Advanced Plus Security Gandalf_The_Grey's Security Config 2021

Last updated
Dec 21, 2021
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Microsoft Defender Antivirus
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Firewall security
Microsoft Defender Firewall
About custom security
Microsoft Defender Antivirus
  • ConfigureDefender 3.0.1.0: High settings
  • Simple Windows Hardening 1.0.1.0: Basic Recommended Settings and restrict SMB123
  • DocumentsAntiExploit 2.0.0.0: MS Office ON2
  • Controlled Folder Access: enabled
  • Core Isolation: Memory Integrity enabled
Windows 11 Pro
  • O&O ShutUp10++: almost all recommended settings...
  • O&O AppBuster: uninstalled apps I don't want or need
  • Samsung Magician: Full Performance Mode
  • Bitsum Process Lasso Pro: ProBalance enabled
Foxit PDF Reader
  • Protected View for all files, Safe Reading Mode enabled, JavaScript disabled
Periodic malware scanners
HitmanPro and AdwCleaner (for the kids)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge using Google search with uBlock Origin, Bitdefender TrafficLight, Bitwarden and Microsoft Editor as extensions
Secure DNS
From ISP (Ziggo)
Desktop VPN
AdGuard VPN
Password manager
Bitwarden browser extension
Maintenance tools
Autoruns, CCleaner, Disk Cleanup, PrivaZer, PatchMyPC, SUMo and Driver Easy
File and Photo backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
System recovery
Windows system image
Risk factors
    • Working from home
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Requesting and accepting remote access
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Notable changes
2020.12.29 Filled the new fields
2020.12.30 installed Ziggo Safe Online
2021.01.04 back to Microsoft Defender with Hard_Configurator and added SpywareBlaster
2021.01.06 removed SpywareBlaster and went with stronger H_C -setup
2021.02.01 back to simpler setup with ConfigureDefender and Simple Windows hardening. Added Process Lasso
2021.02.08 Filled the new fields, no changes to config
2021.02.12 Microsoft Defender caused problems, back to KSCF and removed Process Lasso
2021.03.03 Update Kaspersky Security Cloud Free to the latest version, removed HitmanPro and enabled Microsoft Defender periodic scanning.
2021.03.28 back to Microsoft Defender Antivirus
2021.04.25 back to Ziggo Safe Online
2021.05.03 back to Microsoft Defender Antivirus
2021.05.07 switched from the uBlock Origin to the AdGuard extension
2021.10.04 back to Ziggo Safe Online and uBlock Origin
2021.10.05 back to the AdGuard extension
2021.10.13 upgraded to Windows 11 and back to uBlock Origin
2021.10.24 back to Microsoft Defender enhanced by DefenderUI Pro
2021.10.26 back to Kaspersky Security Cloud Free and Simple Windows Hardening
2021.11.06 back to Ziggo Safe Online by F-Secure
2021.11.10 removed Simple Windows Hardening and added VoodooShield
2021.11.16 testing DefenderUI Free with the latest Voodooshield beta
2021.11.30 back to Ziggo Safe Online
2021.12.21 optimized system with Samsung Magician and Bitsum Process Lasso Pro and back to Windows built-in security
What I'm looking for?

Looking for maximum feedback.

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
@Gandalf_The_Grey do u get alerts that WD has blocked an unauthorized connection for Samsung Magician? And how do I disable these alerts/messages?
The only alert I got is because of Controlled Folder Access:
ProviderName : Microsoft-Windows-Windows Defender
Id : 1127
Message : Gecontroleerde mappentoegang heeft C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe geblokkeerd voor het aanbrengen van wijzigingen in het geheugen.
Detectietijd: 2021-12-21T21:36:57.831Z
Gebruiker: NT AUTHORITY\SYSTEM
Pad: Unknown Volume
Procesnaam: C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
Versie van beveiligingsinformatie: 1.355.633.0
Engineversie: 1.1.18800.4
Productversie: 4.18.2111.5
I had to allow C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe otherwise the Samsing Magician Software doesn't work.
 

ItsReallyMe

Level 10
Verified
Well-known
Dec 21, 2017
478
RAPID is working fine on my laptop with an 850 EVO M.2 SATA SSD on Windows 11.
No idea why it doesn't work for you @Sorrento ...
Do you have the latest version 7.0.1 ?
Perhaps an incompatibility with AMD Ryzen?

@ItsReallyMe Process Lasso ProBalance makes my old laptop running great again.
No more issues with freezes in Excel or icons not or very delayed showing in Explorer with Microsoft Defender Antivirus.
IMO it is a program not really needed on powerful hardware, but it sure helps on an Acer laptop from 2015.

For me, the combination of Samsung Magician Full Performance Mode and Process Lasso ProBalance works great (y)

View attachment 263061
do you exclude Antivirus from ProBalance?
 

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
do you exclude Antivirus from ProBalance?
No, generally speaking ProBalance doesn't touch any real time security software:
Where is my security software process(es)? I do not see them listed!
During our real-world research, we discovered that some anti-virus software has tamper detection mechanisms that are ‘triggered’ by simply ‘looking at’ their process. Yes, simply looking at them – something I’ve verified with their own engineers. We are working on some work-arounds so that these are listed again for v6, but the thing is that these processes should not be *touched* by the end user. This would not be a problem, BUT these software emit not one ‘tamper detection’ log event, but thousands and thousands — to the point of slowing down some PCs. Don’t ask me why they emit thousands of duplicate tamper detection events, you can ask them that . Anyway, to AVOID this, we do not even touch certain processes.

You may say, but my security software uses a lot of CPU resources, I need to tame it!

Indeed, it does use a lot of CPU and I/O resources, *BUT* it should NEVER be tamed. By design the real time scanners run at the highest available priority already – even if their priority class doesn’t show that, the thread priority is surely real-time or highest. Why? Because you WANT whatever the scanner has to do to be completed as quickly as possible. Other processes must WAIT for the ‘scan’ to complete. Thus, you never want to interfere with this process, NOR do you want to try ‘optimize’ it yourself, as you can seriously jeopardize the synergy of your PC.

Remember, Process Lasso was *never* meant to be a full-fledged task manager. It is an automation and optimization tool. Thus, we focus on THAT, and that alone.
 

Sorrento

Level 11
Verified
Top Poster
Well-known
Dec 7, 2021
527
One final question: Are you all that's running RAPID M.2@ PCIe 4 ? And when I bought the Samsung SSD 980 Pro 1TB I seemed there were some differences between the 1TB and smaller drives of 980 Pro's? (M.2) I'll see what Samsung say - Thank you :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top