Latest Changes
Jun 2, 2019
Operating System
  • Windows 10
  • Windows Edition
    Pro
    Build Version
    Version 1903 OS Build 18362.145
    System Architecture
    64-bit
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Always Notify
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Administrator
    Sign-in Accounts
    Malware Testing
    None - No Malware on host PC or VM
    Real-time Web & Malware Protection
    Windows Defender and Hard Configurator Beta 4..0.1.0
    Custom Settings For Real-Time Protection
    Custom - Major changes for Increased Security
    Custom Settings For Real-Time Protection Details
    Removed Internet Explorer 11.
    Hard_Configurator Beta 4.0.1.0 with Windows 10 Recommended Enhanced profile.
    ConfigureDefender 2.0.0.1 at High protection level.
    FirewallHardening 1.0.0.0 added Recommended H_C.
    Exploit Protection for Edge Dev (App & Browser Control of Windows Defender).

    I enabled Windows Defender Sandbox by running:
    Code:
    setx /M MP_FORCE_USE_SANDBOX 1
    Virus and Malware Removal Tools
    HitmanPro, Zemana AntiMalware and AdwCleaner (for the kids)
    Browsers and Extensions
    Microsoft Edge Dev with uBlock Origin and Bitwarden
    Microsoft Edge with AdGuard and Bitwarden
    Web Privacy
    uBlock Origin or AdGuard
    Password Manager
    Bitwarden
    Web Search
    Google
    System Utilities
    O&O ShutUp10, UnPlug n' Pray, Root Certificate Check, Patch My PC, Autoruns, Privacy Eraser, PrivaZer and Disk Cleanup
    Data Backup
    OneDrive, File History
    Frequency of Data backups
    Always-on Sync
    System Backup
    Windows system image
    Frequency of System backups
    Occasionally
    Computer Activity
  • Online banking
  • Browsing web and email
  • Watch movies and other entertainment content on the Internet
  • Shared device is used by family members
  • Office and work related tasks
  • Video or photography editing
  • Computer Specifications
    Acer Aspire VN7-791G-576X
    Intel Core i5-4210H
    Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
    Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
    Samsung SSD 850 EVO M.2 250GB
    Seagate HDD ST1000LM014-1EJ164 1TB
    Realtek High Definition Audio

    Gandalf_The_Grey

    Level 18
    Verified
    Windows Defender blocked the safe links feature of outlook.com :mad:
    So I'm back to Kaspersky free antivirus with the performance tweaks from @Evjl's Rain and don't decrypt EV certificates.
    Keeping the latest Hard Configurator Beta with Windows 10 Recommended Enhanced profile.
    Still not decided between CCleaner Pro and PrivaZer Donors version, but slowly using PrivaZer more and more (y)
     

    Moonhorse

    Level 26
    Content Creator
    Verified
    Windows Defender blocked the safe links feature of outlook.com :mad:
    So I'm back to Kaspersky free antivirus with the performance tweaks from @Evjl's Rain and don't decrypt EV certificates.
    Keeping the latest Hard Configurator Beta with Windows 10 Recommended Enhanced profile.
    Still not decided between CCleaner Pro and PrivaZer Donors version, but slowly using PrivaZer more and more (y)
    213808


    :emoji_thinking: For me kaspersky does block it, and this is with harlans settings (cloud)
     

    Gandalf_The_Grey

    Level 18
    Verified
    I did a reset / clean install on my laptop with windows 10 1903 and I'm going for an almost all Microsoft config.
    Office 365 Home installed through the Microsoft Store.
    Edge Dev as daily browser with uBlock Origin and LastPass.
    Foxit Reader for PDF with Protected View for all files, JavaScript disabled and Safe Reading Mode enabled.
    Bandizip for handeling zip files while keeping the mark of the web.
    PrivaZer as cleaner. They will support the new Chromium based Edge as soon as there is a stable version.
     

