SECURITY: Complete Gandalf_The_Grey's Security Config 2021

Last updated
Oct 24, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 11
OS edition
Home
Login security
    • Password-less (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
Third-party router
Real-time protection
Microsoft Defender Antivirus
DefenderUI Pro 0.95 beta
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
DefenderUI Pro 0.95 beta
Started with Recommended Profile, enabled light mode, enabled CFA, blocked notifications for recent activity and threats found that don't need immediate action
Windows 11
Memory Integrity enabled
Foxit PDF Reader 11.1.0.52543
Protected View for all files, Safe Reading Mode enabled, JavaScript disabled
Malware testing
No malware samples
Periodic security scanners
HitmanPro and AdwCleaner (for the kids)
Secure DNS
From ISP (Ziggo)
VPN
AdGuard VPN (seldom used)
Password manager
Bitwarden extension
Browsers, Search and Addons
Microsoft Edge with uBlock Origin, Bitwarden, Bitdefender TrafficLight and Microsoft Editor
Maintenance and Cleaning
Autoruns, CCleaner, Disk Cleanup, PatchMyPC and SUMo
Personal Files & Photos backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
Personal backup routine
Automatic (scheduled)
Device recovery & backup
Windows system image
Device backup routine
Manual (maintained by self)
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Emails. 
  4. Shopping. 
  5. Banking. 
  6. Multimedia. 
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Personal changelog
2020.12.29 Filled the new fields
2020.12.30 installed Ziggo Safe Online
2021.01.04 back to Microsoft Defender with Hard_Configurator and added SpywareBlaster
2021.01.06 removed SpywareBlaster and went with stronger H_C -setup
2021.02.01 back to simpler setup with ConfigureDefender and Simple Windows hardening. Added Process Lasso
2021.02.08 Filled the new fields, no changes to config
2021.02.12 Microsoft Defender caused problems, back to KSCF and removed Process Lasso
2021.03.03 Update Kaspersky Security Cloud Free to the latest version, removed HitmanPro and enabled Microsoft Defender periodic scanning.
2021.03.28 back to Microsoft Defender Antivirus
2021.04.25 back to Ziggo Safe Online
2021.05.03 back to Microsoft Defender Antivirus
2021.05.07 switched from the uBlock Origin to the AdGuard extension
2021.10.04 back to Ziggo Safe Online and uBlock Origin
2021.10.05 back to the AdGuard extension
2021.10.13 upgraded to Windows 11 and back to uBlock Origin
2021.10.24 back to Microsoft Defender enhanced by DefenderUI Pro
Feedback Response

