lasso
2021.03.03 Update Kaspersky Security Cloud Free to the latest version, removed HitmanPro and enabled Microsoft Defender periodic scanning.
2021.03.28 back to Microsoft Defender Antivirus
2021.04.25 back to Ziggo Safe Online
2021.05.03 back to Microsoft Defender Antivirus
2021.05.07 switched from the uBlock Origin to the AdGuard extension
2021.10.04 back to Ziggo Safe Online and uBlock Origin
2021.10.05 back to the AdGuard extension
2021.10.13 upgraded to Windows 11 and back to uBlock Origin
2021.10.24 back to Microsoft Defender enhanced by DefenderUI Pro
2021.10.26 back to Kaspersky Security Cloud Free and Simple Windows Hardening
2021.11.06 back to Ziggo Safe Online by F-Secure
2021.11.10 removed Simple Windows Hardening and added VoodooShield
2021.11.16 testing DefenderUI Free with the latest Voodooshield beta
2021.11.30 back to Ziggo Safe Online
2021.12.21 optimized system with Samsung Magician and Bitsum Process Lasso Pro and back to Windows built-in security
What I'm looking for?

Looking for maximum feedback.

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,458
* @Andy Ful I have seen you posting about SWH and CD protecting against some in the wild malware. Is above statement still valid (MD with your tools is top notch protection on typical M$ setup)?
Yes, if by the "top notch protection" one understands the support for the AV and SmartScreen to block all threats in the Advanced Threat Protection Test made by AV-Comparatives Lab. Of course, I assume that these threats are reused in the widespread attacks on home users. :)

The term "top notch protection" is rather relative. SWH + H_C hardening tools is an optimal Windows 10 built-in setup for home users, if one considers both usability and protection. This setup was not found out by me - this was the collective work of several MT members.
If one likes even stronger protection for some reason, then the second optimal would be H_C in the Recommended Settings and several predefined setting profiles (depending on the required security level).

SWH + H_C hardening tools are secure, because the average user cannot simply click the alert (that he/she do not understand) and infect the system. The cons are that the person who is a "home administrator" has more work and has to listen to some complaints when something has been blocked. :)(y)
 
Last edited:
F

ForgottenSeer 92963

Yes, if by the "top notch protection" one understands the support for the AV and SmartScreen to block all threats in the Advanced Threat Protection Test made by AV-Comparatives Lab. Of course, I assume that these threats are reused in the widespread attacks on home users. :)
Yes, but more specifically I referred to the ASR rules MD has specially for Office Programs, scripts and browser. On top of that when people are using MD as AV, they can add Code Integrity Guard to the mix*. Defender free AV with Configure Defender, Documents Anti-exploit, Simple Windows Hardening and Firewall Hardening should be top-notch.

* Ever considered adding Code Integrity Guard for Office and Edge to Configure Defender?
 
Last edited by a moderator:
  • Like
Reactions: Nevi and Jack

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,458
Yes, but more specifically I referred to the ASR rules MD has specially for Office Programs, scripts and browser. On top of that when people are using MD as AV, they can add Code Integrity Guard to the mix*. Defender free AV with Configure Defender, Documents Anti-exploit, Simple Windows Hardening and Firewall Hardening should be top-notch.

* Ever considered adding Code Integrity Guard for Office and Edge to Configure Defender?
https://malwaretips.com/threads/hard_configurator-windows-hardening-configurator.66416/post-964760(y)
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Testing/running DefenderUI Free with the latest VoodooShield beta.
More info:
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
:) Don't want to upset your security config, but ... VS got the new engine which works with any AV, so why fallback to Defender when you also like Ziggo (rebranded F-Secure) and Kaspersky? :sneaky:
It's your fault, you got me thinking about the ASR rules... :D
Still liking F-Secure and Kaspersky... maybe some time I will switch again and again :unsure:
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
It's your fault, you got me thinking about the ASR rules... :D
Still liking F-Secure and Kaspersky... maybe some time I will switch again and again :unsure:
@Kees1958 Did you try Ziggo Safe Online recently?
My laptop feels much more responsive and even boots faster with it.

