Basic Security Arequire's Security Configuration

[oldschool]

what does CD stand for?
I understand that the AI is sensitive but i'm reaching the point where i'm hitting "this is a false positive" more than i hit continue.

ConfigureDefender. I feel for you, same with me.

 

[Arequire]

Removed:

• Windows Defender
• Comodo Firewall

Added:

• SecureAPlus w/ offline ClamAV
• HitmanPro.Alert

Comodo Firewall managed to piss me off again so it's been junked. Disabled Windows Defender via the registry as I don't see any point in it being enabled when using SecureAPlus. Also giving HitmanPro.Alert a whirl with its 30-day free trial.

 

[mekelek]

Removed:

• Windows Defender
• Comodo Firewall

Added:

• SecureAPlus w/ offline ClamAV
• HitmanPro.Alert

Comodo Firewall managed to piss me off again so it's been junked. Disabled Windows Defender via the registry as I don't see any point in it being enabled when using SecureAPlus. Also giving HitmanPro.Alert a whirl with its 30-day free trial.

HMPA might work out for you or it might have tons of incompatibilites, it's a coin toss
you can substitute HMPA with NVT OSArmor if HMPA becomes annoyance

 

[Arequire]

HMPA might work out for you or it might have tons of incompatibilites, it's a coin toss
you can substitute HMPA with NVT OSArmor if HMPA becomes annoyance

We'll see. I very rarely install new software so if I don't run into any incompatibilities with anything currently installed then I'm probably only looking at future updates that'll cause issues. If said issues do appear then HMPA will get dumped.

 

[Arequire]

Removed:

• SecureAPlus
• HitmanPro.Alert

Added:

• Comodo Cloud Antivirus

Issue with SecureAPlus warning me about AOMEI Backupper executing during start-up even after it'd been whitelisted and excluded.
Issues with copying text and switching application windows when using HitmanPro.Alert.

 

[Moonhorse]

How did you find comodo firewall annoying? running cs settings hips off, you just accept connections that blocks something, if you dont install / download anything its just few reboots to have everything working correctly

Just wondering how lightweight comodo cloud is when internet security is lightest av available

 

[LDogg]

I don't even use AVs, but it's your personal choice. I find them much more of a filter and filters can get holes. I go without a Lockdown whitelisting approach. My primary setup excluding FW and Web Browser is VoodooShield & NVT OSArmor. I find this way I don't have a filter, my webpages load faster, less CPU and/or memory usage, nothing seems to get through.

Thanks for sharing too, great setup.

~LDogg

 

[Moonhorse]

I don't even use AVs, but it's your personal choice. I find them much more of a filter and filters can get holes. I go without a Lockdown whitelisting approach. My primary setup excluding FW and Web Browser is VoodooShield & NVT OSArmor. I find this way I don't have a filter, my webpages load faster, less CPU and/or memory usage, nothing seems to get through.

Thanks for sharing too, great setup.

~LDogg

But doesnt that mean you wont get malware to run on your pc if you dont manually let it in? And your browser still can get hacked and accounts spished? Therefore common sense is your antivirus

 

[LDogg]

Malware won't run on the PC, VoodooShield also acts like VirusTotal. Has 50+ AVs to search with when something nasty pops up. AV's are only a filter and not the complete end all for computers. Lockdown approaches have more of an effect, but it's more focused towards intermediate & advanced users not the home user. Anyone on MT can use a lockdown approach, as VS is more then helpful to tell you if the prompts coming up are safe or harmful. AVs can only do so much.

~LDogg

 

[Arequire]

How did you find comodo firewall annoying? running cs settings hips off, you just accept connections that blocks something, if you dont install / download anything its just few reboots to have everything working correctly

The firewall aspect always seems like it's blocking network access to something that it shouldn't be. I'm tired of constantly having to unblock files and services that should be allowed in the first place.

Just wondering how lightweight comodo cloud is when internet security is lightest av available

You'd have to install it on your own system to see. There's far too many variables to be able to accurately measure performance impact via someone else's system.

