Advanced Plus Security plat1098 PC Security Configuration 2019

Last updated
Dec 31, 2019
Windows Edition
Home
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Windows Defender w/gpo edits
NoVirusThanks OSArmor v. 1.4.3
AdGuard for Windows
Firewall security
Microsoft Defender Firewall
About custom security
OSArmor: Many settings enabled and settings backed up to file.
4 ASR rules configured via Group Policy console
Defender Tamper protection enabled
Defender PUP detection enabled in registry
Periodic malware scanners
AdwCleaner (just in downloads, as needed)
Norton Power Eraser
My USB with a Windows iso on it
HitmanPro subscription
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Edge.dev: AdGuard for Windows
Edge.old: AdGuard for Windows
Maintenance tools
PrivaZer for donors
Windows built-in
Group Policy Editor--all snap-ins
Micro Star International (MSI) Afterburner/RivaTuner Statistics Server
Jotti Hash/URL Screening Scanner (rarely)
Intel Extreme Tuning Utility
Firewall Hardening Tool/Hard_Configurator by Andy Ful
File and Photo backup
Manual to external enclosed HDD and then offline.
System recovery
Macrium Reflect free version v. 7.2.3957
Risk factors
    • Gaming
    • Browsing to popular websites
    • Downloading software and files from reputable sites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
CPU: i7 6700K 4.0GHz @ 1.18 volts (undervolted via XTU)
GPU: Nvidia GTX 1080 Founders Edition
SSD: Samsung 970 EVO Plus nvm-e
RAM: 16 GB DDR4 dual channel

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
No password manager or VPN--have tried both in past. Silent issues with Nvidia drivers provoked removal of Reflect until further notice. In this case, the C drive is always 90+% free anyway. Machine is routinely kept dusted and cooled, Meltdown and Spectre microcodes are enabled. SSD is now 1.5 years old and still strong, this snip was taken yesterday:

crystal disk info.PNG
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Thanks, Umbra. Config edited accordingly.

Yes, JM Security, the backups. Have to get another large capacity USB, like 64 GB or more, make it 2. Then configure Reflect to put the image on there. I plan to image the machine no more than two times per year, coinciding with the Windows releases. I'll update this config once I get this viably started and validated, probably in a few months. Thanks.:cool:
 

JM Safe

Level 39
Verified
Top Poster
Apr 12, 2015
2,882
Thanks, Umbra. Config edited accordingly.

Yes, JM Security, the backups. Have to get another large capacity USB, like 64 GB or more, make it 2. Then configure Reflect to put the image on there. I plan to image the machine no more than two times per year, coinciding with the Windows releases. I'll update this config once I get this viably started and validated, probably in a few months. Thanks.:cool:
Good :)
 

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
No password manager or VPN--have tried both in past. Silent issues with Nvidia drivers provoked removal of Reflect until further notice. In this case, the C drive is always 90+% free anyway. Machine is routinely kept dusted and cooled, Meltdown and Spectre microcodes are enabled. SSD is now 1.5 years old and still strong, this snip was taken yesterday:


Did you try AOMEI Backupper? I also had issues with Macrium and Nvidia Drivers and so switched to AOMEI.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
You did also? I wish I could remove Nvidia instead. :mad: Admittedly, no, did not consider AOMEI. I plan to stick w/Reflect. If there is trouble there again when it's implemented, definitely, I will look into this one. Thanks, devjit2018.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Yep, I disabled canvas blocking in trace settings. One has to really read up on these extensions because you can seriously overdo it--they all look great and necessary on paper. If anyone believes these four extensions are overdoing it, please tell. But otherwise, browsing is fast and reliable, no ads or other bad stuff to date.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
OK, Got a 64 GB Pny USB and Macrium'd the machine, lol. I'll still need to build a PE recovery environment but at least it's imaged. I don't remember, does the UI Watcher have to remain enabled at startup?

At any rate, an OS backup system is back in place, which I grudgingly admit is a good idea seeing as I had several BSODs recently (Bad_System_Config_Info, my fault each time) and too many OS alterations. Thanks to JMSecurity for providing that hint to get the backup, even though quite honestly, I didn't want to. This will be overwritten each time a new Windows comes out and once everything's in place, so no differentials.

mac partition.PNG
 
F

ForgottenSeer 69673

OK, Got a 64 GB Pny USB and Macrium'd the machine, lol. I'll still need to build a PE recovery environment but at least it's imaged. I don't remember, does the UI Watcher have to remain enabled at startup?

At any rate, an OS backup system is back in place, which I grudgingly admit is a good idea seeing as I had several BSODs recently (Bad_System_Config_Info, my fault each time) and too many OS alterations. Thanks to JMSecurity for providing that hint to get the backup, even though quite honestly, I didn't want to. This will be overwritten each time a new Windows comes out and once everything's in place, so no differentials.


