Advanced Plus Security Gandalf_The_Grey's laptop config for 2020

Last updated
Nov 30, 2020
How it's used?
For home and private use
Operating system
Windows 10
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Microsoft Defender Antivirus
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Firewall security
Microsoft Defender Firewall
About custom security
Microsoft Defender Antivirus set to High with ConfigureDefender
Controlled Folder Access enabled (not on the kid's laptops)
Memory integrity under Core Isolation enabled (not on the kid's laptops)
Hard_Configurator with Windows_10_Basic_Recommended_Settings
Periodic malware scanners
HitmanPro, Kaspersky Virus Removal Tool and AdwCleaner (for the kids)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge with uBlock Origin, Bitdefender TrafficLight, Bitwarden and Microsoft Editor
Google Chrome with the same extensions plus the Microsoft Defender Browser Protection extension on the kid's laptops.
They use Edge for school and Chrome for fun
Maintenance tools
Autoruns, CCleaner, PatchMyPC, SUMo and Driver Easy Pro
File and Photo backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
System recovery
Windows system image
Risk factors
    • Browsing to popular websites
    • Logging into my bank account
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Notable changes
2020.02.23 removed VoodooShield and uBlock Origin and added Kaspersky Security Cloud Free and AdGuard (extension).
2020.03.09 removed AdGuard and Kaspersky Security Cloud Free and added Hard_Configurator 5.0.0.1 beta uBlock Origin and the Netcraft extension. replaced Bandizip with Explzh because of the advertisements in the free version.
2020.03.22 removed Hard_Configurator, kept ConfigureDefender, DocumentsAntiExploit and RunBySmartscreen.
Added NoVirusThanks SysHardener, VoodooShield and the Certificate Info extension.
2020.03.28 added Ziggo safe Online and Hard_Configurator and removed SysHardner.
2020.03.30 removed CCleaner Pro
2020.04.05 installed HC 5.0.01 beta with recommended settings. Removed VoodooShield.
Tried to minimize extensions: replaced uBlock Origin with AdGuard and removed Certificate Info and Netcraft. Added Microsoft Editor. All extensions are now from the Microsoft Store except Browsing Protection by F-Secure (installed automatically).
2020.04.22 Removed Ziggo Safe Online and Hard_Configurator Trying Windows Defender with Comodo Firewall.
2020.05.04 removed Comodo Firewall and installed Emsisoft Ant-Malware Home.
2020.05.08 replaced Emsisoft Anti-Malware with Kaspersky Security Cloud Free
2020.05.18 replaced KSC Free with WD and uninstalled some browser extensions.
2020.07.05 back to Bitwarden and Bitdefender TrafficLight and WhitelistCloud added.
2020.07.08 switched form WhitelistCloud to VoodooShield Pro. Went from uBlock Origin to AdGuard.
2020.07.15 Back to KSC Free.
2020.08.09 added SpywareBlaster 5.7 Private Beta with MS Edge support.
2020.08.12 back to Microsoft Defender Antivirus
2020.08.15 back to Kaspersky Security Cloud Free
2020.08.31 removed O&O ShutUp 10 and went back to Microsoft Defender
2020.09.27 removed Bitdefender TrafficLight and went back from Simple Windows Hardening to Hard_Configurator
2020.10.27 went from WD to KSCFree and from uBlock Origin to AdGuard.
2020.11.14 back to WD on high and simplified config

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Got a new HP OfficeJet Pro 9015 All-in-One Printer this weekend:
Unfortunately I couldn't get scanning over wifi to my laptop to work with Hard_Configurator at recommended settings.
And I couldn't find any blocks in the logs to help me troubleshoot that problem.
So I removed Hard_Configurator but kept ConfigureDefender, DocumentsAntiExploit and RunBySmartscreen.
I added SysHardner (recommended settings) and VoodooShield (AutoPilot Mode).
Now everything works fine.
Those HP wifi-enabled printers have a big problem with changing IP. You often need to restart the computer and/or the printer to get it to recognize the IP of the printer. Simply drives me crazy, so I made a wired connection from the printer to the router.
It is sort of a random issue, you never know when the printer will work and when it will not.
Just thought I would mention that -- you might have a different problem.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Those HP wifi-enabled printers have a big problem with changing IP. You often need to restart the computer and/or the printer to get it to recognize the IP of the printer. Simply drives me crazy, so I made a wired connection from the printer to the router.
It is sort of a random issue, you never know when the printer will work and when it will not.
Just thought I would mention that -- you might have a different problem.
I can second that I’ve had this problem. It’s also been worse on some routers than others.
 

