Advanced Plus Security plat1098 PC Security Configuration 2019

Last updated
Dec 31, 2019
Windows Edition
Home
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Windows Defender w/gpo edits
NoVirusThanks OSArmor v. 1.4.3
AdGuard for Windows
Firewall security
Microsoft Defender Firewall
About custom security
OSArmor: Many settings enabled and settings backed up to file.
4 ASR rules configured via Group Policy console
Defender Tamper protection enabled
Defender PUP detection enabled in registry
Periodic malware scanners
AdwCleaner (just in downloads, as needed)
Norton Power Eraser
My USB with a Windows iso on it
HitmanPro subscription
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge.dev: AdGuard for Windows
Edge.old: AdGuard for Windows
Maintenance tools
PrivaZer for donors
Windows built-in
Group Policy Editor--all snap-ins
Micro Star International (MSI) Afterburner/RivaTuner Statistics Server
Jotti Hash/URL Screening Scanner (rarely)
Intel Extreme Tuning Utility
Firewall Hardening Tool/Hard_Configurator by Andy Ful
File and Photo backup
Manual to external enclosed HDD and then offline.
System recovery
Macrium Reflect free version v. 7.2.3957
Risk factors
    • Gaming
    • Browsing to popular websites
    • Downloading software and files from reputable sites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
CPU: i7 6700K 4.0GHz @ 1.18 volts (undervolted via XTU)
GPU: Nvidia GTX 1080 Founders Edition
SSD: Samsung 970 EVO Plus nvm-e
RAM: 16 GB DDR4 dual channel

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,706
Hi Dhruv2193: I can hopefully answer... ... Also, I've tried higher Defender settings in past like enabling CFA--it drives me NUTS. Much rather would rely on SysHardener and Group Policy. ... :cool:

You can use high settings and disable CFA. It causes many users to go crazy, even myself. Now I appear to have tamed it with exclusions to both CFA and ASR! Otherwise, these two feature categories do not like a lot of 3rd party software.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Removed: NVT EXE Radar Pro/NVT SysHardener/Mozilla Firefox

Disabled: Windows Defender

Added: F-Secure Safe/NVT OSArmor/Google Chrome

F-Secure isn't the "best" antivirus but it's cooperative and unobtrusive resource-wise and the scan is very fast. Nvidia graphics driver issues and "firefox exe is blocked from accessing graphics hardware" were enough to change the core of this configuration. But now, the problems seem resolved and the graphics driver from October 11, 2018 seems stable.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Yes, I reset to defaults, then removed the program along with almost all other third party programs. Having some trouble with hardware and drivers so trying to find causes and effects and fixes. :mad:

Just to emphasize: you find OSArmor and SysHardener to be fine together on the system? Note that ERP is removed from configuration in favor of OSA. Thanks Umbra!
 
D

Deleted member 178

In fact, SH would be fine with everything because it is just a GUI automatizing manual tweaks, you could just use the portable version as i do.

OSA is almost as good as ERP if you use advanced settings and deploy Custom Blocks.
ERP is all about monitoring and needs good knowledge of the system.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Well here's something kinda neat. Chrome running obediently in Sbie, nested in the loving arms of Windows 10 v.1809. :love: Surely, experts in Sbie/Chrome will know this already but it's new to me, literally. Briefly, sandbox configured for Chrome and a spam of BITS errors occurs in event viewer, without affecting functionality. The issue is better explained here: OK so learning from that to disable the two Google updaters via msconfig (it seems in Windows 10, Chrome uses Windows BITS and Sbie blocks access to the service :emoji_ok_hand:) However, once machine restarted, the BITS errors stopped and WHEA Logger warnings 17 began spamming instead, dozens and dozens. If one isn't aware of the likely cause and effect, you'd be scared your drive was twirling down the drain, esp if driver is up to date.

whea logger.png

What I did, I uninstalled Sbie (not Chrome), reinstalled and configured from scratch. Shutdown machine. Boot machine. Extensions off/on makes no difference but WHEAs gone and haven't returned though Chrome would be searching for updates long ago, two times over. I'm OCD about errors in Event Viewer. Overkill and unnecessary: probably, but very clean and efficiently running at the moment and no wasting of a sub. I write about this only because of the WHEA warnings occuring with an M.2 drive--wonder why it would occur? Right now, the browser runs in Sbie virtually instantly and error-free, with three extensions causing no hangups (trace, uBO, Emsisoft). Anyone with better insight, please don't hesitate to correct anything, but I consider the WHEA issue resolved, at least for now. Haven't found anything like this in searches, general and in Sandboxie forum. Also, I'll have to watch out for Chrome updates and manually update, I guess.

