Advanced Plus Security plat's config for 2020

[plat]

I added about 10 exploit guards to Opera without hampering its performance. At least two guards prevented Opera from launching, these being Arbitrary code guard and Disable Win32k system calls

Disregard this. Nothing like a fresh boot to reveal your crimes against your innocent machine. Edge and Opera had all guards removed and both browsers reset due to improper page loading and not opening, whatever. Now I have DEP and Control Flow Guard, just those two. I guess you have to play around with this and enable, restart and repeat in order to weed out the ones that impact the browser.

I've had this problem for well over a year: issues with restart function--freezing and/or restarting twice, which I narrowed down to a corrupted extra recovery partition Windows installs whenever there's a new build. I've replaced the nvm-e, reformatted the drive multiple times, played around with Aomei partiion software, and so on, with the same cycle happening every time.

Now I've deleted the extra recovery partition via diskpart and just have the unallocated space. The system restart was freezing every time, which is not viable, especially when you have to update Windows (it'll roll back, trust me, if you have to use CTL/ALT/DEL during the first working-on-updates phase). Now it restarts twice alternating with a normal restart, which is workable. Can someone with experience with partitions confirm that you can't merge that unallocated space with the primary partition? How the restart got that way in the first place is a total mystery.

Thanks for any help and advice.

Spoiler

 

[harlan4096]

Check these links, maybe some may help You:

How to Merge Non-adjacent Partitions in Windows 11/10

This page tells you how to merge non-adjacent partitions in Windows 11/10. And it contains two methods, one is using a third-party tool and the other is using Disk Management.

www.easeus.com

How to merge Unallocated space in windows 10/8/7?

This page shows how to merge Unallocated space in Windows 10/8/7 32/64 bit. Combine Unallocated space to C drive or nonadjacent volume with free partition editor.

es.hdd-tool.com

How to Add Unallocated Space into Partition in Windows 10 Successfully?

This article aims to tell how to add unallocated space to existing partitions like C drive step by step. Then you can take full advantage of your storage space.

www.diskpart.com

 

[Zero Knowledge]

6 ASR Rules via gpedit.msc
Multiple OSA rules enabled and backed up to file

Interested to know your rules, that is if you want to share? I have grouppolicy locked down but have yet to mess with asr rules.

 

[plat]

Thank you Harlan, this is a lot of info. I have to comb thru it. The partition I deleted in order to Restart properly is CONTIGUOUS with the active C partition. I have learned the hard way and tried previously to merge the unallocated space to C and as experts will know very well: the OS is then kaput. Have to clean-install. There was another recovery partition adjacent to the EFI one, which I'm scared to mess with. I don't want to damage the MBR. Again, I have to read thru everything, there's likely something I missed and I'm not very knowledgeable with this issue. Something is damaging the firmware or something. It happens regardless of SSD brand: Samsung or Western Digital. Very mysterious....

@Zero Knowledge (how ironic for me in this context ) here are my ASR rules that I've been using successfully for several months without issue. OSArmor seems to be the first responder most if not all of the time but these ASR rules do no harm.

Spoiler

The corresponding values are shown in this link.

My OSArmor RULES file is loaded on my data disk which is currently offline. Right now, the machine is installing the latest Insider build 19608.1000. I will retrieve this later and see if it's viable to post.

Edit: here's a snip of the current C drive. I only have one drive installed in the machine. I guess I'll just leave it like that, just won't get that 400+ MB back.

Spoiler

wall of text, sorry. Also, I wasn't linked into any alerts about responses to this thread so I apologize very much for not responding sooner.

 

[plat]

OK, Insider build 19608.1000 is now installed. Changelog. It took maybe 10 minutes this time, much improved. My desktop wallpaper was replaced by a black screen which initially is scary but turned out to be nothing major at all. Let's hope that's it. Watermark is back, so I'll remove it.

Sadly, I had to remove Sandboxie when reinstating Insider previews but it was no surprise. The overall system was slowed down and the browser Opera was usable but very, very slow to open.

It seems a former Sophos engineer who has worked on Sandboxie's kernel is now putting his efforts behind open-source SBIE, in conjunction with the developer of a privacy application, DavidXanatos. This is really good and hopeful news. Here is the relevant part of the thread if anyone's interested. This is where to watch for upcoming SBIE developments.

Sandboxie Acquired by Invincea

Chrome now works OK on most websites but trying to log into Hotmail or eBay instantly locks up the browser. My wife and I both get the following error...

www.wilderssecurity.com

 

[LDogg]

Lovely setup, ty for sharing.

~LDogg

 

[plat]

OK, does anyone have this issue depicted in this screenshot, re: the latest driver download for NVIDIA GPUs?

Spoiler

The driver page doesn't load and I gave up after several minutes. It's the same in Edge and Vivaldi. So, I got the driver from here with absolutely no issue. Download is safe and sound, used a US server, but this is annoying.
Anyone have any info on this? I'm refusing to install GeForce Experience or supply my system info. It shouldn't have to be required to get the driver. Also disabled all my extensions, no cigar.

 

[Ink]

Noticed you have zero account security to protect your user data & files on your PC.

The driver page doesn't load and I gave up after several minutes. It's the same in Edge and Vivaldi.

Did you try with Incognito mode or disabled extensions?

Loads OK with Chrome, new Edge and Brave.

Download The Latest Official GeForce Drivers

Download the latest official GeForce drivers to enhance your PC gaming experience and run apps faster.

www.nvidia.com

 

[plat]

Re: zero account security: well, I feel like I got caught on surveillance camera doing shoplifting or something. But anyway, sometimes I use my Microsoft account to log in. But not often enough to justify making it a formality on my config. I offload my data onto my external hard drives as-needed. It's good.