Tried the latest AdGuard beta extension, but with uBlock Origin browsing is still faster and the ads and trackers get blocked by both extensions.

Depending on the needs and skills of the family member I'm using a passive (Simple Windows Hardening) or active (VoodooShield) config.
All configs have KPN Veilig or Ziggo Safe Online by F-Secure as antivirus and uBlock Origin as adblocker in Microsoft Edge or Google Chrome.
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Was a bit disappointed that I must wait again before Ziggo updates Ziggo Safe Online to the latest F-Secure Safe release 18.2 and bored with the prompts from VoodooShield so I decided to go back to windows built-in security enhanced with the tools of Andy Ful.

Being spoilt with the little performance impact of Ziggo safe Online by F-Secure I decided to optimize my system with programs I already used or had a license from:

I used O&O ShutUp10++ and O&O AppBuster to optimize Windows privacy and uninstall apps that i don't use or need.

Samsung Magician 7.0.1 now has a Full Performance Mode:
1640202276595.png

Installed Bitsum Process Lasso Pro with ProBalance enabled:
 

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,584
Was a bit disappointed that I must wait again before Ziggo updates Ziggo Safe Online to the latest F-Secure Safe release 18.2 and bored with the prompts from VoodooShield so I decided to go back to windows built-in security enhanced with the tools of Andy Ful.

Being spoilt with the little performance impact of Ziggo safe Online by F-Secure I decided to optimize my system with programs I already used or had a license from:

I used O&O ShutUp10++ and O&O AppBuster to optimize Windows privacy and uninstall apps that i don't use or need.

Samsung Magician 7.0.1 now has a Full Performance Mode:
View attachment 263033

Installed Bitsum Process Lasso Pro with ProBalance enabled:
I am soon upgrading to a Samsung 980 and didn't know about Samsung Magician. Do you have Full Performance Mode enabled all the time or is it not recommendable for SSD health? :unsure:
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
I am soon upgrading to a Samsung 980 and didn't know about Samsung Magician. Do you have Full Performance Mode enabled all the time or is it not recommendable for SSD health? :unsure:
I have Full Performance Mode enabled all of time.
Because it used DRAM as cache it (called RAPID mode) it is probably better for SSD health.

More on RAPID mode (part of the Full Performance Mode) here:

And I followed TweakHound's advice here:
Tips:
– It is not necessary to have Magician running in the system tray. Right-click on the tray icon and remove from startup.
– It is not necessary to have the SamsungMagicianSVC service running all the time. Set it to Manual:
press the Windows + S key > type services > scroll down to SamsungMagicianSVC and double-click it > change it to Manual (optionally stop it too) > click Apply
– I typically check for updates via Magician every month or so, or when it comes to mind.
– Simply running Magician will let you know if there are updates.
Standard warning: Firmware updates can go wrong…blah, blah, backup, blah blah. In all these years I’ve never had BIOS or firmware updates go wrong and I’ve done too many to count. RTFM
I only keep the Samsung RAPID Mode Service at automatic.
 
Last edited:

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,584
I have Full Performance Mode enabled all of time.
Because it used DRAM as cache it (called RAPID mode) it is probably better for SSD health.

More on RAPID mode (part of the Full Performance Mode) here:

And I followed TweakHound's advice here:

I only keep the Samsung RAPID Mode Service at automatic.
Thanks a lot :)
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
RAPID is working fine on my laptop with an 850 EVO M.2 SATA SSD on Windows 11.
No idea why it doesn't work for you @Sorrento ...
Do you have the latest version 7.0.1 ?
Perhaps an incompatibility with AMD Ryzen?

@ItsReallyMe Process Lasso ProBalance makes my old laptop running great again.
No more issues with freezes in Excel or icons not or very delayed showing in Explorer with Microsoft Defender Antivirus.
IMO it is a program not really needed on powerful hardware, but it sure helps on an Acer laptop from 2015.

For me, the combination of Samsung Magician Full Performance Mode and Process Lasso ProBalance works great (y)

Schermafbeelding 2021-12-23 125503.jpg
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top