Advanced Plus Security Devjit's Laptop Security Setup

[oldschool]

It is a well known issue, that Windows Defender can cause slowdowns on some computers. There were many posts about this behavior. But on many computers, WD is OK even with small resources and average CPU. Generally, it is also confirmed on AV Labs performance tests.
Consuming 30% CPU resources is not normal. The Quick or even the Full Scan can usually consume about 30% of CPU resources on computers with CPU like the old Intel i3 processor and 4GB RAM. I noticed a better behavior on Windows 10 ver. 1803, because on earlier versions the Full Scan usually consumed 50%. If WD is not scanning, then there should not be any slowdowns.
In my case, I can see occasional slowdowns during Windows Updates, WD updates, and updates from Microsoft store. In most cases, I can see that Windows Defender CPU consumption is simply 0%.
Anyway, if WD is not working, then the light AV + any default-deny setup with script blocking + document protection will be OK.

Agreed. My machine is 8 yrs. old with a HDD and WD runs very well, but of course the Full scan is very sloooowwww! I never notice when it does an automatic quick scan and I'm surprised when I get the notification. I think it does slow browsing just a wee bit though.

 

[Andy Ful]

I can recommend the below to make the laptop more responsive:

1. Make a full disk image on the external drive, as a backup solution. Be sure, that you can boot from DVD or the pendrive to restore the old factory system from this backup.
2. Make a fresh Windows 10 installation.
3. Let Windows install its own drivers.
4. Install additional drivers only if Windows drivers do not work.
5. Do not install the Lenowo, Dell, etc. factory software (bloatware) for computer maintenance.
6. Do not install registry cleaners, disk cleaners, and other similar software - all are already present in Windows 10.
7. Do not install 3rd party AV.
8. Use SysHardener (light SRP) to block scripts and protect against weaponized documents or Hard_Configurator default-deny setup (stronger but requires some learning). Both solutions do not introduce the new drivers or realtime programs - they simply configure in the Windows Registry the built-in Windows features.
9. Use ConfigureDefender or PowerShell cmdlets to activate Windows Defender ASR.

I made the above on some laptops, that were veeery slow, just after buying from the shop. The difference was as evident, as for the old man who suddenly lost many years to feel as in the prime of his life. The computer will love you, and you will be happy.
Be safe.

 

[oldschool]

I can recommend the below to make the laptop more responsive:...

… I made the above on some laptops, that were veeery slow, just after buying from the shop. The difference was as evident, as for the old man who suddenly lost many years to feel as in the prime of his life. The computer will love you, and you will be happy.
Be safe.

Oh @Andy Ful - you always employ the most beautiful analogies!

 

[Andy Ful]

Thanks. Sometimes I cannot hold back.

 

[Wraith]

I can recommend the below to make the laptop more responsive:

1. Make a full disk image on the external drive, as a backup solution. Be sure, that you can boot from DVD or the pendrive to restore the old factory system from this backup.
2. Make a fresh Windows 10 installation.
3. Let Windows install its own drivers.
4. Install additional drivers only if Windows drivers do not work.
5. Do not install the Lenowo, Dell, etc. factory software (bloatware) for computer maintenance.
6. Do not install registry cleaners, disk cleaners, and other similar software - all are already present in Windows 10.
7. Do not install 3rd party AV.
8. Use SysHardener (light SRP) to block scripts and protect against weaponized documents or Hard_Configurator default-deny setup (stronger but requires some learning). Both solutions do not introduce the new drivers or realtime programs - they simply configure in the Windows Registry the built-in Windows features.
9. Use ConfigureDefender or PowerShell cmdlets to activate Windows Defender ASR.

I made the above on some laptops, that were veeery slow, just after buying from the shop. The difference was as evident, as for the old man who suddenly lost many years to feel as in the prime of his life. The computer will love you, and you will be happy.
Be safe.

Thank you soooo soooo much for mentioning the above points. Last time I did download all the drivers and softwares from the HP Website. This time, I followed your advice and let Windows install all the drivers and update the store apps. I have used SysHardener to block Powershell, SMB, Remote Connections, WSH. For the antivirus I have gone with Avast Free(Hardened Mode set to Aggressive) with a Custom Install, selecting only the four shields and Windows Firewall is set to block all incoming connections. Now my laptop is running as smooth as the wind and it loves me back too

 

[LDogg]

All the basics are covered! Thanks for sharing!

~LDogg

 

[Andy Ful]

...
Now my laptop is running as smooth as the wind and it loves me back too

I was also shocked that it worked so well for my friend's laptop.

 

[Wraith]

Guys I have one question. Can I use voodooshield Free alongwith Avast Free when Hardened Mode is set to Aggressive?

 

[harlan4096]

Probably You don't need it (if SysHardened already), but try by Yourself and let us know how it performs

A VPN Service for Web Privacy would be welcome.

Please kindly specify the exact version of Avast Free (in number), thanks.

 

[LDogg]

Avast w/ VoodooShield could be fairly overkill as you could set Avast to hardened mode aggressive. Especially if you have Syshardener.

~LDogg

 

[Wraith]

UPDATE:
Removed Avast Free
Added Panda Dome Free, Voodooshield Free and OSArmor

 

[Wraith]

Avast w/ VoodooShield could be fairly overkill as you could set Avast to hardened mode aggressive. Especially if you have Syshardener.

~LDogg

Kept voodooshield since I removed avast. I used SysHardener portable as a one time set and forget application whereas I think voodooshield and OSArmor will provide me with Real-time protection.

 

[Quassar]

not better will be instal Exe Radar Pro instead of VS ?

 

[Deleted member 178]

not better will be instal Exe Radar Pro instead of VS ?

+1

 

[Quassar]

You can yet try ReHIPS or SpyShelter a lot better but unfortunly its payment and dunno how about your budget

 

[Behold Eck]

not better will be instal Exe Radar Pro instead of VS ?

Any particular reason for ERP over VS ?

Regards Eck

 

[Andy Ful]

UPDATE:
Removed Avast Free
Added Panda Dome Free, Voodooshield Free and OSArmor

Soon, your system will be probably as slow as before.:notworthy:

 

[LDogg]

Kept voodooshield since I removed avast. I used SysHardener portable as a one time set and forget application whereas I think voodooshield and OSArmor will provide me with Real-time protection.

That is correct. OSArmor w/ Syshardener can be all you need sometimes when twinned with an AV.

~LDogg

 

[Wraith]

UPDATE:
Removed Voodooshield since Exe files were taking longer to execute. Now I have Panda and OSArmor and my laptop runs like a breeze. I don't think I need NVT ERP since I have OSArmor(tweaked). My aim is to have a security combo that is light while being effective and layered. OSArmor is a fantastic little piece of software that covers many attack surfaces that most Antivirus miss. Thanks to everyone here for all the suggestions.

 

[Wraith]

All right guys so I was browsing through the MalwareTips Forums and from the Giveaway section, I got Bitdefender Internet Security 2019 180 days trial version for 3 PCS. I installed BD on my mom's and dad's laptops and all went smoothly. Now I am contemplating whether to remove Panda Dome from my laptop and replace it with BD 2019. What are your suggestions regarding this?