Advanced Plus Security Gandalf_The_Grey's laptop config for 2020

Last updated
Nov 30, 2020
How it's used?
For home and private use
Operating system
Windows 10
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Microsoft Defender Antivirus
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Firewall security
Microsoft Defender Firewall
About custom security
Microsoft Defender Antivirus set to High with ConfigureDefender
Controlled Folder Access enabled (not on the kid's laptops)
Memory integrity under Core Isolation enabled (not on the kid's laptops)
Hard_Configurator with Windows_10_Basic_Recommended_Settings
Periodic malware scanners
HitmanPro, Kaspersky Virus Removal Tool and AdwCleaner (for the kids)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge with uBlock Origin, Bitdefender TrafficLight, Bitwarden and Microsoft Editor
Google Chrome with the same extensions plus the Microsoft Defender Browser Protection extension on the kid's laptops.
They use Edge for school and Chrome for fun
Maintenance tools
Autoruns, CCleaner, PatchMyPC, SUMo and Driver Easy Pro
File and Photo backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
System recovery
Windows system image
Risk factors
    • Browsing to popular websites
    • Logging into my bank account
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Notable changes
2020.02.23 removed VoodooShield and uBlock Origin and added Kaspersky Security Cloud Free and AdGuard (extension).
2020.03.09 removed AdGuard and Kaspersky Security Cloud Free and added Hard_Configurator 5.0.0.1 beta uBlock Origin and the Netcraft extension. replaced Bandizip with Explzh because of the advertisements in the free version.
2020.03.22 removed Hard_Configurator, kept ConfigureDefender, DocumentsAntiExploit and RunBySmartscreen.
Added NoVirusThanks SysHardener, VoodooShield and the Certificate Info extension.
2020.03.28 added Ziggo safe Online and Hard_Configurator and removed SysHardner.
2020.03.30 removed CCleaner Pro
2020.04.05 installed HC 5.0.01 beta with recommended settings. Removed VoodooShield.
Tried to minimize extensions: replaced uBlock Origin with AdGuard and removed Certificate Info and Netcraft. Added Microsoft Editor. All extensions are now from the Microsoft Store except Browsing Protection by F-Secure (installed automatically).
2020.04.22 Removed Ziggo Safe Online and Hard_Configurator Trying Windows Defender with Comodo Firewall.
2020.05.04 removed Comodo Firewall and installed Emsisoft Ant-Malware Home.
2020.05.08 replaced Emsisoft Anti-Malware with Kaspersky Security Cloud Free
2020.05.18 replaced KSC Free with WD and uninstalled some browser extensions.
2020.07.05 back to Bitwarden and Bitdefender TrafficLight and WhitelistCloud added.
2020.07.08 switched form WhitelistCloud to VoodooShield Pro. Went from uBlock Origin to AdGuard.
2020.07.15 Back to KSC Free.
2020.08.09 added SpywareBlaster 5.7 Private Beta with MS Edge support.
2020.08.12 back to Microsoft Defender Antivirus
2020.08.15 back to Kaspersky Security Cloud Free
2020.08.31 removed O&O ShutUp 10 and went back to Microsoft Defender
2020.09.27 removed Bitdefender TrafficLight and went back from Simple Windows Hardening to Hard_Configurator
2020.10.27 went from WD to KSCFree and from uBlock Origin to AdGuard.
2020.11.14 back to WD on high and simplified config
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,514
Gandalf_The_Grey said:
Thanks Andy (y)
This is the complete line in the log:
De beheerder heeft de toegang tot ...
\AppData\Local\Temp\7zS6ECF\FileExtractor.exe beperkt op locatie met de beleidsregel {1016bbe0-a716-428b-822e-3e544b6a3281} voor het pad C:\Users\*\AppData\Local\Temp\7z?????????\*.exe.
Click to expand...
Your post was helpful to me.:)
Thanks to you I figured out how to avoid blocking software updates made via 7-Zip SFX installers. Simply, if one tries to run the executable from 7-Zip GUI, it is unpacked and executed in the temporary folder ...\AppData\Local\Temp\7zO....\ . But, when the application updates via SFX, it uses the folder ...\AppData\Local\Temp\7zS....\.
So the improved H_C rule should block only the first scenario by applying the SRP rule: ...\AppData\Local\Temp\7zO????????\*.exe
 
  • Like
  • Applause
  • +Reputation
Reactions: Nevi, Stopspying, Protomartyr and 6 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
Andy Ful said:
Your post was helpful to me.:)
Thanks to you I figured out how to avoid blocking software updates made via 7-Zip SFX installers. Simply, if one tries to run the executable from 7-Zip GUI, it is unpacked and executed in the temporary folder ...\AppData\Local\Temp\7zO....\ . But, when the application updates via SFX, it uses the folder ...\AppData\Local\Temp\7zS....\.
So the improved H_C rule should block only the first scenario by applying the SRP rule: ...\AppData\Local\Temp\7zO????????\*.exe
Click to expand...
Great (y)
That means there is no more block when extracting a fresh copy of HP Print and Scan Doctor in future versions of HC?
You're spoiling me :D
 
  • Like
Reactions: Stopspying, Protomartyr, oldschool and 6 others
Lenny_Fox

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
@Gandalf_The_Grey

I am not using Office365, so I don't know anything about Office365 ransomware protection. Does his ransomware protection works without Windows Defender (since you are using Ziggo's rebranded F-secure)?

@Andy Ful
With all the Office and Script Attack Surface Reduction rules available for Windows Defender, my guess is that Windows Defender is probably the best AV to companion Microsoft Office. What is your take on this assumption?
 
