Advanced Plus Security Gandalf_The_Grey's Security Config 2021

Last updated
Dec 21, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 11
OS edition
Pro
Login security
    • Password-less (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
Third-party router
Real-time protection
Microsoft Defender Antivirus
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Microsoft Defender Antivirus
  • ConfigureDefender 3.0.1.0: High settings
  • Simple Windows Hardening 1.0.1.0: Basic Recommended Settings and restrict SMB123
  • DocumentsAntiExploit 2.0.0.0: MS Office ON2
  • Controlled Folder Access: enabled
  • Core Isolation: Memory Integrity enabled
Windows 11 Pro
  • O&O ShutUp10++: almost all recommended settings...
  • O&O AppBuster: uninstalled apps I don't want or need
  • Samsung Magician: Full Performance Mode
  • Bitsum Process Lasso Pro: ProBalance enabled
Foxit PDF Reader
  • Protected View for all files, Safe Reading Mode enabled, JavaScript disabled
Malware testing
No malware samples
Periodic security scanners
HitmanPro and AdwCleaner (for the kids)
Secure DNS
From ISP (Ziggo)
VPN
AdGuard VPN
Password manager
Bitwarden browser extension
Browsers, Search and Addons
Microsoft Edge using Google search with uBlock Origin, Bitdefender TrafficLight, Bitwarden and Microsoft Editor as extensions
Maintenance and Cleaning
Autoruns, CCleaner, Disk Cleanup, PrivaZer, PatchMyPC, SUMo and Driver Easy
Personal Files & Photos backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
Personal backup routine
Automatic (scheduled)
Device recovery & backup
Windows system image
Device backup routine
Manual (maintained by self)
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Emails. 
  4. Shopping. 
  5. Banking. 
  6. Downloading software. 
  7. Remote assistance. 
  8. Multimedia. 
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Personal changelog
2020.12.29 Filled the new fields
2020.12.30 installed Ziggo Safe Online
2021.01.04 back to Microsoft Defender with Hard_Configurator and added SpywareBlaster
2021.01.06 removed SpywareBlaster and went with stronger H_C -setup
2021.02.01 back to simpler setup with ConfigureDefender and Simple Windows hardening. Added Process Lasso
2021.02.08 Filled the new fields, no changes to config
2021.02.12 Microsoft Defender caused problems, back to KSCF and removed Process Lasso
2021.03.03 Update Kaspersky Security Cloud Free to the latest version, removed HitmanPro and enabled Microsoft Defender periodic scanning.
2021.03.28 back to Microsoft Defender Antivirus
2021.04.25 back to Ziggo Safe Online
2021.05.03 back to Microsoft Defender Antivirus
2021.05.07 switched from the uBlock Origin to the AdGuard extension
2021.10.04 back to Ziggo Safe Online and uBlock Origin
2021.10.05 back to the AdGuard extension
2021.10.13 upgraded to Windows 11 and back to uBlock Origin
2021.10.24 back to Microsoft Defender enhanced by DefenderUI Pro
2021.10.26 back to Kaspersky Security Cloud Free and Simple Windows Hardening
2021.11.06 back to Ziggo Safe Online by F-Secure
2021.11.10 removed Simple Windows Hardening and added VoodooShield
2021.11.16 testing DefenderUI Free with the latest Voodooshield beta
2021.11.30 back to Ziggo Safe Online
2021.12.21 optimized system with Samsung Magician and Bitsum Process Lasso Pro and back to Windows built-in security
Feedback Response

