Advanced Plus Security ErzCrz Security Config 2025

Last updated
Jun 15, 2025
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Allow security updates and latest features
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Evaluation mode
Network firewall
Enabled
About WiFi router
Sky Router with built-in IPV4/IPv6 Firewall
Real-time security
Microsoft Defender
DefenderUI
CyberLock
Firewall security
Microsoft Defender Firewall
About custom security
Cyberlock - ON - Create In/Out Firewall Rules for Unsafe Items. Require Captcha to exit.
DefenderUI - Recommended
Periodic malware scanners
Norton Power Eraser
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Primary: Edge with Adguard Browser Assistant
Secondary - Firefox with Adguard Browser Assistant
Secure DNS
Provided by ISP Sky Shield though occasionally Cloudflare DNS over HTTP.
Desktop VPN
None. Browsing primarily on home private network.
Password manager
Keepass 2.x
Maintenance tools
Windows built-in Disk Clean-up and Storage Sense.
File and Photo backup
Seagate - Toolkit - Weekly backups
Subscriptions
    • None
System recovery
Lenovo Built in Recovery, Seagate Toolkit Backup/Recovery.
Risk factors
    • Browsing to popular websites
    • Working from home
    • Making audio/video calls
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Downloading software and files from reputable sites
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
ErzCrz Laptop Specs 2025
Notable changes
22.01.2022 - Reverted to Comodo Internet Security setup with Firefox as default browser and Thunberbird email client.
15.05.2022 - Reverted to Hard_Configurator setup following errors after uninstall and PC reset with Edge as default browser for MD integration while also sticking to Thunderbird for email & Updated backup routine.
13.08.2022 - Swapped to built-in backup solution.
12.09.2022 - General update in line with new guidelines.
29.10.2022 - Edge Exploit Tweaks re-implimented
15.11.2022 - Edge Exploit Tweaks removed. Removed OneDrive backups.
18.11.2022 - Firefox now my primary browser & Thunderbird primary email client.
12.12.2022 - updated Dec 2022 changes, backup now manual and onedrive. Experimenting with Comodo Internet Security but not fully committed to it yet.
11.01.2023 - Updated Security Configuration for new laptop and having won Emisoft giveaway.
22.01.2023 - Reverted to MD, ConfigureDefender - High & Enabled CFA, FWHardener, Added NPE to scanner, Edge exploit tweaks.
01.02.2023 - Now using Seagate Toolkit for Backup of Documents and Folders
18.05.2023 - Using H_C Beta and few unticks/ticks of PC use.
24.06.2023 - Back to Emsisoft Anti-Malware Home, Changed Password Manager to KeepassXC
02.09.2023 - Switched from Emsisoft Setup to CF/MD Configuration
20.10.2023 - Switched to Firefox, no longer using VPN for as work now has Azure cloud servers. Temporarily removed custom exploit settings.
01.11.2023 - Back to MD H_C setup
12.12.2023 - Added Anti-Exploit Tweaks and uBO in Hard Mode with noop rules.
20.12.2023 - Removed custom exploit rules as having some Edge freezes. Moved back to Comodo Firewall with Cruelsister Configuration.
21.12.2023 - Firefox now primary browser.
27.12.2023 - Edge changed to Primary Browser
31.12.2023 - New config for 2024 - MD (DefenderUI), CyberLock,WFC
06.01.2024 - Removed WFC, Implemented WFH & CL create firewall rules for not safe items.
08.01.2024 - Re-Added WFC
03.01.2024 - Firefox now primary browser.
21.01.2024 - Changed Primary Browser to Edge
28.01.2024 - Removed WFC and replaced with CF
05.02.2024 - Returned to WFC
28.02.2024 - Adjusted uBO Rules & Added Netcraft & BD:TL extensions
25.03.2024 - Changed to CIS .8012
10.04.2024 - Reverted to MD/DefenderUI/Cyberlock/WFC Config
11.04.2024 - Reverted to MD/DefenderUI/Cyberlock/CF
21.05.2024 - CIS Final Beta, AOMEI System Backup Monthly - Scheduled, Firefox Primary Browser and uBO only for browser extensions.
31.05.2024 - CIS Premium 2025 Released
18.06.2024 - CF 2025, DefenderUI, CyberLock
27.06.2024 - Swapped KeepassXC to Keepass
04.08.2024 - Swapped uBO for Ghostery in Edge
03.09.2024 - Swapped CF for WFC and Ghostery for UBOL
03.10.2024 - Renewed Emsisoft Anti-Malware Home Subscription and removed DefenderUI and WFC
07.10.2024 - Returned to MD (DefenderUI), CyberLock,WFC configuration.
20.11.2024 - WFH and Anti-Exploit added as protection layers.
10.12.2024 - Swapped DefenderUI For ConfigureDefender and Dropped WFC
14.12.2024 - Returned to MD (DefenderUI), CyberLock,WFC configuration.
18.4.2025 - Removed WFC, purchased Adguard Lifetime Licence & swapped DefenderUI for ConfigureDefender
25..05.2025 - Revereted to MD, DefenderUI, Cyberlock, WFC
2025 Configuration - MD, DefenderUI, CyberLock, WFC
15.06.2025 - New Laptop (see specs link above) Setup is CyberLock Always On, Smart Firewall Recommended & DefenderUI Recommended
----------------------------------------
Disclaimer we use date format DD/MM/YYYY here in the UK
What I'm looking for?

