Advanced Plus Security Thales Hard Protected Setup

[shmu26]

The reason you switched back?
I had issues with the update service. I got "database is corrupted" error message and nothing could fix it. Also the windows startup was kinda slow (compared to HMPA or WD) on SSD. Removing KSCF has fixed the problem

My free version deactivated itself, and I was offered the option of a paid subscription, or else...

Hot Take - Kaspersky Security Cloud Free 2019 - Tweaks

Why then do I get a warning from Kaspersky Free (in my case) that not all components will work on Windows 10, after an upgrade to version 1903? Never had such a warning on 1809. Make sure you're on patch E, Kaspersky Anti-Virus 19 release notes We have added full support of the 19H1 update...

malwaretips.com

 

[Thales]

Deleted
Keepass

• After 7-8 years I decided to switch to Sticky Password (Premium).
• The Kee extension is good but it is still a 3rd party extension.

Added
Sticky Password (Premium)

• Fast, like the features but no in-built TOTP option for logins.

 

[Thales]

I got my new Acer Aspire 3 Laptop and bought Windows 10 pro.
Now I use Microsoft products everywhere I can and I love it. Android, Notebook.

New

• Upgraded to 1903
• Admin & Microsoft account

I use Microsoft account instead of the local one. PIN and Password.

• Microsoft Edge Chromium

Love it. I can use my outlook account instead of gmail.

• BitWarden

Back to the lovely one. However the browser extension is still slow.

• Firewall Hardener (H_C) and DocumentsAntiExploit (H_C)
• EasUs ToDo Backup Free

Better than Macrium because it offers encryption for Free.

• Office 360 & OneDrive

Switched from MEGA. Almost the same price.

• Bitlocker with TPM

 

[Gandalf_The_Grey]

I got my new Acer Aspire 3 Laptop and bought Windows 10 pro.
Now I use Microsoft products everywhere I can and I love it. Android, Notebook.

New

• Upgraded to 1903
• Admin & Microsoft account

I use Microsoft account instead of the local one. PIN and Password.

• Microsoft Edge Chromium

Love it. I can use my outlook account instead of gmail.

• BitWarden

Back to the lovely one. However the browser extension is still slow.

• Firewall Hardener (H_C) and DocumentsAntiExploit (H_C)
• EasUs ToDo Backup Free

Better than Macrium because it offers encryption for Free.

• Office 360 & OneDrive

Switched from MEGA. Almost the same price.

• Bitlocker with TPM

Great changes. The only thing I would also change is 7-Zip with Bandizip to keep the mark of the web for extracted zip files:

Bandizip now keeps "Mark of the Web" information for extracted files

Bandizip started recently copying the Zone.Identifier information (aka "Mark of the Web") into the extracted archives, basically extending the usefulness of SmartScreen. More information here: Copy Zone.Identifier information of an archive downloaded from the Internet during extraction. Edit...

malwaretips.com

 

[Thales]

Great changes. The only thing I would also change is 7-Zip with Bandizip to keep the mark of the web for extracted zip files:

Bandizip now keeps "Mark of the Web" information for extracted files

Bandizip started recently copying the Zone.Identifier information (aka "Mark of the Web") into the extracted archives, basically extending the usefulness of SmartScreen. More information here: Copy Zone.Identifier information of an archive downloaded from the Internet during extraction. Edit...

malwaretips.com

Thank you.
Installed Bandizip.

 

[Thales]

Testing KeepassXC on Windows. I used KeepassXC in the past on Linux system and it worked very well.
It has it's own browser extension and my lovely feature TOTP fill by shortcut.

 

[Thales]

Back to BitWarden. KeepassXC is fine but I still don't like the browser extension.

 

[Thales]

Added my old favorite Malwarebytes Windows Firewall Control.
It gives me the safe feeling.

 

[Andy Ful]

Hi Thales,
Do you have any problems with H_C?

 

[Thales]

Hi Thales,
Do you have any problems with H_C?

Hi,
It works perfectly. I had problems downloading templates through Microsoft Words and Excel. I couldn't download any template.
I think it's maybe the 'document anti exploit" is ON however I can't show you because since I installed WFC it works. Strange.
Not a big deal to me because I don't use them just wanted to check some word templates like resumes.

 

[Andy Ful]

Hi,
It works perfectly. I had problems downloading templates through Microsoft Words and Excel. I couldn't download any template.
I think it's maybe the 'document anti exploit" is ON however I can't show you because since I installed WFC it works. Strange.
...

Document Anti-Exploit cannot prevent downloads, but can block using MS Office templates if they require macros or VBA. Downloading templates can be blocked by FirewallHardening rules for Word, Excel, or PowerPoint. You can look at FirewallHardening list of blocked applications to see if Word or Excel are still on the list. If not, then these applications can have access to the Internet. It is not a big deal, if you applied Documents Anti-Exploit and WD ASR rules.

