Advanced Plus Security Gandalf_The_Grey's Security Config 2021

Last updated
Dec 21, 2021
How it's used?
For home and private use
Operating system
macOS 15 Sequoia
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Microsoft Defender Antivirus
HomeCare by Trend Micro on TP-Link Archer AX6000 router
Firewall security
Microsoft Defender Firewall
About custom security
Microsoft Defender Antivirus
  • ConfigureDefender 3.0.1.0: High settings
  • Simple Windows Hardening 1.0.1.0: Basic Recommended Settings and restrict SMB123
  • DocumentsAntiExploit 2.0.0.0: MS Office ON2
  • Controlled Folder Access: enabled
  • Core Isolation: Memory Integrity enabled
Windows 11 Pro
  • O&O ShutUp10++: almost all recommended settings...
  • O&O AppBuster: uninstalled apps I don't want or need
  • Samsung Magician: Full Performance Mode
  • Bitsum Process Lasso Pro: ProBalance enabled
Foxit PDF Reader
  • Protected View for all files, Safe Reading Mode enabled, JavaScript disabled
Periodic malware scanners
HitmanPro and AdwCleaner (for the kids)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge using Google search with uBlock Origin, Bitdefender TrafficLight, Bitwarden and Microsoft Editor as extensions
Secure DNS
From ISP (Ziggo)
Desktop VPN
AdGuard VPN
Password manager
Bitwarden browser extension
Maintenance tools
Autoruns, CCleaner, Disk Cleanup, PrivaZer, PatchMyPC, SUMo and Driver Easy
File and Photo backup
Windows File History on external drive (weekly)
OneDrive with Microsoft 365 ransomware protection (always on sync)
System recovery
Windows system image
Risk factors
    • Working from home
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Requesting and accepting remote access
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Acer Aspire VN7-791G-576X
Intel Core i5-4210H
Intel HD Graphics 4600 / NVIDIA GeForce GTX 860M
Kingston 16GB Dual-Channel DDR3 PC3-12800 RAM
Samsung SSD 850 EVO M.2 250GB
Seagate HDD ST1000LM014-1EJ164 1TB
Realtek High Definition Audio
Notable changes
2020.12.29 Filled the new fields
2020.12.30 installed Ziggo Safe Online
2021.01.04 back to Microsoft Defender with Hard_Configurator and added SpywareBlaster
2021.01.06 removed SpywareBlaster and went with stronger H_C -setup
2021.02.01 back to simpler setup with ConfigureDefender and Simple Windows hardening. Added Process Lasso
2021.02.08 Filled the new fields, no changes to config
2021.02.12 Microsoft Defender caused problems, back to KSCF and removed Process Lasso
2021.03.03 Update Kaspersky Security Cloud Free to the latest version, removed HitmanPro and enabled Microsoft Defender periodic scanning.
2021.03.28 back to Microsoft Defender Antivirus
2021.04.25 back to Ziggo Safe Online
2021.05.03 back to Microsoft Defender Antivirus
2021.05.07 switched from the uBlock Origin to the AdGuard extension
2021.10.04 back to Ziggo Safe Online and uBlock Origin
2021.10.05 back to the AdGuard extension
2021.10.13 upgraded to Windows 11 and back to uBlock Origin
2021.10.24 back to Microsoft Defender enhanced by DefenderUI Pro
2021.10.26 back to Kaspersky Security Cloud Free and Simple Windows Hardening
2021.11.06 back to Ziggo Safe Online by F-Secure
2021.11.10 removed Simple Windows Hardening and added VoodooShield
2021.11.16 testing DefenderUI Free with the latest Voodooshield beta
2021.11.30 back to Ziggo Safe Online
2021.12.21 optimized system with Samsung Magician and Bitsum Process Lasso Pro and back to Windows built-in security
What I'm looking for?

Looking for maximum feedback.

ErzCrz

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,221
Gandalf_The_Grey said:
Google was driving me nuts with consent popups and YouTube video pauses.
ublock Origin while using AdGuard's annoyances filter didn't block/solve that.
With the AdGuard extension no more Google annoyances (y)

In the test discussed here: Q&A - Evaluate your content blocker with Ad Block Tester AdGuard (with optimized filters didn't get 100%.
Enabling the EasyPrivacy filter took care of that and in the filter logs you can clearly see it doing its work.

