Latest Changes
Mar 24, 2019
Operating System
Windows 10
Windows Edition
Home
Build
17763.379 ( v. 1809 )
System Architecture
64-bit OS
Security Updates
Automatic Updates - All security and feature updates
User Access Control
Default
Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
None - No Malware on host PC or VM
Real-time Web & Malware Protection
  1. Comodo AntiVirus
  2. K9 web protection
Custom Settings For Real-Time Protection
Custom - Major changes for Increased Security
Custom Settings For Real-Time Protection Details
  1. CAV:
    • General settings --> Configuration --> Enabled Proactive Security
    • HIPS --> Disabled
    • Containment --> Auto-containment --> Block unknown
    • Containment --> Auto-containment --> Added exclusion for "Portable SW" folders
  2. Following categories blocked on k9:
    • Illegal / Questionable
    • Illegal Drugs
    • Phishing
    • Spyware / Malware Sources
    • Spyware Effects
    • Suspicious
Virus and Malware Removal Tools
  1. HitmanPro
  2. AdwCleaner
Browsers and Extensions
Chromium portable (launched by chrlauncher) with:
  • ublock origin
  • F.B. Purity
  • Cookie AutoDelete
  • New tab redirect
  • Close&Clean
Web Privacy
  1. Cloudflare DNS
  2. Windows Privacy Dashboard
  3. O&O shutup10
Password Management
None (integrated in the portable browser)
Default Web Search
Google
System Utilities
  • NVT SysHardener
  • UAC Pass
  • PeaZip
  • Geek uninstaller
  • Dism++
  • RAPR
  • SUMo
Data Backup
Lazesoft Recovery Suite Home Edition
Frequency of Data backups
Monthly
System Backup
Lazesoft Recovery Suite Home Edition
Frequency of System backups
Regularly
Computer Activity
Banking
Browsing Internet and email
Computer Specifications
MSI cubi i3 5005U

imuade

Level 7
Verified
It will be OK, if you do not change the settings of SysHardener or H_C.:giggle:
But some functionality of H_C, related to whitelisting files with dangerous extensions and turning OFF some H_C settings, will be diminished.(y)
Thanks for testing H_C again.:emoji_ok_hand:
Well, SysHardener has 5 main sections:
  1. Windows Security Tweaks
  2. File Type Associations
  3. Windows Services
  4. Vulnerable Software
  5. Firewall
I think sections 2, 3 and 5 are not (or only partially) covered by H_C.
About 4, that is overlapping, but I prefer not to use generalistic SW (i.e. Adobe), so I don't care too much.
The biggest issues could come from section 1, but I don't apply too many settings from SysHardener because I think H_C is stronger there :)
 

Andy Ful

Level 38
Content Creator
Trusted
Verified
Well, SysHardener has 5 main sections:
  1. Windows Security Tweaks
  2. File Type Associations
  3. Windows Services
  4. Vulnerable Software
  5. Firewall
I think sections 2, 3 and 5 are not (or only partially) covered by H_C.
About 4, that is overlapping, but I prefer not to use generalistic SW (i.e. Adobe), so I don't care too much.
The biggest issues could come from section 1, but I don't apply too many settings from SysHardener because I think H_C is stronger there :)
SysHardener is a very good security enhancement for an AV, when the user likes default-allow security setup. But it is redundant, when the user applied the H_C default-deny setup. Using H_C requires more skill and knowledge than using SysHardener, but SysHardener will be more usable for most users.
  1. Windows Security Tweaks: Some SysHardener tweaks are the default settings since Windows Vista. Many tweaks are not required in the default-deny setup. The rest is included in H_C.
  2. File Type Associations: H_C blocks all file extensions that are blocked by SysHardener (and about 30 more). This SysHardener feature will not work, because SRP will block the files with dangerous extensions, before they could be blocked by SysHardener.
  3. Windows Services: H_C blocks only those that can be dangerous. SysHardener blocks more, but they are rather related to privacy, and some others are simply not used (so may be disabled). Yet, there is a better software to block/unblock unused services: Easy Service Optimizer (Easy Service Optimizer v1.2).
  4. Vulnerable Software: SysHardener can harden additionally Foxit Reader and WPS Office, but those tweaks can be easily done within those applications. Both SysHardener and H_C can harden MS Office and Adobe Acrobat Reader, although the H_C settings are slightly stronger.
  5. Firewall: Not required in the H_C default-deny setup (look at @askalan tests on MH). Firewall rules are useful in SysHardener because it does not block some dangerous file extensions (CHM, CPL, LNK, etc.) which are blocked in H_C. Yet, if one wants to protect against LOLBins on a vulnerable system with vulnerable applications, then the firewall rules are rather useless. It is far better to block them with H_C.
For 90% of H_C users, using SysHardener will be not recommended.
Some advanced users, who know well how SysHardener and H_C work together, can get some advantage in rare situations.
 