 

[Thales]

Document Anti-Exploit cannot prevent downloads, but can block using MS Office templates if they require macros or VBA. Downloading templates can be blocked by FirewallHardening rules for Word, Excel, or PowerPoint. You can look at FirewallHardening list of blocked applications to see if Word or Excel are still on the list. If not, then these applications can have access to the Internet. It is not a big deal, if you applied Documents Anti-Exploit and WD ASR rules.

Yes, they are in the list, so that's why I couldn't download any templates. I guessed the Firewall rules caused this but didn't want to go deep and figure out exact reason because Microsoft Office is a common target for malwares, so better to block unnecessary features.
And since the WFC handles the firewall rules it works. Secret revealed. Thanks
I love the firewall hardening tool but I always go back to WFC because I love it's user friendly whitelist feature.

 

[Thales]

Removed

• Malwarebytes Firewall Control

No problem, just I use too many programs to my work and it is hard to manage every connection issue.
Because everything is legal in my PC, it should be ok with the firewall hardening by H_C.

• Windscribe VPN

Same issue as above!

 

[Thales]

• Replaced MS Office with Softmaker Free Office

I'm not gonna pay for something I can have for free. I love WPS too but it has no Hungarian language pack for spell checking as far as I know.
I'm gonna pay for the OneDrive storage only.

• Added Mullvad VPN with Wireguard.

It is fast and I'm just testing but I had no connection issues in the past, so I decided to try it again.
Windscribe is good and I have 3 years license but OpenVPN has connection issues. Sometimes I had no internet because the connect/reconnect process was slow. 6$/month for this solution is worth it.

 

[Thales]

• Back to KeepassXC

I like BitWarden but I'dont know. Still prefer the KeyFile and offline solution.

• Back to Malearebytes WFC

I decided to install it again because I found blocking telemetry and other unnecessary internet traffic boost the performance and security overall.

 

[Thales]

Big Changes for me

• Removed EaseUS ToDo Backup - Installed Macrium Reflect again

I had to restore my OS from image and EaseUS ToDo did a poor job. The recovery process took 40 minutes because the program wanted to restore in sector by sector mode. I have a 120GB SSD so it was so slow.
The first time I stopped because I thought it was my bad but no, it wasn't. One time something caused error and the third time it was success. So, a single restore took approximately 2,5 hours. WTF
You can't even delete partitions that you can do in Macrium.
I had no such a problem with Macrium ever. No way I will install EaseUS ToDo Backup again. Macrium is the best!

• Installed Glasswire

I tried Tinywall again. Simple but no thanks.
Tried ESET Internet security with Interactive mode. Too many popups. Binisoft is still good but I wanted something else. Found Glasswire and it has everything I need. Small popups and I can block or allow with one click, I don't need to wait for refresh to see what is blocked. Fast, responsive and the UI is good.

• Updated to H_C 5.0

Awesome as always. Thanks for the new Icons @Andy Ful

• Using portable apps everywhere I can.

- Geek Uninstaller
- Wise Disk Cleaner
- qBittorrent (the best)
- KeepassXC

 

[Thales]

Removed

• Glassswire

It wasn't light at all, 500MB memory usage is not what I'm looking for. The trial expired and the firewall disabled itself. However it is very good program. Easy to use and I like it overall.

• qBittorrent portable

Same issues as before. Permanent "stalled" state and very slow download speed.

Installed

• ESET Internet Security

It is because of the firewall. I'm testing it. I have free code for ESET from a magazine in every month.

• qBittorrent

Side note: I'm not sure if I need a firewall and a 3rd party AV. Maybe I should go back to a non-firewall, WD and H_C based setup, but I don't like to give an internet access to every program. I need a solution for that.

 

[ForgottenSeer 823865]

Side note: I'm not sure if I need a firewall and a 3rd party AV. Maybe I should go back to a non-firewall, WD and H_C based setup, but I don't like to give an internet access to every program. I need a solution for that.

1- Block all outbound connections on all profiles, create rules in case by case basis.

Or

2- install WFC for a day or two, set it as you wish, let your apps connect, allow the connections. When you won't need WFC anymore, export the rules. Remove WFC, Do as step 1.

 

[Thales]

1- Block all outbound connections on all profiles, create rules in case by case basis.

Or

2- install WFC for a day or two, set it as you wish, let your apps connect, allow the connections. When you won't need WFC anymore, export the rules. Remove WFC, Do as step 1.

Thank you!

 

[sepik]

Well, install Zonealarm Firewall Pro and during install, choose auto-learn mode. Reboot. Check firewall logs, there's interesting in/out connection attemps during the boot-up that basic WFP based firewalls even know of. Some malwares can make a TCP connection way before Windows own firewall is even started, using various techniques. So third party software firewalls that have their own firewall is protection wise good to have. Tho always wondering, how in low in the ring 0 you can install "a driver" to? Does Spyshelter install its own keylogger driver before Zonealarm? How "low" you can go?
-sepik