SECURITY: Complete ErzCrz Simple Strong Protection 2020

Last updated
Sep 22, 2020
About device
Primary device
Operating system
Windows 10
Sign-in identity
Sign-in with Microsoft account
Log-in security
Permissions
Administrator user account
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Malware samples
No - malware is not downloaded
Firewall protection
Microsoft Defender Firewall
Real-time malware protection
Microsoft Defender
RTP & OS hardening settings
Hard_Configurator (recommended settings), Configure Defender (high), Firewall Hardening (recommended rules)
Periodic scanning
Malwarebytes Free
Browsers
Microsoft Edge (Chromium)
UBlock Origin
Tweaked Anti-Exploit settings for Chromium Edge (see change-log for link)
Optimisation apps
BleachBit
My Files & Photos backup
Macrium Reflect (Free)
My Files backup schedule
Manual - every month to the cloud, or local attached storage
Device recovery & settings
Macrium Reflect (Free) to External HD Monthly
Device backup schedule
Computer specifications
Acer Aspire E15
Intel Core i3-400SU
Intel HD Graphics 4400
12 Gig DDR 11 RAM
1TB HDD
Device activity usage
  1. Generic web browsing
  2. Working from home
  3. Computer games
  4. Streaming audio and video content from the Internet
Your changelog
20/12/2020 - Reverted back to MD H_C

19/12/2020 - Swapped back to latest Comodo Internet Security stable.

07/10/2020 - Tweaked uBO Removing static rule for object,ping to improve browsing.

22/09/2020 - Changed from KeePassXC to Original KeePass 2.x. Also removed KeePassXC Edge Extension.

19/09/2020 - Changed from Windows Mail to Thuderbird 78.2.2

08/09/2020 - Tweaked Chromium Edge Anti-Exploit settings: SECURITY: Complete - ErzCrz Simple Strong Protection

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Apr 28, 2015
6,953
You may set UAC to Always Notify, also consider also to run manual backups of important data to external devices, and/or in cloud services.

As for "Virus and Malware Removal Tools", EmsiSoft Emergengy and HitManPro Free.

Please kindly reflect Your changes editing Your config, and announcing them here, thanks for sharing :giggle:
 

ErzCrz

Level 8
Verified
Aug 19, 2019
368
Just updating configuration and auditing my setup. Still finding this variation of UBO in Medium mode the best setup for me and added BitDefender Traffic Light again. This is because of the latest Russian and China hacking stuff going on though I myself have no reason to be a target, just normal UK user. If I was being super paranoid, I'd be tempted to have a fresh go at Comodo but it became more time consuming than it was worth for me. I might look to see if H_C Recommended needs further tweaking but suggestions welcome. Default deny is obviously the key as is usability.
 

Nautilus

Level 2
Apr 27, 2020
58
Nice light setup , but some suggestions I would switch your webfilter with something like emsisoft webfilter , or the one from malwarebytes becuause they are better traficlight , you can pair it up with netcraft for extra phising protection . I would not trust one drive or ms backup , switch to macrium free , way more reliable when the .... hits the fan. also what do you want from comodo , just the firewall I presume? you can install it with @cruelsister settings , this will only take a minute or 2 to setup and will make your pc / laptop like a fortress ( without those annoying / confusing popups ) thanks for sharing your config.
 

Gandalf_The_Grey

Level 42
Verified
Trusted
Content Creator
Apr 24, 2016
3,102
Emsisoft is too light and allows partial downloads of malware, just like SmartScreen in Edge.
Malwarebytes is too heavy.
Netcraft is great but just for phishing.
IMO Bitdefender TrafficLight is the best extension for both malware and phishing.
Test were done here:
Latest one:
@Evjl's Rain Care to do another test?
To see if things have changed over time.
 

ErzCrz

Level 8
Verified
Aug 19, 2019
368
Nice light setup , but some suggestions I would switch your webfilter with something like emsisoft webfilter , or the one from malwarebytes becuause they are better traficlight , you can pair it up with netcraft for extra phising protection . I would not trust one drive or ms backup , switch to macrium free , way more reliable when the .... hits the fan. also what do you want from comodo , just the firewall I presume? you can install it with @cruelsister settings , this will only take a minute or 2 to setup and will make your pc / laptop like a fortress ( without those annoying / confusing popups ) thanks for sharing your config.

Thanks. I'll look at those other webfilters and netcraft. I downloaded Macrium Free but not got around to doing a backup test with it yet.

I used to do a lot of tweaks with Comodo but yeah, I would probably just go down the @cruelsister setup with just the firewall for better firewall protection if I were going to go down that route though you have to setup the IPv6 rules manually.