I have the following eight filters enabled:

By using optimized filters, I have now 70106 rules.
Click to expand...
Simple fix for blocking those consents is to add the following to uBO:

google.*##^script:has-text(consentCookiePayload)

and then for youtube, just add consent.youtube.com to cookie exceptions Block as described here:

Here is the easiest way to get rid of Google's "Before you continue to YouTube" prompt - gHacks Tech News

Works for me :)

Erzcrz
 
  • Like
  • Thanks
  • +Reputation
Reactions: Dave Russo, Nevi, Venustus and 3 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
  • Like
Reactions: Dave Russo, Nevi, Venustus and 3 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Having loads of work and little free time now I changed my setup (again) to something that just works and is friendly on resources and doesn't require a lot of maintenance.
Ziggo Safe Online by F-Secure 18.0 (soon to be upgraded to 18.1 according to Ziggo staff on Twitter).
uBlock Origin
Protection and privacy are enhanced by the latest Simple Windows Hardening 1.0.1.0 beta and the latest O&O ShutUp10++ 1.9.1424.
 
  • Like
  • Applause
Reactions: CyberTech, Nevi, Pat MacKnife and 10 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Changed from uBlock Origin to AdGuard for personal reasons.
Didn't like the latest posts from Mr. Hill on Twitter.
You have a great extension, why keep on bashing the competition (and don't have your facts straight)?

My settings for the AdGuard extension:
General: all three disabled
Filters:
Ad Blocking: AdGuard Base filter
Privacy: AdGuard Tracking Protection filter, AdGuard URL Tracking filter, EasyPrivacy, Fanboy's Anti-Facebook List
Social Widgets: AdGuard Social Media filter
Annoyances: AdGuard Annoyances filter
Language-specific: AdGuard Dutch filter
Stealth Mode: off
Miscellaneous: Use optimized filters on and Send statistics of ad filters usage and Show information on the AdGuard full version off

With those filters and the optimized filters setting the filter rules count = 79578.
Memory used (Edge Task Manager) = 42.756k
 
  • Like
  • +Reputation
Reactions: CyberTech, Nevi, ErzCrz and 7 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Jan Willy said:
Why don't you enable Stealth Mode?
Click to expand...
It makes AdGuard a little "heavier" and is not adding much to my config:
Hide your search queries is covered by AdGuard URL Tracking filter
Send websites signals not to track you is controversial and can be done by the browser
Self-destruction of third-party cookies gave me issues with logins and payments and is covered by blocking third-party cookies in the browser (with adding some needed exceptions).
Hide Referrer from third-parties and Remove tracking parameters are covered by AdGuard URL Tracking filter
Block WebRTC is not needed in most browsers: Remove WebRTC leak prevention · Issue #1723 · uBlockOrigin/uBlock-issues
 
  • Like
  • +Reputation
  • Applause
Reactions: oldschool, Alexai, CyberTech and 9 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Kees1958 said:
Have you tweaked F-secure deep inspection/system guard (i forgot how it is called)?
Click to expand...
No, there are no settings to tweak for DeepGuard.
You can only add folders to its ransomware protection.
Media folders were automatically added after the first reboot when you install F-Secure Safe/Ziggo Safe Online.
 
  • Like
  • Thanks
Reactions: ForgottenSeer 92963, CyberTech, Nevi and 3 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Plag said:
What is teh Ziggo Safe Online? Can you upload pictures about this AV? Thank you. :)
Click to expand...
Ziggo Safe Online is an ISP branded version of F-Secure Safe.
In The Netherlands the other big ISP is KPN and they have KPN Veilig (also F-Secure Safe).

Here is a picture form an older version:
Ziggo-Safe-Online-versus-F-Secure-Safe-800x271.png


Exactly the same but in the orange colors of Ziggo :D

www.ziggo.nl

Wat is Safe Online? | Klantenservice | Ziggo

Bescherm je computer tegen de gevaren van internet, zoals internetcriminelen en virussen. Met Ziggo Safe Online.
www.ziggo.nl www.ziggo.nl

KPN Veilig beschermt gratis al je apparaten

Met KPN Veilig bescherm je jouw laptop, PC, tablet of smartphone tegen virussen en spyware. Ontdek de voordelen en bekijk hoe je het kunt installeren.
www.kpn.com www.kpn.com
 
  • Like
Reactions: Nevi, KonradPL, ForgottenSeer 92963 and 5 others
Szellem

Szellem

Level 9
Well-known
Apr 15, 2020
416
Gandalf_The_Grey said:
Ziggo Safe Online is an ISP branded version of F-Secure Safe.
In The Netherlands the other big ISP is KPN and they have KPN Veilig (also F-Secure Safe).