OK, this is very useful, so theoretically, the downloads page works. Just not for me. Yes, turned off Sandboxie, reset network adapter, flushed dns, changed dns, disabled extensions. I'm stumped. Luckily it's not a daily need so hopefully it's sorted somehow in the near future.

 

[Ink]

All that security for no reason. You sure you need a PC?

 

[plat]

Alright-y so my config was in dire need of a clean-out, so I did that. (I'm such a Schlampe in these matters)

The combined total disk space for the three third party supplements to Defender are a whopping 30-ish mb. cpu/ram use--neglible.

Enabled Controlled Folder Access again for another try.

Since Defender is set pretty well, I chose to focus on hardening some peripheral stuff like the Firewall and browsers. So now I have TinyWall to supplement the Windows one which allows everything almost willy-nilly by default. uBlock Origin got a re-do of filter lists and it's a work in progress.

Tiny programs, big security. I like it!

 

[plat]

Removed OSArmor.

H_C is installed but nothing's configured (yet). Something caused it to crash and this is not good, obviously. I'm finding TinyWall to be quite powerful in its own right so I may winnow out some more things and depend more on TW. CFA is still enabled so that's another reason to not keep some other real time stuff around. Too much, right?

 

[Andy Ful]

Did the H_C crash occur once or more times? Do you remember what setting was changed before the crash? It is strange because normally the H_C is very stable with many security solutions.

 

[plat]

Thank you for responding, Andy Ful. Your reply to this issue in the H_C thread made a lot of sense, namely that another security program might have interfered. If only I knew which one. That's the primary reason I took OSA off--maybe when Andreas makes good on his word to release some updated software, I'll try it again sometime. I don't know.

No, this was a one-time occurrence. Since it's so very stable and solid otherwise, I felt it was necessary to mention it, though.
Edit: I recall messing with the "run as administrator" setting.

 

[plat]

Ditched the corrupted Windows backup image and redid with Easus ToDo Backup Free on my USB drive. The image is build 19041.388, which at this point is running very similarly to v. 1909 with far less # of errors/warnings compared to initial install.

Removed Vivaldi and PrivaZer, prob. permanently. Both have rather complicated and cluttered Uis plus PrivaZer contained too much jargon and had TRIM enabled as default on version 4.07. Goodbye. Maybe Wise or something else. Window built-in suffices for now plus manual removal.

Welcome back, Opera!

Spoiler

Any suggestions are sincerely appreciated. Also, if there are any current Insiders around, please let me know how the latest build is!

 

[plat]

Added Tree Size for assistance with manual deletion of junk files and folders. Its footprint is about 11 MB--chicken feed compared to third party cleanup utilities, which admittedly are much more convenient and probably more thorough. Hey, whatever's good for you. Still running System Maintenance 1x/week. I use Disk Cleanup and the Storage app as well.

By choice, I only have one internal drive and it's not comparatively cheap, so I'd like to be in control of what happens to it. I don't like it if a application does things beyond the parameters I believed were already in place, even though it's touted to be safe and sound. It's a matter of being caught off-guard.

If I'm ever in the market for an optimizing software, I will get one.

 

[plat]

Today, I said "good riddance" to Windows 10 2004 and installed the 20H2 (19042.487) via the Insiders Beta ring. The entire process (from 19041.450 to 19041.487 to 19042.487) took around 5 minutes. I kid you not.

I ran Disk Optimization and it showed properly upon Restart. BUT, ESENT 642 warnings (2 per start/restart) are still there. This system is snapping so far. I had to check to make sure Fast Startup wasn't somehow re-enabled.
Let's see if initial impressions hang in there.

Spoiler

Spoiler

Doing the cleanup with the Settings/Storage app instead of Disk Cleanup now.

 

[plat]

Temporarily switched to Windows High Performance plan in order to test a new undervolt. I prob. overdid it as the machine recently emitted a Kernel-Power critical error and graciously shut itself off. XTU then threw a warning box upon reboot. Okay, back to the drawing board.

What does one think about using High Performance power plan for extended times versus a software like Prime 95 or some other? I mean, from a usability standpoint, maybe HP is better? This is a locked chip (i9 9900) but can do 5.0 GHz on several cores as a turbo, running 4.8 GHz all cores sustained with a tdp of only 65 watts. It runs at locked speeds what many can do only w/overclocking and temps are generally in low-mid 30s C in a non-air-conditioned room. I use passive cooling method (the case has an open grid at the top and hot air rises up and out.) No fancy stuff tho' do have an ugly but competent Noctua cpu cooler.

Also, what is the proper way to note a cpu's base clocks? If you have a 6700, is it OK to say its clocks are @4.0 GHz as opposed to 3.4?

A snip showing the voltages at a -.60 v offset running w/ the High Performance plan. The machine shut off at -.100 v, lol.

Spoiler

 

[YuanJiawj]

interesting config, thank you for sharing!
what do you think about opera performance and stability at this moment? It's a good alternative to another browsers?

 

[plat]

what do you think about opera performance and stability at this moment? I

Well, its user interface is cleaner and better organized than say, Vivaldi's. It's strictly a matter of personal taste. It's fairly stable but to be honest, Microsoft Edge and Vivaldi have never crashed on here while Opera has done so twice.

Some little messes recently: A glitch in the UI resulted in an annoying message with a bizarre workaround until that was fixed soon after. Also, a recent browser update messed up my extensions but another update followed very soon after also. As long as there's a quick recovery of the browser, it's OK, things happen.

Right now, it's fast, neat and clean. I really like it. But Edge is a little more stable. Hmm, hope I don't eat my words down the road.