Advanced Plus Security ErzCrz Security Config 2024

Last updated
May 19, 2023
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
Sky Router with built-in IPV4/IPv6 Firewall
Real-time security
Microsoft Defender + DefenderUI
CyberLock
Comodo Firewall .8012
Firewall security
Other - Internet Security (3rd-party)
About custom security
DefenderUI - Recommended Settings
Cyberlock - ON - Create In/Out Firewall Rules for Unsafe Items. Require Captcha to exit.
Comodo Firewall - Cruelsister Configuration
Periodic malware scanners
Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Primary: Edge with uBO in Medium Mode - Netcraft/BD:TL
Secondary - Firefox with uBO in Medium Mode - Netcraft/BD:TL
Secure DNS
Provided by ISP Sky Shield though occasionally Cloudflare DNS over HTTP.
Desktop VPN
None. Browsing primarily on home private network.
Password manager
KeepassXC
Maintenance tools
Windows built-in Disk Clean-up and Storage Sense.
File and Photo backup
Seagate - Toolkit - Weekly Backup
Active subscriptions
    • None
System recovery
External Drive - Backup of Documents and folders.
Risk factors
    • Browsing to popular websites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
ErzCrz Laptop Specs 2024
Notable changes
22.01.2022 - Reverted to Comodo Internet Security setup with Firefox as default browser and Thunberbird email client.
15.05.2022 - Reverted to Hard_Configurator setup following errors after uninstall and PC reset with Edge as default browser for MD integration while also sticking to Thunderbird for email & Updated backup routine.
13.08.2022 - Swapped to built-in backup solution.
12.09.2022 - General update in line with new guidelines.
29.10.2022 - Edge Exploit Tweaks re-implimented
15.11.2022 - Edge Exploit Tweaks removed. Removed OneDrive backups.
18.11.2022 - Firefox now my primary browser & Thunderbird primary email client.
12.12.2022 - updated Dec 2022 changes, backup now manual and onedrive. Experimenting with Comodo Internet Security but not fully committed to it yet.
11.01.2023 - Updated Security Configuration for new laptop and having won Emisoft giveaway.
22.01.2023 - Reverted to MD, ConfigureDefender - High & Enabled CFA, FWHardener, Added NPE to scanner, Edge exploit tweaks.
01.02.2023 - Now using Seagate Toolkit for Backup of Documents and Folders
18.05.2023 - Using H_C Beta and few unticks/ticks of PC use.
24.06.2023 - Back to Emsisoft Anti-Malware Home, Changed Password Manager to KeepassXC
02.09.2023 - Switched from Emsisoft Setup to CF/MD Configuration
20.10.2023 - Switched to Firefox, no longer using VPN for as work now has Azure cloud servers. Temporarily removed custom exploit settings.
01.11.2023 - Back to MD H_C setup
12.12.2023 - Added Anti-Exploit Tweaks and uBO in Hard Mode with noop rules.
20.12.2023 - Removed custom exploit rules as having some Edge freezes. Moved back to Comodo Firewall with Cruelsister Configuration.
21.12.2023 - Firefox now primary browser.
27.12.2023 - Edge changed to Primary Browser
06.01.2024 - Removed WFC, Implemented WFH & CL create firewall rules for not safe items.
08.01.2024 - Re-Added WFC
03.01.2024 - Firefox now primary browser.
21.01.2024 - Changed Primary Browser to Edge
28.01.2024 - Removed WFC and replaced with CF
05.02.2024 - Returned to WFC
28.02.2024 - Adjusted uBO Rules & Added Netcraft & BD:TL extensions
25.03.2024 - Changed to CIS .8012
10.04.2024 - Reverted to MD/DefenderUI/Cyberlock/WFC Config
31.12.2023 - New config for 2024 - MD (DefenderUI), CyberLock,WFC

11.04.2024 - Reverted to MD/DefenderUI/Cyberlock/CF
Disclaimer we use date format DD/MM/YYYY here in the UK
What I'm looking for?

Looking for minimum feedback.

ErzCrz

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
Removed Privacy Badger for now, just trying to identify overlap with it and uBO and some page slows.
Did some CF testing but doesn't always seem to be filtering or just not showing in UI. I am seeing how the H_C setup goes but have been tempted with some of the BF offers or going with Emsisoft but who knows.
 