Also, after 2 1/2 years, you wonder if your hardware is sliding downhill so I blew out the dust from the GPU and fans, reseated the RAM, which is 3 yrs old, into slots 1 and 3, and TRIMMED the drive. Ran Passmark thinking "oh well" and surprise, surprise, a small improvement (no overclocks). Left: bench from July 2018, Right: bench from yesterday.

Screenshot (5).png

HWcpuid.PNG

Just air-cooled, browsing only.

Edit: 1/16/2019. Both errors/warnings are back, albeit in far lesser quantity. Sigh. Well, I disabled the Chrome Elevation Service as well, it's not too bad but I don't like these errors, even though they don't affect much. Let's see how it goes.

wheabits.png
 
Last edited:

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Removed: F-Secure Safe
RogueKiller

Re-Enabled: Windows Defender--it decided to behave better w/Google Chrome for some reason.

Added: AdwCleaner as occasional on-demand.
Emsisoft Browser Security to Chrome and Edge

RogueKiller was a very good donation-ware but times change, it seems. If/when it's better streamlined, I will most likely re-instate it.
 

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Removed: F-Secure Safe
RogueKiller

Re-Enabled: Windows Defender--it decided to behave better w/Google Chrome for some reason.

Added: AdwCleaner as occasional on-demand.
Emsisoft Browser Security to Chrome and Edge

RogueKiller was a very good donation-ware but times change, it seems. If/when it's better streamlined, I will most likely re-instate it.
For sure it works well with chrome because WD working outside of it, well it scans downloads before they finish

In OSA you may disable powershell + powershell script engine and restrict the constrian languange mode whatever it is
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Installed latest Sandboxie 5.28 (credit) release version and configured Chrome. So far, so good, but this is something that has to be time-tested. Chrome latest was creating many errors and warnings on here running in the last two Sbie betas. With new release Sbie, it's virtually instant-performing on here.

Possibly Chrome is the least urgent browser to need this but I like the warm and fuzzy feeling. :)

Edit: no such luck. still getting the sbie2101 error when opening Chrome but it's not consistent, which makes it hard to pinpoint the cause. OK, will have to monitor the situation and see what happens.
 
Last edited:

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Made a small upgrade to Samsung 970 EVO Plus for Windows drive and installed it in an aluminum heatsink. Does anyone run benchmarks to see if the hardware is sliding downhill? If so, what ones do you recommend? I ran a couple, they seem respectable and slightly improved over prev. Ran Time Spy by 3D mark in the past, it did well but the gpu got mighty hot.

pssmrk5122019.PNG
userbench5122019.PNG

The hardware is otherwise 3 years old and no scores went down from one year ago. An upgraded SSD works wonders, right?
 

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
Made a small upgrade to Samsung 970 EVO Plus for Windows drive and installed it in an aluminum heatsink. Does anyone run benchmarks to see if the hardware is sliding downhill? If so, what ones do you recommend? I ran a couple, they seem respectable and slightly improved over prev. Ran Time Spy by 3D mark in the past, it did well but the gpu got mighty hot.


The hardware is otherwise 3 years old and no scores went down from one year ago. An upgraded SSD works wonders, right?
Your scores seem okay to me (except the GPU). Going from a HDD to SSD indeed does wonders my friend. I think your GPU is passing the 83 degrees marker and throttling itself. A Stock GTX 1080 should have a higher score than a stock GTX 1070 Ti. This is my passmark score with a 7600K(4.5GHz), 16GB RAM, 1TB SSD and GTX 1070 Ti Stock. Your GPU should have a higher score than mine.
Passmark.JPG
 
Last edited:

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
OK, yes I see. I will have to look into why my 2D score is a lot lower than yours. Is there any setting in the NVIDIA Control Panel that you adjusted from default settings? And yes, throttling is exactly what it was doing, I guess b/c it's a Founders card, I read they tend to get hot more quickly than others.