Most critical feedback

F

ForgottenSeer 85179

They block 232 cookies:
[*.]e-plus.cc
[*.]100hot.com
[*.]101webstats.com
[*.]123count.com
[*.]123counts.com
[*.]247media.com
[*.]247realmedia.com
[*.]7adpower.com
[*.]7search.com
[*.]8ad.com
[*.]911promotion.com
[*.]acecounter.com
[*.]activemeter.com
[*.]ad-flow.com
[*.]ad-logics.com
[*.]adbrite.com
[*.]adbureau.com
[*.]adbutler.com
[*.]addynamix.com
[*.]adengage.com
[*.]adforce.com
[*.]adhostingsolutions.com
[*.]adinterax.com
[*.]adjuggler.com
[*.]adlegend.com
[*.]adminder.com
[*.]admodus.com
[*.]admonitor.com
[*.]adorigin.com
[*.]adrevolver.com
[*.]ads360.com
[*.]adserver.com
[*.]adservingcentral.com
[*.]advertising.com
[*.]advertserve.com
[*.]adviva.com
[*.]affiliatefuel.com
[*.]aggregateknowledge.com
[*.]atdmt.com
[*.]aureate.com
[*.]bankads.com
[*.]bfast.com
[*.]bluestreak.com
[*.]bpath.com
[*.]bridgetrack.com
[*.]brilliantdigital.com
[*.]burstmedia.com
[*.]burstnet.com
[*.]casalemedia.com
[*.]centrport.com
[*.]cj.com
[*.]click2net.com
[*.]clickagents.com
[*.]clickfinders.com
[*.]comclick.com
[*.]cometcursor.com
[*.]cometcursors.com
[*.]commission-junction.com
[*.]commissionpartner.com
[*.]coremetrics.com
[*.]counted.com
[*.]cpxinteractive.com
[*.]dbbsrv.com
[*.]directnetadvertising.com
[*.]directtrack.com
[*.]doubleclick.com
[*.]ebch.com
[*.]ebdv.com
[*.]ebdw.com
[*.]ebjp.com
[*.]ebkn.com
[*.]ebky.com
[*.]eblv.com
[*.]ebvr.com
[*.]ecwz.com
[*.]ecyb.com
[*.]eduy.com
[*.]eeev.com
[*.]engage.com
[*.]ads.enliven.com
[*.]epilot.com
[*.]euniverseads.com
[*.]ezhits4u.com
[*.]falkag.com
[*.]fastadvert.com
[*.]fastclick.com
[*.]findwhat.com
[*.]flycast.com
[*.]flyswat.com
[*.]focalink.com
[*.]gator.com
[*.]gatoradvertisinginformationnetwork.com
[*.]goclick.com
[*.]hightrafficads.com
[*.]hitbox.com
[*.]hitboxcentral.com
[*.]hitslink.com
[*.]hotnaughtywives.com
[*.]ibmx.com
[*.]icwb.com
[*.]icwo.com
[*.]icwp.com
[*.]iddh.com
[*.]idhh.com
[*.]ifiz.com
[*.]iguu.com
[*.]infinite-ads.com
[*.]internetfuel.com
[*.]link4ads.com
[*.]linkbuddies.com
[*.]linksynergy.com
[*.]lop.com
[*.]mainentrypoint.com
[*.]marketscore.com
[*.]matchcraft.com
[*.]mediaplex.com
[*.]narrowcastmedia.com
[*.]offshoreclicks.com
[*.]opentracker.com
[*.]overture.com
[*.]oxcash.com
[*.]paycounter.com
[*.]paypopup.com
[*.]pointroll.com
[*.]popupsponsor.com
[*.]popuptraffic.com
[*.]porntrack.com
[*.]porntracker.com
[*.]preferences.com
[*.]pstats.com
[*.]qksrv.com
[*.]questionmarket.com
[*.]radiate.com
[*.]realtracker.com
[*.]res99.com
[*.]roispy.com
[*.]ru4.com
[*.]s005-01-4-11-234545-68181.com
[*.]samz.com
[*.]saoe.com
[*.]sbjr.com
[*.]sbnl.com
[*.]sbnt.com
[*.]sbvr.com
[*.]scbm.com
[*.]sckr.com
[*.]scrk.com
[*.]sdry.com
[*.]seld.com
[*.]sex-in-www.com
[*.]sexlist.com
[*.]sextracker.com
[*.]sfux.com
[*.]sheat.com
[*.]sipo.com
[*.]smartadserver.com
[*.]smartclicks.com
[*.]smds.com
[*.]specificpop.com
[*.]spermatrix.com
[*.]spylog.com
[*.]srib.com
[*.]srox.com
[*.]srsf.com
[*.]ssaw.com
[*.]ssby.com
[*.]surj.com
[*.]targetnet.com
[*.]tbvg.com
[*.]tdak.com
[*.]tdko.com
[*.]tefs.com
[*.]tfil.com
[*.]thko.com
[*.]torc.com
[*.]track-star.com
[*.]tradedoubler.com
[*.]trafficmarketplace.com
[*.]trafficmp.com
[*.]trafficsupport.com
[*.]tribalfusion.com
[*.]utopiad.com
[*.]valuead.com
[*.]valueclick.com
[*.]wbkb.com
[*.]webads.com
[*.]webtrendslive.com
[*.]wegcash.com
[*.]wfix.com
[*.]wflu.com
[*.]xxxcounter.com
[*.]xxxtoolbar.com
[*.]yieldmanager.com
[*.]zedo.com
[*.]adbutler.de
[*.]adtech.de
[*.]falkag.de
[*.]partnercash.de
[*.]realmedia.fr
[*.]valueclick.ne.jp
[*.]2o7.net
[*.]adbutler.net
[*.]admonitor.net
[*.]ads360.net
[*.]adtrak.net
[*.]adviva.net
[*.]bannerbank.net
[*.]centrport.net
[*.]cometcursor.net
[*.]cometcursors.net
[*.]commission-junction.net
[*.]coremetrics.net
[*.]directnetadvertising.net
[*.]doubleclick.net
[*.]fastclick.net
[*.]hyperbanner.net
[*.]mainentrypoint.net
[*.]marketscore.net
[*.]opentracker.net
[*.]qksrv.net
[*.]realtracker.net
[*.]revenue.net
[*.]smartclicks.net
[*.]specificclick.net
[*.]targetnet.net
[*.]trafficvenue.net
[*.]trakkerd.net
[*.]valueclick.net
[*.]wegcash.net
[*.]falkag.org
[*.]hotlog.ru
[*.]doubleclick.co.uk
These are third party cookies aren't they?
So why not simple block all of them instead of using a (not completely) blacklist?
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
IE is EoL anyway and should be uninstalled so this protection doesn't do anything but legacy, unneeded stuff.