Here is a picture form an older version:
View attachment 261065

Exactly the same but in the orange colors of Ziggo :D

www.ziggo.nl

Wat is Safe Online? | Klantenservice | Ziggo

Bescherm je computer tegen de gevaren van internet, zoals internetcriminelen en virussen. Met Ziggo Safe Online.
www.ziggo.nl www.ziggo.nl

KPN Veilig beschermt gratis al je apparaten

Met KPN Veilig bescherm je jouw laptop, PC, tablet of smartphone tegen virussen en spyware. Ontdek de voordelen en bekijk hoe je het kunt installeren.
www.kpn.com www.kpn.com
Click to expand...
Thank you for your answer. And you like this AV?Are you satisfied?
 
  • Like
Reactions: Nevi, plat, ForgottenSeer 92963 and 3 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Plag said:
Thank you for your answer. And you like this AV?Are you satisfied?
Click to expand...
Yes, I like it.
The pros and cons that I can think of just now:

Pros:
Low resource use
Decent protection
No root certificate
No useless extras, just an AV.
Mikko Hyppönen
@upnorth uses it ;)
"Free" from my ISP (Ziggo)

Cons:
Weak on java-based malware (covered by installing Simple Windows Hardening).
Weak self-protection on administrator accounts, but they are working on that in version 18.2.
ISP branded version is always behind on the official version (version 18.1 is coming soon... but not yet).
 
  • Like
  • +Reputation
  • Applause
Reactions: wat0114, Nevi, ForgottenSeer 92963 and 8 others
F

ForgottenSeer 92963

Gandalf_The_Grey said:
It makes AdGuard a little "heavier" and is not adding much to my config:
Hide your search queries is covered by AdGuard URL Tracking filter
Send websites signals not to track you is controversial and can be done by the browser
Self-destruction of third-party cookies gave me issues with logins and payments and is covered by blocking third-party cookies in the browser (with adding some needed exceptions).
Hide Referrer from third-parties and Remove tracking parameters are covered by AdGuard URL Tracking filter
Block WebRTC is not needed in most browsers: Remove WebRTC leak prevention · Issue #1723 · uBlockOrigin/uBlock-issues
Click to expand...
Thanks for sharing. I noticed you use Microsoft Edge. When you have configured it to delete stuff when closing the browser and have Anti-Tracking on default (than it only blocks access to cryptominers and fingerprinting and storage of advertising and social LINK), you could also allow third-party cookies to prevent any usability issues.

Third-party cookie tracking is phased out by Google, because of Apple's and Firefox intelligent/advanced tracking protection and Microsoft Edge's anti-tracking (although Microsoft's Disconnect based anti-tracking can be roughly described in layman's terms as the previous Disconnect anti-tracking version of Firefox). But when you already have set all the exceptions, completely blocking third-party cookies is better.

I like Adguard also and run it in a similar setup on my wife's laptop (with optimized filters option enables for ads, trackers and social).
 
Last edited by a moderator:
  • Like
Reactions: Nevi, Szellem, SeriousHoax and 6 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
After reading the latest post in Windows 11 - First look I too installed Windows 11 on an unsupported system.
Enjoying the change and the search for (new) settings :D
The only thing I really dislike is the big taskbar.
Tried the reg fixes that are posted on the net, but small looks horrible with cut off icons in the taskbar.
And I changed from AdGuard to uBlock Origin again, both are great, I just like uBO more.
Just don't follow Mr. Hill on Twitter...
 
Last edited:
  • Like
  • Applause
Reactions: ForgottenSeer 92963, SeriousHoax, oldschool and 3 others
You must log in or register to reply here.

Similar threads

bjm_
    • Like
    • +Reputation
New Update Sandboxie-Plus 1.15.3 - Latest
Replies
1
Views
183
Sandboxie
Bot
Bot
Nautilus
    • Like
    • Applause
Advanced Plus Security Nautilus Security Config 2024
Replies
1
Views
357
PC Setup Configuration Help & Showcase
Nautilus
Nautilus
Brownie2019
On Sale! Microsoft Office 2021 Professional Plus €29.99 EUR
Replies
0
Views
415
Discounts and Deals
Brownie2019
Brownie2019

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top