Advanced Plus Security ErzCrz Security Config 2024

Last updated
Oct 7, 2024
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
About WiFi router
Sky Router with built-in IPV4/IPv6 Firewall
Real-time security
Microsoft Defender
DefenderUI
CyberLock
WFC
Firewall security
Other - Internet Security (3rd-party)
About custom security
Cyberlock - ON - Create In/Out Firewall Rules for Unsafe Items. Require Captcha to exit.
DefenderUI - Recommended
WindowsFirewallControl - Medium/Display Notifications
Periodic malware scanners
Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Primary: Edge with UBOLite in Complete Mode
Secondary - Firefox with uBO in Medium Mode
Secure DNS
Provided by ISP Sky Shield though occasionally Cloudflare DNS over HTTP.
Desktop VPN
None. Browsing primarily on home private network.
Password manager
Keepass 2.x or KeePassXC whichever is my flavour of the month though they use the same database file.
Maintenance tools
Windows built-in Disk Clean-up and Storage Sense.
File and Photo backup
Seagate - Toolkit - Weekly Backup
Subscriptions
    • None
System recovery
AOMEI System Backup Monthly to external drive.
Risk factors
    • Browsing to popular websites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Notable changes
22.01.2022 - Reverted to Comodo Internet Security setup with Firefox as default browser and Thunberbird email client.
15.05.2022 - Reverted to Hard_Configurator setup following errors after uninstall and PC reset with Edge as default browser for MD integration while also sticking to Thunderbird for email & Updated backup routine.
13.08.2022 - Swapped to built-in backup solution.
12.09.2022 - General update in line with new guidelines.
29.10.2022 - Edge Exploit Tweaks re-implimented
15.11.2022 - Edge Exploit Tweaks removed. Removed OneDrive backups.
18.11.2022 - Firefox now my primary browser & Thunderbird primary email client.
12.12.2022 - updated Dec 2022 changes, backup now manual and onedrive. Experimenting with Comodo Internet Security but not fully committed to it yet.
11.01.2023 - Updated Security Configuration for new laptop and having won Emisoft giveaway.
22.01.2023 - Reverted to MD, ConfigureDefender - High & Enabled CFA, FWHardener, Added NPE to scanner, Edge exploit tweaks.
01.02.2023 - Now using Seagate Toolkit for Backup of Documents and Folders
18.05.2023 - Using H_C Beta and few unticks/ticks of PC use.
24.06.2023 - Back to Emsisoft Anti-Malware Home, Changed Password Manager to KeepassXC
02.09.2023 - Switched from Emsisoft Setup to CF/MD Configuration
20.10.2023 - Switched to Firefox, no longer using VPN for as work now has Azure cloud servers. Temporarily removed custom exploit settings.
01.11.2023 - Back to MD H_C setup
12.12.2023 - Added Anti-Exploit Tweaks and uBO in Hard Mode with noop rules.
20.12.2023 - Removed custom exploit rules as having some Edge freezes. Moved back to Comodo Firewall with Cruelsister Configuration.
21.12.2023 - Firefox now primary browser.
27.12.2023 - Edge changed to Primary Browser
06.01.2024 - Removed WFC, Implemented WFH & CL create firewall rules for not safe items.
08.01.2024 - Re-Added WFC
03.01.2024 - Firefox now primary browser.
21.01.2024 - Changed Primary Browser to Edge
28.01.2024 - Removed WFC and replaced with CF
05.02.2024 - Returned to WFC
28.02.2024 - Adjusted uBO Rules & Added Netcraft & BD:TL extensions
25.03.2024 - Changed to CIS .8012
10.04.2024 - Reverted to MD/DefenderUI/Cyberlock/WFC Config
11.04.2024 - Reverted to MD/DefenderUI/Cyberlock/CF
21.05.2024 - CIS Final Beta, AOMEI System Backup Monthly - Scheduled, Firefox Primary Browser and uBO only for browser extensions.
31.05.2024 - CIS Premium 2025 Released
18.06.2024 - CF 2025, DefenderUI, CyberLock
27.06.2024 - Swapped KeepassXC to Keepass
04.08.2024 - Swapped uBO for Ghostery in Edge
03.09.2024 - Swapped CF for WFC and Ghostery for UBOL
03.10.2024 - Renewed Emsisoft Anti-Malware Home Subscription and removed DefenderUI and WFC
07.10.2024 - Returned to MD (DefenderUI), CyberLock,WFC configuration.
20.11.2024 - WFH and Anti-Exploit added as protection layers.
10.12.2024 - Swapped DefenderUI For ConfigureDefender and Dropped WFC
31.12.2023 - New config for 2024 - MD (DefenderUI), CyberLock,WFC
----------------------------------------
14.12.2024 - Returned to MD (DefenderUI), CyberLock,WFC configuration.

Disclaimer we use date format DD/MM/YYYY here in the UK
What I'm looking for?

Looking for minimum feedback.