Looking for minimum feedback.

ErzCrz

ErzCrz

Level 24
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,366
After testing for a few days, definitely faster without Adguard in a lot of ways. In a bit of a paranoid mood so I might try out NoScript again but I found that always works best when you're just visiting a regular set of sites and then happy click something by mistake. Still, a useful tool and without uBO Origin capabilities the paranoid me might give it a go.
 
  • Like
Reactions: Nevi, piquiteco, SeriousHoax and 2 others
SeriousHoax

SeriousHoax

Level 52
Verified
Top Poster
Well-known
Mar 16, 2019
4,101
ErzCrz said:
After testing for a few days, definitely faster without Adguard in a lot of ways. In a bit of a paranoid mood so I might try out NoScript again but I found that always works best when you're just visiting a regular set of sites and then happy click something by mistake. Still, a useful tool and without uBO Origin capabilities the paranoid me might give it a go.
Click to expand...
Yeah, AdGuard definitely slows down even though the slowness in most cases would be acceptable for most people. But switching from ADG Desktop to uBO, the speed difference is immediately noticeable.
I tried the route of using uBO in hard mode a few years ago and it was not bad. But the amount of things I had to whitelist was a lot. So in the end didn't make much difference. Also just remembered, for whatever reason, at that time some sites with a lot of javascripts were slightly slower to load only in Firefox with uBO hard mode compared easy mode. That was a very odd thing for me because I expected the opposite.
I could never get comfortable with NoScript's UI. I used uMatrix when it was still a thing and uBO hard mode after that.
 
  • Like
Reactions: piquiteco, ErzCrz and oldschool
oldschool

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
8,133
SeriousHoax said:
I tried the route of using uBO in hard mode a few years ago and it was not bad. But the amount of things I had to whitelist was a lot. So in the end didn't make much difference.
Click to expand...
Similar to you, I've used hard mode and would revert to medium mode for tricky sites, which is fairly problem-free. In the end, it almost made sense to just use medium mode. 🤔
 
  • Like
Reactions: Nevi, piquiteco and SeriousHoax
ErzCrz

ErzCrz

Level 24
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,366
oldschool said:
Similar to you, I've used hard mode and would revert to medium mode for tricky sites, which is fairly problem-free. In the end, it almost made sense to just use medium mode. 🤔
Click to expand...
SeriousHoax said:
Yeah, AdGuard definitely slows down even though the slowness in most cases would be acceptable for most people. But switching from ADG Desktop to uBO, the speed difference is immediately noticeable.
I tried the route of using uBO in hard mode a few years ago and it was not bad. But the amount of things I had to whitelist was a lot. So in the end didn't make much difference. Also just remembered, for whatever reason, at that time some sites with a lot of javascripts were slightly slower to load only in Firefox with uBO hard mode compared easy mode. That was a very odd thing for me because I expected the opposite.
I could never get comfortable with NoScript's UI. I used uMatrix when it was still a thing and uBO hard mode after that.
Click to expand...

Agreed about uBO Medium mode with some only allow TLD rules and blocking HTTPs Rules. The below are my default in uBO but it gets tedious when some streaming sites require xhr whitelisting to work but still block the streaming ads.

! Block beacons, obsolete plugins and websocket biderectional data connections on insecure websites
|HTTP://*$ping,object,websocket,important

! Block potentially unsafe third-party content linking to unsafe unencrypted websites
|HTTP://*$third-party,~document,~stylesheet,~image,~media,important

! Warn when opening webpages on top level domains and countries I never visit
||*$document,domain=~com|~info|~io|~eu|~net|~org|~uk|~ms|~gov

I use Edge for default browser because Microsoft Defender works best with it but I inevitably have to stream on Firefox for sites with Ads that I need uBO Origin for.

