Advanced Plus Security Gandalf_The_Grey's Laptop Config 2024

Last updated
Apr 24, 2024
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
Ziggo SmartWifi modem by Sagemcom in bridgemode. TP-Link Deco XE75 mesh system.
Real-time security
TP-Link HomeShield
Microsoft Defender Antivirus
Firewall security
Microsoft Defender Firewall
About custom security
Windows Hybrid Hardening
  • ConfigureDefender at High settings.
  • WindowsHybridHardening Light with SWH on and WDAC on.
Windows 11 Pro 23H2
Periodic malware scanners
HitmanPro and Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Microsoft Edge with AdGuard, Bitwarden and Bitdefender TrafficLight as extensions
Secure DNS
From my ISP (Ziggo)
Desktop VPN
AdGuard VPN
Password manager
Bitwarden browser extension
Maintenance tools
Maintenance tools: CCleaner Professional, Disk Cleanup, Optimize Drives, Autoruns, Driver Store Explorer
Update tools: Patch My PC, UCheck, Driver Easy Pro, LG Update & Recovery, Intel Driver & Support Assistant
File and Photo backup
Windows Backup, OneDrive with Microsoft 365 ransomware protection (always on sync)
Active subscriptions
    • Microsoft 365 Family 6TB
System recovery
Windows system image
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
malwaretips.com

PC Specs - Gandalf_The_Grey's new LG Gram 16

Bought myself a new laptop, a LG Gram 16 and for a limited time you get a free LG View 16-inch portable display. https://www.parkablogs.com/content/review-lg-gram-view-16-inch-portable-display https://www.parkablogs.com/content/designer-review-lg-gram-16-2022...
malwaretips.com malwaretips.com
Notable changes
2022.01.01 new config for the new year.
2022.01.31 removed Bitsum Process Lasso, Samsung Magician. Switched from DefenderUI Free and VoodooShield to the all-in-one DefenderUI Pro.
2022.02.12 back to Ziggo Safe Online by F-Secure
2022.02.16 added Quad9 secure DNS
2022.03.22 have to use Adobe Reader for work, removed KVRT.
2022.04.09 trying the AdGuard extension instead of uBlock Origin
2022.04.10 back to uBlock Origin
2022.05.01 removed Ziggo Safe Online, back to Microsoft Defender and installed Kerish Doctor
2022.05.04 installed the latest VoodooShield
2022.05.13 installed fs protection by F-Secure 18.4 beta 2
2022.05.20 back to Microsoft Defender Antivirus and Andy's tools
2022.05.23 changed from ConfigureDefender to DefenderUI
2022.06.07 back to fs protection and VoodooShield
2022.07.18 back to Microsoft Defender Antivirus with DefenderUI and VoodooShield
2022.08.14 reset of Windows 11 and added (back) Simple Windows Hardening
2022.08.31 small changes because of my new laptop
2022.09.06 went from uBlock Origin to AdGuard
2022.09.12 up to date with the latest changes in this form
2022.09.26 back to FS Protection
2022.10.23 reset of Windows 11 22H2 and using Microsoft Defender with ConfigureDefender on high
2022.12.12 filled the new fields and Smart App Control has turned itself off.
2023.01.01 back to FS Protection and running a trial of NoVirusThanks SysHardener
2023.01.29 removed NoVirusThanks SysHardener and switched from AdGuard MV3 to uBlock Origin
2023.03.20 back to Windows buit-in protection configured by Hard_Configurator
2023.03.15 back to Simple Windows Hardening
2023.05.19 up to date with the May 2023 Update of this form
2023.07.05 back to FS Protection
2023.08.17 testing Windows Hybrid Hardening
2024.02.02 using Windows Hybrid Hardening Light an added the I don't care about cookies extension
2024.04.20 removed I don't care about cookies and Bitdefender TrafficLight
2024.04.20 removed McAfee WebAdvisor
2024.04.24 changed from uBlock Origin to AdGuard
What I'm looking for?

