Advanced Plus Security Moonhorse's Security Config 2019

Last updated
Nov 18, 2019
Windows Edition
Home
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Sophos home premium FREE
Comodo firewall
Firewall security
About custom security
Comodo firewall on internet security config
Periodic malware scanners
Emsisoft emergency kit
Malwarebytes adwcleaner
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Firefox stable channel (70.0.1 currently)

Extensions:
- Ublock origin
- Bitwarden
- Bitdefender trafficlight

About:config
- network.trr.mode = 2
- media.peerconnection.enabled = false
- security.secure_connection_icon_color_gray = false
- security.identityblock.show_extended_validation = true
Maintenance tools
Geek uninstaller
File and Photo backup
External drive
System recovery
Aomei backupper Free
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
Computer specs
Asus m5A97
AMD FX-6300 @ 3.8ghz
MSI GTX-970
HDD 1TB
8GT Kingston Ram, @1600Hz

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Why did you stop using Kaspersky?
Also looking forward to Microsoft Chromium based Edge (y)


Have you thought about Tinywall or MWFC to compliment Windows Firewall at all?

Nice to see another post from you as well!

~LDogg
Nope, i just want the main idea for this setup be, using as much default softwares ( from microsoft) and avoid installing 3rd party programs...Firefox just because edgeHTLM one is horrible

Cleanups done by firefox exit = remove cookies/ history
System clean up = Windows clean up & defrag
Using microsoft store apps
I can disable powershell/script host and play with firewall rules without 3rd party software
Etc.
 

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
I must admit i feel bit naked, and im going to add comodo firewall to pair it with WD
I wanted to see comodo cloud avs new gui, but cf is less prone to bugs than CCAV is

I use netcraft + malwarebytes extensions so kaspersky feels bit useless there

+ added comodo firewall
 

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Replaced WD with forticlient , did not choose web filter, because it will restrict youtube for me. But with antivirus installation ill get protection against suspicious sites anyways, and it wont restrict my youtube experience

So:
Antivirus: Forticlient ( good signatures/web filtering)
Comodo firewall ( default deny: auto-sandbox)
210867
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Good choice. I would of went back to Forticlient if it's web filter didn't get in the way of me using the free Wifi at my DJ residency, I was fed up of turning it off. Hence using CCAV. :p

~LDogg
 

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Good choice. I would of went back to Forticlient if it's web filter didn't get in the way of me using the free Wifi at my DJ residency, I was fed up of turning it off. Hence using CCAV. :p

~LDogg
Lol i just noticed that you have to install web filter aswell, the antivirus as standalone wont block malicious websites :cry:
 

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Indeed that's a pain in the backside. I believe as well the web filter can conflict with Comodo Firewall for some users, this didn't happen to me however.

~LDogg
Yeah, the webfilter completely died this morning. Im back to the normal config, wich means KFA+ comodo firewall.....atleast it works.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Yeah, the webfilter completely died this morning. Im back to the normal config, wich means KFA+ comodo firewall.....atleast it works.
That is true. Sometimes it's important to never change something that actually works :p, but even I like to change things at times.

~LDogg
 
  • Like
Reactions: Moonhorse

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
That is true. Sometimes it's important to never change something that actually works :p, but even I like to change things at times.

~LDogg
Actually i just flashed drive, to get rid of driver remnants. Installed CCAV as only protection, since i will always end up using comodos container. WD just takes too much resources for nothing, when paired with cf

Edit: CCAV still has it bugs, with child processes blocking something for me
So Comodo internet security to replace it
 
Last edited:
  • Like
Reactions: stefanos and LDogg

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Actually i just flashed drive, to get rid of driver remnants. Installed CCAV as only protection, since i will always end up using comodos container. WD just takes too much resources for nothing, when paired with cf

Edit: CCAV still has it bugs, with child processes blocking something for me
So Comodo internet security to replace it
Fair enough man! It seems to be very good for me to use so far! Different users seem to have different experience compared to other people using the same software, kinda interesting with each scenario really.

~LDogg
 

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Fair enough man! It seems to be very good for me to use so far! Different users seem to have different experience compared to other people using the same software, kinda interesting with each scenario really.

~LDogg
I have old java based game client, wich couldnt run with CCAV or either H_C enabled. But when i use CF or either CIS it works without problems. Its more like specific problem for me
 
  • Like
Reactions: stefanos and LDogg

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I have old java based game client, wich couldnt run with CCAV or either H_C enabled. But when i use CF or either CIS it works without problems. Its more like specific problem for me
Makes sense. That's why I don't any 3rd party DNS services/clients or Forticlients web filter as it gets in the way of me logging into my pubs wifi where I have to do my DJ job and other wifi spots in the town.

~LDogg
 
  • Like
Reactions: Moonhorse

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
22.3.2019

Current setup updated to

Realtime protection:
Windows defender; configuredefender= max settings
Hard_Configurator; Recommended settings

Browser setup:

+Google chrome:
  • Nano adblocker
  • Nano defender
  • Netcraft
  • Malwarebytes extension
  • Bitwarden
  • Privacy possum
Chrome flags enabled:
  • block downloads over insecure connections
  • Anonymize WebRTC
  • Disable smooth scrolling
Windows built in junk removed with Geek uninstaller + also gave O &O shutups uninstaller a go, wich went quite well

Only problem im having is the GPU plugin wont work with my java based game, but its not a huge loss. Im using H_C until 1909 march/april update and see how it goes
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
Im using H_C until 1909 march/april update and see how it goes
No surprises for now in the Insider 1909.

I have old java based game client, wich couldnt run with CCAV or either H_C enabled. But when i use CF or either CIS it works without problems. Its more like specific problem for me
Post here the specification of your java based game client, I can look at it and try to find the solution.
22.3.2019

Current setup updated to

Realtime protection:
Windows defender; configuredefender= max settings
Hard_Configurator; Recommended settings
...
With ConfigureDefender on max settings you will get more false positives, especially from the below ASR rules:
Block executable files from running unless they meet a prevalence, age, or trusted list criteria
Block credential stealing from the Windows local security authority subsystem (lsass.exe)

The first rule can block some application updates, because the updater executable will have for the first few days a low prevalence.
The second usually do not block the application, but only the access to lsass.exe - it can be ignored, but will produce some alerts.
If you have activated Controlled Folder Access, then it will usually prevent creating the shortcuts on the Desktop when installing applications (you can drag the shortcut from Start Menu).
 

Moonhorse

Level 37
Thread author
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
@Andy Ful The problem actually just were the one i posted in your thread some time ago, was kinda busy but now when i got back to computer, took me minute to fix that problem.

Well when i installed whatsapp/ spotify, i just whitelisted > path > shortcut. And after that i had to do same thing for whatsapp/spotify updaters, throught wildcard

So when im whitelisting stuff, should i always just go to program whiles and whitelist whole folder, since run.exe is always there aswell instead of that shortcut thing

Well for now im gonna keep looking at blocked events now and then if something is getting blocked for no reason

Anyways im probably gonna do clean install since 1909 is big patch, and probably test allowing exe/tmp and just use comodo firewall along
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top