Latest Changes
Mar 18, 2019
Operating System
Windows 10
Windows Edition
Home
Build
1809
System Architecture
64-bit OS
Security Updates
Automatic Updates - All security and feature updates
User Access Control
Always Notify
Firewall
3rd-party Firewall - Network security provided by a trusted vendor
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Standard - User has some control over the settings
Recent Security Incidents
No malware or privacy issues
Malware Testing
None - No Malware on host PC or VM
Real-time Web & Malware Protection
Forticlient
Comodo firewall
Custom Settings For Real-Time Protection
Custom - Major changes for Increased Security
Virus and Malware Removal Tools
Malwarebytes free
Adwcleaner
Browsers and Extensions
Google chrome:
  • Ublock origin
  • Netcraft
  • Malwarebytes extension
  • Bitwarden
Chrome flags enabled:
  • block downloads over insecure connections
  • Anonymize WebRTC
Web Privacy
Cloudflare DNS
Password Management
Bitwarden
Default Web Search
Google
System Utilities
Geek uninstaller
Data Backup
External drive
Frequency of Data backups
Monthly
System Backup
Aomei backupper Free
Frequency of System backups
Regularly
Computer Activity
Gaming
Banking
Browsing Internet and email
Install new programs on a weekly basis
Watch movies and other video content on the Internet
Device is used by family members
Computer Specifications
Asus m5A97
AMD fx-6300
MSI GTX-970
HDD 1TB
8GT Kingston Ram, 3100(?)

Nestor

Level 7
I did minium install, nothing has popped up for me.

It just sounds like you had adware installed where the pop-ups coming from?
Onclickads.net Browser Redirect Removal

i would run adwcleaner from malwarebytes incase there is something sketchy going + zemana probably
I tried everything, HMPA, Adwcleaner, NPE, EEK and nothing found. Maybe I will try Zemana but i know will flag Thor as a Dns Hijack.Maybe the only solution is to reset the router.
 
Last edited:

Andy Ful

Level 37
Content Creator
Trusted
Verified
...
Edit: @Andy Ful Is it possible to use H_C as default allow .exe and just benefit from WD hardening + script blocking ( sponsors) if WD has block in first sight? If the whitelisting is painful for someone
Yes, you can use WD. Just load the Avast profile in H_C. The Avast profile automatically sets default-allow SRP for EXE files, so there is no need to whitelist EXE files anymore. You can block some sponsors if you need. In this way, you can have a similar setup to:
SECURE: Complete - Moonhorse's Security Config 2019
except the protection of double extensions.
Maybe I will add double extension protection for default-allow setup in the future - of course, it is covered already in default-deny setup.
 
Last edited:

Moonhorse

Level 24
Content Creator
Verified
Update 31.1.2019

Removed browser extensions:
- Trace
- Bitwarden
- Decentraleyes
- Malwarebytes extension

Added:
+Google chrome;
- Ublock origin
- Netcraft
- Windows defender browser protection
+ bitwarden desktop version

This is probably lightest setup i can get for now. Below my ublock origin filters;

blocklists1.png
 

Moonhorse

Level 24
Content Creator
Verified
Update 14.2.2019

- Removed H_C and did clean install. Reason i have uninstalled H_C is because i want to have default allow antivirus and i want to have setup wich i can install to someone elses computer

+ Added:

+ Kaspersky cloud av ( Harlans tweaks; )

+ Syshardener ( max ) Everything enabled except; show hidden system files, disable superfetch and block bitadmins

+ Firefox as mainbrowser
  • Ublock origin (1hosts mini, coinblockerlists, nocoin, nano defenders lists)
  • Privacy possum
  • Canvasblocker
  • Netcraft
  • Malwarebytes extension
  • Bitwarden extension
As im using kaspersky now, i could remove malwarebytes but i dont see reason for that
 

Moonhorse

Level 24
Content Creator
Verified
17.2.2019

-Just removed syshardener and replaced with OSA

Google chrome:
+ nano adblocker & defender replaced with ublock origin

Google chrome flags set on

Privacy
Anonymize local IPs exposed by WebRTC (enable)
Reduce default 'referer' header granularity. (enable)
Hyperlink auditing (disable)

Security
Enable AppContainer Lockdown (enabled - by default, but as long as it is in flags I enable it)
Enable GPU AppContainer Lockdown (enable)
PDF isolation enabled
Block unsafe downloads over insecure connections (enabled)
Mark non-secure origins as non-secure (mark actively as dangereous)
TLS 1.3 downgrade hardening (enabled)

This is the configuration until chrome breaks ublock origin
 

Moonhorse

Level 24
Content Creator
Verified
23.2.2019

- Removed OSA

+

  • added Comodo firewall ( proactive security) , because im using the sandbox i dont set up cs settings at all
  • Comodo secure DNS, just for fun
Comodo dragon has same extensions as google chrome, but yandex as search engine ( better results than google)
 
Last edited:

Burrito

Level 9
23.2.2019

- Removed OSA

+

  • added Comodo firewall ( proactive security) , because im using the sandbox i dont set up cs settings at all
  • Comodo secure DNS, just for fun

Well-thought out system Moonhorse.

Based on your additions/subtractions... what are your thoughts on OSA and Syshardener?

And.... I hope all is going well for you.
 
Reactions: harlan4096 and dJim

Moonhorse

Level 24
Content Creator
Verified
Well-thought out system Moonhorse.

Based on your additions/subtractions... what are your thoughts on OSA and Syshardener?

And.... I hope all is going well for you.
Well OSA is kind of behaviour blocker, and i doubt you need it with avast or kaspersky
Syshardener is to disable common attack vectors, i could run it with comodo firewall but i rather not since comodo tend to be buggy sometimes, i let it run completely free along with kaspersky

Im using comodo sandbox with comodo dragon as secondary browser

Aswell i rather use proactive config , over cs settings since i get the pop-ups and eye candy about whats happening on my system. I just recently installed browser extension, comodo firewall asked me if i want to keep these browser settings , its much more advanced software than OSA is

Also comodo killswitch is good to monitor things
 
Reactions: stefanos and Raiden

Burrito

Level 9
Well OSA is kind of behaviour blocker, and i doubt you need it with avast or kaspersky
Syshardener is to disable common attack vectors, i could run it with comodo firewall but i rather not since comodo tend to be buggy sometimes, i let it run completely free along with kaspersky

Im using comodo sandbox with comodo dragon as secondary browser

Aswell i rather use proactive config , over cs settings since i get the pop-ups and eye candy about whats happening on my system. I just recently installed browser extension, comodo firewall asked me if i want to keep these browser settings , its much more advanced software than OSA is

Also comodo killswitch is good to monitor things
Yeah, makes sense.

I've used both OSA and Syshardener, and I like both. But when little things go wrong, maybe rightly or wrongly, I usually suspect them as the culprit. Sometimes I can tell.... sometimes not so much.

And I'm going to check out Comodo Killswitch.

Thanks.
 

Moonhorse

Level 24
Content Creator
Verified
16.3.2019
Did an clean install

Current setup:

Antivirus: Windows defender ( sandbox)
Firefox:
  • Ublock origin
  • Netcraft
  • Malwarebytes extension
  • Trace
  • Bitwarden
+about:flag; network.trr=2

Most of the apps i use from microsoft store: Whatsapp, spotify

I think Im keeping this setup until next big movement from microsoft/ microsoft chromium browser
 

Similar Threads

Similar Threads