  • Like
Reactions: Nevi, Stopspying, Protomartyr and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,514
Lenny_Linux said:
...
@Andy Ful
With all the Office and Script Attack Surface Reduction rules available for Windows Defender, my guess is that Windows Defender is probably the best AV to companion Microsoft Office. What is your take on this assumption?
Click to expand...
It is the best solution among free AVs. Some MS Office 365 subscriptions (Office 365 Enterprise E5, Office 365 Education A5, and Microsoft 365 Business) additionally include Advanced Threat Protection.
docs.microsoft.com

Office 365 Advanced Threat Protection service description - Service Descriptions

Microsoft Office 365 Advanced Threat Protection (ATP) is a cloud-based email filtering service that helps protect your organization against unknown malware and viruses by providing robust zero-day protection, and includes features to safeguard your organization from harmful links in real time.
docs.microsoft.com
Some paid AVs have also got dedicated protection for MS Office documents.
Most of the home users can simply tweak MS Office or use a configurator to block active content in documents, which also will provide strong protection.
 
  • Like
  • +Reputation
  • Thanks
Reactions: Stopspying, Protomartyr, Lenny_Fox and 4 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
Lenny_Linux said:
@Gandalf_The_Grey

I am not using Office365, so I don't know anything about Office365 ransomware protection. Does his ransomware protection works without Windows Defender (since you are using Ziggo's rebranded F-secure)?

@Andy Ful
With all the Office and Script Attack Surface Reduction rules available for Windows Defender, my guess is that Windows Defender is probably the best AV to companion Microsoft Office. What is your take on this assumption?
Click to expand...
This ransomware protection works without Windows Defender and is accessible through Windows Security Center:
Aantekening 2020-04-06 164958.png

Aantekening 2020-04-06 165416.png
 
  • Like
  • Thanks
Reactions: Deletedmessiah, Stopspying, Protomartyr and 5 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
To celebrate the comeback of @cruelsister I am using the combination of Windows Defender enhanced by @Andy Ful together with Comodo Firewall enhanced by @cruelsister :cool:
Q&A - What Browser Extensions are you using in 2020? made me install I don't care about cookies again.
By replacing Ziggo Safe Online and AdGuard with Windows defender and uBlock origin my browsing speed has improved.
Added Bitdefender TrafficLight to beef up the web protection of Edge and Windows Defender.
 
  • Like
  • HaHa
Reactions: sportiv99, Moonhorse, cryogent and 14 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
Controlled folder access is still a major pain in the ass... But like shown in the HUB tests done by @Solarquest necessary.

So far, I had to allow:
HP Officejet Pro 9015:
HPScan.exe
Comodo:
Autoruns.exe (not needed if you don't use that utility)
CCE.exe (not needed if you don't use that utility)
cis.exe
cmdagent.exe
Hitman Pro:
HitmanPro.exe
Windows:
svchost.exe
taskhostw.exe
WmiPrvSE.exe
TiWorker.exe

Hope I'm not punching too many holes in its protection 🤔
 
Last edited:
  • Like
Reactions: Moonhorse, Protomartyr, oldschool and 5 others
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
Gandalf_The_Grey said:
To celebrate the comeback of @cruelsister I am using the combination of Windows Defender enhanced by @Andy Ful together with Comodo Firewall enhanced by @cruelsister :cool:
Q&A - What Browser Extensions are you using in 2020? made me install I don't care about cookies again.
By replacing Ziggo Safe Online and AdGuard with Windows defender and uBlock origin my browsing speed has improved.
Added Bitdefender TrafficLight to beef up the web protection of Edge and Windows Defender.
Click to expand...
Now this makes me wanna try CF too 😖 I'll do a fresh install of my system when Windows 10 2004 releases on May 12 so this is a good time for me to do some experiments 🧐
 
  • Like
  • HaHa
Reactions: Moonhorse, Protomartyr, oldschool and 4 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
SeriousHoax said:
Are these really necessary? :unsure: CFA never blocked anything related to these system processes on my PC.
Click to expand...
I don't know, but it can be because I'm running Windows 10 2004 Release Preview now.
Will see after a clean install of Windows 10 2004 when it's officially released in May.
 
  • Like
  • Applause
Reactions: Moonhorse, CyberTech, Protomartyr and 4 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
SeriousHoax said:
Now this makes me wanna try CF too 😖 I'll do a fresh install of my system when Windows 10 2004 releases on May 12 so this is a good time for me to do some experiments 🧐
Click to expand...
Make sure you install the latest version 12.2.2.7036.
That's problem free, the one before had some nasty bugs.
 
  • Like
  • Thanks
Reactions: Moonhorse, Protomartyr, SeriousHoax and 3 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,284
Back3 said:
I had Comodo Firewall at CS settings and Windows Defender with Configure Defender for nearly a year .A few days ago,I ditched Comodo for H_C. How do you like CF version 12.2 ? Any glitches?
Click to expand...
I just ditched H_C for Comodo Firewall :D
But keep being interested in its development.

There are so many great programs to choose from...Windows Defender (with Andy's tools), Kaspersky Security Cloud Free, F-Secure Safe, Comodo Firewall, VoodooShield (and of course the complete Hard_Configurator package).

The latest version 12.2.2.7036 of Comodo Firewall works great and without any issues on my system (y)
 
  • Like
  • Applause
Reactions: Parsh, toto_10, stefanos and 5 others
You must log in or register to reply here.

Similar threads

RRlight
    • Like
Advanced Security RRlight gaming laptop config 2024
Replies
4
Views
218
PC Setup Configuration Help & Showcase
RRlight
RRlight
Gandalf_The_Grey
    • Like
Microsoft pulls fix for Outlook bug behind ICS security alerts
Replies
1
Views
489
Office, email and business apps
Bot
Bot
S
New Microsoft guidance for the DoD Zero Trust Strategy
Replies
1
Views
643
Microsoft Defender
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top