Advanced Plus Security Thales Hard Protected Setup

Last updated
Jul 31, 2019
Windows Edition
Pro
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Always notify
Real-time security
  • HMPA
  • F-Secure SAFE
  • syshardener
Firewall security
Microsoft Defender Firewall
About custom security
  • syshardener (Almost everything is checked)
Periodic malware scanners
  • HMPA
  • F-Secure SAFE
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chrome (Portable)
  • Adguard
  • BitWarden
Maintenance tools
Cleaners
  • Wise Cleaner (portable)
  • Cleanmgr+ (Portable)
  • CCleaner (portable)
Other
  • Bandizip (portable)
  • Geek uninstaller (portable)
File and Photo backup
  • MEGA
System recovery
  • Macrium Reflect Free
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Working from home
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
Acer Aspire 3 A315-41

CPU
: AMD Ryzen 3 2200U
GPU: Radeon Vega Mobile Gfx
RAM: 8GB DDR4 2400Mhz
Storage: 128GB SSD

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
The reason you switched back?
I had issues with the update service. I got "database is corrupted" error message and nothing could fix it. Also the windows startup was kinda slow (compared to HMPA or WD) on SSD. Removing KSCF has fixed the problem
My free version deactivated itself, and I was offered the option of a paid subscription, or else...
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Deleted
Keepass
  • After 7-8 years I decided to switch to Sticky Password (Premium).
  • The Kee extension is good but it is still a 3rd party extension.
Added
Sticky Password (Premium)
  • Fast, like the features but no in-built TOTP option for logins.
 
Last edited:

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
I got my new Acer Aspire 3 Laptop and bought Windows 10 pro.
Now I use Microsoft products everywhere I can and I love it. Android, Notebook.

New
  • Upgraded to 1903
  • Admin & Microsoft account
I use Microsoft account instead of the local one. PIN and Password.
  • Microsoft Edge Chromium
Love it. I can use my outlook account instead of gmail.
  • BitWarden
Back to the lovely one. However the browser extension is still slow.
  • Firewall Hardener (H_C) and DocumentsAntiExploit (H_C)
  • EasUs ToDo Backup Free
Better than Macrium because it offers encryption for Free.
  • Office 360 & OneDrive
Switched from MEGA. Almost the same price.
  • Bitlocker with TPM
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,419
I got my new Acer Aspire 3 Laptop and bought Windows 10 pro.
Now I use Microsoft products everywhere I can and I love it. Android, Notebook.

New
  • Upgraded to 1903
  • Admin & Microsoft account
I use Microsoft account instead of the local one. PIN and Password.
  • Microsoft Edge Chromium
Love it. I can use my outlook account instead of gmail.
  • BitWarden
Back to the lovely one. However the browser extension is still slow.
  • Firewall Hardener (H_C) and DocumentsAntiExploit (H_C)
  • EasUs ToDo Backup Free
Better than Macrium because it offers encryption for Free.
  • Office 360 & OneDrive
Switched from MEGA. Almost the same price.
  • Bitlocker with TPM
Great changes. The only thing I would also change is 7-Zip with Bandizip to keep the mark of the web for extracted zip files:
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Great changes. The only thing I would also change is 7-Zip with Bandizip to keep the mark of the web for extracted zip files:
Thank you.
Installed Bandizip.
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Testing KeepassXC on Windows. I used KeepassXC in the past on Linux system and it worked very well.
It has it's own browser extension and my lovely feature TOTP fill by shortcut. :)
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Hi Thales,
Do you have any problems with H_C?

Hi,
It works perfectly. I had problems downloading templates through Microsoft Words and Excel. I couldn't download any template.
I think it's maybe the 'document anti exploit" is ON however I can't show you because since I installed WFC it works. Strange.
Not a big deal to me because I don't use them just wanted to check some word templates like resumes.
:)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
Hi,
It works perfectly. I had problems downloading templates through Microsoft Words and Excel. I couldn't download any template.
I think it's maybe the 'document anti exploit" is ON however I can't show you because since I installed WFC it works. Strange.
...
:)
Document Anti-Exploit cannot prevent downloads, but can block using MS Office templates if they require macros or VBA. Downloading templates can be blocked by FirewallHardening rules for Word, Excel, or PowerPoint. You can look at FirewallHardening list of blocked applications to see if Word or Excel are still on the list. If not, then these applications can have access to the Internet. It is not a big deal, if you applied Documents Anti-Exploit and WD ASR rules. (y)
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Document Anti-Exploit cannot prevent downloads, but can block using MS Office templates if they require macros or VBA. Downloading templates can be blocked by FirewallHardening rules for Word, Excel, or PowerPoint. You can look at FirewallHardening list of blocked applications to see if Word or Excel are still on the list. If not, then these applications can have access to the Internet. It is not a big deal, if you applied Documents Anti-Exploit and WD ASR rules. (y)

