CF with CS - Good Enough Alone?

[ZeroDay]

So you guys haven't gotten any Kaspersky alerts to remove CF or any blocking by CF of the K installation? If this is no longer the case (it was last month), You Go Girls!!!

I had the warning upon installation of KFA that CF wasn't compatible and CF also said KFA root certificate wasn't trusted. I unticked the CF warning box during KFA installation, trusted the KFA root certificate in CF and they are running great together. I've been running this combo for a few weeks and I'm really happy with it.

 

[cruelsister]

Thank you Sir for responding! For a home user that wants to add on an AV, Kaspersky Free would indeed rock. I was quite unnerved last month when I tried it and both K and CF threw off various incompatibility issues.

I'm glad this had been (sort of) resolved.

Thank you again, Zero!

 

[simmerskool]

I love this Combo it's very light and very secure.

...ok, but cf@cs w/EAM on my win7 was also light and secure (but EAM not free)

 

[ZeroDay]

...ok, but cf@cs w/EAM on my win7 was also light and secure (but EAM not free)

Detection wise I'd still go with KFA it's going to be running alongside CF for zero day protection and from what I see in the hub Kaspersky has a much better detection rate tham EAM and the sole purpose of adding KFA to CF is signatures.

 

[Deleted member 178]

Detection wise I'd still go with KFA it's going to be running alongside CF for zero day protection and from what I see in the hub Kaspersky has a much better detection rate tham EAM and the sole purpose of adding KFA to CF is signatures.

and EAM has a BB which is unneeded with CF.

 

[Tiny]

and EAM has a BB which is unneeded with CF.

Good point.

 

[Deleted member 178]

Personally, if you use a standalone HIPS or anti-exe , they are your main solution, you don't really need a 3rd party AV (unless for a particular feature) , WinDef is enough.

 

[SearchLight]

I love this Combo it's very light and very secure.

Btw, I know CF/cs protects from ransomware.

Since KAFree does not have the System Watcher enabled(paid version only) it does not provide supplemental ransomware protection. Is CF/cs ransomware protection adequate enough?

 

[SearchLight]

So you guys haven't gotten any Kaspersky alerts to remove CF or any blocking by CF of the K installation? If this is no longer the case (it was last month), You Go Girls!!!

Same here, upon installation of KAFree it identified CF as incompatible software and provides a box to check, if you want it to automatically remove CF. I just unchecked it, and installation continued without issues. Also no CF blocking of KAF as configured according to your video. either.

 

[ZeroDay]

and EAM has a BB which is unneeded with CF.

I see EAM's BB get bypassed on a daily basis in the Hub though. Don't get me wrong I really do like EAM both as a product and as a company. But at the same time it does get bypassed a fair bit in the hub. I have an EAM license and I use it on my laptop. It's a great product, but if I was forced to choose I'd choose KFA with another product for solid zero day protection which isn't there in KFA. This is my own personal preference and I personally think that as good as EAM is it's also a bit overrated. As I said I use it on my laptop and I like EAM. I also respect Emsisoft as a company.

 

[ZeroDay]

Btw, I know CF/cs protects from ransomware.

Since KAFree does not have the System Watcher enabled(paid version only) it does not provide supplemental ransomware protection. Is CF/cs ransomware protection adequate enough?

More than Adequate, yes. But there's also SAP, AppGuard, Voodoshield and other free software that will serve you well as zero day protection alongside KFA.

 

[ZeroDay]

Personally, if you use a standalone HIPS or anti-exe , they are your main solution, you don't really need a 3rd party AV (unless for a particular feature) , WinDef is enough.

I agree. The only reason I use Windows is to get my security 'Fix' Yes, I'm a security junky lol.

 

[Decopi]

I have CF + @cruelsister ' settings (I just use Firewall and Auto-Containment... I don't use Viruscope, Website filtering, HIPs).
As CS once said time ago, any AV along with CF+CS' settings, it wont hurt, but it is (almost) a zero sum game.

In this context and based on this logic, if someone feels the need of having an AV with CF/CS, then the priority should be the highest compatibility & lowest system impact. And the winner is... AVAST FREE.

I tested lot of AV along with CF/CS. Most of them work perfectly along with CF/CS (almost zero compatibility problems).
But, in terms of system impact, AVAST FREE was unbeatable.
Yes, KFA and BDF etc may have the ultra-mega-best-interstellar-benchmarks. But again, along with CF/CS an AV is a zero sum game, and the priority should be compatibility/system performance.
I felt the psychological need of having an AV, so for the past 12 months I am using CF/CS & AVAST FREE... zero compatibility problems, and the lowest system impact.

For my browser (Firefox 60 beta), I completely blocked 3rd-parties (90% of websites work perfectly without them, and they represent 90% of the webgarbage/webrisks), I use Firefox built-in features (antimalware + anti-tracking protection + 3rd-parties cookies blocked), and very, very, very important: I also use Firefox FPI (First Party Isolation) + Containers.