NoScript can be a little tedious and I miss that the Mcafee Site Advisor would tell you for example that it's just a site media server but uBO is my favourite for all around protection ugh MV3 /shrug though uBOL is fine in Optimal for ad blocking but I miss the control of Origin.

Sorry for wall of text. I tend to ramble on a bit when I'm reducing steroids...
 
  • Like
  • Applause
Reactions: Nevi, piquiteco, SeriousHoax and 1 other person
ErzCrz

ErzCrz

Level 24
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,366
Well, Firefox does recognise MD / WF in About:support so I suppose it doesn't matter which browser, just use what works best for you ;)

1746835486877.png
 
  • Like
Reactions: oldschool, piquiteco and SeriousHoax
ErzCrz

ErzCrz

Level 24
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,366
Just something different I noticed. I decided on trying out Intel Driver Assistant and updated Intel Iris xe graphics driver from 30.01.101.166 to 32.0.101.6790. Well, MyAsus took over and rolled back the driver to 30.01.. Not that I had issue with current driver but was in response to a Hogwarts Legacy warning about issues with the driver but turns out it ran anyway whether I updated it or not. Just an observation. I suppose MyAsus will update the driver when it wants :)
 
  • Like
Reactions: lokamoka820, oldschool and piquiteco
ErzCrz

ErzCrz

Level 24
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,366
lokamoka820 said:
Try repairing the database:

Repairing Databases - KeePass

keepass.info keepass.info
is there any error code?
Click to expand...
I didn't see any error code. Works fine now. I've checked that I at least have a current back up. Probably just some sort of glitch though not sure what was the cause. Will have to look at the windows event viewer for any clues.
 
  • Like
Reactions: piquiteco and lokamoka820
ErzCrz

ErzCrz

Level 24
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,366
Just reverting to Microsoft Defender, DefenderUI (because I like it over CD), CyberLock and WFC.
A bit intermittent with WFC as I've seen some network stutters now and then with it it but can't quite whether WFC was the cause.
 
  • Like
Reactions: harlan4096, piquiteco and Jonny Quest
piquiteco

piquiteco

Level 16
Verified
Top Poster
Well-known
Oct 16, 2022
775
ErzCrz said:
Just reverting to Microsoft Defender, DefenderUI (because I like it over CD), CyberLock and WFC.
A bit intermittent with WFC as I've seen some network stutters now and then with it it but can't quite whether WFC was the cause.
Click to expand...
Hi, @ErzCrz, how are you? Just a question about Comodo. When you used Comodo, did you use CIS or did you use CF + MD? Thanks! :)
 
ErzCrz

ErzCrz

Level 24
Thread author
Verified
Top Poster
Well-known
Aug 19, 2019
1,366
piquiteco said:
Hi, @ErzCrz, how are you? Just a question about Comodo. When you used Comodo, did you use CIS or did you use CF + MD? Thanks! :)
Click to expand...
Hi. I just use Comodo Firewall with CruelSister settings. I have installed it now and then to assist people using it but I use CyberLock so it's overkill with Comodo. Anyway, just use CS's settings, don't mess about with it much and it'll be a great set and forget. Oh yeah, you have to disable MD realtime protection temporarily to install KillSwitch as MD detects the installer as a Trojan and the installation fails. Once installed, remember to re-enable MD realtime proteciton. You'll then see an CFW/CIS program update which updates the signature of KillSwitch and the update will run fine.

You can enable IPv6 filtering but you'll need to redo the Firewall Task - Stealth Ports and then create the following global rules for IPv6 to work.

Allow ICMP In IPv6 - Packet to big
Allow ICMP In IPv6 - Time Exceeded
Allow ICMP In IPv6 - Custom type 134 - 0 (Router Advertisement required rule)
Allow ICMP In IPv6 - Custom type 135 - 0 (Neighbour solicitation required rule)
Allow ICMP In IPv6 - Custom type 136 - 0 (Neighbour advertisement required rule)

You don't need HIPS with Containment set to Restricted or Untrusted.
Webfiltering doesn't work with anything other than firefox and internet explorer so you can technically disable that as well though I would leave it unless you experience issues.
 
  • Thanks
Reactions: piquiteco
You must log in or register to reply here.

Similar threads

ErzCrz
    • Like
    • Applause
    • +Reputation
Advanced Plus Security ErzCrz config 2021
Replies
54
Views
16,257
CSC Archive
ErzCrz
ErzCrz
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
76
Views
20,259
Other security for Windows, Mac, Linux
oldschool
oldschool
4
    • Like
    • Thanks
    • +Reputation
Reverse Engineering Rogue Kaspersky browser extension
Replies
12
Views
3,979
Malware Analysis
oldschool
oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top