Looking for minimum feedback.

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
Refreshed my config for 2024.

My license for FS Protection (beta) expired again and I will not ask again in their forum to get it renewed again...

Enjoying the Windows built-in security enhanced by Windows Hybrid Hardening Light.
Thanks (again) @Andy Ful for your great tools and outstanding support.
Thanks @Shadowra for your test of Windows Hybrid Hardening Light.

Most problems I had with using uBlock Origin and AdGuard's or Fanboy's annoyances filters came from websites where blocking cookie notices caused parts of those websites not working.
Therefore, I added the I don't care about cookies extension as only source for blocking cookie notices.
You can very easily turn that extension off on those sites and do not have to use your own filters to get those sites working again.
 
  • Like
  • Applause
Reactions: Dave Russo, Nevi, LennyFox and 13 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
Changed my custom uBlock Origin filters to:
  • AdGuard Annoyances filter (Optimized)
  • EasyList (Optimized)
  • EasyPrivacy (Optimized)
  • HaGeZi's The World's Most Abused TLDs
  • Kees1958 most used EU US ad & tracking networks
  • Kees1958 personal blocklist for cosmetic filter leftovers
Now I don't need the I don't care about cookies extension anymore (y)

Removed Bitdefender TrafficLight and added McAfee WebAdvisor.

Protection is about the same, but McAfee is available as Edge extension and Bitdefender is not.
Plus McAfee gives a warning when going to a website for remote access tools and I find that a nice bonus for inexperienced users:

1713596782058.png
 
Last edited:
  • Like
  • +Reputation
Reactions: Dave Russo, toto_10, oldschool and 6 others
L

LennyFox

Level 7
Jan 18, 2024
308
Great setup with WHHL (y)

Hope you don't mind commenting on your uBO blocklists. Since you use Hagezi's most abused TLD blocklist, you might as well use (shameless plug) my non-latin character TLD blocklist (LINK) also I found the combined (optimized) blocklist of Adguard base plus Easylist (LINK) a little more effective than EL alone. Also when you use Kees1958 Mv2, the added value of EL privacy blocklist is minimal (in uBO logger you will see blocks because of the sequence of rule application, but when you disable EL privacy you probably won't notice a difference).

Protection of McFee is great, but privacy policy is not.
 
  • Like
Reactions: Dave Russo, toto_10, oldschool and 5 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
LennyFox said:
Great setup with WHHL (y)

Hope you don't mind commenting on your uBO blocklists. Since you use Hagezi's most abused TLD blocklist, you might as well use (shameless plug) my non-latin character TLD blocklist (LINK) also I found the combined (optimized) blocklist of Adguard base plus Easylist (LINK) a little more effective than EL alone. Also when you use Kees1958 Mv2, the added value of EL privacy blocklist is minimal (in uBO logger you will see blocks because of the sequence of rule application, but when you disable EL privacy you probably won't notice a difference).

Protection of McFee is great, but privacy policy is not.
Click to expand...
Thanks (y)

I was using your blocklist's, but now I am using Hagenzi's because your GitHub is archived:
This repository has been archived by the owner on Nov 30, 2023. It is now read-only.
Click to expand...
AdGuard Base plus EasyList (optimized) has a lot more rules (72691 compared to EasyList (optimized) 47994) and I don't notice a difference on the websites I usually visit.
For me EasyList (optimized) is enough.
Will look into EasyPrivacy vs Kees1958.

A good point about McAfee's privacy policy. Is Bitdefender's privacy policy better?
 
  • Like
Reactions: Dave Russo, toto_10, oldschool and 1 other person
L

LennyFox

Level 7
Jan 18, 2024
308
Gandalf_The_Grey said:
Thanks (y)

I was using your blocklist's, but now I am using Hagenzi's because your GitHub is archived:

AdGuard Base plus EasyList (optimized) has a lot more rules (72691 compared to EasyList (optimized) 47994) and I don't notice a difference on the websites I usually visit.
For me EasyList (optimized) is enough.
Will look into EasyPrivacy vs Kees1958.