During the past 12 months, despite my computer was attacked by phishing, scams, malwares etc... it never was infected. Once a month I ran Zemana and Hitman as second opinion scanner, and zero, 100% clean.
Conclusion: Zero malware problems, zero compatibility problems, almost zero system impact.

 

[Momus]

I have CF + @cruelsister ' settings (I just use Firewall and Auto-Containment... I don't use Viruscope, Website filtering, HIPs).
As CS once said time ago, any AV along with CF+CS' settings, it wont hurt, but it is (almost) a zero sum game.

In this context and based on this logic, if someone feels the need of having an AV with CF/CS, then the priority should be the highest compatibility & lowest system impact. And the winner is... AVAST FREE.

I tested lot of AV along with CF/CS. Most of them work perfectly along with CF/CS (almost zero compatibility problems).
But, in terms of system impact, AVAST FREE was unbeatable.
Yes, KFA and BDF etc may have the ultra-mega-best-interstellar-benchmarks. But again, along with CF/CS an AV is a zero sum game, and the priority should be compatibility/system performance.
I felt the psychological need of having an AV, so for the past 12 months I am using CF/CS & AVAST FREE... zero compatibility problems, and the lowest system impact.

For my browser (Firefox 60 beta), I completely blocked 3rd-parties (90% of websites work perfectly without them, and they represent 90% of the webgarbage/webrisks), I use Firefox built-in features (antimalware + anti-tracking protection + 3rd-parties cookies blocked), and very, very, very important: I also use Firefox FPI (First Party Isolation) + Containers.

During the past 12 months, despite my computer was attacked by phishing, scams, malwares etc... it never was infected. Once a month I ran Zemana and Hitman as second opinion scanner, and zero, 100% clean.
Conclusion: Zero malware problems, zero compatibility problems, almost zero system impact.

I have been playing around with Comodo FW / CS Settings and I am more than happy with it. But I’m not feeling save with Windows Defender. What do you guys think of combining Webroot av with CFW / CS settings? Would you recommend CIS? Kaspersky av feels heavy...

 

[Decopi]

Hi @Momus !

Most of the known antivirus/antimalware are "ok".
And for most of the users, just one AV/AM is more than enough.

As I said in my previous comment, I tested most of the known AV/AM (including WD, Webroot, KFA etc.
My favorite is Comodo Firewall + CS' settings as main security line.
AVAST Free is my second line (just filling my psychological needs).
And my other security lines are browser add-ons etc, Containers, First Party Isolation etc.

Cheers

 

[Momus]

Hi @Momus !

Most of the known antivirus/antimalware are "ok".
And for most of the users, just one AV/AM is more than enough.

As I said in my previous comment, I tested most of the known AV/AM (including WD, Webroot, KFA etc.
My favorite is Comodo Firewall + CS' settings as main security line.
AVAST Free is my second line (just filling my psychological needs).
And my other security lines are browser add-ons etc, Containers, First Party Isolation etc.

Cheers

Hi Decopi, many thanks for your answer! I wii definitely test Avast Free according to your recommendation. WD and KFA slowed down my system too much...

 

[ZeroDay]

I've switched back to CF with WD. For me personally it makes no sense to disable WD when it is a very capable AV. So rather than disabling WD I keep it enabled, max the settings out in GPE and add CF. Plus I use an SUA and SRP and that is more than enough protection for anyone along with an AD blocker and changing a few Flags in Chrome. Oh, And keeping backups of files and system images. For me this is the perfect setup.

 

[cruelsister]

Hi Zero! Yeah, on my system (Win10) I also have WD active- it acts well with CF so there is no reason to disable it in Group Policy. But just note CF will be doing the heavy work as WD just blows against zero-day files.

 

[ZeroDay]

Hi Zero! Yeah, on my system (Win10) I also have WD active- it acts well with CF so there is no reason to disable it in Group Policy. But just note CF will be doing the heavy work as WD just blows against zero-day files.

Hi CS. I completely agree. I just leave WD enabled for simple signature detection. I don't really notice it running. CF is my main defense without a doubt. The main reason for just keeping WD enabled is just in case anything is on the trusted vendors list in CF and WD may have a signature for it. I recommend the same setup - CF with your settings and WD to non-Tech Savvy family and friends, and, since setting it up for the them my stress levels have dropped significantly lol. I do have a few friends that run jut CF with your settings and a SUA and they're really happy with the setup. Thanks for putting your CF videos together it helped convince the non-Tech savvy friends to switch from paying X amount per year to spending nothing on security software and never having to phone me saying " my uncles sisters brothers cousin who lives in South Africa who I didn't even know existed left for 5 million in his will, I only clicked on the PDF and it broke my computer"

 

[Nightwalker]

I've switched back to CF with WD. For me personally it makes no sense to disable WD when it is a very capable AV. So rather than disabling WD I keep it enabled, max the settings out in GPE and add CF. Plus I use an SUA and SRP and that is more than enough protection for anyone along with an AD blocker and changing a few Flags in Chrome. Oh, And keeping backups of files and system images. For me this is the perfect setup.

Thats exactly my setup, works so well that is almost boring