Advanced Plus Security Gandalf_The_Grey's Security Configuration for 2019

Last updated
Dec 1, 2019
Windows Edition
Pro
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Ziggo Safe Online (F-Secure Safe) 17.7 and VoodooShield 5.52 beta
Firewall security
Microsoft Defender Firewall
About custom security
Removed Internet Explorer 11.
Ziggo Safe Online switched off Banking protection.
VoodooShield enabled WhitelistCloud and added the new Edge to web apps
Periodic malware scanners
HitmanPro and AdwCleaner (for the kids)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge Dev with uBlock Origin, F-Secure Browsing Protection, Netcraft Extension, Certificate Info and Bitwarden.
Maintenance tools
O&O ShutUp10, Patch My PC, Autoruns, Bandizip, Driver Easy Pro, CCleaner Pro and Disk Cleanup
File and Photo backup
OneDrive, File History
System recovery
Windows system image
Risk factors
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
Latest Windows version and latest Hard_Configurator Beta (thanks @Andy Ful ).
uBlock Origin in medium Kees mode (thanks @Windows_Security ).
Added Bitdefender TrafficLight (thanks @Evjl's Rain ).
Back to CCleaner Pro with internet access blocked (like @stefanos predicted).
Added HDCleaner (using the default cleanup option) especially for Edge Dev cleaning.
 

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
So maybe you can give us the sneak preview: what's new in the latest beta?
I hope I don't annoy @Andy Ful because he wanted to release it tomorrow, but this is the change log:
Version 4.1.1.1
1. Added "Paranoid Extensions" (259 potentially dangerous file type extensions).
2. Added FirewallHardening tool, which blocks by Windows Firewall many LOLBins and allow the user to block any application.
3. Removed explorer.exe paths from FirewallHardening LOLBins on Windows 8 and 8.1., for compatibility with SmartScreen.
3. Two buttons <Recommended SRP> and <Recommended Restrictions> are replaced by one green button <Recommended Settings>.
4. Reorganization of buttons: the violet buttons <Firewall Hardening> and <ConfigureDefender> are now located in the upper part of the main window. The button <No Removable Disks Exec.> was replaced by the new option button <Validate Admin Code Signatures> (see point 6).
5. If Default Deny Protection is turned OFF by 'Switch Default Deny' tool, then "Run By SmartScreen" option is automatically enabled in Explorer context menu. It can be used for installing safely the applications both on Administrator and Standard User type of accounts.
6. Added the option <Validate Admin Code Signatures> which changes the UAC settings to enforce cryptographic signatures on any interactive application that requests elevation of privilege. This setting will prevent the user to run from Explorer the applications which require Administrative rigts but are not digitally signed.
7. Added the profile "Windows_10_MT_Windows_Security_hardening.hdc" which uses the new option <Validate Admin Code Signatures>.
8. The option <Restore Windows Defaults> does restore also Windows Defender defaults and removes FirewallHardening Outbound block rules.
9. All Hard-Configurator native executables are digitally signed by SHA256 certificate (Certum Code Signing CA SHA2).
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
Latest Windows version and latest Hard_Configurator Beta (thanks @Andy Ful ).
uBlock Origin in medium Kees mode (thanks @Windows_Security ).
Added Bitdefender TrafficLight (thanks @Evjl's Rain ).
Back to CCleaner Pro with internet access blocked (like @stefanos predicted).
Added HDCleaner (using the default cleanup option) especially for Edge Dev cleaning.
Is traffic light better than windows defender browser extension and emsisoft extension?
 
  • Like
Reactions: oldschool

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
Is traffic light better than windows defender browser extension and emsisoft extension?
Bitdefender is better than Emsisoft in blocking phishing and malware
Is traffic light better than windows defender browser extension and emsisoft extension?
The best combo at the moment according to the tests of @Evjl's Rain and my own limited testing is Windows Defender Browser Extension (uses SmartScreen) together with Bitdefender TrafficLight. Because Edge Dev (my default browser) already uses SmartScreen there is no need for Windows Defender Browser Extension and so i'm only using Bitdefender TrafficLight. Bitdefender trafficLight is better than Emsisoft because it blocks more and better. With Emsisoft the malicious download was started and blocked with Bitdefender most of the time there is no download.
 

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
Latest update of my computer security configuration.
After seeing Ziggo Safe Online blocking stuff when web pages are blocked on Edge Dev with SmartScreen I decided to go with Ziggo Safe Online combined with Hard_Configurator at recommended settings.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top