Latest changes
Sep 27, 2020
Daily driver
My primary device
Operating system
Windows 10 Pro
OS version
Version 20H2 Build 19042.541
System type
64-bit operating system; x64-based processor
Security updates
Automatically allow security and feature updates
Windows UAC
Always notify
Firewall protection
Microsoft Defender Firewall
Account privileges
Administrator account
Account type
Sign in with associated Microsoft ID
Account log-in
  1. Windows Hello Fingerprint
  2. Windows Hello PIN
Exposure to malware
No malware samples are downloaded
Real-time Malware protection
Microsoft Defender Antivirus
Hard_Configurator 5.1.1.2
SpywareBlaster 6.0
HomeCare by Trend Micro on TP-Link Archer AX6000 router
RTP configuration
ConfigureDefender High settings
Hard_Configurator with Windows_10_Basic_Recommended_Settings profile
Under Core Isolation set Memory Integrity to enabled
Periodic scanners
HitmanPro and AdwCleaner (for the kids)
Browser and Add-ons
Microsoft Edge with uBlock Origin, Bitwarden and Microsoft Editor
Privacy tools and VPN
SpywareBlaster all protection enabled, MS Edge Tracking Prevention on Strict and uBlock Origin, Windscribe 50GB free VPN
Password manager
Bitwarden Premium
Search engine
Google
Maintenance tools
CCleaner, PrivaZer Donors version, PatchMyPC, SUMo and Driver Easy Pro
Photos and Files backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
File Backup schedule
Automatically sync to the cloud
Backup and Restore
Windows system image
Backup schedule
Once or more per year
Computer Activity
  1. Online banking
  2. Browsing the web and checking emails
  3. Streaming movies, TV shows and music from the Internet
  4. Shared computer is used by other family members
  5. Office and other work-related software (Work from Home)
  6. Recording and editing video or photos
Computer Specifications
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Your changelog
2020.02.23 removed VoodooShield and uBlock Origin and added Kaspersky Security Cloud Free and AdGuard (extension).
2020.03.09 removed AdGuard and Kaspersky Security Cloud Free and added Hard_Configurator 5.0.0.1 beta uBlock Origin and the Netcraft extension. replaced Bandizip with Explzh because of the advertisements in the free version.
2020.03.22 removed Hard_Configurator, kept ConfigureDefender, DocumentsAntiExploit and RunBySmartscreen.
Added NoVirusThanks SysHardener, VoodooShield and the Certificate Info extension.
2020.03.28 added Ziggo safe Online and Hard_Configurator and removed SysHardner.
2020.03.30 removed CCleaner Pro
2020.04.05 installed HC 5.0.01 beta with recommended settings. Removed VoodooShield.
Tried to minimize extensions: replaced uBlock Origin with AdGuard and removed Certificate Info and Netcraft. Added Microsoft Editor. All extensions are now from the Microsoft Store except Browsing Protection by F-Secure (installed automatically).
2020.04.22 Removed Ziggo Safe Online and Hard_Configurator Trying Windows Defender with Comodo Firewall.
2020.05.04 removed Comodo Firewall and installed Emsisoft Ant-Malware Home.
2020.05.08 replaced Emsisoft Anti-Malware with Kaspersky Security Cloud Free
2020.05.18 replaced KSC Free with WD and uninstalled some browser extensions.
2020.07.05 back to Bitwarden and Bitdefender TrafficLight and WhitelistCloud added.
2020.07.08 switched form WhitelistCloud to VoodooShield Pro. Went from uBlock Origin to AdGuard.
2020.07.15 Back to KSC Free.
2020.08.09 added SpywareBlaster 5.7 Private Beta with MS Edge support.
2020.08.12 back to Microsoft Defender Antivirus
2020.08.15 back to Kaspersky Security Cloud Free
2020.08.31 removed O&O ShutUp 10 and went back to Microsoft Defender
202.09.27 removed Bitdefender TrafficLight and went back from Simple Windows Hardening to Hard_Configurator

Gandalf_The_Grey

Level 36
Verified
Trusted
Content Creator
Thinking about Simple Windows Hardening vs Hard_Configurator.
If you use Simple Windows Hardening with ConfigureDefender, FirewallHardening and use Autoruns isn't easier to just use Hard_Configurator with the Windows_10_Basic_Recommended_Settings profile instead?
One tool to install and not having to download and maintain multiple portable programs.
The protection level is the same.
Any pros or cons?
@Andy Ful What do you think?
 

silversurfer

Level 64
Verified
Trusted
Content Creator
Malware Hunter
Thinking about Simple Windows Hardening vs Hard_Configurator.
If you use Simple Windows Hardening with ConfigureDefender, FirewallHardening and use Autoruns isn't easier to just use Hard_Configurator with the Windows_10_Basic_Recommended_Settings profile instead?
One tool to install and not having to download and maintain multiple portable programs.
The protection level is the same.
Any pros or cons?
Just going to use H_C as you are able to handle tools like that...
I'm personally running WD/MD and using H_C included tools like CD & FH, that's for me easier to control over the main GUI of H_C.
 

Gandalf_The_Grey

Level 36
Verified
Trusted
Content Creator
@Gandalf_The_Grey

No idea. These configs are the same.
You can use SWH + ConfigureDefender + FirewallHardening via 3 shortcuts on your Desktop (copy these applications first to Windows folder) or use H_C. It will be rather the choice of taste (like which GUI do you like better).:)
After trying both configs I like the one with the standalone tools more.
Just pinned those 3 to the startmenu.
Less exes installed in total and the logging is better / more filtered.
Example: the log of ConfigureDefender contains entries when Microsoft Defender (and the system) starts. Not needed I think.
The logs of the standalone ConfigureDefender doesn't show them.
Both contain some blocks for Controlled Folder Access (needed).
 

Gandalf_The_Grey

Level 36
Verified
Trusted
Content Creator
Experimenting with the for me best and most easy protection for the laptops in my household/family
Tried VoodooShield, but one of the laptops in my household froze completely with it.
Tried Comodo Firewall with CS settings, but it has still a problem with unrecognizing safe Windows files, so needs to be babysitted.
So back to Hard_Configurator where whitelisting is easier than in Simple Windows Hardening because of the apply changes button.
When something is blocked on the laptops of my children it's quite easy to see in the log and if needed whitelist by file.
@Andy Ful Is it correct that there is no apply settings button in Simple Windows Hardening or am I missing something?
 

Andy Ful

Level 63
Verified
Trusted
Content Creator
That's correct, but what do you do after whitelisting a file? Do you have to log out or reboot?
Both SWH and H_C ver. 5.1.1.2 apply whitelisted SRP entries on the fly - no need to reboot or Log off. When the reboot is required, then H_C will alert while pressing the <REFRESH> button, SWH alerts about the reboot only when SMB settings are changed.
SWH is much simpler and does not need the <REFRESH> button.

Edit.
If you use this config on the child's computer, then you can set in ConfigureDefender the ASR rule "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" to ON. This should not be a problem, but if something will be blocked by this rule, then please remember to wait about 2 days, or if you are certain that the file is clean set this rule temporarily to Audit and next install/update and finally run the installed/updated application. Do not try to whitelist the blocked file in H_C or exclude it in WD, because this will not work when this ASR rule was triggered.
 
Last edited:
Top