Latest Changes
Nov 28, 2019
Operating System
  • Windows 10 Insider Preview
  • Windows Edition
    Home
    Version or Build no.
    2004
    System type
    64-bit operating system; x64-based processor
    Security Updates
    Automatic Updates (recommended)
    User Access Control
    Default
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Administrator
    Malware Testing
    I do not participate in downloading malware samples
    Real-time Web & Malware Protection
    Windows Defender at Defaults
    NoVirusThanks OSArmor v. 1.4.3
    AdGuard for Desktop
    RTP - Custom security settings
  • Minor changes for Increased security
  • RTP - Details of Custom security settings
    OSArmor: Many settings enabled and settings backed up to file.
    Virus and Malware Removal Tools
    AdwCleaner (just in downloads, as needed)
    Norton Power Eraser
    My USB with a Windows iso on it
    HitmanPro
    Browsers and Extensions
    Edge.old: Adguard, Norton Safe Web
    Edge.dev: Adguard, Norton Safe Web
    Privacy-focused Apps and Extensions
    Cloudflare DNS 1.1.1.1 and 1.0.0.1
    2FA for Steam and utilities
    No online banking
    Password Managers
  • none
  • Web Search
  • Bing
  • System Utilities
    PrivaZer for donors
    Windows built-in
    Group Policy Editor--all snap-ins
    Micro Star International (MSI) Afterburner/RivaTuner Statistics Server
    Jotti Hash/URL Screening Scanner
    Intel Extreme Tuning Utility
    Firewall Hardening Tool/Hard_Configurator by Andy Ful
    Data Backup
    Manual to external enclosed HDD and then offline.
    Frequency of Data backups
    Monthly
    System Backup
    Macrium Reflect free version v. 7.2.3957
    Frequency of System backups
    Rarely
    Computer Activity
  • PC Gaming
  • Browsing web and email
  • Install new programs on a weekly basis
  • Watch movies and other entertainment content on the Internet
  • Download files from different sources
  • Video or photography editing
  • Computer Specifications
    CPU: i7 6700K @ 4.0GHz 1.20 volts (undervolted via Intel XTU)
    GPU: Nvidia GTX 1080 Founders Edition
    SSD: Samsung 970 EVO Plus nvm-e
    RAM: 16 GB DDR4 dual channel

    oldschool

    Level 38
    Verified
    Hi Dhruv2193: I can hopefully answer... ... Also, I've tried higher Defender settings in past like enabling CFA--it drives me NUTS. Much rather would rely on SysHardener and Group Policy. ... :cool:
    You can use high settings and disable CFA. It causes many users to go crazy, even myself. Now I appear to have tamed it with exclusions to both CFA and ASR! Otherwise, these two feature categories do not like a lot of 3rd party software.
     

    plat1098

    Level 11
    Verified
    Removed: NVT EXE Radar Pro/NVT SysHardener/Mozilla Firefox

    Disabled: Windows Defender

    Added: F-Secure Safe/NVT OSArmor/Google Chrome

    F-Secure isn't the "best" antivirus but it's cooperative and unobtrusive resource-wise and the scan is very fast. Nvidia graphics driver issues and "firefox exe is blocked from accessing graphics hardware" were enough to change the core of this configuration. But now, the problems seem resolved and the graphics driver from October 11, 2018 seems stable.
     

    plat1098

    Level 11
    Verified
    Yes, I reset to defaults, then removed the program along with almost all other third party programs. Having some trouble with hardware and drivers so trying to find causes and effects and fixes. :mad:

    Just to emphasize: you find OSArmor and SysHardener to be fine together on the system? Note that ERP is removed from configuration in favor of OSA. Thanks Umbra!
     
    D

    Deleted member 178

    In fact, SH would be fine with everything because it is just a GUI automatizing manual tweaks, you could just use the portable version as i do.