 

[Arequire]

I don't even use AVs, but it's your personal choice. I find them much more of a filter and filters can get holes. I go without a Lockdown whitelisting approach. My primary setup excluding FW and Web Browser is VoodooShield & NVT OSArmor. I find this way I don't have a filter, my webpages load faster, less CPU and/or memory usage, nothing seems to get through.

Thanks for sharing too, great setup.

~LDogg

I don't particularly like AVs either. I don't feel protected using one on its own. Thankfully CCAV can be set-up to be quasi default-deny.
VoodooShield was absolutely fantastic until v4 was released with its abysmal whitelist rework.

 

[LDogg]

I won't be updating VoodooShield any time soon then xD

~LDogg

 

[Arequire]

I won't be updating VoodooShield any time soon then xD

~LDogg

Most people don't use VS like I do so I doubt most would even notice the change or regard it as a bad thing.

 

[Arequire]

Edit: Turns out Cylance Smart AV doesn't work how I thought it did. After a quick email exchange with Cylance support staff it turns out it apparently has no behavioural analysis/blocking after an application has been executed. That's on me for not understanding how it worked so Cylance has been dropped and refunded.
Here's the config now:

Removed:

• Comodo Cloud Antivirus

Added:

• VoodooShield

The latest update to Comodo Cloud Antivirus has absolutely destroyed my system's performance (which is sad because I was pleased to finally have Viruscope monitoring processes outside the sandbox) so I was forced to replace it.

I don't plan on changing this configuration again until VoodooShield's license runs out in June 2019.

 

[Hawaii007]

I am

Removed:

• Comodo Cloud Antivirus
• Unchecky

Added:

• Cylance Smart Antivirus
• VoodooShield
• SysHardener (I've actually had this on my system for a while, I just forgot to list it in the last config update.)

The latest update to Comodo Cloud Antivirus has absolutely destroyed my system's performance (which is sad because I was pleased to finally have Viruscope monitoring processes outside the sandbox) so I was forced to replace it.

In the past I've struggled with finding a single or combined solution to protect my system(s) and I'd like to explain why:

• Traditional AVs are default-allow and their post-execution protection is always a coin toss on whether they'll detect a piece of malware or not. I've refused to use them on their own for a long time and probably wouldn't go back to doing so. I simple don't feel that my system is protected using one by itself.
• Default-deny products are great, but as with everything they're not perfect and I've seen them bypassed before. Once that happens it's all over; unlike traditional AVs in which you get a coin toss after the malware executes, with a default-deny product there simply isn't a coin to be tossed. They have no post-execution protection at all. Thus I don't particularly like using them on their own either.
• Combining the two should be the best solution but most AVs aren't exactly known for being particularly light and most give off a noticeable performance impact on my system (which is a cheap, general purpose machine sporting an old i3). Then add another product on top of the AV and I've got a system that, while feeling very well protected, is stuck plodding along at an extremely slow pace.

This is hopefully where Cylance comes in. Firstly I'd like to say that I don't buy into Cylance's next-gen AI bullshit. It doesn't impress me and I don't believe it's the phenomenon that it's marketed as. Cylance's ability to detect malware with "AI" before it's executed doesn't interest me in the slightest, but what it offers me - that the three points above don't - is an extremely light, post-execution defence against anything that manages to bypass VoodooShield.
If there was a default-deny product that included some kind of behavioural blocking then I'd probably spring for that immediately, but until that day I think this is the best I'm going to get (assuming I get along with Cylance. If not then I'm kind of at a loss on what to use).

Edit: Decided to remove Unchecky too. Cylance hates it and it's just making me less attentive in watching out for those nasty little pre-checked boxes.

I am running

• Cylance Smart Antivirus
• Heimdal Pro
• Comodo Free Firewall 10(CS)

No problems runs smooth and light.

 

[Arequire]

I am

I am running

• Cylance Smart Antivirus
• Heimdal Pro
• Comodo Free Firewall 10(CS)

No problems runs smooth and light.

Unfortunately Comodo Firewall and I don't get on.
Heimdal's an enigma to me. I've never really understood its purpose and I find their marketing a little misleading and scaremongery. (Yes, scaremongery is now a word apparently.)