Most critical feedback

F

ForgottenSeer 85179

They block 232 cookies:
[*.]e-plus.cc
[*.]100hot.com
[*.]101webstats.com
[*.]123count.com
[*.]123counts.com
[*.]247media.com
[*.]247realmedia.com
[*.]7adpower.com
[*.]7search.com
[*.]8ad.com
[*.]911promotion.com
[*.]acecounter.com
[*.]activemeter.com
[*.]ad-flow.com
[*.]ad-logics.com
[*.]adbrite.com
[*.]adbureau.com
[*.]adbutler.com
[*.]addynamix.com
[*.]adengage.com
[*.]adforce.com
[*.]adhostingsolutions.com
[*.]adinterax.com
[*.]adjuggler.com
[*.]adlegend.com
[*.]adminder.com
[*.]admodus.com
[*.]admonitor.com
[*.]adorigin.com
[*.]adrevolver.com
[*.]ads360.com
[*.]adserver.com
[*.]adservingcentral.com
[*.]advertising.com
[*.]advertserve.com
[*.]adviva.com
[*.]affiliatefuel.com
[*.]aggregateknowledge.com
[*.]atdmt.com
[*.]aureate.com
[*.]bankads.com
[*.]bfast.com
[*.]bluestreak.com
[*.]bpath.com
[*.]bridgetrack.com
[*.]brilliantdigital.com
[*.]burstmedia.com
[*.]burstnet.com
[*.]casalemedia.com
[*.]centrport.com
[*.]cj.com
[*.]click2net.com
[*.]clickagents.com
[*.]clickfinders.com
[*.]comclick.com
[*.]cometcursor.com
[*.]cometcursors.com
[*.]commission-junction.com
[*.]commissionpartner.com
[*.]coremetrics.com
[*.]counted.com
[*.]cpxinteractive.com
[*.]dbbsrv.com
[*.]directnetadvertising.com
[*.]directtrack.com
[*.]doubleclick.com
[*.]ebch.com
[*.]ebdv.com
[*.]ebdw.com
[*.]ebjp.com
[*.]ebkn.com
[*.]ebky.com
[*.]eblv.com
[*.]ebvr.com
[*.]ecwz.com
[*.]ecyb.com
[*.]eduy.com
[*.]eeev.com
[*.]engage.com
[*.]ads.enliven.com
[*.]epilot.com
[*.]euniverseads.com
[*.]ezhits4u.com
[*.]falkag.com
[*.]fastadvert.com
[*.]fastclick.com
[*.]findwhat.com
[*.]flycast.com
[*.]flyswat.com
[*.]focalink.com
[*.]gator.com
[*.]gatoradvertisinginformationnetwork.com
[*.]goclick.com
[*.]hightrafficads.com
[*.]hitbox.com
[*.]hitboxcentral.com
[*.]hitslink.com
[*.]hotnaughtywives.com
[*.]ibmx.com
[*.]icwb.com
[*.]icwo.com
[*.]icwp.com
[*.]iddh.com
[*.]idhh.com
[*.]ifiz.com
[*.]iguu.com
[*.]infinite-ads.com
[*.]internetfuel.com
[*.]link4ads.com
[*.]linkbuddies.com
[*.]linksynergy.com
[*.]lop.com
[*.]mainentrypoint.com
[*.]marketscore.com
[*.]matchcraft.com
[*.]mediaplex.com
[*.]narrowcastmedia.com
[*.]offshoreclicks.com
[*.]opentracker.com
[*.]overture.com
[*.]oxcash.com
[*.]paycounter.com
[*.]paypopup.com
[*.]pointroll.com
[*.]popupsponsor.com
[*.]popuptraffic.com
[*.]porntrack.com
[*.]porntracker.com
[*.]preferences.com
[*.]pstats.com
[*.]qksrv.com
[*.]questionmarket.com
[*.]radiate.com
[*.]realtracker.com
[*.]res99.com
[*.]roispy.com
[*.]ru4.com
[*.]s005-01-4-11-234545-68181.com
[*.]samz.com
[*.]saoe.com
[*.]sbjr.com
[*.]sbnl.com
[*.]sbnt.com
[*.]sbvr.com
[*.]scbm.com
[*.]sckr.com
[*.]scrk.com
[*.]sdry.com
[*.]seld.com
[*.]sex-in-www.com
[*.]sexlist.com
[*.]sextracker.com
[*.]sfux.com
[*.]sheat.com
[*.]sipo.com
[*.]smartadserver.com
[*.]smartclicks.com
[*.]smds.com
[*.]specificpop.com
[*.]spermatrix.com
[*.]spylog.com
[*.]srib.com
[*.]srox.com
[*.]srsf.com
[*.]ssaw.com
[*.]ssby.com
[*.]surj.com
[*.]targetnet.com
[*.]tbvg.com
[*.]tdak.com
[*.]tdko.com
[*.]tefs.com
[*.]tfil.com
[*.]thko.com
[*.]torc.com
[*.]track-star.com
[*.]tradedoubler.com
[*.]trafficmarketplace.com
[*.]trafficmp.com
[*.]trafficsupport.com
[*.]tribalfusion.com
[*.]utopiad.com
[*.]valuead.com
[*.]valueclick.com
[*.]wbkb.com
[*.]webads.com
[*.]webtrendslive.com
[*.]wegcash.com
[*.]wfix.com
[*.]wflu.com
[*.]xxxcounter.com
[*.]xxxtoolbar.com
[*.]yieldmanager.com
[*.]zedo.com
[*.]adbutler.de
[*.]adtech.de
[*.]falkag.de
[*.]partnercash.de
[*.]realmedia.fr
[*.]valueclick.ne.jp
[*.]2o7.net
[*.]adbutler.net
[*.]admonitor.net
[*.]ads360.net
[*.]adtrak.net
[*.]adviva.net
[*.]bannerbank.net
[*.]centrport.net
[*.]cometcursor.net
[*.]cometcursors.net
[*.]commission-junction.net
[*.]coremetrics.net
[*.]directnetadvertising.net
[*.]doubleclick.net
[*.]fastclick.net
[*.]hyperbanner.net
[*.]mainentrypoint.net
[*.]marketscore.net
[*.]opentracker.net
[*.]qksrv.net
[*.]realtracker.net
[*.]revenue.net
[*.]smartclicks.net
[*.]specificclick.net
[*.]targetnet.net
[*.]trafficvenue.net
[*.]trakkerd.net
[*.]valueclick.net
[*.]wegcash.net
[*.]falkag.org
[*.]hotlog.ru
[*.]doubleclick.co.uk
These are third party cookies aren't they?
So why not simple block all of them instead of using a (not completely) blacklist?
 

