Advanced Plus Security oldschool's 2020 laptop setup

Last updated
Dec 12, 2020
How it's used?
For home and private use
Operating system
Windows 10
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
AVG Internet Security v. 20.10.3157
Firewall security
Microsoft Defender Firewall
About custom security
Default settings + Hardened Mode
Periodic malware scanners
Hitman Pro (paid)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Brave/Brave Nightly --> Brave Shields + ClearURLs + LocalCDN
Edge Chromium --> Strict Tracking Protection + ClearURLs + LocalCDN
Maintenance tools
Windows built-in
File and Photo backup
Copy/Paste --> Free Agent drive
System recovery
Aomei Backupper Pro --> image monthly or as needed
System protection --> restore points as needed @ app or data changes
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Lenovo L340 i3 8145U CPU @ 2.10 GHz 2.300 GHz 8GB DDR4 RAM 1 TB HDD
Notable changes
5/3/20 --> Removed Bitdefender and back to Windows Defender --> Updated RunBySmartscreen
May 2020 ---> various small changes
3 June, 2020 --> updated to W10 2004
7 June 2020 --> rolled back to 1909
23 August 2020 --> Added LocalCDN to browsers
27 August 2020 --> Removed µBO in Edge
31 August 2020 --> Removed Bitdefender Free
--------------------> Reverted to Windows Defender
--------------------> Removed Trafficlight and added Malwarbytes Browser Guard
7 September 2020 --> Removed Malwarebytes Browser Guard
Later in September --> Enabled Google SafeBrowsing in Brave

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
With a fresh install of 2004 my boot times are the same or faster. Of course, that comes with the time intensive task of a fresh install. I didn’t have boot slowdown when I updated, and I think the issue I encountered was already present pre-update, just windows store breaking things the way windows store does.
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
With a fresh install of 2004 my boot times are the same or faster. Of course, that comes with the time intensive task of a fresh install. I didn’t have boot slowdown when I updated, and I think the issue I encountered was already present pre-update, just windows store breaking things the way windows store does.
I changed my power plan back to balanced and will check startup. What's the difference between a clean install and a "Reset this PC + remove everything?"

I still think it's the Intel updates prior to 2004. Once I reverted to 1909 I got those again immediately. My boot time is not horrible, it just seems a tad slower than before those.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
I changed my power plan back to balanced and will check startup. What's the difference between a clean install and a "Reset this PC + remove everything?"

I still think it's the Intel updates prior to 2004. Once I reverted to 1909 I got those again immediately. My boot time is not horrible, it just seems a tad slower than before those.
Honestly it seemed like the reset and remove everything took longer than a format and install. I did the reset and remove. I couldn't find a lot of information from M$ explaining the true difference. I think with the reset you don't need a boot media, and obviously with a format and reinstall you need a thumbdrive or disk with bootable installer, if I remember it just used the drive for the reset.
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
I couldn't find a lot of information from M$ explaining the true difference.
I've never found anything definitive either.

BTW I updated BIOS and some Lenovo drivers thanks to @Gandalf_The_Grey's post in my cloning suggestions thread. I haven't noticed any difference. I think Windows simply continues to eat up resources no matter what ...
 

Protomartyr

Level 7
Sep 23, 2019
314
Nope. All built-in configuration options equivalent to ConfigureDefender High. No 3rd party security apps.
I plan on doing this down the road as well. Once 2004 becomes stable, I'll upgrade from Home to Pro, then clean install and do everything manually using built-in settings.
Do you have a list of what group policy settings you have configured?

For now, I'll just play around with them in a VM to test and eventually transfer everything over to my main system.
 

Protomartyr

Level 7
Sep 23, 2019
314
I'd definitely love to see a list. I was digging through the ConfigureDefender manual to see if there were any mentions of what each setting in CD translates to group policy but sadly there doesn't seem to be any references. The only thing I could find was the following:
The tabs: MAPS, MpEngine, Real-time Protection, Reporting, Scan, Spynet, and Windows Defender Exploit Guard, should be inspected before using the utility, if some settings are switched ensure they are set back to the defaults.
So at least I know where to look.
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
Back to the Romanian Wolf-dragon
BD2015_Wallpaper_2560x1600-V2.png
due to Windows Defender issues with Network Inspection Service.
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
Re-enabled µBO in medium mode and added Trace to Brave.

Trace settings --> configured to supplement Brave built-in privacy protection.
  • All Main Protections enabled
  • All Advanced Protections enabled except Cookie Eater and Google Header Removal
  • URL Tracking Cleaner enabled
  • All 3 Web Request Settings disabled as these are handled by µBO and ClearURLs
I find Trace's Web Request Settings are poorly executed, and I doubt that I would like them any more in the paid version. My 2 cents.
 
Last edited:

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
After some trial and error I've reconfigured Trace settings for set-and-forget use. No whitelisting or per-site configuration required. This setup is primarily for fingerprinting protection and should work well on Chromium browsers with any adblocker. YMMV.
  • All Main Protections Enabled
  • E-Tag Tracking Protection Enabled All other Main Protections Disabled
  • All Web Request Settings Disabled as these are handled by µBO and ClearURLs
Edit/Update: I removed this from Brave since it's duplicative/overkill, and have it installed only in Ungoogled Chromium
 
Last edited:

klepto

Level 2
Jun 14, 2020
77
Re-enabled µBO in medium mode and added Trace to Brave.

Trace settings --> configured to supplement Brave built-in privacy protection.
  • All Main Protections enabled
  • All Advanced Protections enabled except Cookie Eater and Google Header Removal
  • URL Tracking Cleaner enabled
  • All 3 Web Request Settings disabled as these are handled by µBO and ClearURLs
I find Trace's Web Request Settings are poorly executed, and I doubt that I would like them any more in the paid version. My 2 cents.

I didn't know about trace, very interesting. I'm curious about which browser you use the most. I have yet to use Edge because I'm sure disabling the privacy eroding telemetry would be a chore.
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
I didn't know about trace,
It covers fingerprinting pretty thorougly but I don't know about it Web Request antitracking feature as I haven't enabled it. I've already quit using it in Brave because it overlaps with built-in protections and ClearURLs. It would be great for Edge, but it's incompatible with the latest version.

I'm curious about which browser you use the most.
Brave/Brave Nightly (y)
 

oldschool

Level 85
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
So you find uBO can add to Brave’s Shields? What does it cover that they don’t?
Actually, I started using µBO again mostly for cookie notices - and today I discovered Easlylist-Cookie List filter in Brave Adblock. So now I'm back to built-in adblocking. I'm embarassed to admit it. Too much time on my hands, testing this and that. 😵🤯
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Actually, I started using µBO again mostly for cookie notices - and today I discovered Easlylist-Cookie List filter in Brave Adblock. So now I'm back to built-in adblocking. I'm embarassed to admit it. Too much time on my hands, testing this and that. 😵🤯
We’ve all been there these days. I’m glad you shared the cookie notice. I’ll be ticking that box next time I’m on my machines.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top