A good point about McAfee's privacy policy. Is Bitdefender's privacy policy better?
Click to expand...
OK thanks, I will look into EL again :) the rule count makes it worth to investigate (y)

In terms of privacy Netcraft is good, TrafficLight and MBAM are okay (with MBAM asking user okay for telemetry a little better)

It is archived, but you can still use it. I have played with AG DNS and it lacked the TLD protection of NextDNS, that is why I added those lists in the past. The non-latin list is still actual. Hagezi is updating the list, so it is better to use his list for most abused TLD's (mine is old).
 
Last edited:
  • Like
  • Thanks
Reactions: Dave Russo, toto_10, oldschool and 2 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
Ok, thanks to the feedback of @LennyFox I replaced McAfee WebAdvisor with Bitdefender TrafficLight (again).

New custom filters for uBlock Origin:
  • AdGuard Annoyances filter (Optimized)
  • Block non-latin Top Level Domains
  • EasyList (Optimized)
  • HaGeZi's The World's Most Abused TLDs
  • Kees1958 most used EU US ad & tracking networks
  • Kees1958 personal blocklist for cosmetic filter leftovers
Added Block non-latin Top Level Domains and removed EasyPrivacy (Optimized).
 
  • Like
Reactions: Dave Russo, toto_10, LennyFox and 3 others
Jan Willy

Jan Willy

Level 12
Verified
Top Poster
Well-known
Jul 5, 2019
566
About using Kees1958 filterlist in relation to EasyPrivacy the master himself explains as follows:
malwaretips.com

New Update - Kees1958 EU-US most used blocklist for uBlockOrigin and AdGuard

Hi, I added a new source and created a new blocklist version for the most used Ad & Tracking networks in the EU and US. The intended use of this is to combine it with two AdGuard filters and your local language EasyList filter. You can disable all other filters in AdGuard and uBlockOrigin...
malwaretips.com malwaretips.com
 
  • +Reputation
  • Like
Reactions: Dave Russo, LennyFox, oldschool and 2 others
L

LennyFox

Level 7
Jan 18, 2024
308
Jan Willy said:
About using Kees1958 filterlist in relation to EasyPrivacy the master himself explains as follows:
malwaretips.com

New Update - Kees1958 EU-US most used blocklist for uBlockOrigin and AdGuard

Hi, I added a new source and created a new blocklist version for the most used Ad & Tracking networks in the EU and US. The intended use of this is to combine it with two AdGuard filters and your local language EasyList filter. You can disable all other filters in AdGuard and uBlockOrigin...
malwaretips.com malwaretips.com
Click to expand...
You are right about smart TV, thank you (y) I will create a third NextDNS free account blocling ads and telemetry of my smart TV on the router. :) Surprisingly what people can do using the DNS priority sequence (none = your ISP,in the router overrules none, On DNS settings on your PC overrule the router's DNS. DNS-over-HTTPS in your btowser overrules the DNS in your PC).

@Gandalf_The_Grey apologize for stealing your thread 😇
 
Last edited:
  • Like
Reactions: Dave Russo, Gandalf_The_Grey, Jan Willy and 2 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
lokamoka820 said:
Why you don't use dedicated uninstaller software life HiBit or Revo? Does O&O AppBuster remove leftovers like others?
Click to expand...
Probably not, but AppBuster also does not break things. The leftover removal can be tricky when removing too much.
AppBuster does warn you when you cannot remove an app because it is used by another app.
For me it feels safer then when using apps like HiBit or Revo.
 
