Advanced Plus Security wat0114 security config 2021

Last updated
Jun 12, 2021
How it's used?
For home and private use
Operating system
Windows 11
Other operating system
MX-21
On-device encryption
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
Security updates
Check for updates and Notify
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Windows Defender, OSArmor
Firewall security
Microsoft Defender Firewall
About custom security
Malwarebytes Firewall Interface for Windows Defender Firewall, Added all but Adobe Reader Firewall Hardening measures in Hard_Configurartor, several Group Policy settings enabled.
SRP - Default-deny
-Hard_Configurator_6_latest: High setting
-Full BitLocker encrypted system partition.
-BIOS: passworded, Memory Protection, Intel Virtualization & Intel VT-d- enabled
-Hyper-V enabled
Periodic malware scanners
VirusTotal
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Firefox latest (primary), MS Edge

-uBlockO
-CSS Exfil
-LocalCDN
Secure DNS
Cloudflare
Quad9
Desktop VPN
None
Password manager
Lastpass and Browser's built-in

Keepass free
Maintenance tools
Occasional system images using IFW (Image for Windows) and Disk cleanup using built-in Disk cleaner
File and Photo backup
-Separate, encrypted partition
-USB Drive
System recovery
IFW (Image for Windows)
Risk factors
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Opening email attachments
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Device name Lenovo-E580
Processor Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz 2.70 GHz
Installed RAM 8.00 GB (7.86 GB usable)
System type 64-bit operating system, x64-based processor
What I'm looking for?

Looking for maximum feedback.

wat0114

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 5, 2021
568
Which H_C's setting profile do you use for now?

Do you mean from the main interface?

EDIT

I chose Recommended Settings if that's what you mean.

H_C .png

EDIT 2

So Andy, you have helped me discover predefined profiles. I went to the Manual and found out about them. I just applied: Windows_10_Strict_Recommended_Settings.hdc. I had always thought the Load Profile button was to load profiles saved only by the user - not to also load predefined profiles included with the utility. I had simply hit the Recommended Settings button before.

H_C-2 .png

Thanks!
 
Last edited:

oldschool

Level 83
Verified
Top Poster
Well-known
Mar 29, 2018
7,206

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
Do you mean from the main interface?

EDIT

I chose Recommended Settings if that's what you mean.

View attachment 261613

EDIT 2

So Andy, you have helped me discover predefined profiles. I went to the Manual and found out about them. I just applied: Windows_10_Strict_Recommended_Settings.hdc. I had always thought the Load Profile button was to load profiles saved only by the user - not to also load predefined profiles included with the utility. I had simply hit the Recommended Settings button before.

View attachment 261614

Thanks!

With these settings you have to remember that:
  1. Many application auto-updates will be blocked. You have to update these applications manually after switching off the SRP temporarily (<Switch ON/OFF SRP> green button). The details are described in the H_C FAQ.
  2. In these settings "Install By Smartscreen" works with high privileges, so it should not be used on SUA. When using these settings on SUA the application installations should be done like in point 1. If not then some applications will install files on administrator account instead of the standard user account.
    There is no problem when using only one account (default Administrator account).
 
Last edited:

wat0114

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 5, 2021
568
With Microsoft Defender and Hard_Configurator at your settings you could easily go without OSA. You might want to check out the impressive results in these links:

Malware Hub Report - Hard Configurator - march 2019 report
Malware Hub Report - Hard Configurator - april 2019 report
Malware Hub Report - Hard Configurator - may 2019 report
https://malwaretips.com/search/276925/

Those are indeed impressive results. Thanks for sharing. I'll keep OSA installed at least until my license expires in three months, then I'll decide whether to remove it.
 

wat0114

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 5, 2021
568
With these settings you have to remember that:
  1. Many application auto-updates will be blocked. You have to update these applications manually after switching off the SRP temporarily (<Switch ON/OFF SRP> green button). The details are described in the H_C FAQ.
  2. In these settings "Install By Smartscreen" works with high privileges, so it should not be used on SUA. When using these settings on SUA the application installations should be done like in point 1. If not then some applications will install files on administrator account instead of the standard user account.
    There is no problem when using only one account (default Administrator account).

This not only works for me, but I like the restrictions better than the Recommended settings :)
 
  • Like
Reactions: oldschool

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
Oldschool is right that OSA is not necessary in those settings. Such a setup would be overkill for most home users. Anyway, If you do not encounter any problems and do not feel the setup inconvenient, then there is no reason to change it.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
... I like the restrictions better than the Recommended settings :)

The Recommended Settings are in fact better for most home users. Anyway, I can understand that you can feel that more restrictive settings can be 'better' for you.:)
 

wat0114

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 5, 2021
568
The Recommended Settings are in fact better for most home users. Anyway, I can understand that you can feel that more restrictive settings can be 'better' for you.:)

There seems to be no limit to the ingenious level of attack methods malware authors create. I guess my overkill setup is to potentially prevent a future attack that might bypass a setup that is currently adequate for home users. I could be out to lunch on this theory, but I guess I like the additional insurance policy, even though it may never be needed.
 
F

ForgottenSeer 92963

Are you using Application Guard for Edge? (you have a Windows Pro, so it comes with the OS).
 

wat0114

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 5, 2021
568
Are you using Application Guard for Edge? (you have a Windows Pro, so it comes with the OS).

No I just use Firefox with hardened about:config settings, some Privacy settings enabled, with UBO and LocalCDN extensions.

Also several Exploit protection settings enabled in Defender for Firefox.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
There seems to be no limit to the ingenious level of attack methods malware authors create. I guess my overkill setup is to potentially prevent a future attack that might bypass a setup that is currently adequate for home users. I could be out to lunch on this theory, but I guess I like the additional insurance policy, even though it may never be needed.

Yes, that is true. I think that in your case this setup is simply fun or kind of a hobby. It is safe and it is OK if you like it.
Be safe.:)(y)
 
Last edited:

wat0114

Level 12
Thread author
Verified
Top Poster
Well-known
Apr 5, 2021
568
Well, LOL, I reverted to Recommended settings due to being unable to launch OneDrive, and for a lesser reason, the %TEMP% directory is restricted by the SRP rules.

Besides, the latter is nicely under surveillance from OSA :D

EDIT

and yes I realize scripting is likely going to trigger first in this type of exploit, which H_C will stop.
 
Last edited:
  • Like
Reactions: Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top