    OSA is almost as good as ERP if you use advanced settings and deploy Custom Blocks.
    ERP is all about monitoring and needs good knowledge of the system.
     

    plat1098

    Level 11
    Verified
    Well here's something kinda neat. Chrome running obediently in Sbie, nested in the loving arms of Windows 10 v.1809. :love: Surely, experts in Sbie/Chrome will know this already but it's new to me, literally. Briefly, sandbox configured for Chrome and a spam of BITS errors occurs in event viewer, without affecting functionality. The issue is better explained here: OK so learning from that to disable the two Google updaters via msconfig (it seems in Windows 10, Chrome uses Windows BITS and Sbie blocks access to the service :emoji_ok_hand:) However, once machine restarted, the BITS errors stopped and WHEA Logger warnings 17 began spamming instead, dozens and dozens. If one isn't aware of the likely cause and effect, you'd be scared your drive was twirling down the drain, esp if driver is up to date.

    whea logger.png

    What I did, I uninstalled Sbie (not Chrome), reinstalled and configured from scratch. Shutdown machine. Boot machine. Extensions off/on makes no difference but WHEAs gone and haven't returned though Chrome would be searching for updates long ago, two times over. I'm OCD about errors in Event Viewer. Overkill and unnecessary: probably, but very clean and efficiently running at the moment and no wasting of a sub. I write about this only because of the WHEA warnings occuring with an M.2 drive--wonder why it would occur? Right now, the browser runs in Sbie virtually instantly and error-free, with three extensions causing no hangups (trace, uBO, Emsisoft). Anyone with better insight, please don't hesitate to correct anything, but I consider the WHEA issue resolved, at least for now. Haven't found anything like this in searches, general and in Sandboxie forum. Also, I'll have to watch out for Chrome updates and manually update, I guess.

    Also, after 2 1/2 years, you wonder if your hardware is sliding downhill so I blew out the dust from the GPU and fans, reseated the RAM, which is 3 yrs old, into slots 1 and 3, and TRIMMED the drive. Ran Passmark thinking "oh well" and surprise, surprise, a small improvement (no overclocks). Left: bench from July 2018, Right: bench from yesterday.

    Screenshot (5).png

    HWcpuid.PNG

    Just air-cooled, browsing only.

    Edit: 1/16/2019. Both errors/warnings are back, albeit in far lesser quantity. Sigh. Well, I disabled the Chrome Elevation Service as well, it's not too bad but I don't like these errors, even though they don't affect much. Let's see how it goes.

    wheabits.png
     
    Last edited:

    plat1098

    Level 11
    Verified
    Removed: F-Secure Safe
    RogueKiller

    Re-Enabled: Windows Defender--it decided to behave better w/Google Chrome for some reason.

    Added: AdwCleaner as occasional on-demand.
    Emsisoft Browser Security to Chrome and Edge

    RogueKiller was a very good donation-ware but times change, it seems. If/when it's better streamlined, I will most likely re-instate it.
     

    Moonhorse

    Level 27
    Verified
    Content Creator
    Removed: F-Secure Safe
    RogueKiller

    Re-Enabled: Windows Defender--it decided to behave better w/Google Chrome for some reason.

    Added: AdwCleaner as occasional on-demand.
    Emsisoft Browser Security to Chrome and Edge

    RogueKiller was a very good donation-ware but times change, it seems. If/when it's better streamlined, I will most likely re-instate it.
    For sure it works well with chrome because WD working outside of it, well it scans downloads before they finish

    In OSA you may disable powershell + powershell script engine and restrict the constrian languange mode whatever it is
     

    plat1098

    Level 11
    Verified
    Installed latest Sandboxie 5.28 (credit) release version and configured Chrome. So far, so good, but this is something that has to be time-tested. Chrome latest was creating many errors and warnings on here running in the last two Sbie betas. With new release Sbie, it's virtually instant-performing on here.

    Possibly Chrome is the least urgent browser to need this but I like the warm and fuzzy feeling. :)

    Edit: no such luck. still getting the sbie2101 error when opening Chrome but it's not consistent, which makes it hard to pinpoint the cause. OK, will have to monitor the situation and see what happens.
     
    Last edited:

    plat1098

    Level 11
    Verified
    Made a small upgrade to Samsung 970 EVO Plus for Windows drive and installed it in an aluminum heatsink. Does anyone run benchmarks to see if the hardware is sliding downhill? If so, what ones do you recommend? I ran a couple, they seem respectable and slightly improved over prev. Ran Time Spy by 3D mark in the past, it did well but the gpu got mighty hot.

    pssmrk5122019.PNG
    userbench5122019.PNG

    The hardware is otherwise 3 years old and no scores went down from one year ago. An upgraded SSD works wonders, right?
     

