Advanced Plus Security plat's config for 2020

Last updated
Dec 1, 2020
How it's used?
For home and private use
Operating system
Log-in security
Security updates
Check for updates and Notify
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
MS Defender w/self-sandbox, CFA and PUP det. enabled
H_C Firewall Hardening
SmartScreen for chromium Edge
NVT OSArmor
Firewall security
Microsoft Defender Firewall
About custom security
Controlled Folder Access (d/l, pictures, docs)
Core Isolation enabled
OSArmor: multiple block rules enabled over defaults
Periodic malware scanners
HitmanPro subscription--detection and removal
Microsoft Malicious Software Removal Tool--on demand
Microsoft Defender Quick Scan
AdwCleaner (rarely)
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Microsoft Edge
AdGuard browser assistant
Trace
Clear URLs
Maintenance tools
Windows built-in/System Maintenance run weekly
Jotti for .exe, url and hash analysis (rarely)
Tree Size for bulk and to scan for leftover folders
RAMMap to release hoarded System memory
Wise Disk Care (free version)
File and Photo backup
Manually to external and enclosed HDD which are then taken offline
System recovery
Easus ToDo Backup Free/64 GB USB drive
Risk factors
    • Browsing to popular websites
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Browsing to unknown / untrusted / shady sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Cpu: i9 9900 @ 3.1 GHz
Cooler: Noctua U12S Chromax
Gpu: NVIDIA Gtx 1080 Founders Edition blower-type
MBd: ASUS Prime Z390A
RAM: 2x8GB GSkill TridentZ @3200 mHz (16-18-18-38)
Case: Fractal Design Meshify C
Drive: Samsung 980 PRO 500GB
Storage: 3x old 5400 rpm HDDs in offline enclosure
Machine has no internal SATA drives
PSU: EVGA SuperNova G2 Gold-rated 650 watts
Notable changes
removed: Vivaldi, PrivaZer
added: Opera
added: Tree Size folder identification software
added: RAMMap
added: Wise Disk Care for rapid junk removal
added: Insiders Beta ring for Windows 10
added: paid version NVT OSArmor
removed: Privacy Badger extension
removed: Intel XTU
removed: uBlock Origin
added: AdGuard Desktop

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
I added about 10 exploit guards to Opera without hampering its performance. At least two guards prevented Opera from launching, these being Arbitrary code guard and Disable Win32k system calls

Disregard this. Nothing like a fresh boot to reveal your crimes against your innocent machine. Edge and Opera had all guards removed and both browsers reset due to improper page loading and not opening, whatever. Now I have DEP and Control Flow Guard, just those two. I guess you have to play around with this and enable, restart and repeat in order to weed out the ones that impact the browser.

I've had this problem for well over a year: issues with restart function--freezing and/or restarting twice, which I narrowed down to a corrupted extra recovery partition Windows installs whenever there's a new build. I've replaced the nvm-e, reformatted the drive multiple times, played around with Aomei partiion software, and so on, with the same cycle happening every time.

Now I've deleted the extra recovery partition via diskpart and just have the unallocated space. The system restart was freezing every time, which is not viable, especially when you have to update Windows (it'll roll back, trust me, if you have to use CTL/ALT/DEL during the first working-on-updates phase). Now it restarts twice alternating with a normal restart, which is workable. Can someone with experience with partitions confirm that you can't merge that unallocated space with the primary partition? How the restart got that way in the first place is a total mystery.

Thanks for any help and advice.

disk unallocated.PNG
 

harlan4096

Super Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,948
Check these links, maybe some may help You:



 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Thank you Harlan, this is a lot of info. I have to comb thru it. The partition I deleted in order to Restart properly is CONTIGUOUS with the active C partition. I have learned the hard way and tried previously to merge the unallocated space to C and as experts will know very well: the OS is then kaput. Have to clean-install. There was another recovery partition adjacent to the EFI one, which I'm scared to mess with. I don't want to damage the MBR. Again, I have to read thru everything, there's likely something I missed and I'm not very knowledgeable with this issue. :unsure::coffee: Something is damaging the firmware or something. It happens regardless of SSD brand: Samsung or Western Digital. Very mysterious....

