SECURITY: Complete ErzCrz config 2021

Last updated
Apr 6, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
OS License Type
Home
Login security
    • Passwordless (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary account rights
Administrator permissions
Other accounts rights
Administrator permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
ISP-issued router w/ firewall & filtering
Real-time protection
Microsoft Defender
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Hard_Configurator ( (recommended settings), Configure Defender (high) with cloud time limit set to 60s, Admin Smartscreen for Edge Legacy and IE to "Block", Controlled Folder Access - Enabled. Firewall Hardening (recommended rules)
Malware research
No - malware samples are not downloaded
Periodic scanners
Sophos HitmanPro
Emisoft Emergency Kit
DNS
Sky Shield (ISP)
VPN
Sophos VPN for working from home connection.
Password manager
Keepass 2
Browsers, Search and Addons
Chromium Edge (tweaked exploitation protection)
uBlock Origin (tweaked Medium Mode)
HTTPS Everywhere set to Strict
PC maintenance
MacrumReflect Free (backups only after major updates) OneDrive backup of documents weekly.
Personal Files & Photos backup
Monthly backup to external drive and Occasional OneDrive Sync
Personal backup routine
Manual (maintained by self)
Device recovery & backup
Backup disc image, updated every few months.
Device backup routine
Manual (maintained by self)
PC activity
  1. Browsing the web. 
  2. Emails. 
  3. Working from home. 
  4. PC and cloud gaming. 
  5. Multimedia. 
  6. Streaming. 
Computer specs
Computer hardware
Acer Aspire E15
Intel Core i3-400SU
Intel HD Graphics 4400
12 Gig DDR 11 RAM
1TB HDD
Personal changelog
17.02.2021 - Changed email client from Windows Mail to ThunderbirdBack
06.04.2021 - Back to Windows Mail, SecurityNightmare's Maximum Exploit settings enabled. MD running in it's own Sandbox, Controlled Folder Access enabled. Removed BD Traffic Light and using HTTPS Everywhere in Strict mode.
Feedback Response

General feedback

ErzCrz

Level 9
Verified
Aug 19, 2019
414
Finished with that experiment and back to WD +H_C. Although some things loaded quicker in Chrome and the system felt more responsive it was using about the same resources when it came down to system load and in case of full screen games I noticed more lag hiccups or sound distortion with Comodo and Chrome.

Anyway, that was useful...
 

ErzCrz

Level 9
Verified
Aug 19, 2019
414
Switched to Thunderbird for email. Just a lot faster and more features. I was playing around with Firefox as I like the containers but with MD as my protection it's best using Chromium Edge.

I am noticing all new MD stuff going to 365 office subscribers which has me considering 3rd party options like BD free but what I have still works ;)
 

ErzCrz

Level 9
Verified
Aug 19, 2019
414
I use Edge Chromium and Thunderbird and reviewing the exploit protection settings. What's the current good setting for both? There's a couple linked in and I want to ensure trouble free but better protected browsing/emailing.

I'm also reviewing my ublock setup. Finding the odd page freezing or scrolling not working from time to time.
 

ErzCrz

Level 9
Verified
Aug 19, 2019
414
Looked at enabling memory integrity but I've got a few incompatible drivers.

This laptop did upgrade from Win 8 to 10 years ago and it being an older machine, no newer drivers available so far in my searches. /shrug
 

Attachments

  • coreisoincomp.jpg
    coreisoincomp.jpg
    112.1 KB · Views: 46
  • Wow
Reactions: venustus

ErzCrz

Level 9
Verified
Aug 19, 2019
414
Been playing around with Comodo, FF and Thunderbird email client but as usual, back to my normal setup with a few changes.

Minor changes:

06.04.2021 - Back to Windows Mail, @SecurityNightmares Maximum Exploit settings enabled. MD running in it's own Sandbox, Controlled Folder Access enabled. Removed BD Traffic Light and using HTTPS Everywhere in Strict mode.

Thinking about using ClearURLs again at some point.
 
Last edited:
Top