Latest Changes
Jun 2, 2019
Operating System
Windows 10
Windows Edition
Pro
Build
Version 1903 OS Build 18362.145
System Architecture
64-bit OS
Security Updates
Automatic Updates - All security and feature updates
User Access Control
Always Notify
Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
None - No Malware on host PC or VM
Real-time Web & Malware Protection
Windows Defender and Hard Configurator Beta 4..0.1.0
Custom Settings For Real-Time Protection
Custom - Major changes for Increased Security
Custom Settings For Real-Time Protection Details
Removed Internet Explorer 11.
Hard_Configurator Beta 4.0.1.0 with Windows 10 Recommended Enhanced profile.
ConfigureDefender 2.0.0.1 at High protection level.
FirewallHardening 1.0.0.0 added Recommended H_C.
Exploit Protection for Edge Dev (App & Browser Control of Windows Defender).

I enabled Windows Defender Sandbox by running:
Code:
setx /M MP_FORCE_USE_SANDBOX 1
Virus and Malware Removal Tools
HitmanPro, Zemana AntiMalware and AdwCleaner (for the kids)
Browsers and Extensions
Microsoft Edge Dev with uBlock Origin and Bitwarden
Microsoft Edge with AdGuard and Bitwarden
Web Privacy
uBlock Origin or AdGuard
Password Manager
Bitwarden
Web Search
Google
System Utilities
O&O ShutUp10, UnPlug n' Pray, Root Certificate Check, Patch My PC, Autoruns, Privacy Eraser, PrivaZer and Disk Cleanup
Data Backup
OneDrive, File History
Frequency of Data backups
Always-on Sync
System Backup
Windows system image
Frequency of System backups
Occasionally
Computer Activity
Online banking
Browsing web and email
Watch movies and other entertainment content on the Internet
Shared device is used by family members
Office and work related tasks
Video or photography editing
Computer Specifications
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio

Gandalf_The_Grey

Level 18
Verified
Windows Defender blocked the safe links feature of outlook.com :mad:
So I'm back to Kaspersky free antivirus with the performance tweaks from @Evjl's Rain and don't decrypt EV certificates.
Keeping the latest Hard Configurator Beta with Windows 10 Recommended Enhanced profile.
Still not decided between CCleaner Pro and PrivaZer Donors version, but slowly using PrivaZer more and more (y)
 

Moonhorse

Level 26
Content Creator
Verified
Windows Defender blocked the safe links feature of outlook.com :mad:
So I'm back to Kaspersky free antivirus with the performance tweaks from @Evjl's Rain and don't decrypt EV certificates.
Keeping the latest Hard Configurator Beta with Windows 10 Recommended Enhanced profile.
Still not decided between CCleaner Pro and PrivaZer Donors version, but slowly using PrivaZer more and more (y)
213808


:emoji_thinking: For me kaspersky does block it, and this is with harlans settings (cloud)
 

Gandalf_The_Grey

Level 18
Verified
I did a reset / clean install on my laptop with windows 10 1903 and I'm going for an almost all Microsoft config.
Office 365 Home installed through the Microsoft Store.
Edge Dev as daily browser with uBlock Origin and LastPass.
Foxit Reader for PDF with Protected View for all files, JavaScript disabled and Safe Reading Mode enabled.
Bandizip for handeling zip files while keeping the mark of the web.
PrivaZer as cleaner. They will support the new Chromium based Edge as soon as there is a stable version.
 

Gandalf_The_Grey

Level 18
Verified
Hi Gandalf thanks for sharing your config. It looks good! I saw FirewallHardening 1.0.0.0 what is this exactly, but more important, where can you download it?
Hi Mr.Wave Thank you (y)
FirewallHardening is a new toy from @Andy Ful and will probably be integrated in Hard_Configurator.
Info about this tool is on the last 3 pages of the Hard_Configurator thread, starting here: Discuss - Hard_Configurator - Windows Hardening Configurator
You can also download it from here: AndyFul/Hard_Configurator
 