@Zero Knowledge (how ironic for me in this context :ROFLMAO:) here are my ASR rules that I've been using successfully for several months without issue. OSArmor seems to be the first responder most if not all of the time but these ASR rules do no harm.

asr rules.PNG

The corresponding values are shown in this link.

My OSArmor RULES file is loaded on my data disk which is currently offline. Right now, the machine is installing the latest Insider build 19608.1000. I will retrieve this later and see if it's viable to post. (y)

Edit: here's a snip of the current C drive. I only have one drive installed in the machine. I guess I'll just leave it like that, just won't get that 400+ MB back.

disk c.PNG

wall of text, sorry. Also, I wasn't linked into any alerts about responses to this thread so I apologize very much for not responding sooner.
 
Last edited:

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
OK, Insider build 19608.1000 is now installed. Changelog. It took maybe 10 minutes this time, much improved. My desktop wallpaper was replaced by a black screen which initially is scary but turned out to be nothing major at all. Let's hope that's it. Watermark is back, so I'll remove it.

Sadly, I had to remove Sandboxie when reinstating Insider previews but it was no surprise. The overall system was slowed down and the browser Opera was usable but very, very slow to open.

It seems a former Sophos engineer who has worked on Sandboxie's kernel is now putting his efforts behind open-source SBIE, in conjunction with the developer of a privacy application, DavidXanatos. This is really good and hopeful news. Here is the relevant part of the thread if anyone's interested. This is where to watch for upcoming SBIE developments. (y)

 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
OK, does anyone have this issue depicted in this screenshot, re: the latest driver download for NVIDIA GPUs?

nvidia dwnlod site.png

The driver page doesn't load and I gave up after several minutes. It's the same in Edge and Vivaldi. So, I got the driver from here with absolutely no issue. Download is safe and sound, used a US server, but this is annoying. :mad:
Anyone have any info on this? I'm refusing to install GeForce Experience or supply my system info. It shouldn't have to be required to get the driver. Also disabled all my extensions, no cigar.
 

Ink

Administrator
Verified
Jan 8, 2011
22,490
Noticed you have zero account security to protect your user data & files on your PC.

The driver page doesn't load and I gave up after several minutes. It's the same in Edge and Vivaldi.
Did you try with Incognito mode or disabled extensions?

Loads OK with Chrome, new Edge and Brave.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Re: zero account security: well, I feel like I got caught on surveillance camera doing shoplifting or something. But anyway, sometimes I use my Microsoft account to log in. But not often enough to justify making it a formality on my config. I offload my data onto my external hard drives as-needed. It's good.

OK, this is very useful, so theoretically, the downloads page works. Just not for me. Yes, turned off Sandboxie, reset network adapter, flushed dns, changed dns, disabled extensions. I'm stumped. Luckily it's not a daily need so hopefully it's sorted somehow in the near future.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Alright-y so my config was in dire need of a clean-out, so I did that. (I'm such a Schlampe in these matters)

The combined total disk space for the three third party supplements to Defender are a whopping 30-ish mb. cpu/ram use--neglible.

Enabled Controlled Folder Access again for another try. (y)

Since Defender is set pretty well, I chose to focus on hardening some peripheral stuff like the Firewall and browsers. So now I have TinyWall to supplement the Windows one which allows everything almost willy-nilly by default. uBlock Origin got a re-do of filter lists and it's a work in progress.

Tiny programs, big security. I like it!
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Removed OSArmor.

H_C is installed but nothing's configured (yet). Something caused it to crash and this is not good, obviously. I'm finding TinyWall to be quite powerful in its own right so I may winnow out some more things and depend more on TW. CFA is still enabled so that's another reason to not keep some other real time stuff around. Too much, right?
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Thank you for responding, Andy Ful. Your reply to this issue in the H_C thread made a lot of sense, namely that another security program might have interfered. If only I knew which one. That's the primary reason I took OSA off--maybe when Andreas makes good on his word to release some updated software, I'll try it again sometime. I don't know.