Gandalf_The_Grey

Level 59
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,865
IE is EoL anyway and should be uninstalled so this protection doesn't do anything but legacy, unneeded stuff.

Didn't you already uninstall old IE?
Yes, but I had to reinstall it because I needed it for work.
We have one website/app that needs it.
And unfortunately, it doesn't work in the Internet Explorer Mode of Edge :cry:
Probably because of the needed ActiveX.
 
Last edited:

Gandalf_The_Grey

Level 59
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,865
Removed SpywareBlaster and made my config a little stronger with Hard_Configurator recommended settings including FirewallHardening but removed the mshta.exe rule because that is needed for our wireless HP OfficeJet Pro 9015.
 

Gandalf_The_Grey

Level 59
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,865
Working from home with my own device is not only exhausting for me but my laptop suffers also :D
I had the feeling that sometimes it couldn't keep up (black spots, problems with hardware acceleration on an old Intel GPU?)
Adding Process Lasso solved that for me. I had a license but didn't use it for a long time.
See my ProBalance Insights:
Schermafbeelding 2021-02-01 201955.jpg
 

silversurfer

Level 83
Verified
Helper
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
7,302
Working from home with my own device is not only exhausting for me but my laptop suffers also :D
I had the feeling that sometimes it couldn't keep up (black spots, problems with hardware acceleration on an old Intel GPU?)
Adding Process Lasso solved that for me. I had a license but didn't use it for a long time.
See my ProBalance Insights:
View attachment 253704

What is the latest version of CPU Balance?
I got the installer for v1.0.0.92 from the Homepage

 

Gandalf_The_Grey

Level 59
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,865
What is the latest version of CPU Balance?
I got the installer for v1.0.0.92 from the Homepage

I think you have the latest version.
Revision History:

v1.0.0.92 – Latest Governor
I use Process Lasso latest beta.

Latest Versions​

Process Lasso v9.8.7 - 11/20/20 (changes)
Process Lasso v9.9.4 BETA - 01/31/21 (changes)
 

Gandalf_The_Grey

Level 59
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,865
Working from home with my own device is not only exhausting for me but my laptop suffers also :D
I had the feeling that sometimes it couldn't keep up (black spots, problems with hardware acceleration on an old Intel GPU?)
Adding Process Lasso solved that for me. I had a license but didn't use it for a long time.
See my ProBalance Insights:
View attachment 253704
Remember those problems I had?
Microsoft Defender caused them by being too heavy for my ancient laptop :cry:
Now with Kaspersky Security Cloud Free and don't have those problems anymore and so I removed Process Lasso and cleaned my config.
Still in contact with NeuShield (Data Sentinel), but I don't know if they are compatible with Kaspersky and if it is still needed :unsure:
 

blackice

Level 36
Verified
Top poster
Well-known
Apr 1, 2019
2,535
Remember those problems I had?
Microsoft Defender caused them by being too heavy for my ancient laptop :cry:
Now with Kaspersky Security Cloud Free and don't have those problems anymore and so I removed Process Lasso and cleaned my config.
Still in contact with NeuShield (Data Sentinel), but I don't know if they are compatible with Kaspersky and if it is still needed :unsure:
MD is always great until it isn’t, like when it causes inexplicable issues. I like running stock without concerns for 3rd party update compatibility, but they even screw that up sometimes.
 

ErzCrz

Level 11
Verified
Top poster
Well-known
Aug 19, 2019
534
Remember those problems I had?
Microsoft Defender caused them by being too heavy for my ancient laptop :cry:
Now with Kaspersky Security Cloud Free and don't have those problems anymore and so I removed Process Lasso and cleaned my config.
Still in contact with NeuShield (Data Sentinel), but I don't know if they are compatible with Kaspersky and if it is still needed :unsure:
My laptop is old and suffers sometimes with WD so I've been just using Comodo IS with Proactive and CS tweaks. Runs a bit quicker now though hips can be a bit noisy when updating odd bits of software. Oh and occasionally using FF when chromium edge is going a bit slow. Anyway, glad you found a solution that works for you.
 

Gandalf_The_Grey

Level 59
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,865
5400 RPM is very slow (7200 is fastest for HDDs) so keep that in mind.
I know. It's only for storage.
When I buy a new laptop, I would go for an all-SSD config.
Unfortunately, I have revived my laptop, so that will not be any time soon... we will be "getting" a new bathroom next month. No more money left :eek: