SECURITY: Complete Gandalf_The_Grey's Security Config 2021

Last updated
Oct 24, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 11
OS edition
Home
Login security
    • Password-less (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
Third-party router
Real-time protection
Microsoft Defender Antivirus
DefenderUI Pro 0.95 beta
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
DefenderUI Pro 0.95 beta
Started with Recommended Profile, enabled light mode, enabled CFA, blocked notifications for recent activity and threats found that don't need immediate action
Windows 11
Memory Integrity enabled
Foxit PDF Reader 11.1.0.52543
Protected View for all files, Safe Reading Mode enabled, JavaScript disabled
Malware testing
No malware samples
Periodic security scanners
HitmanPro and AdwCleaner (for the kids)
Secure DNS
From ISP (Ziggo)
VPN
AdGuard VPN (seldom used)
Password manager
Bitwarden extension
Browsers, Search and Addons
Microsoft Edge with uBlock Origin, Bitwarden, Bitdefender TrafficLight and Microsoft Editor
Maintenance and Cleaning
Autoruns, CCleaner, Disk Cleanup, PatchMyPC and SUMo
Personal Files & Photos backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
Personal backup routine
Automatic (scheduled)
Device recovery & backup
Windows system image
Device backup routine
Manual (maintained by self)
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Emails. 
  4. Shopping. 
  5. Banking. 
  6. Multimedia. 
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Personal changelog
2020.12.29 Filled the new fields
2020.12.30 installed Ziggo Safe Online
2021.01.04 back to Microsoft Defender with Hard_Configurator and added SpywareBlaster
2021.01.06 removed SpywareBlaster and went with stronger H_C -setup
2021.02.01 back to simpler setup with ConfigureDefender and Simple Windows hardening. Added Process Lasso
2021.02.08 Filled the new fields, no changes to config
2021.02.12 Microsoft Defender caused problems, back to KSCF and removed Process Lasso
2021.03.03 Update Kaspersky Security Cloud Free to the latest version, removed HitmanPro and enabled Microsoft Defender periodic scanning.
2021.03.28 back to Microsoft Defender Antivirus
2021.04.25 back to Ziggo Safe Online
2021.05.03 back to Microsoft Defender Antivirus
2021.05.07 switched from the uBlock Origin to the AdGuard extension
2021.10.04 back to Ziggo Safe Online and uBlock Origin
2021.10.05 back to the AdGuard extension
2021.10.13 upgraded to Windows 11 and back to uBlock Origin
2021.10.24 back to Microsoft Defender enhanced by DefenderUI Pro
Feedback Response

Most critical feedback

blackice

Level 33
Verified
Apr 1, 2019
2,206
Priorities! Btw, smart choice. (y)
thrive love & hip hop GIF by Robert E Blackmon
I was going to say the same thing! That’s an upgrade you won’t regret.
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
Solved my issue with black spots etc.

It turned out that I had some time ago enabled the high-performance settings for some apps and they used the NVIDIA GeForce GTX 860M card.
After turning that off all programs are now using the built-in Intel HD Graphics 4600 and no more graphical anomalies occur. (y)
All this troubleshooting also showed that the Samsung SSD 850 EVO was showing elevated temperatures.

A clean install of Windows 10, adding back the Acer Quick Access program to enable CoolBoost and enabling RAPID mode in Samsung Magician brought the temperatures down.
The Acer Coolboost application is designed to improve system cooling by increasing the fan speed during heavy use.
Found the latest Acer Quick Access especially signed for Windows 10 on the support page of a newer Acer laptop and that version will be (and is) automatically updated through the Windows store. No risk for running an outdated version anymore.

So, back once again to built-in security configured by Andy's tools.
 