No, this was a one-time occurrence. Since it's so very stable and solid otherwise, I felt it was necessary to mention it, though. :unsure:
Edit: I recall messing with the "run as administrator" setting.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Ditched the corrupted Windows backup image and redid with Easus ToDo Backup Free on my USB drive. The image is build 19041.388, which at this point is running very similarly to v. 1909 with far less # of errors/warnings compared to initial install.

Removed Vivaldi and PrivaZer, prob. permanently. Both have rather complicated and cluttered Uis plus PrivaZer contained too much jargon and had TRIM enabled as default on version 4.07. Goodbye. 👋 Maybe Wise or something else. Window built-in suffices for now plus manual removal.

Welcome back, Opera!

Screenshot (1).png

Any suggestions are sincerely appreciated. Also, if there are any current Insiders around, please let me know how the latest build is!
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Added Tree Size for assistance with manual deletion of junk files and folders. Its footprint is about 11 MB--chicken feed compared to third party cleanup utilities, which admittedly are much more convenient and probably more thorough. Hey, whatever's good for you. Still running System Maintenance 1x/week. I use Disk Cleanup and the Storage app as well.

By choice, I only have one internal drive and it's not comparatively cheap, so I'd like to be in control of what happens to it. I don't like it if a application does things beyond the parameters I believed were already in place, even though it's touted to be safe and sound. It's a matter of being caught off-guard.

If I'm ever in the market for an optimizing software, I will get one.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Today, I said "good riddance" to Windows 10 2004 and installed the 20H2 (19042.487) via the Insiders Beta ring. The entire process (from 19041.450 to 19041.487 to 19042.487) took around 5 minutes. I kid you not.

I ran Disk Optimization and it showed properly upon Restart. BUT, ESENT 642 warnings (2 per start/restart) are still there. This system is snapping so far. I had to check to make sure Fast Startup wasn't somehow re-enabled.
Let's see if initial impressions hang in there. (y)

winver 20h2.PNG
disk optimization is showing properly..PNG

Doing the cleanup with the Settings/Storage app instead of Disk Cleanup now.
 

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Temporarily switched to Windows High Performance plan in order to test a new undervolt. I prob. overdid it as the machine recently emitted a Kernel-Power critical error and graciously shut itself off. XTU then threw a warning box upon reboot. Okay, back to the drawing board.

What does one think about using High Performance power plan for extended times versus a software like Prime 95 or some other? I mean, from a usability standpoint, maybe HP is better? This is a locked chip (i9 9900) but can do 5.0 GHz on several cores as a turbo, running 4.8 GHz all cores sustained with a tdp of only 65 watts. It runs at locked speeds what many can do only w/overclocking and temps are generally in low-mid 30s C in a non-air-conditioned room. I use passive cooling method (the case has an open grid at the top and hot air rises up and out.) No fancy stuff tho' do have an ugly but competent Noctua cpu cooler.

Also, what is the proper way to note a cpu's base clocks? If you have a 6700, is it OK to say its clocks are @4.0 GHz as opposed to 3.4?

A snip showing the voltages at a -.60 v offset running w/ the High Performance plan. The machine shut off at -.100 v, lol.

cpu all cores hi perf (2).png
 
Last edited:

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
what do you think about opera performance and stability at this moment? I

Well, its user interface is cleaner and better organized than say, Vivaldi's. It's strictly a matter of personal taste. It's fairly stable but to be honest, Microsoft Edge and Vivaldi have never crashed on here while Opera has done so twice.

Some little messes recently: A glitch in the UI resulted in an annoying message with a bizarre workaround until that was fixed soon after. Also, a recent browser update messed up my extensions but another update followed very soon after also. As long as there's a quick recovery of the browser, it's OK, things happen.

Right now, it's fast, neat and clean. I really like it. But Edge is a little more stable. Hmm, hope I don't eat my words down the road. :unsure:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top