Advanced Plus Security Shmu26 Windows Config in 2019

Last updated
Oct 10, 2019
Windows Edition
Pro
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
Windows Defender with Hard_Configurator
Comodo Firewall
Firewall security
About custom security
Windows Defender with some SRP rules
H_C: EXE and TMP allowed
CFW: ComodoFix config
Windows firewall is enabled.
Periodic malware scanners
--
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chrome, Edge
Maintenance tools
Hard_Configurator
File and Photo backup
Dropbox
OneDrive
GoogleDrive
System recovery
Macrium Reflect
Risk factors
    • Logging into my bank account
    • Browsing to popular websites
    • Downloading software and files from reputable sites
    • Browsing to unknown / untrusted / shady sites
    • Working from home
Computer specs
i5 6500
integrated graphics
8 gb ram
SSD

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Does configure defender work good in W10 1903 ? and what profile to choose in configure defender
@oldschool has it nailed for maximum security and usability.
If you experience software blocks, or it impacts system performance, you can disable certain settings. But try with those settings and see if it's good for you.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Unfortunately, Kaspersky's behavior is not quite as consistent as I would hope for. I have a certain program with a firewall block rule, and every once in a while, like tonight for instance, it somehow manages to connect to the internet anyways, causing my whole system to freeze and the program itself to deactivate. So it looks like I am back to:
Windows Defender with ConfigureDefender
Windows Software Restriction Policies with Hard_Configurator

.
Keep it simple, keep it safe!
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
I am considering going back to WD after Sophos deleted Configure Defender while my router was rebooting. To be fair it put it back once I got the internet back and it did cloud analysis.
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Default-allow setup has <Default Security Level> = Unrestricted. This forces PowerShell to Full Language Mode
And what happens if I set the Windows environment variable PSLockdownPolicy 4 ? Does "Unrestricted" override the Windows environment variable?
 
  • Like
Reactions: oldschool

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Manjaro with the default Xfce desktop.

Manjaro keeps the OS and applications very up to date, and since it is Arch, you don't have the security issues of PPAs and/or installing from random downloads like you do with Ubuntu and its forks.

Manjaro requires more troubleshooting and software installation skills than Ubuntu and its forks do, but the forum is helpful and friendly, and google finds a lot of info on Manjaro and Arch.
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Back to Windows. It's too much work juggling Linux + Windows in a virtual machine, when Windows alone does everything I need. It's less glamorous this way, but KISS wins.
Windows Defender + Hard_Configurator with EXE and TMP allowed.
Comodo Firewall with ComodoFix config and Windows firewall enabled.
 
Last edited:

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Back to Windows. It's too much work juggling Linux + Windows in a virtual machine, when Windows alone does everything I need. It's less glamorous this way, but KISS wins.
Windows Defender + Hard_Configurator with EXE and TMP allowed.
Comodo Firewall with ComodoFix config and Windows firewall enabled.
Unless I'm missing something with the Comodofix Config, you have two Firewalls running correct?

~LDogg
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Unless I'm missing something with the Comodofix Config, you have two Firewalls running correct?

~LDogg
Correct :)
If you don't have an advanced firewall config, CFW and WFW work well together. That's what @cruelsister always says, and it's true.
My CFW has the 3 exceptions of Comodofix Config, and my WFW has the recommended block rules of Hard_Configurator, and it works smoothly.

Explanation: with ComodoFix config, CFW is at less than full strength in system space (this is in order to avoid a slew of unnecessary network blocks), so that's why it is advisable not to disable WFW.
 
Last edited:

Glynn

Level 2
Verified
Aug 16, 2017
67
Back to Windows. It's too much work juggling Linux + Windows in a virtual machine, when Windows alone does everything I need. It's less glamorous this way, but KISS wins.
Windows Defender + Hard_Configurator with EXE and TMP allowed.
Comodo Firewall with ComodoFix config and Windows firewall enabled.
I find that windows inside virtualbox does not want to activate when connected to the internet, any way to solve that issue?
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
I find that windows inside virtualbox does not want to activate when connected to the internet, any way to solve that issue?
Hmm, I don't know, I didn't have any activation problems. If you are using a single license, keep in mind that the VM is considered a different machine, and thus needs a different license.
If you have a volume license installation, it will work even without any activation at all, but you can't do certain customizations, such as choose your wallpaper.
That's about all I know about it.

again? you play ping-pong lol.
why not, like me, having one machine for Linux and one for Windows...will save you time...
Hi Umbra, it's great to see you active once again on MT! :)
Yes, I am guilty of ping pong, but with Macrium Reflect, ping pong is a pretty easy game to play. Sometimes I need to fix grub, that's all.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top