    Gandalf_The_Grey

    Level 18
    Verified
    Hi Gandalf thanks for sharing your config. It looks good! I saw FirewallHardening 1.0.0.0 what is this exactly, but more important, where can you download it?
    Hi Mr.Wave Thank you (y)
    FirewallHardening is a new toy from @Andy Ful and will probably be integrated in Hard_Configurator.
    Info about this tool is on the last 3 pages of the Hard_Configurator thread, starting here: Discuss - Hard_Configurator - Windows Hardening Configurator
    You can also download it from here: AndyFul/Hard_Configurator
     

    oldschool

    Level 29
    Verified
    I did a reset / clean install on my laptop with windows 10 1903 and I'm going for an almost all Microsoft config.
    Office 365 Home installed through the Microsoft Store.
    Edge Dev as daily browser with uBlock Origin and LastPass.
    Foxit Reader for PDF with Protected View for all files, JavaScript disabled and Safe Reading Mode enabled.
    Bandizip for handeling zip files while keeping the mark of the web.
    PrivaZer as cleaner. They will support the new Chromium based Edge as soon as there is a stable version.
    Very nice setup. I may have to ditch Wise when Privacy Eraser brings support for Edge Chromium. I had trouble adjusting to its UI, but I may need to give it more time. I wish they'd bring a "clear all browsing data on exit" feature to new Edge. You'd think they would since its in old version.
     

    Gandalf_The_Grey

    Level 18
    Verified
    Thanks Kees @Windows_Security for the mentioning of Exploit Protection for Edge Dev (to be used only if you don't use an Anti-Virus, Anti-Exploit or AdBlocker which injects its code (a DLL) into the browser) (y)

    Very nice setup. I may have to ditch Wise when Privacy Eraser brings support for Edge Chromium. I had trouble adjusting to its UI, but I may need to give it more time. I wish they'd bring a "clear all browsing data on exit" feature to new Edge. You'd think they would since its in old version.
    Thanks, I sent an email to The PrivaZer Team asking if they would support Edge Dev and they replied:
    As soon as there is an official release of Chrome based Edge.
    Not sure we will support dev channel.
    But I think and hope that other cleaners will do the same.

    Is the option "Keep local data only until you quit your browser" not the same as "clear all browsing data on exit"?
     

    Mr.Wave

    Level 17
    Hi Mr.Wave Thank you (y)
    FirewallHardening is a new toy from @Andy Ful and will probably be integrated in Hard_Configurator.
    Info about this tool is on the last 3 pages of the Hard_Configurator thread, starting here: Discuss - Hard_Configurator - Windows Hardening Configurator
    You can also download it from here: AndyFul/Hard_Configurator
    Graag gedaan landgenoot! And thank you for the links! I guess with all those toys that @Andy Ful created you can feel very safe on a windows native security setup! One more thing to say to the bad guys then ;

    You-Shall-Not-Pass-Image.png
     

    Gandalf_The_Grey

    Level 18
    Verified
    Graag gedaan landgenoot! And thank you for the links! I guess with all those toys that @Andy Ful created you can feel very safe on a windows native security setup! One more thing to say to the bad guys then ;

    View attachment 214181
    Yes, it's great to have a native windows security setup and being able to not have to rely on third party security programs.
    A good security config is a delicate balance, between adding layers and overkill.
    Also through participating in those threads, asking questions I learned a lot about windows native security mechanisms.
    I can't thank @Andy Ful @Windows_Security (andere landgenoot) @shmu26 and all the other members participating enough.
    Still learning every day (y)
     

    oldschool

    Level 29
    Verified
    Also through participating in those threads, asking questions I learned a lot about windows native security mechanisms.
    I can't thank @Andy Ful @Windows_Security (andere landgenoot) @shmu26 and all the other members participating enough.
    Still learning every day (y)
    Precisely my experience and the reason for following/participating in that thread. We owe much to those with more experience! (y)
     

    Gandalf_The_Grey

    Level 18
    Verified
    Re-added O&O ShutUp10 .
    Removed LastPass
    Added Bitwarden
    Bitwarden seems too be more trusted nowadays and trust matters when using a password manager.
    Exporting form LastPass and importing in Bitwarden went great with the recommended LastPass Pocket application:
    There are known bugs (for years now) with the LastPass exporter regarding special characters such as the ampersand (&), the greater than sign (>), and the less than sign (<). The LastPass exporter may change (HTML encode) these and possibly other special characters in your passwords to their respective HTML encoded values (ex. &amp;, &gt;, and &lt;). If this LastPass bug affects your exported data you should use a text editor (such as Notepad) to find and replace all of these values before importing into Bitwarden. For example, you may want to do a find and replace for &amp; → & and &lt; → <).
    Alternatively, you can use the LastPass Pocket application to export your CSV data. The LastPass Pocket application does not appear to be affected by these bugs.
    I enabled Windows Defender Sandbox by running:
    Code:
    setx /M MP_FORCE_USE_SANDBOX 1
     
    Last edited: