Advanced Plus Security Gandalf_The_Grey's Laptop Config 2024

[Digmor Crusher]

Another doubt regarding F-Secure is that it has no password to protect the software settings, so in this case, I would have to format my machine and use the user as a user with "common" privileges.

I have no idea what this means.
I find F Secure incredibly easy to use, zero bloat, install and forget.

 

[Back3]

I am a student and software developer and tired of configuring AV's, I would like something more automated and clean, maybe that is why I am in doubt between F-Secure and SysHardener+OSarmor for example.

With W11, been using F-Secure Safe + OSArmor+ Macrium Image Guardian for the last 2 months. Very stable.

 

[Guilhermesene]

I have no idea what this means.

@Digmor Crusher I was referring to this

Use a standard user account or an administrator account

Question - It's 2020: Do you use an Admin account or Standard User Account?

It's been about a year since a big discussion on this, but even longer since a poll has been posted. Last I checked the community had been drifting towards favoring an SUA, adoption was up in 2017 over 2016. So I'm just curious where the community is at these days? We know SUA is more secure...

malwaretips.com

 

[Digmor Crusher]

Righto.

 

[Gandalf_The_Grey]

My laptop wasn't working great with Windows 11 22H2 and 3rd party security apps.
There was always a (sometimes slight) delay when opening files, settings and things like that.
After a reset I'm using only Microsoft Defender configured with ConfigureDefender on high and Smart App Control is in evaluation mode.
Curious when Smart App Control will change to on or off...

Also trying out the current beta of Microsoft's PC Manager, but that is not completely stable yet.

 

[SeriousHoax]

There was always a (sometimes slight) delay when opening files, settings and things like that.

Maybe that's related to FS Protection. I tried both the stable and beta version of F-Secure like more than 6 months ago (long time by now) and with FS Protection had delay on almost everything but for the stable version there was no delay when running signed apps. The stable version only had significant delay with relatively high CPU & disk usage running unsigned apps after every signature update.
So, wondering if you have tried any other third-party AVs recently, excluding FS Protection? Like Kaspersky for example (free or paid) which IMO has absolutely the best cache management, so things run very fast if it was already ran before once at least/a full system scan was performed.

 

[Gandalf_The_Grey]

Maybe that's related to FS Protection. I tried both the stable and beta version of F-Secure like more than 6 months ago (long time by now) and with FS Protection had delay on almost everything but for the stable version there was no delay when running signed apps. The stable version only had significant delay with relatively high CPU & disk usage running unsigned apps after every signature update.
So, wondering if you have tried any other third-party AVs recently, excluding FS Protection? Like Kaspersky for example (free or paid) which IMO has absolutely the best cache management, so things run very fast if it was already ran before once at least/a full system scan was performed.

I tried Kaspersky recently, but surprisingly nothing is as fast for me on Windows 11 22H2 as its own Microsoft Defender.
Even adding DefenderUI gives a slight delay and therefore I chose to go with ConfigureDefender.
VoodooShield adds a significant delay on photos and especially on Logitech software.
There are known issues with SRP and Simple Windows Hardening or Hard_Configurator.
It could be that those SRP issues (according to Andy caused by Smart App Control) have an influence on other security programs.

 

[SeriousHoax]

I tried Kaspersky recently, but surprisingly nothing is as fast for me on Windows 11 22H2 as its own Microsoft Defender.
Even adding DefenderUI gives a slight delay and therefore I chose to go with ConfigureDefender.
VoodooShield adds a significant delay on photos and especially on Logitech software.
There are known issues with SRP and Simple Windows Hardening or Hard_Configurator.
It could be that those SRP issues (according to Andy caused by Smart App Control) have an influence on other security programs.

I see, it's strange. On my 22H2 I tried BD, ESET & Kaspersky and the latter two runs really fast. I haven't tried HC & SWH yet because of the issue you mentioned.

 

[Gandalf_The_Grey]

I see, it's strange. On my 22H2 I tried BD, ESET & Kaspersky and the latter two runs really fast. I haven't tried HC & SWH yet because of the issue you mentioned.

Have you done a clean install or reset so that Smart App Control is on or in evaluation mode?
Issues are not present on an upgrade.

 

[SeriousHoax]

Have you done a clean install or reset so that Smart App Control is on or in evaluation mode?
Issues are not present on an upgrade.

It's a fresh installation. Smart App Control auto turned off one day later.

 

[Gandalf_The_Grey]

It's a fresh installation. Smart App Control auto turned off one day later.

For me it is still on evaluation mode.

 

[SeriousHoax]

For me it is still on evaluation mode.

Could be related to this. It slowed down app launching for me when I tested back in the insider builds. I'm not 100% sure though.

 

[Guilhermesene]

Like Kaspersky for example (free or paid) which IMO has absolutely the best cache management, so things run very fast if it was already ran before once at least/a full system scan was performed.

What is this information based on? I am asking this because I would like to know more about this subject.

 

[simmerskool]

I have no idea what this means.
I find F Secure incredibly easy to use, zero bloat, install and forget.

Totally agree with @Digmore Crusher on this one. I'm new to F-Secure, only been using it about 2 weeks, but every day on pc seems a little better, especially in reference to using Freedome vpn. It adds an element of malware protection to vpn browsing, and its speed has become very good even running inside my VM.

 

[Gandalf_The_Grey]

Filled the new fields from the December 2022 Update and unfortunately Smart App Control has turned itself off.

 

[Gandalf_The_Grey]

After a long evaluation mode Microsoft turned Smart App Control off on my laptop.
Windows 11 Pro 22H2 I have an issue using VoodooShield or DefenderUI Pro that they slow down the loading of almost anything on my laptop.
A clean install or a reset of Windows 11 Pro 22H2 has an issue with Simple Windows Hardening and/or Hard_Configurator that the SRP part is not working.

So I decided to go with FS Protection (F-Secure Safe Beta) again.
For system hardening and privacy I am currently running a 30 day trial of NoVirusThanks SysHardener.

 

[ForgottenSeer 97327]

You have a Windows Pro, so you could use WDAC using the Wizard (link), it has a SmartAppControl.xml (link)

1. Make an image backup
2. Set the WDA in Audit mode (is the default) and check the event logs for problems (you can import them to create exception rules)
3. When you disable audit mode, enable
a) Enable Advance Boot Options menu (just in case, for easier disaster recover)
b) Enable Boot audit on failure (when a critical driver fails to load the WDAC falls back to Audit mode)

I like to use MD in MAX to apply a cloud based white as safety net.

Can you fallback to a previous image, so you can upgrade to Windows11 22H2. On my wife's laptop (with Windows11 22H2) SRP still works, so you could add SWH as an additional layer

 

[Gandalf_The_Grey]

Added router info.
Uninstalled the trial of NoVirusThanks SysHardener.
I had some issues with MS Office and now not anymore
Back to O&O ShutUp10++ for privacy.
Went form AdGuard MV3 (development temporarily stopped) to uBlock Origin.

 

[Radagast_The_Brown]

Good configuration noble friend

Here's what I found in my files..

Spoiler: Caution - Sexy Photo - Adults only

A photo of the two of us together that moment was amazing

 

[Gandalf_The_Grey]

F-Secure still slows down my browsing somewhat so I'm back to Windows built-in protection configured by Hard_Configurator.