Last edited:

Divine_Barakah

Level 27
Verified
May 10, 2019
1,616
Found the latest Acer Quick Access especially signed for Windows 10 on the support page of a newer Acer laptop and that version will be (and is) automatically updated through the Windows store. No risk for running an outdated version anymore.
Does it work with specific Acer laptop models? If it works on all Acer laptops I would appreciate it if you share the link to download it. Thank you.
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
Does it work with specific Acer laptop models? If it works on all Acer laptops I would appreciate it if you share the link to download it. Thank you.
I think it works only with some Acer laptops like the Nitro series that are advertised with CoolBoost, but you can always try...
I went to the support page of the latest Nitro AN515-55 and downloaded the latest Quick Access Application (version 3.00.3014 ).
It is under "Application" at this page:

Acer Quick Access.png
 
Last edited:

Divine_Barakah

Level 27
Verified
May 10, 2019
1,616

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
My mother-in-law had some problems with her laptop.
She uses KPN Veilig (a F-Secure SAFE rebrand from her ISP KPN) so I installed Ziggo Safe Online (a F-Secure SAFE rebrand from my ISP Ziggo) on my laptop to see if that could be the cause. That software change caused absolutely no problems for me, and I quite like it.

In the thread of the (now deleted?) review done by the (now deleted?) user @McMcbrad we came the conclusion that the Simple Windows Hardening tool from @Andy Ful is a great companion that adds protection especially against Java malware (by not allowing it to run).

So, for the time being this is my new combo: Ziggo Safe Online and Simple Windows Hardening.
Safe and Simple :D

The recent DNS discussions reminded me to add Quad9 DNS to my router to protect all devices in my household.
 

SecureKongo

Level 22
Verified
Feb 25, 2017
1,161
My mother-in-law had some problems with her laptop.
She uses KPN Veilig (a F-Secure SAFE rebrand from her ISP KPN) so I installed Ziggo Safe Online (a F-Secure SAFE rebrand from my ISP Ziggo) on my laptop to see if that could be the cause. That software change caused absolutely no problems for me, and I quite like it.

In the thread of the (now deleted?) review done by the (now deleted?) user @McMcbrad we came the conclusion that the Simple Windows Hardening tool from @Andy Ful is a great companion that adds protection especially against Java malware (by not allowing it to run).

So, for the time being this is my new combo: Ziggo Safe Online and Simple Windows Hardening.
Safe and Simple :D

The recent DNS discussions reminded me to add Quad9 DNS to my router to protect all devices in my household.
I think Simple Windows Hardening is a great companion for every AV, not only F-Secure aka. Ziggo. AV + SWH is pretty much all you need imo. It doesn't intervene in the protection of the AV unlike many "compatible" Anti-Malware solutions.
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
Oh great Gandalf the Wise,

Can you compare Trend Micro HomeCare with Sophos XG home or PFSense? Or is HomeCare just offering basic functions?
IMO it just offers basic functions, but every layer helps (y)
More info:
 

Zartarra

Level 4
May 9, 2019
188
IMO it just offers basic functions, but every layer helps (y)
More info:
Thanks for the info.
 

Morro

Level 11
Verified
Jul 8, 2012
549
I just had big problems connecting to internet, maybe caused by a bad update from F-Secure... :unsure:
So, (sorry @Morro) Ziggo Safe Online is uninstalled and back (again) to Microsoft Defender Antivirus enhanced by Andy's tools.
No more connection problems (y)

LoL thanks for the warning, I will keep an eye on it, if it happens to me as well I will return to KSC Free. :)
 

Gandalf_The_Grey

Level 51
Verified
Trusted
Content Creator
Apr 24, 2016
4,003
Google was driving me nuts with consent popups and YouTube video pauses.
ublock Origin while using AdGuard's annoyances filter didn't block/solve that.
With the AdGuard extension no more Google annoyances (y)

In the test discussed here: Q&A - Evaluate your content blocker with Ad Block Tester AdGuard (with optimized filters didn't get 100%.
Enabling the EasyPrivacy filter took care of that and in the filter logs you can clearly see it doing its work.

I have the following eight filters enabled:
AdGuard Base filter, AdGuard Tracking Protection filter, EasyPrivacy, AdGuard Social Media filter, AdGuard Annoyances filter, AdGuard Dutch filter and from Yuki2718: AdGuard Social media Plus and AdGuard Tracking Protection Plus
By using optimized filters, I have now 70106 rules.
 
Top