  • Thanks
  • Like
  • Hundred Points
Reactions: lokamoka820, Dave Russo, LennyFox and 2 others
oldschool

oldschool

Level 82
Verified
Top Poster
Well-known
Mar 29, 2018
7,117
Gandalf_The_Grey said:
Probably not, but AppBuster also does not break things. The leftover removal can be tricky when removing too much.
AppBuster does warn you when you cannot remove an app because it is used by another app.
For me it feels safer then when using apps like HiBit or Revo.
Click to expand...
Indeed, I think I'd use O&O products because it's an established company, if I used anything.
 
  • Like
Reactions: Guilhermesene, Dave Russo and Gandalf_The_Grey
lokamoka820

lokamoka820

Level 1
Mar 1, 2024
22
Gandalf_The_Grey said:
Probably not, but AppBuster also does not break things. The leftover removal can be tricky when removing too much.
AppBuster does warn you when you cannot remove an app because it is used by another app.
For me it feels safer then when using apps like HiBit or Revo.
Click to expand...
I didn't know that uninstallers may break things, is there any safe uninstaller? If not, what do you use to delete leftovers?
Do you use the registry cleaner in CCleaner?
 
  • Like
Reactions: Gandalf_The_Grey
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
In this case I use AppBuster to remove some Microsoft programs that came with Windows 11 and that Microsoft does not want me to remove. That is already questionable.
Removing leftovers could break Windows 11 if it removed the wrong things.

Another example is Comodo Firewall if you remove it with Revo the cleanup script that Comodo runs after the uninstall is removed as leftover and the result is that there are more leftovers with Revo than if you just let Comodo do the uninstall.

Leftovers are generally speaking harmless.

The only time they matter is when uninstalling AV software.
Then I use some other programs after the uninstall and reboot:
malwaretips.com

Troubleshoot - Not a real problem, but I think it is weird none the less?

Not even sure if I should post this here in this forum, but here it goes. Okay, over a month ago I uninstalled KSC Free because I wanted to try Ziggo Safe online from F-Secure. (And I like Ziggo Safe Online so far.) Now today I used a program called HiBit System Information so that I would have...
malwaretips.com malwaretips.com

I do use the registry cleaner in CCleaner and had no issues with it.
But it is not really needed.
 
Last edited:
  • Like
  • +Reputation
Reactions: oldschool, lokamoka820, blackice and 2 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,603
LennyFox said:
Great setup with WHHL (y)

Hope you don't mind commenting on your uBO blocklists. Since you use Hagezi's most abused TLD blocklist, you might as well use (shameless plug) my non-latin character TLD blocklist (LINK) also I found the combined (optimized) blocklist of Adguard base plus Easylist (LINK) a little more effective than EL alone. Also when you use Kees1958 Mv2, the added value of EL privacy blocklist is minimal (in uBO logger you will see blocks because of the sequence of rule application, but when you disable EL privacy you probably won't notice a difference).

Protection of McFee is great, but privacy policy is not.
Click to expand...
It seems that the AdGuard extension will change automatically from MV2 to MV3 when that will be needed.
So, I'm trying to do the same with the AdGuard extension.

Filters currently used:

AdGuard (built-in) English filter (optimized)
AdGuard (built-in) Dutch filter (optimized)
AdGuard (built-in) Cookie Notices filter (optimized)
AdGuard (built-in) Popups filter (optimized)
AdGuard (built-in) Other Annoyances filter (optimized)
Kees1958 most used EU US ad & tracking networks
Kees1958 personal blocklist for cosmetic filter leftovers
HaGeZi's The World's Most Abused TLDs

In total 64816 rules
 
  • Like
  • Applause
Reactions: oldschool, Jan Willy, Moonhorse and 2 others

Similar threads

McLovin
    • Like
Advanced Plus Security McLovins' Config 2024
Replies
13
Views
843
PC Setup Configuration Help & Showcase
McLovin
McLovin
Gandalf_The_Grey
    • Like
Technology Microsoft is sure its new Windows 11 AI PCs will deliver better performance than MacBooks
Replies
0
Views
242
Technology News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Security News The January 2024 Security Update Review
Replies
2
Views
1,275
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top