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
Those HP wifi-enabled printers have a big problem with changing IP. You often need to restart the computer and/or the printer to get it to recognize the IP of the printer. Simply drives me crazy, so I made a wired connection from the printer to the router.
It is sort of a random issue, you never know when the printer will work and when it will not.
Just thought I would mention that -- you might have a different problem.
I can second that I’ve had this problem. It’s also been worse on some routers than others.
Thanks you both for your replies. Not a problem at the moment but good to know there is a workaround (wired connection) 👍
 

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
It was not probably blocked by SRP default-deny, but by one o the hardening restrictions (from the right panel) or by one of FirewallHardening rules. HP printers use HTA scripts, and if mshta.exe outbound connections are blocked the Wi-Fi features may not work properly. Anyway, you did not need the H_C to be safe.:)(y)
Thanks @Andy Ful 👍
I had removed all FirewallHardening rules, so it was probably one of the hardening restrictions (from the right panel).
Good to know where to start troubleshooting if I want to return to the H_C one day.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,593
Thanks @Andy Ful 👍
I had removed all FirewallHardening rules, so it was probably one of the hardening restrictions (from the right panel).
Good to know where to start troubleshooting if I want to return to the H_C one day.
By the way (for my knowledge) did you restarted the computer after removing Firewall rules?
 

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
COVID19 introduced working from home and like our president calls it intelligent self-isolation.
As a result, I use my personal laptop more and more, also for work and spent even more time here on MalwareTips.
After discussion with @oldschool and @The Cog in the Machine I realized that Windows Defender and VoodooShield are not the best combo.
Together they cause a delay when launching apps and that the by my ISP offered Ziggo Safe Online by F-Secure is a great alternative.
I had my doubts about SysHardner because it's not actively supported at the moment.
Luckily Hard_Configurator is a well-supported alternative, thanks again @Andy Ful !
I love to use tools like uBlock Origin, Hard_Configurator, and VoodooShield because of their logs.
With those logs, you can clearly see what's happening on your system.
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
COVID19 introduced working from home and like our president calls it intelligent self-isolation.
As a result, I use my personal laptop more and more, also for work and spent even more time here on MalwareTips.
After discussion with @oldschool and @The Cog in the Machine I realized that Windows Defender and VoodooShield are not the best combo.
Together they cause a delay when launching apps and that the by my ISP offered Ziggo Safe Online by F-Secure is a great alternative.
I had my doubts about SysHardner because it's not actively supported at the moment.
Luckily Hard_Configurator is a well-supported alternative, thanks again @Andy Ful !
I love to use tools like uBlock Origin, Hard_Configurator, and VoodooShield because of their logs.
With those logs, you can clearly see what's happening on your system.
F-Secure is very decent and light on system resources. Are you planning to use Voodooshield with it (I would not)?
 

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
I tried f secure 2 months ago. And a year ago. Same results on my system. Low ram and cpu. Slow boot time , and delay the browsers and applications
While it is surprising to me, I know that the same product might behave differently on different systems. Anyway, I suggest you contact the support if it happens and you try F-Secure again; I feel that there was sth wrong on your device as I did not experience a delay in system startup even on a low-end laptop. The only slowdown happens when you enable F-Secure browser extension.
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
While it is surprising to me, I know that the same product might behave differently on different systems. Anyway, I suggest you contact the support if it happens and you try F-Secure again; I feel that there was sth wrong on your device as I did not experience a delay in system startup even on a low-end laptop. The only slowdown happens when you enable F-Secure browser extension.
I have one year licence from MT. But for now i am so pleased with Kaspersky. My laptop start like ferari , so low RAM and CPU . Just perfect
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
While it is surprising to me, I know that the same product might behave differently on different systems. Anyway, I suggest you contact the support if it happens and you try F-Secure again; I feel that there was sth wrong on your device as I did not experience a delay in system startup even on a low-end laptop. The only slowdown happens when you enable F-Secure browser extension.
For this i write on my system ;)
 

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
@stefanos and @The Cog in the Machine No issues here with boot time and delays of the web browser.

For me, the boot time is always the same with Windows Defender, Kaspersky Security Cloud Free, and Ziggo safe Online:
Aantekening 2020-03-28 213207.png

Maybe disabling banking protection is the cause that I notice no delays in web browsing.

And of course, every system is different...
 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
I noticed that you use PatchMyPC and SUMo, do you find that one of them finds enough updates that the other one misses to make it worthwhile to use both? Currently I'm only using PatchMyPC, I used to use both but I wasn't too sure what KCSoftwares (SUMo's makers) do with the information SUMo gathers from our devices.

I love to use tools like uBlock Origin, Hard_Configurator, and VoodooShield because of their logs.
With those logs, you can clearly see what's happening on your system.
(y)
 

sepik

Level 11
Verified
Well-known
Aug 21, 2018
505
Nice setup, indeed! How about Driver Easy, is it any good? Im using Driver Booster/Snappy Driver Installer Origin.
According to your hw spec, you are using 850 Evo m.2. About a week ago Samsung released v3.3 nvme m.2 drivers. Im using two years old Lenovo Legion desktop 'puter with OEM Samsung m2 nvme 256gb. So for testing purposes, i "forced" to install the new v3.3 driver. Then i ran crystal disk mark and noticed roughly +7 % read/write speed boost. Well, even +7% is not much, but not bad either. :)
EDIT: Forgot to say, for OEM nvme m2, Windows uses its own "Microsoft surface..." drivers. Force it to use samsung nvme m2, and speeds goes up to like 15%. Which is quite funny i think.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top