Advanced Plus Security Moonhorse's Security Config 2019

Last updated
Nov 18, 2019
Windows Edition
Home
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Sophos home premium FREE
Comodo firewall
Firewall security
About custom security
Comodo firewall on internet security config
Periodic malware scanners
Emsisoft emergency kit
Malwarebytes adwcleaner
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Firefox stable channel (70.0.1 currently)

Extensions:
- Ublock origin
- Bitwarden
- Bitdefender trafficlight

About:config
- network.trr.mode = 2
- media.peerconnection.enabled = false
- security.secure_connection_icon_color_gray = false
- security.identityblock.show_extended_validation = true
Maintenance tools
Geek uninstaller
File and Photo backup
External drive
System recovery
Aomei backupper Free
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
Computer specs
Asus m5A97
AMD FX-6300 @ 3.8ghz
MSI GTX-970
HDD 1TB
8GT Kingston Ram, @1600Hz

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,602
Even I learned to whitelist by hash, etc. If @oldschool can do it, @Moonhorse can do it. And yes, you may ask Andy anything. His customer support is most excellent! Companies should model their's after him. The latter will never happen. :LOL:
Default-deny protection is not friendly to most people, so I have much time to help others.:giggle:
 

Moonhorse

Level 38
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
17.1.2019

Removed
- ccleaner
- defragler
- bleachbit
- roguekiller

extensions removed:
- windows defender browser protection
- emsisoft

Added
+ Privazer ( without installation to run browser cleaner)
+ Privazer shellbag anylyzer

Extensions added:
+ Malwarebytes (welcome back)
+ Decentraleyes

+ Also added firefox nightly secondary browser, chrome still remains main browser. Nightly used mostly on browsing and banking is done on chrome

Computer Security Knowledge status updated to : medium
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,602
Moonhorse,
Have you applied 'Defender high settings' by using ConfigureDefender button in H_C?
 
  • Like
Reactions: harlan4096

Moonhorse

Level 38
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Moonhorse,
Have you applied 'Defender high settings' by using ConfigureDefender button in H_C?
I wasnt aware about that, configuredefender were part of H_C:emoji_innocent:

Well i applied defender high settings, close button didnt work so i just exit with X
Is there any way to do check i have such settings enabled, without opening configuredefender?
I know something about srp and H_C but not anything bout configuredefender
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,602
I wasnt aware about that, configuredefender were part of H_C:emoji_innocent:

Well i applied defender high settings, close button didnt work so i just exit with X
Is there any way to do check i have such settings enabled, without opening configuredefender?
I know something about srp and H_C but not anything bout configuredefender
The Close button works, but sometimes you have to clik it two or more times (slow clicks).
I will probably look at this issue in the future version. The actual WD settings can be easily seen in the PowerShell Console by using the command:
get-mpPreference
 
Last edited:

Moonhorse

Level 38
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
The Close button works, but sometimes you have to clik it two or more times (slow clicks).
I will probably look at this issue in the future version. The actual WD settings can be easily seen in the PowerShell Console by using the command:
get-mpPreference
Disablecatchupfullscan true
disablecatchupquickscan true

Do this mean on-demand scanning is disabled?
And about disablelowcpupriority_ true, shouldnt this one boost performance?
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,602
Disablecatchupfullscan true
disablecatchupquickscan true

Do this mean on-demand scanning is disabled?
And about disablelowcpupriority_ true, shouldnt this one boost performance?
Those settings are not configured by Configuredefender. I think that they are the default settings. I do not have the setting disablelowcpupriority (it should be probably EnableLowCpuPriority). Read the below:
Set-MpPreference (defender)
 
Feb 14, 2012
34
I did not know about Neustar DNS (y)

Threat Protection
For users who want protection against malicious domains for security purposes. Includes Reliability & Performance.LowMalware, Ransomware, Spyware & Phishing.

It's powerfull DNS for Malware, Ransomware, Spyware & Phishing ?
 

Moonhorse

Level 38
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
I did not know about Neustar DNS (y)

Threat Protection
For users who want protection against malicious domains for security purposes. Includes Reliability & Performance.LowMalware, Ransomware, Spyware & Phishing.

It's powerfull DNS for Malware, Ransomware, Spyware & Phishing ?
Since the threat protection will block torrents/warez sites, and those are pretty much where you could download something suspicious i would say its worth to add

Im myself from eu, i used cloudflare before but i cant say i have any difference in loading speed than with neustar

Today i visited few sites that were advertised in twitch ( are fake/ phishing sites) and neustar dns aswell blocked them, but with the malware category

But yes, neustar is protection wide best DNS you can get

Edit: only downside of DNSthreat blocking is that you cant whitelist domains, but i can well put the neustar business protection on without getting blocked by any sites i visit
 
Feb 14, 2012
34
Since the threat protection will block torrents/warez sites, and those are pretty much where you could download something suspicious i would say its worth to add

Im myself from eu, i used cloudflare before but i cant say i have any difference in loading speed than with neustar

Today i visited few sites that were advertised in twitch ( are fake/ phishing sites) and neustar dns aswell blocked them, but with the malware category

But yes, neustar is protection wide best DNS you can get

Edit: only downside of DNSthreat blocking is that you cant whitelist domains, but i can well put the neustar business protection on without getting blocked by any sites i visit

Thanks for your reply :emoji_ok_hand:
 
  • Like
Reactions: Moonhorse

Moonhorse

Level 38
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Update 23.1.2019

- Removed hard configurator ( due family pc, and it feels like im in locked mode all the time)

+ Syshardener 1.5 added ( max settings) To replace H_C

H_C Is great, but i ran into problems whitelisting even i got the help i needed. Its way to learn Smartscreen and i respect that

now i feel bit awkward,
 

Moonhorse

Level 38
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
What other programs have you thought about using for your current system? @Moonhorse

~LDogg
Im just gonna stay using Windows defender and avoid system utilities like ccleaner etc. use windows cleaning tools/ defrag instead

I just ran O & O shutup > Syshardener on max > and im gonna keep it like this. Im not gonna add any bb like OSA or any other tool for that

Also start to use portable antimalwares like EEK, HMP, Only Zam will be installed to be part of beta program, but keep windows very clean and minimal with installed softwares
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Im just gonna stay using Windows defender and avoid system utilities like ccleaner etc. use windows cleaning tools/ defrag instead

I just ran O & O shutup > Syshardener on max > and im gonna keep it like this. Im not gonna add any bb like OSA or any other tool for that
This does make sense, fair play.

~LDogg
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,602
Update 23.1.2019

- Removed hard configurator ( due family pc, and it feels like im in locked mode all the time)

+ Syshardener 1.5 added ( max settings) To replace H_C

H_C Is great, but i ran into problems whitelisting even i got the help i needed. Its way to learn Smartscreen and i respect that

now i feel bit awkward,
Default-deny setup is not for everyone. It is intended for the users, who rarely install the new applications, because new applications often require some whitelisting.:giggle:
If you did not feel happy with it, then SysHardener is a good choice, because it blocks/restricts script interpreters, and macros (in the supported office applications). (y)
 

Moonhorse

Level 38
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
@Andy Ful Well i rarely install new applications, but i had the problem with whitelisting. I couldve managed to life with that, no worries i just think syshardener is more familiar for noob like me

Also i guess H_C is TRUE default deny and not crappy default deny wich is relying in trusted vendor list. As we see its doing good job on askalans tests :unsure:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top