Yes, they are in the list, so that's why I couldn't download any templates. I guessed the Firewall rules caused this but didn't want to go deep and figure out exact reason because Microsoft Office is a common target for malwares, so better to block unnecessary features.
And since the WFC handles the firewall rules it works. Secret revealed. Thanks :)
I love the firewall hardening tool but I always go back to WFC because I love it's user friendly whitelist feature.
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Removed
  • Malwarebytes Firewall Control
No problem, just I use too many programs to my work and it is hard to manage every connection issue.
Because everything is legal in my PC, it should be ok with the firewall hardening by H_C.
  • Windscribe VPN
Same issue as above!
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
  • Replaced MS Office with Softmaker Free Office
I'm not gonna pay for something I can have for free. I love WPS too but it has no Hungarian language pack for spell checking as far as I know.
I'm gonna pay for the OneDrive storage only.
  • Added Mullvad VPN with Wireguard.
It is fast and I'm just testing but I had no connection issues in the past, so I decided to try it again.
Windscribe is good and I have 3 years license but OpenVPN has connection issues. Sometimes I had no internet because the connect/reconnect process was slow. 6$/month for this solution is worth it.
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
  • Back to KeepassXC
I like BitWarden but I'dont know. Still prefer the KeyFile and offline solution.
  • Back to Malearebytes WFC
I decided to install it again because I found blocking telemetry and other unnecessary internet traffic boost the performance and security overall.
 
Last edited:

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Big Changes for me :)

  • Removed EaseUS ToDo Backup - Installed Macrium Reflect again
I had to restore my OS from image and EaseUS ToDo did a poor job. The recovery process took 40 minutes because the program wanted to restore in sector by sector mode. I have a 120GB SSD so it was so slow.
The first time I stopped because I thought it was my bad but no, it wasn't. One time something caused error and the third time it was success. So, a single restore took approximately 2,5 hours. WTF
You can't even delete partitions that you can do in Macrium.
I had no such a problem with Macrium ever. No way I will install EaseUS ToDo Backup again. Macrium is the best!
  • Installed Glasswire
I tried Tinywall again. Simple but no thanks.
Tried ESET Internet security with Interactive mode. Too many popups. Binisoft is still good but I wanted something else. Found Glasswire and it has everything I need. Small popups and I can block or allow with one click, I don't need to wait for refresh to see what is blocked. Fast, responsive and the UI is good.
  • Updated to H_C 5.0
Awesome as always. Thanks for the new Icons @Andy Ful
  • Using portable apps everywhere I can.
- Geek Uninstaller
- Wise Disk Cleaner
- qBittorrent (the best)
- KeepassXC
 
Last edited:

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
Removed
  • Glassswire
It wasn't light at all, 500MB memory usage is not what I'm looking for. The trial expired and the firewall disabled itself. However it is very good program. Easy to use and I like it overall.
  • qBittorrent portable
Same issues as before. Permanent "stalled" state and very slow download speed.

Installed
  • ESET Internet Security
It is because of the firewall. I'm testing it. I have free code for ESET from a magazine in every month.
  • qBittorrent

Side note: I'm not sure if I need a firewall and a 3rd party AV. Maybe I should go back to a non-firewall, WD and H_C based setup, but I don't like to give an internet access to every program. I need a solution for that.
 
F

ForgottenSeer 823865

Side note: I'm not sure if I need a firewall and a 3rd party AV. Maybe I should go back to a non-firewall, WD and H_C based setup, but I don't like to give an internet access to every program. I need a solution for that.
1- Block all outbound connections on all profiles, create rules in case by case basis.

Or

2- install WFC for a day or two, set it as you wish, let your apps connect, allow the connections. When you won't need WFC anymore, export the rules. Remove WFC, Do as step 1.
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
732
1- Block all outbound connections on all profiles, create rules in case by case basis.

Or

2- install WFC for a day or two, set it as you wish, let your apps connect, allow the connections. When you won't need WFC anymore, export the rules. Remove WFC, Do as step 1.

Thank you!
 
  • Like
Reactions: [correlate]

sepik

Level 11
Verified
Well-known
Aug 21, 2018
505
Well, install Zonealarm Firewall Pro and during install, choose auto-learn mode. Reboot. Check firewall logs, there's interesting in/out connection attemps during the boot-up that basic WFP based firewalls even know of. Some malwares can make a TCP connection way before Windows own firewall is even started, using various techniques. So third party software firewalls that have their own firewall is protection wise good to have. Tho always wondering, how in low in the ring 0 you can install "a driver" to? Does Spyshelter install its own keylogger driver before Zonealarm? How "low" you can go?
-sepik
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top