Didn't you already uninstall old IE?
Yes, but I had to reinstall it because I needed it for work.
We have one website/app that needs it.
And unfortunately, it doesn't work in the Internet Explorer Mode of Edge :cry:
Probably because of the needed ActiveX.
 
Last edited:

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
Working from home with my own device is not only exhausting for me but my laptop suffers also :D
I had the feeling that sometimes it couldn't keep up (black spots, problems with hardware acceleration on an old Intel GPU?)
Adding Process Lasso solved that for me. I had a license but didn't use it for a long time.
See my ProBalance Insights:
Schermafbeelding 2021-02-01 201955.jpg
 

silversurfer

Level 75
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,438
Working from home with my own device is not only exhausting for me but my laptop suffers also :D
I had the feeling that sometimes it couldn't keep up (black spots, problems with hardware acceleration on an old Intel GPU?)
Adding Process Lasso solved that for me. I had a license but didn't use it for a long time.
See my ProBalance Insights:
View attachment 253704

What is the latest version of CPU Balance?
I got the installer for v1.0.0.92 from the Homepage

 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
What is the latest version of CPU Balance?
I got the installer for v1.0.0.92 from the Homepage

I think you have the latest version.
Revision History:

v1.0.0.92 – Latest Governor
I use Process Lasso latest beta.

Latest Versions​

Process Lasso v9.8.7 - 11/20/20 (changes)
Process Lasso v9.9.4 BETA - 01/31/21 (changes)
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
Working from home with my own device is not only exhausting for me but my laptop suffers also :D
I had the feeling that sometimes it couldn't keep up (black spots, problems with hardware acceleration on an old Intel GPU?)
Adding Process Lasso solved that for me. I had a license but didn't use it for a long time.
See my ProBalance Insights:
View attachment 253704
Remember those problems I had?
Microsoft Defender caused them by being too heavy for my ancient laptop :cry:
Now with Kaspersky Security Cloud Free and don't have those problems anymore and so I removed Process Lasso and cleaned my config.
Still in contact with NeuShield (Data Sentinel), but I don't know if they are compatible with Kaspersky and if it is still needed :unsure:
 

blackice

Level 33
Verified
Apr 1, 2019
2,206
Remember those problems I had?
Microsoft Defender caused them by being too heavy for my ancient laptop :cry:
Now with Kaspersky Security Cloud Free and don't have those problems anymore and so I removed Process Lasso and cleaned my config.
Still in contact with NeuShield (Data Sentinel), but I don't know if they are compatible with Kaspersky and if it is still needed :unsure:
MD is always great until it isn’t, like when it causes inexplicable issues. I like running stock without concerns for 3rd party update compatibility, but they even screw that up sometimes.
 

ErzCrz

Level 10
Verified
Aug 19, 2019
454
Remember those problems I had?
Microsoft Defender caused them by being too heavy for my ancient laptop :cry:
Now with Kaspersky Security Cloud Free and don't have those problems anymore and so I removed Process Lasso and cleaned my config.
Still in contact with NeuShield (Data Sentinel), but I don't know if they are compatible with Kaspersky and if it is still needed :unsure:
My laptop is old and suffers sometimes with WD so I've been just using Comodo IS with Proactive and CS tweaks. Runs a bit quicker now though hips can be a bit noisy when updating odd bits of software. Oh and occasionally using FF when chromium edge is going a bit slow. Anyway, glad you found a solution that works for you.
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
5400 RPM is very slow (7200 is fastest for HDDs) so keep that in mind.
I know. It's only for storage.
When I buy a new laptop, I would go for an all-SSD config.
Unfortunately, I have revived my laptop, so that will not be any time soon... we will be "getting" a new bathroom next month. No more money left :eek:
 
Top