Advanced Security oldschool's surfing laptop configuration

Last updated
Apr 10, 2024
How it's used?
For home and private use
Operating system
Windows 11
Other operating system
Windows Pro
On-device encryption
N/A
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
On
Network firewall
Enabled
About WiFi router
Provided by ISP
Real-time security
Windows Security | Configured via GPO
Firewall security
Microsoft Defender Firewall
About custom security
MS Defender - Block all unknown executables | ASR rules | Platform & Engine Beta channel updates
Smart App Control
Exploit Protection settings
SRP - basic disallowed setup
Firewall Hardening
RunBySmartscreen
Windows Spy Blocker
Periodic malware scanners
KVRT
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Firefox I µBO | Brave Search
Brave | Brave Search | My settings
Edge | Privacy Badger | JShelter | Brave
Secure DNS
Cloudfare Malware DNS
Desktop VPN
None
Password manager
Little black book + brain.exe + GRC's Password Haystacks: How Well Hidden is Your Needle?
Maintenance tools
Windows built-in
Mem Reduct
File and Photo backup
Copy/Paste
Active subscriptions
    • None
System recovery
Wiindows built-in | Aomei Backupper Pro Lifetime
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Lenovo L340 Intel(R) Core(TM) i3-8145U CPU @ 2.10GHz 2.30 GHz 8.00 GB RAM 1TB HDD
Notable changes
22-12-5 Reverted to MS Defender.
23-1-21 Refreshed Windows with SAC in evaluation mode.
23-2-2 Clean Windows installation
23-2-18 SAC user-enabled on
27-2-23 Added Chrome for the lack of 'feature' bloat.
28-2-23 Changed default browser to Chrome
What I'm looking for?

Looking for minimum feedback.

Kongo

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,498
oldschool said:
Added Panda Dome free version and VoodooShield. My cheapo i3 8th Gen laptop runs more efficiently so far. We'll see ....

Thanks to @TairikuOkami for the suggestion at his Windows tweaks page.
Click to expand...
Don't you think that you could just use VoodooShield as your standalone security product? I mean Panda is known to be pretty ineffective when it comes to detecting malware. Even tho it's pretty light, it will probably not do much more than taking up disk-space.
 
  • Like
  • HaHa
Reactions: Dave Russo, Zartarra, Shadowra and 6 others
WhiteMouse

WhiteMouse

Level 5
Verified
Well-known
Apr 19, 2017
237
Kongo said:
Don't you think that you could just use VoodooShield as your standalone security product? I mean Panda is known to be pretty ineffective when it comes to detecting malware. Even tho it's pretty light, it will probably not do much more than taking up disk-space.
Click to expand...
First time I heard that panda is light, a panda is about 70~120 kg. But I agree, I would just shut off Windows Defender and run VS only.
 
Last edited:
  • HaHa
  • Like
Reactions: Dave Russo, Shadowra, Kongo and 5 others
Kongo

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,498
WhiteMouse said:
First time I heard that panda is light, a panda is about 70~120 kg. But I agree, I would just shut off Windows Defender and run VS only.
Click to expand...
c004f6812da746a01d1af15ab6a2d783_w200.gif
 
  • HaHa
  • Like
Reactions: Dave Russo, SeriousHoax, blackice and 5 others
Digmor Crusher

Digmor Crusher

Level 23
Verified
Top Poster
Well-known
Jan 27, 2018
1,264
oldschool said:
My Panda + VoodooShield setup didn't improve performance much at all, so I reverted to Microsoft Defender.
Click to expand...
How did you determine this? I flip back and forth between F Secure Safe, Voodoo Shield. Defender with Configure Defender, Simple Windows Hardening, and sometimes Malwarebytes. I can't see any performance differences in respect to boot time or web pages loading.
 
  • Like
Reactions: Dave Russo, Kongo and Moonhorse
F

ForgottenSeer 97327

@Digmor Crusher and @oldschool

On which protection level do you set ConfigureDefender on High or Max?

I know Andy warns for MAX level, because it might block old hardware related software updates. On my wife's HP laptop (which came with Windows11), Windows Update itself blocks an HP driver to update (through HP maintenance center), because it says it has a weak signature. Laptop runs fine without that driver, also after receiving two bios updates (AMD problems with Windows11), I have de-installed this HP software because Sophos Scan & Clean classifies this as spyware software. On newer hardware it seems that Windows pushes out all driver updates (which are Windows co-signed), so ConfigureDefender on MAX does not cause any problems.

I like the idea of having a cloud based whitelist with ConfigureDefender on MAX (on my wife's laptop). This allows me to set Hard_Configurator on SWH-like protection (allow EXE, MSI and TMP) with an extra block for all H_C listed sponsors for standard users (with RunDLL32.exe added as extra block). I ran the same setup on her previous Lenovo laptop without problems, so I am curious what your opinion and experience is (in using CD and H_C).

For me since I started using H_C and CD on Windows Home and stopped adding third-party software layers, I never ran into update of software crashing problems anymore (due to third-party layers stopping it). I now can even withhold the temptation to try out F-secure (on my wfe's laptop), which I got for free from my ISP (rebranded as their own), because I really like the problem free MAX protection.
 
  • Like
Reactions: Dave Russo, oldschool, Moonhorse and 1 other person
oldschool

oldschool

Level 82
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,112
Max90 said:
On which protection level do you set ConfigureDefender on High or Max?
Click to expand...
High+ with ASR rules
Click to expand...
... and I only use these as I don't use Office products and use wordpad instead, with custom Exploit Protection settings.
block JS/VBS from launching downloaded executable content
- block execution of potentially obfuscated scripts
- block executable content from email client and webmail
- block process creations originating from PSExe and WMI commands
- use advanced protection from ransomware
- block persistence through WMI event subscription
Click to expand...
 
  • Like
  • Applause
  • +Reputation
Reactions: Dave Russo, CyberTech, ErzCrz and 1 other person
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,635
  • Like
  • +Reputation
Reactions: plat, oldschool, ErzCrz and 4 others

Similar threads

ErzCrz
    • Like
    • +Reputation
    • Applause
Advanced Plus Security ErzCrz Security Config 2024
Replies
275
Views
34,700
PC Setup Configuration Help & Showcase
ErzCrz
ErzCrz
ErzCrz
    • Like
    • Applause
    • +Reputation
Advanced Plus Security ErzCrz config 2021
Replies
54
Views
11,812
CSC Archive
ErzCrz
ErzCrz
SunMan09
    • Like
Advanced Plus Security Thaumiel's Windows Security 2020
Replies
12
Views
3,155
CSC Archive
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top