  • Like
Reactions: Moonhorse and harlan4096
ErzCrz

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
oldschool said:
What's BF? BlackFog? Bitdefender Free? 🤔
Click to expand...
Sorry, Black Friday. I forget to add proper context now and then :D

Just being a bit indecisive and with the layered approach I'm currently using it's probably enough, just having 3rd party sometimes makes you think it's doing more but MD is just if not more active protecting more things ;)
 
  • Like
Reactions: cryogent, Moonhorse, Nevi and 1 other person
ErzCrz

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
rhythm said:
The forensic of "have been tempted with some of the BF offers" revealed a cryptic invitation to explore the mischievous realm of "Blue Films"! 😂🤣
Click to expand...
hahaha. That's what VPNs and Comodo Secure Shopping was for 🤣
 
ErzCrz

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
Back to my quandary, I don't have office 365 and only Home version of Win 11 so don't have extra Microsoft Defender features but that's what ConfigreDefender is for. Think I'll give CF Beta 2 another go.
 
  • Like
Reactions: oldschool and Moonhorse
ErzCrz

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
Not sure when it started appearing but I noted today that MDCoreSvc Microsoft Defender Core Service was running even though I was testing out CIS Beta 2 with a couple of things today.

1701460289734.png


It'll probably just be MD until the next beta comes out but just happen to notice this service still running even though I have periodic MD scanning disabled. Not had time to check if it's the same with other AVs,
 
  • Like
  • Wow
Reactions: SeriousHoax, Moonhorse, oldschool and 1 other person
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,635
ErzCrz said:
Not sure when it started appearing but I noted today that MDCoreSvc Microsoft Defender Core Service was running even though I was testing out CIS Beta 2 with a couple of things today.

View attachment 279957

It'll probably just be MD until the next beta comes out but just happen to notice this service still running even though I have periodic MD scanning disabled. Not had time to check if it's the same with other AVs,
Click to expand...
Interesting. I don't have this service on my system.
 
  • Like
Reactions: Nevi and oldschool
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,635
ErzCrz said:
It's still there with Emsisoft installed so it must be just a thing now. I do have the early updates enabled in Win 11 but just something I noticed.

View attachment 279973
View attachment 279974
View attachment 279976
Click to expand...
I see. So you know on Windows 11, MD's "Antimalware Service Executable/MsMpEng.exe" always keeps running even when a third-party AV is installed. So maybe MS has now created this new "Antimalware Core Service" which will be the one that will now keep running always. Or maybe a name is happening where "Antimalware Service Executable" will be called "Antimalware Core Service" in the future.
What's the name of the exe file of this service?
 
  • Like
Reactions: Nevi and harlan4096
ErzCrz

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
SeriousHoax said:
I see. So you know on Windows 11, MD's "Antimalware Service Executable/MsMpEng.exe" always keeps running even when a third-party AV is installed. So maybe MS has now created this new "Antimalware Core Service" which will be the one that will now keep running always. Or maybe a name is happening where "Antimalware Service Executable" will be called "Antimalware Core Service" in the future.
What's the name of the exe file of this service?
Click to expand...
Yeah, must just be a something keeping your account protection etc monitored.

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpDefenderCoreService.exe
1701522490941.png

Not using much resource at all which is great.

On a different note, not sure I'll renew Emsisoft though it is good. CF/MD probably my plans for 2024.
 
  • Like
Reactions: Nevi, SeriousHoax and harlan4096
F

ForgottenSeer 100397

SeriousHoax said:
So you know on Windows 11, MD's "Antimalware Service Executable/MsMpEng.exe" always keeps running even when a third-party AV is installed. So maybe MS has now created this new "Antimalware Core Service" which will be the one that will now keep running always.
Click to expand...
There is no instance of MsMpEng running on our Windows 11 systems with Kaspersky. I'll confirm and update here regarding this and the new service.
 
  • Like
Reactions: harlan4096
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,635
rhythm said:
There is no instance of MsMpEng running on our Windows 11 systems with Kaspersky. I'll confirm and update here regarding this and the new service.
Click to expand...
It may not always run on systems that were upgraded to 11 from 10 without freshly installing windows. Or if it was disabled using something like Defender Control or other manual method.
 
  • Like
  • +Reputation
Reactions: ErzCrz and oldschool
ErzCrz

ErzCrz

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,023
SeriousHoax said:
It may not always run on systems that were upgraded to 11 from 10 without freshly installing windows. Or if it was disabled using something like Defender Control or other manual method.
Click to expand...
Ah okay. It's Win 11 as it was shipped and SAC disabled. Doesn't really matter since using MD anyway but just something I noticed when I was trying out a couple of different configurations ;) Thanks for the info.
 
  • Like
Reactions: SeriousHoax and oldschool

Similar threads

ErzCrz
    • Like
    • Applause
    • +Reputation
Advanced Plus Security ErzCrz config 2021
Replies
54
Views
11,825
CSC Archive
ErzCrz
ErzCrz
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
10,403
Other security for Windows, Mac, Linux
Warencom
W
4
    • Like
    • Thanks
    • +Reputation
Reverse Engineering Rogue Kaspersky browser extension
Replies
12
Views
2,911
Malware Analysis
oldschool
oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top