Advanced Plus Security ErzCrz config 2021

Last updated
Apr 6, 2021
How it's used?
For home and private use
Operating system
Windows 10
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Microsoft Defender
Firewall security
Microsoft Defender Firewall
About custom security
- System Hardened with Hard_Configurator at Recommended Settings
- Microsoft Defender tweaked with ConfigureDefender set to High. (I'd go with Interactive but I prefer a more set and forget setup)
- FirewallHardening - Recommended H_C rules added
Periodic malware scanners
Emisoft Emergency Kit, HitmanPro
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chromium Edge
uBlock Origin (@Lenny_Fox 's tweaked Medium/Hard Mode) blocking 3p.
Secure DNS
Sky Shield (ISP)
Desktop VPN
Sophos VPN for working from home connection.
Password manager
Keepass 2
Maintenance tools
MacrumReflect Free (backups only after major updates) OneDrive backup of documents weekly.
File and Photo backup
Monthly backup to external drive and Occasional OneDrive Sync
System recovery
Backup disc image, updated every few months.
Risk factors
    • Working from home
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Computer hardware
Acer Aspire E15
Intel Core i3-400SU
Intel HD Graphics 4400
12 Gig DDR 11 RAM
1TB HDD
Notable changes
17.02.2021 - Changed email client from Windows Mail to ThunderbirdBack
06.04.2021 - Back to Windows Mail, SecurityNightmare's Maximum Exploit settings enabled. MD running in it's own Sandbox, Controlled Folder Access enabled. Removed BD Traffic Light and using HTTPS Everywhere in Strict mode.
13.05.2021 - Reverted back to my old favourite Comodo, Firefox and Thunderbird.
22.05.2021 - Returned to MD + H_C setup.
28.08.2021 - Back to using HitmanPro 2nd opinion scanner, using H_C 6 Beta and updated uBO tweak. Thinking about using CFA again and treating messages as more informative unless is breaks something.
What I'm looking for?

Looking for medium feedback.

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
Ever the indecisive, experimenting again with Comodo and Chrome original. I think I missed chrome though I know chromium edge is safer in some ways. System just seems to be a more responsive. Nothing set in stone just trialing a few things out to keep my sanity while I'm furloughed.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
Finished with that experiment and back to WD +H_C. Although some things loaded quicker in Chrome and the system felt more responsive it was using about the same resources when it came down to system load and in case of full screen games I noticed more lag hiccups or sound distortion with Comodo and Chrome.

Anyway, that was useful...
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
Switched to Thunderbird for email. Just a lot faster and more features. I was playing around with Firefox as I like the containers but with MD as my protection it's best using Chromium Edge.

I am noticing all new MD stuff going to 365 office subscribers which has me considering 3rd party options like BD free but what I have still works ;)
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
I use Edge Chromium and Thunderbird and reviewing the exploit protection settings. What's the current good setting for both? There's a couple linked in and I want to ensure trouble free but better protected browsing/emailing.

I'm also reviewing my ublock setup. Finding the odd page freezing or scrolling not working from time to time.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
Looked at enabling memory integrity but I've got a few incompatible drivers.

This laptop did upgrade from Win 8 to 10 years ago and it being an older machine, no newer drivers available so far in my searches. /shrug
 

Attachments

  • coreisoincomp.jpg
    coreisoincomp.jpg
    112.1 KB · Views: 337
  • Wow
Reactions: Nevi and Venustus

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
Been playing around with Comodo, FF and Thunderbird email client but as usual, back to my normal setup with a few changes.

Minor changes:

06.04.2021 - Back to Windows Mail, @SecurityNightmares Maximum Exploit settings enabled. MD running in it's own Sandbox, Controlled Folder Access enabled. Removed BD Traffic Light and using HTTPS Everywhere in Strict mode.

Thinking about using ClearURLs again at some point.
 
Last edited:

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
I still find myself bouncing between configurations.

MD H_C configuration with Edge and MS Mail works okay but MS Mail lacks features and I've had some random Edge crashes when I load a page with a lot of stuff on it. The only addon is uBlock with my medium mode settings. MD uses about 150 meg as standard and the additional 60meg if I run it sandboxed.

Comodo IS in Proactive with Firefox and Thunderbird. CIS uses about 50meg, Firefox take a little bit to load initially but just as fast as edge when it is running. Thunderbird is far more productive and quicker than MS Mail though takes maybe 10 seconds to load.

Such a long history with me and Comodo I keep going back to it. Indecisive as always, I just need to try and stick with one for a bit longer and adapt/change as needed.

uBO rules are simplified:

Advanced User

My Filters:
! Block insecure third-party content except stylesheet, image and media
||HTTP://*$3p,~stylesheet,~image,~media

My rules:
no-csp-reports: * true
no-large-media: behind-the-scene false
* * 3p-frame block
* * 3p-script block
* com * noop
* gov * noop
* io * noop
* net * noop
* org * noop
* uk * noop
behind-the-scene * * noop
behind-the-scene * 1p-script noop
behind-the-scene * 3p noop
behind-the-scene * 3p-frame noop
behind-the-scene * 3p-script noop
behind-the-scene * image noop
behind-the-scene * inline-script noop

Yes there's other blockers but I prefer uBO really.
 
Last edited by a moderator:

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
Decided on a simple solution, carry on with what I started with though reviewing CFA I just need to watch a tutorial to know what's safe to allow etc. Should I try audit only initially? I'll see what's blocked with default settings and try and work it out.

Anyway but convenience over excessive tweaking is proving to be a priority.

P.S. Added the consent.youtube.com to blocked cookies including 3rd party as described in the ghacks article.

I've also amended the uBO My filters to the following to stop the Youtube Sign-in pop-up and Google Consent messages.

! Block insecure third-party content except stylesheet, image and media
||HTTP://*$3p,~stylesheet,~image,~media
! Google Consent / Sign-in
google.*##^script:has-text(consentCookiePayload)
www.youtube.com###dialog
www.youtube.com##.opened

Things on the up and up with me in a lot of things in the coming months.

Keep safe

ErzCrz
 
Last edited:

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
I go through phases with these things but I've gone back to Comodo Internet Security. I've just found computer runs slower with Microsoft Defender and some gaming became juddery for full screen games.

Runing CIS in Proactive mode defaults with auto-containment tweaks to "Restricted" mode and required ICMP rules for IPv6 filtering. Browser changed back to Firefox and email to Thunderbird. Still using uBO in tweaked Medium Mode and recently re-added ClearURLs.

Comodo occasionally has had it's issues but it's got a place in my heart so I decided to go back to it. Controversial I know but we use what works best for us. That and it's ransomware proection from Containment is amazing.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,020
Just checking in really.

Changed my uBO previous noop 3rd party rules to block and new filters as per recent posting by @Lenny_Fox : Browser Add-on - uBlock0rigin in Medium mode for Lighter and Stronger Protection, with Less websites breakage and hassle

Using the latest H_C 6 Beta with no issues so far. My only annoyance computer wise lately is windows update bringing my system to a crawl now and then but I think I just need to change my Active Hours.

Oh and trying to use DDG more these days, the Bing results are annoying and Google consent messages are a pain. Will update the changelog.

Hope your all well and safe.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top