I ran User Benchmark mainly since it references your score to others with the same or similar hardware.

Thanks a lot for pointing this out. I'll see what the deal is with the gpu.
 

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
No I didn't alter any settings except for the fact that I always do a custom and clean install of the drivers excluding GeForce Experience. I see you have a founders edition card. Those are designed to run till 83 degrees and then throttle down. If the GPU hasn't been cleaned in a while you can try the following steps-
1) clean the GPU with a can of compressed air.
2) use MSI Afterburner to create a custom fan profile.
3) clean the old thermal compound and apply a new one. Thermal Grizzly Kryonaut would be the best choice.
4) last but not the least make sure you have the latest drivers.
If the GPU temps go above 90 degrees celsius I would suggest you to immediately clean it and apply a new thermal compound.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Added the Firewall Hardening Tool, courtesy of Mr. Ful. I'm a poet and don't know it. Anyway, please confirm, It's a one-time setup? I add LOLbins and recommended Hard_Configurator settings. I will also read some of the dedicated thread to get a little more info. So grateful for tools like this, a blessing for users of Defender and Windows firewall.

Added some other more minor stuff and switched to Edge.old until I can replace it more fully with Edge.release.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,706
Added the Firewall Hardening Tool, courtesy of Mr. Ful. I'm a poet and don't know it. Anyway, please confirm, It's a one-time setup? I add LOLbins and recommended Hard_Configurator settings. I will also read some of the dedicated thread to get a little more info. So grateful for tools like this, a blessing for users of Defender and Windows firewall.

Added some other more minor stuff and switched to Edge.old until I can replace it more fully with Edge.release.

It's a one-time setup. Be aware that rules enabled in hardening tool can only be removed via FWHT. Plus, you can make rules of your own. (y)
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Added:

AdGuard Desktop via a half-way decent Black Friday discount. (y)
Intel Extreme Tuning Utility (n)
HitmanPro via 50% off online discount 😐

Warning to any XTU user who may not be aware: the Intel service does not always start with Windows, in fact, for me, less than 50% of the time. So your voltage could be back at defaults without your knowing it. :mad: If you run a cpu-intensive task, you're back to maybe overheating. There's a tutorial here for triggering the XTU service to run at startup. Where I've still seen it fail on here is waking from sleep. Throttlestop is an upcoming alternative. If anyone uses Throttlestop, please share your impressions !
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Updated to Windows 10 version 2004, build 19536.1000. No problems even with a defective restart function on here. (y)

This feels very stable even though it's a fast ring, Insiders build. I will keep it installed for now. There are some things I had to re-enable, like recognizing all cpu cores via msconfig. I'm wondering whether I should refresh the H_C Firewall Hardening Tool, though it seems like it survived the upgrade intact. (y) Once again, I had to whack the watermark with Winaero's file.

I'm seeing an uptick in concern that OSArmor is either abandonware or on the verge of-. It is at least partially working on this Windows beta build, for example: blocking unsigned processes executing w/highest privileges. However, it hard to know for sure if every single rule is going to be honored. If anyone has any comments related to continuing using this software, please feel free. Right now, I'm keeping it on here. We'll see. A new build was promised back in October. This has not yet materialized nearly three months later. So, it's time to start looking elsewhere soon, maybe. 😪 I wish the developer would say something, you know?
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,706
I'm seeing an uptick in concern that OSArmor is either abandonware or on the verge of-. This has not yet materialized nearly three months later. So, it's time to start looking elsewhere soon, maybe. 😪 I wish the developer would say something, you know?

I see @Umbra recently mentioned a new version was due soon but I have also read many of the concerns you cite, so it has me wondering. I'm not sure I'd want it on my system - but others may feel differently. You're using Windows Defender with tweaked settings so I wouldn't be concerned. I assume you are a safe surfer and WD should suffice if you decide to remove OSA.

And this
Bravo @plat1098 you are a Hacker, nothing to add.(y)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top