Not sure I understand but you put the PE recovery on the same USB stick. You then insert the stick in your machine when it is off and BIOS is set to boot from USB stick. You don't want to restore an image after booting into windows incase your machine won't boot. You want to boot into Marcrium from the USB stick. But I might have totally misunderstood your post.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
No, you actually nailed another issue. I was in the process of doing the PE recovery on the same USB but got scared off by the dialog that all data will be overwritten. I'd just done the image so naturally, I thought that would be erased! I don't recall this from version 6 where I'd used my ext. HDD. Also, I leave the UI watcher enabled at startup, it's OK. I'll get the help I need from the various search results, I'm sure it's something very simple. :)
 
F

ForgottenSeer 69673

No, you actually nailed another issue. I was in the process of doing the PE recovery on the same USB but got scared off by the dialog that all data will be overwritten. I'd just done the image so naturally, I thought that would be erased! I don't recall this from version 6 where I'd used my ext. HDD. Also, I leave the UI watcher enabled at startup, it's OK. I'll get the help I need from the various search results, I'm sure it's something very simple. :)

The first thing you do is put PE on that USB stick then Do a full image. UI watcher likes to connect to the internet and I don't allow it in my firewall.
I do not see any reason for it to need to connect to the internet.
 
F

ForgottenSeer 69673

Ok the fist thing you do is go to other tasks and click on create rescue media. You can do this while not connected to the net. Have you
USB stick inserted and select that where it asks for the drive. Create it, then click on the create an image of the partitions needed to backup and restore Windows.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Thank you for this valuable advice, ticklemefeet. I really hope this helps someone else who isn't experienced with this. Here's what was ultimately accomplished. Thank goodness it resulted in a viable image and backup system. I had serious doubts based on the USB failure which I'll recycle as a data storage unit and reinstall Windows PE on a smaller USB.

1. Disabled startup of the Macrium UI Watcher. It dragged startup by about 2 seconds.
2. Put the system image on another Western Digital HDD--I have three but only one enclosure
3. Left the Windows PE on the Pny USB :mad:

I just verified this clumsy setup, it's perfect. I'm going to leave it like that because the image is good and my computer boots straight from the rescue USB (it has four USB ports). I started over with trying to install PE and then image. Macrium refuses to put the PE and the image on the same stick. I tried and tried, using DiskPart multiple times to clean, format and re-partition the stupid thing. There was 57 GB free, I formatted it but during the imaging process, it would fail, stating not enough space in the destination folder (E:\). Then, clean, reformat, rinse and repeat. As long as the image is verified and accessible, that's the desired but less-than-ideal outcome.

Again, thank you for your help, ticklemefeet, it's really appreciated. :emoji_ok_hand:

Edit: added the snips to show the two different drives. :mad:
Edit2: oops, didn't add another partition to the USB for the image to reside in. OK. Live 'n' learn.
Still aggravated so I'm leaving it as-is. It works!

macr pe.PNG
Capture.PNG
 
Last edited:
F

ForgottenSeer 69673

So you are trying to put the PE on one partition on another? I have never done that so I am not sure how that works. I put the PE boot files and all 11or 12 mrimg files on the same partition. Each mrimg file is 4 gig for my system and so at minimum, I would need a 50 gig USB stick just for one full system image.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Yes, this occured to me while looking at disk management that it has to be done--creating at least one additional partition on the USB. This is a PNY branded USB--I wonder if various brands are created differently (?). You have 11-12 discrete image files on the same paritition? Let's see, that's max 48 GB compressed so guessing maybe 70-80 GB system? Mine is 23 and 14.5 GB compressed--one image file that *should* fit on a stick with 57 GB free. But as you can see in the snip, 56 GB+ is pushed over to unallocated, so I have to figure out to put another partition(s) on the stick. If/when I accomplish this, I'll update this, I think it's worthwhile.

mac disk space.PNG

Edit/Update: Doesn't work. After looking online, I followed an online guide that used AOEMI Partition Assistant and moved the partition to the right to gain almost 57 GB--the USB is total 64 GB. The Macrium PE was preserved. Then, I reinstalled the image. This was successful but the PE recovery was deleted and the machine of course booted into the normal desktop. So, reinstalled the PE and Macrium formatted and deleted my freshly created partition again. I don't have the experience with this problem so I'm going to keep my clumsy E and F drive setup, at least I know it's there and accessible. Phew! :mad:
 
Last edited:

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Hi Dhruv2193: I can hopefully answer to both your observations--two backup images per year is due to very little third party on here, it would basically be OS plus OS tweaks plus two third party security progs/tweaks. On a 250 GB C: drive, currently only 23 GB is in use. Also, I've tried higher Defender settings in past like enabling CFA--it drives me NUTS. Much rather would rely on SysHardener and Group Policy.

ticklemefeet: OK, thank you for uploading the information. Comparing your setup to mine in post 15, first spoiler shows that you have a much larger-capacity USB with additional folders in the PE. Since your environment is the successful one--I don't know if it's my USB or my inexperience, both? Can I ask--were you able to install both PE and all your images without any extra preparations of the USB? Any rate, this USB, it's the thing the PC boots from so I don't want to mess with it anymore. In fact, the PE is going on a smaller USB and I'm prob. going to toss it, I don't trust it. I've verified the image and since it's "hopefully" going to be used very rarely, the bulky setup is OK.

Thanks to everyone for their input, the config is a lean, mean and green one. :cool:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top