Erz
 

ErzCrz

Level 8
Verified
Aug 19, 2019
368
Emsisoft is too light and allows partial downloads of malware, just like SmartScreen in Edge.
Malwarebytes is too heavy.
Netcraft is great but just for phishing.
IMO Bitdefender TrafficLight is the best extension for both malware and phishing.
Test were done here:
Latest one:
@Evjl's Rain Care to do another test?
To see if things have changed over time.

Lots of options, it would be good to see some more up-to-date testing on BDTL but I'm giving it a go and doing some research ;)
 

SecurityNightmares

Level 31
Verified
Jan 9, 2020
2,057
IMO Bitdefender TrafficLight is the best extension for both malware and phishing.
Test were done here:
Latest one:
@Evjl's Rain Care to do another test?
To see if things have changed over time.
How does it compare to AdGuard extension?
 

Vitali Ortzi

Level 20
Verified
Dec 12, 2016
998
Please no defrag nonsense for SSDs. Windows handle this at best way. Their is no reason to use any such tools.
Same for memory caching.
I'm not taking about defraging an SSD since SSD work differently.

But memory caching can help with some workloads but not many and usually unoptimized ones .
 
  • Like
Reactions: Dave Russo

Gandalf_The_Grey

Level 42
Verified
Trusted
Content Creator
Apr 24, 2016
3,102
How does it compare to AdGuard extension?
The latest with the AdGuard extension is an old one, but it didn't do so good:
It's the same when I used to test all the links @Evjl's Rain shared in that thread.
If I remember correctly AdGuard didn't block more than three in any test.
 

ErzCrz

Level 8
Verified
Aug 19, 2019
368
Just a quick update to my uBlock Origin setup.

1. I've subscribed to Default filters, imported top new Top3000 list ( https://raw.githubusercontent.com/Kees1958/W3C_annual_most_used_survey_blocklist/master/Top3000 )

2. Amended my Static Filters to include blocking obsolete flash and ping (thanks to @Lenny_Fox ):

So my static filters are now:

! Block (obselete flash) plugins and (hyperling auditing & sending beacons) pings
||*$object,ping
! Block insecure third-party content except stylesheet, image and media
||HTTP://*$3p,~stylesheet,~image,~media
!
! Block all on much abused generic TLD's. The TLD is between ||* and ^$, e.g. ||*.BID^$
!
||*.bid^$all
||*.buzz^$all
||*.club^$all
||*.country^$all
||*.date^$all
||*.download^$all
||*.gdn^$all
||*.host^$all
||*.icu^$all
||*.jetz^$all
||*.kim^$all
||*.loan^$all
||*.men^$all
||*.mobi^$all
||*.mom^$all
||*.party^$all
||*.pics^$all
||*.racing^$all
||*.ren^$all
||*.rest^$all
||*.review^$all
||*.ryukyu^$all
||*.science^$all
||*.sex^$all
||*.shop^$all
||*.site^$all
||*.stream^$all
||*.top^$all
||*.trade^$all
||*.vip^$all
||*.wang^$all
||*.win^$all
||*.work^$all
||*.xin^$all
||*.xxx^$all
||*.xyz^$all
@@||email.ionos.co.uk*^$all,domain=ionos.co.uk
!
! Block all on much abused country code TLD's. The TLD is between ||* and ^$, e.g. ||*.AM^$
!
||*.am^$all
||*.cc^$all
||*.cf^$all
||*.cn^$all
||*.fm^$all
||*.ga^$all
||*.gg^$all
||*.ki^$all
||*.kp^$all
||*.la^$all
||*.ml^$all
||*.pw^$all
||*.ru^$all
||*.tk^$all
||*.ua^$all
||*.ug^$all
||*.vn^$all
@@discord.gg^$all,domain=discord.com

And shorted my Dynamic rules to:

no-large-media: behind-the-scene false
* * 3p-frame block
* * 3p-script block
* com * noop
* gov * noop
* net * noop
* org * noop
* uk * noop
behind-the-scene * * noop
behind-the-scene * 1p-script noop
behind-the-scene * 3p noop
behind-the-scene * 3p-frame noop
behind-the-scene * 3p-script noop
behind-the-scene * image noop
behind-the-scene * inline-script noop
 

ErzCrz

Level 8
Verified
Aug 19, 2019
368
Playing around with extensions on Chromium Edge. Still using UBO in the modified medium mode, Netcraft, BitDefender Traffic light and just trialing ClearURLs to help with tracking but not sure if that's a bit of an overkill or not. I don't notice any browsing slowdown at all.
 

oldschool

Level 59
Verified
Mar 29, 2018
4,857
Playing around with extensions on Chromium Edge. Still using UBO in the modified medium mode, Netcraft, BitDefender Traffic light and just trialing ClearURLs to help with tracking but not sure if that's a bit of an overkill or not. I don't notice any browsing slowdown at all.
You may scrap Netcraft and Trafficlight unless you've disabled Edge > Settings > Smartscreen. SS has malware and phishing protection covered, my friend! :D
 
Top