    Wraith

    Level 13
    Verified
    Malware Tester
    Made a small upgrade to Samsung 970 EVO Plus for Windows drive and installed it in an aluminum heatsink. Does anyone run benchmarks to see if the hardware is sliding downhill? If so, what ones do you recommend? I ran a couple, they seem respectable and slightly improved over prev. Ran Time Spy by 3D mark in the past, it did well but the gpu got mighty hot.


    The hardware is otherwise 3 years old and no scores went down from one year ago. An upgraded SSD works wonders, right?
    Your scores seem okay to me (except the GPU). Going from a HDD to SSD indeed does wonders my friend. I think your GPU is passing the 83 degrees marker and throttling itself. A Stock GTX 1080 should have a higher score than a stock GTX 1070 Ti. This is my passmark score with a 7600K(4.5GHz), 16GB RAM, 1TB SSD and GTX 1070 Ti Stock. Your GPU should have a higher score than mine.
    Passmark.JPG
     
    Last edited:

    plat1098

    Level 11
    Verified
    OK, yes I see. I will have to look into why my 2D score is a lot lower than yours. Is there any setting in the NVIDIA Control Panel that you adjusted from default settings? And yes, throttling is exactly what it was doing, I guess b/c it's a Founders card, I read they tend to get hot more quickly than others.

    I ran User Benchmark mainly since it references your score to others with the same or similar hardware.

    Thanks a lot for pointing this out. I'll see what the deal is with the gpu.
     

    Wraith

    Level 13
    Verified
    Malware Tester
    No I didn't alter any settings except for the fact that I always do a custom and clean install of the drivers excluding GeForce Experience. I see you have a founders edition card. Those are designed to run till 83 degrees and then throttle down. If the GPU hasn't been cleaned in a while you can try the following steps-
    1) clean the GPU with a can of compressed air.
    2) use MSI Afterburner to create a custom fan profile.
    3) clean the old thermal compound and apply a new one. Thermal Grizzly Kryonaut would be the best choice.
    4) last but not the least make sure you have the latest drivers.
    If the GPU temps go above 90 degrees celsius I would suggest you to immediately clean it and apply a new thermal compound.
     

    plat1098

    Level 11
    Verified
    Added the Firewall Hardening Tool, courtesy of Mr. Ful. I'm a poet and don't know it. Anyway, please confirm, It's a one-time setup? I add LOLbins and recommended Hard_Configurator settings. I will also read some of the dedicated thread to get a little more info. So grateful for tools like this, a blessing for users of Defender and Windows firewall.

    Added some other more minor stuff and switched to Edge.old until I can replace it more fully with Edge.release.
     

    oldschool

    Level 38
    Verified
    Added the Firewall Hardening Tool, courtesy of Mr. Ful. I'm a poet and don't know it. Anyway, please confirm, It's a one-time setup? I add LOLbins and recommended Hard_Configurator settings. I will also read some of the dedicated thread to get a little more info. So grateful for tools like this, a blessing for users of Defender and Windows firewall.

    Added some other more minor stuff and switched to Edge.old until I can replace it more fully with Edge.release.
    It's a one-time setup. Be aware that rules enabled in hardening tool can only be removed via FWHT. Plus, you can make rules of your own. (y)
     

    plat1098

    Level 11
    Verified
    Added:

    AdGuard Desktop via a half-way decent Black Friday discount. (y)
    Intel Extreme Tuning Utility (n)
    HitmanPro via 50% off online discount 😐

    Warning to any XTU user who may not be aware: the Intel service does not always start with Windows, in fact, for me, less than 50% of the time. So your voltage could be back at defaults without your knowing it. :mad: If you run a cpu-intensive task, you're back to maybe overheating. There's a tutorial here for triggering the XTU service to run at startup. Where I've still seen it fail on here is waking from sleep. Throttlestop is an upcoming alternative. If anyone uses Throttlestop, please share your impressions !