Last edited:

imuade

Level 7
Verified
Update 16/03/2019
Removed Immunet, Windows 10 Firewall Control and Zemana Anti-malware portable
Re-enabled Windows Defender (tweaked for performance)

So, summarizing:
  • Web protection: k9
  • Antivirus: Windows Defender
  • Firewall: Windows Defender Firewall
  • Hardening: NoVirusThanks SysHardener + AndyFul's Hard_Configurator
  • Backup: Lazesoft Recovery Suite Home Edition
k9 and H_C can take care of 99,99% of threats, WD is quite light if properly tweaked and using it reduces the chances of incompatibility issues
 

oldschool

Level 23
Verified
Update 16/03/2019
Removed Immunet, Windows 10 Firewall Control and Zemana Anti-malware portable
Re-enabled Windows Defender (tweaked for performance)

So, summarizing:
  • Web protection: k9
  • Antivirus: Windows Defender
  • Firewall: Windows Defender Firewall
  • Hardening: NoVirusThanks SysHardener + AndyFul's Hard_Configurator
  • Backup: Lazesoft Recovery Suite Home Edition
k9 and H_C can take care of 99,99% of threats, WD is quite light if properly tweaked and using it reduces the chances of incompatibility issues
I've gotten rid of all the "extras" like yourself. (y) Notice how your machine just hums along nicely? Heck, I've got all WD settings enabled and no issues, blocks, conflicts of any kind!
 

imuade

Level 7
Verified
I've gotten rid of all the "extras" like yourself. (y) Notice how your machine just hums along nicely? Heck, I've got all WD settings enabled and no issues, blocks, conflicts of any kind!
Yeah I also happen to go back to WD after I try other AVs.
Being integrated in Windows is a great plus considering that Microsoft already messes up with updates :p
 

Kyle_Katarn

From KC Softwares
Developer
Verified
There will be always some problems with application auto-updating when using default-deny setup. Personally, when the auto-update of some application is blocked, I simply turn OFF auto-updates for it, and perform manual updates. On Administrator account, it can be simply done by running the application via "Run As SmartScreen" and perform the update from application GUI. If the update requires the updater downloaded from the Internet, then the updater should be run via "Run As SmartScreen".
Probably something like SUMO (www.kcsoftwares.com) updater can be useful, too.
Thanks for recommending SUMo.
 

imuade

Level 7
Verified
Update 24/03/2019
Removed Hard_Configurator
Replaced Windows Defender with Comodo AntiVirus
Replaced Bandizip with PeaZip

I just wanna give CAV another try, on Comodo Forums I read the latest version (v11.0.0.6802) is quite stable.
First impression is OK, my system wasn't broken :ROFLMAO:
It's quite light on system resources
 

shmu26

Level 75
Content Creator
Trusted
Verified
Update 24/03/2019
Removed Hard_Configurator
Replaced Windows Defender with Comodo AntiVirus
Replaced Bandizip with PeaZip

I just wanna give CAV another try, on Comodo Forums I read the latest version (v11.0.0.6802) is quite stable.
First impression is OK, my system wasn't broken :ROFLMAO:
It's quite light on system resources
Let us know if you like it. :)
 

Similar Threads

Similar Threads