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Firefox error during playback is apparently something to do with codecs though my Windows 11 Home already has all the video playback codecs. It's not uBO rules related as same ruleset in Edge and no playback issue with Edge. I watch a lots of programs on catchup so I'll make Edge primary and just disable any features I don't need.
No issues with CF .0812 running so far. Once it learns your system it just runs quietly in background.
 
Last edited:

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Bored so rechecking that Firefox playback issue I was having.
Firefox help article
1703802990924.png

Just testing if it can be reproduced and for screenshots to support if there's further issue.
 

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Update: I think I found a workaround with the Firefox playback issue I was having on the Channel 4 On Demand catch-up TV. Checking the uBO logs there were quite a few Easy List - 1st party xhr blocks for monitor and metrics. Creating a allow rules for the monitor.channel4.com seems to have done the trick, well so far anyway. I'm 30 minutes into an episode and so far no errors or issue.

! 2023-12-29 Channel 4 | Stream & Watch Live TV
@@||monitor.channel4.com/logs/dotcom/client/html5player$xhr,domain=www.channel4.com
@@||monitor.channel4.com/metrics/dotcom/client/html5player$xhr,domain=www.channel4.com

It might be that if you are having errors on one stream service, it's worth checking the block logs for 1st party blocks and have to create a rule. @oldschool

Will watch more later and see if it still works.
 

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Weighing up the options for my 2024 configuration. CF works okay though I'd like the stable 2024 version with Win11 full compatibility. CyberLock is a viable option as is Hard_Configurator, CD,FWH. Another option is renew Emsisoft which I won in January this year. Obviously security is about layers and surface attack area. Just undecided on the direction to go with instead of changing setups so often. I've made 12 recorded changes this year and probably just as much not recorded as I tested out various things in my config and I need to give a solution longer than a month or two.

  1. Microsoft Defender with Hard_Configurator, CD, FWH
  2. WFC with Microsoft Defender & Hard_Configurator
  3. Comodo Firewall with Microsoft Defender
  4. CyberLock with Microsoft Defender
  5. Emsisoft Anti-Malware Renewal
  6. Some other setup.

Random.org Dice Roller

Time yet to decide but just kind of thinking out loud. Emsisoft Renewal and CyberLock are of similar price. I guess I could just roll dice (see link) :D

EDIT Note: Firewall is an important element to prevent data leaking which has me leaning more to CF o WFC route but both CL and Emsisoft block outgoing as well.
 
Last edited:

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Updated configuration for 2024.

Microsoft Defender with DefenderUI Recommended Settings
CyberLock - Autopilot while learning machine
Windows Firewall Control - Recommended
EDIT: Disabled Secure Profile setting for WFC to allow CyberLock to create firewall rules.

No other changes at this moment. Happy New Year and a big thank you to @Shadowra for the recommendations!
 
Last edited:

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Using both Edge and Firefox. Using MS Teams for catch up meetings with HR adds work account to my laptop and therefore doesn't allow me to switch on Edge Secure Browsing which I wasn't using anyway. CyberLock disables Startup Boost as well but I barely noticed the difference with that enabled anyway. Firefox is more or less my preference so that may get back to being Primary again.
 
Last edited:

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
CyberLock been in Autopilot since yesterday so think it's learned what I use most.
Getting the hang of WFC though I'm thinking of using @Andy Ful 's WindowsFirewallHardening to create block rules for LOLbins so those block rules are already in place just as an added layer ;)
 

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Just put Firefox as Primary browser now, Edge just got too annoying.

Enjoying WFC I just need to brush up on what to allow and worth blocking. Looking into whether it also blocks for example svchost if it's parent process happened to be some malware but it does say "Only the programs that have an allow rule can initiate outbound connections " in the Recommended Notification setting. I'm sure it's the case, just want to know it's capabilities.
 

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
WFC might be the cause of some browsing lag e.g. a news page with lots of articles seemed to hiccup a slightly on loading. Also may have been cause of some lag I had in a Teams Meeting yesterday though next meeting isn't for a couple of weeks so can't test at the moment.

I've exported rules and uninstalled it and running CF without issue and both CF and VS/CL whitelist each other automatically. Kind of has me wondering if DefenderUI needed with both but not having any issue so far. Will test it for a few days before changing configuration.

-----------
EDIT: CF works fine but trying to determine whether it was WFC or not. Could have been a background update or something. Reviewing logs.
EDIT 2: So wasn't WFC issue as far as I can work out, not been able to reproduce either issue so back installed and running fine.
 
Last edited:

ErzCrz

Level 23
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Some brief amendments.
1. Removed WFC - Had some browsing lag after a number of rules created, slow resume of WIFI connection after hibernate and a lot of connection alerts got a bit tedious if I didn't put it in Learning Mode for a couple of days.
2. Implemented @Andy Ful 's WindowsFirewallHardening with H_C Recommended rules applied.
3. Enabled VS/CL rule to create rules for Not Safe items.
1704566807956.png

I may end up going down the CF route eventually as it'll work with VS/CL if using @cruelsister 's configuration at which point DefenderUI might not be needed.

So, some changes this year already but just finding what works best without issue.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top