Advanced Plus Security Gandalf_The_Grey's Laptop Config 2024

Last updated
Feb 14, 2024
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
    • Basic account password (insecure)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
Ziggo SmartWifi modem by Sagemcom in bridgemode. TP-Link Deco XE75 mesh system.
Real-time security
TP-Link HomeShield
Microsoft Defender Antivirus
Firewall security
Microsoft Defender Firewall
About custom security
Windows Hybrid Hardening
  • ConfigureDefender at High settings.
  • DocumentsAntiExploit with MS Office ON2 and VBA disabled.
  • WindowsHybridHardening Light with SWH on and WDAC on.
Windows 11 Pro 22H2
Periodic malware scanners
HitmanPro and Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Microsoft Edge with uBlock Origin, I don't care about cookies, Bitwarden and Bitdefender TrafficLight as extensions
Secure DNS
From my ISP (Ziggo)
Desktop VPN
AdGuard VPN
Password manager
Bitwarden browser extension
Maintenance tools
Maintenance tools: CCleaner Professional, Disk Cleanup, Optimize Drives, Autoruns, Driver Store Explorer
Update tools: Patch My PC, UCheck, Driver Easy Pro, LG Update & Recovery, Intel Driver & Support Assistant
File and Photo backup
Windows Backup, OneDrive with Microsoft 365 ransomware protection (always on sync)
Active subscriptions
    • Microsoft 365 Family 6TB
System recovery
Windows system image
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Notable changes
2022.01.01 new config for the new year.
2022.01.31 removed Bitsum Process Lasso, Samsung Magician. Switched from DefenderUI Free and VoodooShield to the all-in-one DefenderUI Pro.
2022.02.12 back to Ziggo Safe Online by F-Secure
2022.02.16 added Quad9 secure DNS
2022.03.22 have to use Adobe Reader for work, removed KVRT.
2022.04.09 trying the AdGuard extension instead of uBlock Origin
2022.04.10 back to uBlock Origin
2022.05.01 removed Ziggo Safe Online, back to Microsoft Defender and installed Kerish Doctor
2022.05.04 installed the latest VoodooShield
2022.05.13 installed fs protection by F-Secure 18.4 beta 2
2022.05.20 back to Microsoft Defender Antivirus and Andy's tools
2022.05.23 changed from ConfigureDefender to DefenderUI
2022.06.07 back to fs protection and VoodooShield
2022.07.18 back to Microsoft Defender Antivirus with DefenderUI and VoodooShield
2022.08.14 reset of Windows 11 and added (back) Simple Windows Hardening
2022.08.31 small changes because of my new laptop
2022.09.06 went from uBlock Origin to AdGuard
2022.09.12 up to date with the latest changes in this form
2022.09.26 back to FS Protection
2022.10.23 reset of Windows 11 22H2 and using Microsoft Defender with ConfigureDefender on high
2022.12.12 filled the new fields and Smart App Control has turned itself off.
2023.01.01 back to FS Protection and running a trial of NoVirusThanks SysHardener
2023.01.29 removed NoVirusThanks SysHardener and switched from AdGuard MV3 to uBlock Origin
2023.03.20 back to Windows buit-in protection configured by Hard_Configurator
2023.03.15 back to Simple Windows Hardening
2023.05.19 up to date with the May 2023 Update of this form
2023.07.05 back to FS Protection
2023.08.17 testing Windows Hybrid Hardening
2024.02.02 using Windows Hybrid Hardening Light an added the I don't care about cookies extension
What I'm looking for?

Looking for minimum feedback.

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Nope. Using a older version of CCleaner also create this issue.

I installed Opera latest stable version. Same thing happened there as in Edge. But just as with Edge, it's easy to get it back and working by simply manually disable the extension " Browsing protection " and then enable it again. Tested many times in both Edge and Opera with different banking sites. For now it's Firefox that works as it should. I'm sending the extra report probably on Monday or Tuesday. (y)
Thanks, it is a problem with all chromium-based browsers, CCleaner and F-Secure.
Disable and reenable "Allow access to file URLs" for the browsing protection extension also works.
Hope your report will speed up some troubleshooting by F-Secure (y)

As I believe not only banking protection but also https scanning is dependent on the extension and doesn't work anymore after cleaning with CCleaner.
I haven't tried any other cleaners.
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Got a reply back and they aren't able to reproduce it even with SAFE stable version 18.3. I can confirm the same as just tested again. Maybe some of the latest released extension updates for Browsing Protection fixed it? 🤷‍♂️
Strange, could be an extension, F-Secure module or even an Edge update, but I'm for sure glad that it is fixed now :unsure:
Thanks for (also) reporting it (y)
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Had some connection problems with fs protection (beta).
Ziggo internet is not always stable I'm afraid.
Could be the combination of those two.
So, I went back to Microsoft Defender Antivirus with DefenderUI and VoodooShield.
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Any problems using your printer with VS? I use an Epson.
No, I use an HP now, but when I used an Epson, I used the training mode when printing and scanning for the first time.
Any blocks you should mail to Dan and he can whitelist them if necessarily.
 
Last edited:

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Had problems with the latest Windows Update.
Did a reset of Windows 11 with mostly the same config.
No problem with the latest Windows Update anymore (y)

Added Simple Windows Hardening, removed the Microsoft Editor extension because it crashed and didn't renew my license for Driver Easy.
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Because I bought a new laptop I redid my security configuration.
Main changes are this laptop has a Trusted Platform Module so after upgrading from Windows 11 Home to Pro BitLocker is automatically enabled.
And I went form DefenderUI + VoodooShield + Simple Windows Hardening to just DefenderUI Pro.
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Went from uBlock Origin to the AdGuard (stable) extension because AdGuard is working on a manifest V3 complaint extension.
First impressions:
Tried the AdGuard MV3 Browser extension myself.
Despite the limitations of Manifest V3, AdGuard MV3 still protects against ads and tracking quite well:
  • Blocks requests to trackers proactively
  • Hides banners, social widgets and other annoying elements
  • Blocks adverts on video sharing platforms, including YouTube
Can't update the filters, can't see ant logs, but it works.
It's work in progress...
At least there is hope for a good adblocking extension that is manifest v3 compliant.
By releasing an extension built with Manifest V3 today — first among developers of ad blockers – we can say that we've met the challenge that Google posed to us. There is still a lot of work to be done, but we can already claim that even after the discontinuation of Manifest V2, Google Chrome users will be able to protect themselves from ads and trackers with the AdGuard Browser Extension.
I'm not worried anymore.
 

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
G

Guilhermesene

Incredibly, I really like your setup 🙂 it seems to me something "less is more", I like that idea.

I am only in doubt between Microsoft Defender or F-secure (I have a valid license of Safe)

Another doubt regarding F-Secure is that it has no password to protect the software settings, so in this case, I would have to format my machine and use the user as a user with "common" privileges.

I am tired of the sameness and always having bloated software or performance problems.

I am a student and software developer and tired of configuring AV's, I would like something more automated and clean, maybe that is why I am in doubt between F-Secure and SysHardener+OSarmor for example.

I like your configuration a lot 👏🏻👏🏻
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top