oldschool

Level 28
Verified
I did a reset / clean install on my laptop with windows 10 1903 and I'm going for an almost all Microsoft config.
Office 365 Home installed through the Microsoft Store.
Edge Dev as daily browser with uBlock Origin and LastPass.
Foxit Reader for PDF with Protected View for all files, JavaScript disabled and Safe Reading Mode enabled.
Bandizip for handeling zip files while keeping the mark of the web.
PrivaZer as cleaner. They will support the new Chromium based Edge as soon as there is a stable version.
Very nice setup. I may have to ditch Wise when Privacy Eraser brings support for Edge Chromium. I had trouble adjusting to its UI, but I may need to give it more time. I wish they'd bring a "clear all browsing data on exit" feature to new Edge. You'd think they would since its in old version.
 

Gandalf_The_Grey

Level 18
Verified
Thanks Kees @Windows_Security for the mentioning of Exploit Protection for Edge Dev (to be used only if you don't use an Anti-Virus, Anti-Exploit or AdBlocker which injects its code (a DLL) into the browser) (y)

Very nice setup. I may have to ditch Wise when Privacy Eraser brings support for Edge Chromium. I had trouble adjusting to its UI, but I may need to give it more time. I wish they'd bring a "clear all browsing data on exit" feature to new Edge. You'd think they would since its in old version.
Thanks, I sent an email to The PrivaZer Team asking if they would support Edge Dev and they replied:
As soon as there is an official release of Chrome based Edge.
Not sure we will support dev channel.
But I think and hope that other cleaners will do the same.

Is the option "Keep local data only until you quit your browser" not the same as "clear all browsing data on exit"?
 

Mr.Wave

Level 17
Hi Mr.Wave Thank you (y)
FirewallHardening is a new toy from @Andy Ful and will probably be integrated in Hard_Configurator.
Info about this tool is on the last 3 pages of the Hard_Configurator thread, starting here: Discuss - Hard_Configurator - Windows Hardening Configurator
You can also download it from here: AndyFul/Hard_Configurator
Graag gedaan landgenoot! And thank you for the links! I guess with all those toys that @Andy Ful created you can feel very safe on a windows native security setup! One more thing to say to the bad guys then ;

You-Shall-Not-Pass-Image.png
 

Gandalf_The_Grey

Level 18
Verified
Graag gedaan landgenoot! And thank you for the links! I guess with all those toys that @Andy Ful created you can feel very safe on a windows native security setup! One more thing to say to the bad guys then ;

View attachment 214181
Yes, it's great to have a native windows security setup and being able to not have to rely on third party security programs.
A good security config is a delicate balance, between adding layers and overkill.
Also through participating in those threads, asking questions I learned a lot about windows native security mechanisms.
I can't thank @Andy Ful @Windows_Security (andere landgenoot) @shmu26 and all the other members participating enough.
Still learning every day (y)
 

oldschool

Level 28
Verified
Also through participating in those threads, asking questions I learned a lot about windows native security mechanisms.
I can't thank @Andy Ful @Windows_Security (andere landgenoot) @shmu26 and all the other members participating enough.
Still learning every day (y)
Precisely my experience and the reason for following/participating in that thread. We owe much to those with more experience! (y)
 

Gandalf_The_Grey

Level 18
Verified
Re-added O&O ShutUp10 .
Removed LastPass
Added Bitwarden
Bitwarden seems too be more trusted nowadays and trust matters when using a password manager.
Exporting form LastPass and importing in Bitwarden went great with the recommended LastPass Pocket application:
There are known bugs (for years now) with the LastPass exporter regarding special characters such as the ampersand (&), the greater than sign (>), and the less than sign (<). The LastPass exporter may change (HTML encode) these and possibly other special characters in your passwords to their respective HTML encoded values (ex. &amp;, &gt;, and &lt;). If this LastPass bug affects your exported data you should use a text editor (such as Notepad) to find and replace all of these values before importing into Bitwarden. For example, you may want to do a find and replace for &amp; → & and &lt; → <).
Alternatively, you can use the LastPass Pocket application to export your CSV data. The LastPass Pocket application does not appear to be affected by these bugs.
I enabled Windows Defender Sandbox by running:
Code:
setx /M MP_FORCE_USE_SANDBOX 1
 
Last edited: