Advanced Plus Security ErzCrz Security Config 2024

Last updated
May 19, 2023
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
Sky Router with built-in IPV4/IPv6 Firewall
Real-time security
Comodo Internet Security .8012
CyberLock
Firewall security
Other - Internet Security (3rd-party)
About custom security
CIS .8012 in Proactive Config with Containment Set to Untrusted
Cyberlock - ON - Create In/Out Firewall Rules for Unsafe Items.
Periodic malware scanners
Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Primary: Edge with uBO in Medium Mode - Netcraft/BD:TL
Secondary - Firefox with uBO in Medium Mode - Netcraft/BD:TL
Secure DNS
Provided by ISP Sky Shield though occasionally Cloudflare DNS over HTTP.
Desktop VPN
None. Browsing primarily on home private network.
Password manager
KeepassXC
Maintenance tools
Windows built-in Disk Clean-up and Storage Sense.
File and Photo backup
Seagate - Toolkit - Weekly Backup
Active subscriptions
    • None
System recovery
External Drive - Backup of Documents and folders.
Risk factors
    • Browsing to popular websites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Notable changes
22.01.2022 - Reverted to Comodo Internet Security setup with Firefox as default browser and Thunberbird email client.
15.05.2022 - Reverted to Hard_Configurator setup following errors after uninstall and PC reset with Edge as default browser for MD integration while also sticking to Thunderbird for email & Updated backup routine.
13.08.2022 - Swapped to built-in backup solution.
12.09.2022 - General update in line with new guidelines.
29.10.2022 - Edge Exploit Tweaks re-implimented
15.11.2022 - Edge Exploit Tweaks removed. Removed OneDrive backups.
18.11.2022 - Firefox now my primary browser & Thunderbird primary email client.
12.12.2022 - updated Dec 2022 changes, backup now manual and onedrive. Experimenting with Comodo Internet Security but not fully committed to it yet.
11.01.2023 - Updated Security Configuration for new laptop and having won Emisoft giveaway.
22.01.2023 - Reverted to MD, ConfigureDefender - High & Enabled CFA, FWHardener, Added NPE to scanner, Edge exploit tweaks.
01.02.2023 - Now using Seagate Toolkit for Backup of Documents and Folders
18.05.2023 - Using H_C Beta and few unticks/ticks of PC use.
24.06.2023 - Back to Emsisoft Anti-Malware Home, Changed Password Manager to KeepassXC
02.09.2023 - Switched from Emsisoft Setup to CF/MD Configuration
20.10.2023 - Switched to Firefox, no longer using VPN for as work now has Azure cloud servers. Temporarily removed custom exploit settings.
01.11.2023 - Back to MD H_C setup
12.12.2023 - Added Anti-Exploit Tweaks and uBO in Hard Mode with noop rules.
20.12.2023 - Removed custom exploit rules as having some Edge freezes. Moved back to Comodo Firewall with Cruelsister Configuration.
21.12.2023 - Firefox now primary browser.
27.12.2023 - Edge changed to Primary Browser
06.01.2024 - Removed WFC, Implemented WFH & CL create firewall rules for not safe items.
08.01.2024 - Re-Added WFC
03.01.2024 - Firefox now primary browser.
21.01.2024 - Changed Primary Browser to Edge
28.01.2024 - Removed WFC and replaced with CF
05.02.2024 - Returned to WFC
31.12.2023 - New config for 2024 - MD (DefenderUI), CyberLock,WFC
28.02.2024 - Adjusted uBO Rules & Added Netcraft & BD:TL extensions
25.03.2024 - Changed to CIS .8012
Disclaimer we use date format DD/MM/YYYY here in the UK
What I'm looking for?

Looking for minimum feedback.

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Definitely need to think about upgrading this thing.

This is a good value and it comes with a 1 year warranty.
Only downsides I could see with a quick look are:
  • 256GB PCIe M.2 NVMe Class 35 Solid State Drive
  • 8GB (1X8GB) Up to 3200MHz DDR4 SoDIMM Non-ECC
256GB is small, I would recommend 512GB as minimum.
I would be nice to add 8GB of ram so it runs in dual channel (2 x 8GB).
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Only downsides I could see with a quick look are:

256GB is small, I would recommend 512GB as minimum.
I would be nice to add 8GB of ram so it runs in dual channel (2 x 8GB).
Yes @Gandalf_The_Grey spotted some higher spec ones with 1TB or 512Gig and better spec. "Acer Aspire 3, Intel Core i5, 8GB RAM, 1TB SSD, 15.6 Inch Laptop, NX.ADDEK.00N" Is just one of the ones I've spotted but there are better ones in price range here in UK.

But, as with everything as of late, it'll be Christmas or new year probably New Year sales. I managed to lean on my Kobo eReader late last night and it's not working anymore. So, today ordered the upgraded one as a early Bday present. Priorities I guess and it can wait for now.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Figured out what the issue was with Edge pages not loading. I had Startup Boost and Enable extensions to continue running enabled. Turning those off fixed it. Boost really didn't load Edge that much quicker, maybe just or 2 seconds quicker but not worth the hassle.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Uninstalled Macrium Reflect Free. Investigating other backup options before updating main post on this. After last backup had Broadcom wifi error which had to be reset and battery wasn't charging so had to do a hard-reset to fix. I think I'll end up just disk image manually and OneDrive now and then.

EDIT: Not sure it's connected to Macrium Reflect but something not quite right.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Has happened once since MR reinstall but I think external drive USB might be the issue. Just seeing what manual options or alternatives are out there. I think you can still do a disc image with old windows features but something 3rd party like MR might do it better. Just a thought, what about OpenSource solutions?
Anyway, something I'm still researching. OneDrive and File History slows my machine noticably.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Just updating that not experienced any issue with backups since re-install of Macrium Reflect Free.
The security paranoid side of me with magniber and other tricks to try and bypass MD has been contemplating a CF/MD combination but I think my layered approach is still quite good protection and I'm bringing back my anti-exploit tweaks. Will post update post when I've done that later ;)
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Earlier this year I reset some settings and it seems I never got back to using Edge Exploit tweaks. I had planned to employ the other tweaks from this post Maximum Anti-Exploit protection settings for your program but for some reason powershell .xml script failed. Anyway, just trialling some of them manually. At any rate, re-instated the Edge exploit tweaks below ;)

Edge Exploit settings:

Exploit Protection settings for browsers (thanks to @Umbra @oldschool ). These have broken anything yet, e.g. extensions crashing.
- for Brave, Edge and Firefox:

Block low integrity images - ON
Block remote images - ON
Block untrusted fonts - ON
Control flow guard (CFG) - ON
Data execution prevention (DEP) - ON + Enable thunk emulation - CHECKED
Disable extension points - ON
Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images - CHECKED
Randomize memory allocations (Bottom-up ASLR) - ON
Validate exception chains (SEHOP) - ON
Validate handle usage - ON
Validate heap integrity - ON
Validate image dependency integrity - ON

ADD for Edge Chromium only: Code integrity guard - ON (with or without Also allow images signed by M$ Store CHECKED)
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Getting nagged for OneDrive with MD every few days as I don't have CFA enabled. OneDrive slowed startup when I had it load at startup so use CFA? or just start OD new and then?
 
  • Like
Reactions: Kongo and oldschool

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Update - Removed Edge Exploit Tweaks. Had some random page disconnects so removed those for now. Also removed OneDrive backups. I still use it manually for backing up Keepass files when new passwords added but relying on Macrium Reflect Free backups and manual copying of big collections on 2nd partition to external drive. I do notice some performance improvements since disabling OneDrive even when I ran it manually before.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Just listing Firefox as primary browser. M$ just wants my data or it feels that way and with that shopping feature and personalization enabled again after updates finding it annoying.
Edit: Thunderbird now primary mail client as well. Windows Mail just doesn't have enough features.
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Macrium Reflect Free is retiring.I'm investigating other options but there's plenty of time.

1669400382368.png
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Confirmed, will be getting laptop upgrade in the sales. Budget only around £650 but can get a decent low end one for that. Liking HP 15s-fq2038na. Had Acers in the past but the hinges have eventually fallen aoart including on the one I'm using now which is superglued back together but maybe they're built better now. Anyway, planned for the new year ;)
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,245
Confirmed, will be getting laptop upgrade in the sales. Budget only around £650 but can get a decent low end one for that. Liking HP 15s-fq2038na. Had Acers in the past but the hinges have eventually fallen aoart including on the one I'm using now which is superglued back together but maybe they're built better now. Anyway, planned for the new year ;)

The PC is nice :) (even if I prefer AMD Ryzen, less expensive)
 

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
The PC is nice :) (even if I prefer AMD Ryzen, less expensive)
Thanks. Will look at all the choices nearer the time but that one looks quite good. Was tempted with 1TB HD but you tend to lose out on specs over HD space but 512 will suite me fine. Anyway, will be glad to have something current generation for once :D

Just marking a couple of alternatives as that one not in stock HP 14s-fq1005na 14in Ryzen 7 8GB 512GB (8-core) though it'll all change in the sales Lenovo Yoga Slim 7i Pro 14in i5 8GB 512GB (12-core) & X1502ZA-BQ556W (10-core) I could spend all day looking at all of these but see what's best nearer the time ;)

Turkey and stuff in the oven for a late Christmas meal.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top