Latest Changes
Aug 21, 2018
Operating System
Windows 10
Windows Edition
Pro
System Architecture
64-bit OS
Security Updates
Automatic with Deferred upgrades - Security updates only
User Access Control
Always Notify
Firewall
3rd-party Firewall - Network security provided by a trusted vendor
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
None - No Malware on host PC or VM
Real-time Web & Malware Protection
Comodo Firewall & Netcraft
Custom Settings For Real-Time Protection
Custom - Minor changes for Increased Security
Virus and Malware Removal Tools
CCE w/ Killswitch, Zemana Antimalware, Norton Power Eraser & Emsisoft Emergency Kit
Browsers and Extensions
Browser: Opera (latest version) (default browser)
Extensions: Nano Blocker & Defender, SingleClick Cleaner, Cookie Autodelete, Random User-Agent, Privacy Possum, CSS Exfil Protection, Auto History Wipe, Netcraft, Script Defender & i don't care about cookies.

Browser: Comodo Ice Dragon
Extensions: Scriptsafe, uBlock Origin, ClearURLs, Behind The Overlay, Netcraft, Cookie Autodelete, Random User-Agent, Trace, Decentraleyes & CanvasBlocker

Browser: Firefox Quantum (not on current system)
Extensions: NoScript, Decentraleyes, Cookie Auto Delete, Trace, uBlock Origin, IDN Safe, CSS Exfil Protection, ClearURLs, Skip Redirect, Smart Referer, Malwarebytes, BehindTheOverlay, Ghostery, Keyboard Privacy, CanvasBlocker, Netcraft & Random User Agent
Web Privacy
Nano Blocker & Defender, Decentraleyes, Cookie Auto Delete, IBM-backed Quad9 DNS , uBlock Origin, IDN Safe, Trace, ClearURLs & other web extensions
Password Manager
None.
Web Search
DuckDuckGo
System Utilities
O&OShutup 10, Defraggler, RevoUninstaller, SysHardener 1.5 (Evjl Rain settings) for additional system security and lockdown, procexp, Windscribe VPN Free 15GB plan, VLC Media Player, OpenOffice, 7zip, Virtual DJ Pro, CDBurnerXP, AOMEI Backupper Standard, Bleachbit, PrivaZer & Wise Care 365
Data Backup
AOMEI Backupper Standard
Frequency of Data backups
Weekly
System Backup
AOMEI Backupper Standard
Frequency of System backups
Regularly

DeepWeb

Level 23
Verified
Very interesting extensions especially CSS Exfil Protection. I will look into it thanks to you. (y)
 
  • Like
Reactions: LDogg

LDogg

Level 28
Verified
Thinking about ditching this current setup.

@HarborFront @Umbra @Evjl's Rain in your opinion what software out there offer a very light config, but also covers most attack vectors on a system?

I was thinking maybe CFW + Immunet
Tinywall + OSArmor + Browser Extensions
CFW on it's on (not too confident with it alone)
Immunet (Clam AV off) + Forticlient (Web only) + Tinywall.
CFW + Second opinion scanners + web extensions
CFW + OSArmor
OSArmor + Zonealarm Firewall.

Or CCAV with something else.

I'm not quite sure. I don't wish to get rid of Comodo Firewall as I know what to do with it.

~LDogg
 

Moonhorse

Level 26
Content Creator
Verified
But why isnt windows firewall option as tweaked?

I will vote for:
Either cf + cs + hips
or cfw + immunet, disable clamAV+ packet file scanning
 

LDogg

Level 28
Verified
I don't mess with the default FW. Just something personal I guess.

Edit: could also clash with CFW.

~LDogg
 
  • Like
Reactions: Moonhorse

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
I prefer CF + immunet or CF + avast tweaked for max performance (crippled security)
CF + K9 is also very nice, actually better web filter than forticlient

But why isnt windows firewall option as tweaked?
there are still many ways to bypass windows firewall but it's extremely hard to bypass CF
WF+tweaked avast or voodooshield can eliminate most infection vectors

for example, even KFA+WF can be bypassed by random exe malwares but avast has hardened mode which can easily deal with exe malwares

avast+syshardener+WF is an almost bulletproof setup
 

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
But why isnt windows firewall option as tweaked?

I will vote for:
Either cf + cs + hips
or cfw + immunet, disable clamAV+ packet file scanning
if a malware is trusted and bypasses CF, if HIPS is set safe mode => HIPS will be useless because it will be bypassed too

unless, you set HIPS as paranoid, HIPS will have no effect on trusted malwares

HIPS is for paranoid users or users who want to lockdown their PC and don't install anything
totally not recommended for daily usage
 

LDogg

Level 28
Verified
I prefer CF + immunet or CF + avast tweaked for max performance (crippled security)
CF + K9 is also very nice, actually better web filter than forticlient


there are still many ways to bypass windows firewall but it's extremely hard to bypass CF
WF+tweaked avast or voodooshield can eliminate most infection vectors

for example, even KFA+WF can be bypassed by random exe malwares but avast has hardened mode which can easily deal with exe malwares

avast+syshardener+WF is an almost bulletproof setup
I'm thinking of adding Immunet and removing Unchecky & VoodooShield. VDS is great. How good is Immunet though?

~LDogg
 

Moonhorse

Level 26
Content Creator
Verified
if a malware is trusted and bypasses CF, if HIPS is set safe mode => HIPS will be useless because it will be bypassed too

unless, you set HIPS as paranoid, HIPS will have no effect on trusted malwares

HIPS is for paranoid users or users who want to lockdown their PC and don't install anything
totally not recommended for daily usage
Thanks, eye opening. Might go for immunet + cf later, im just in love with CCAV for now
 
  • Like
Reactions: Evjl's Rain

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
I'm thinking of adding Immunet and removing Unchecky & VoodooShield. VDS is great. How good is Immunet though?

~LDogg
immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my second op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB
 

Moonhorse

Level 26
Content Creator
Verified
immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my seconds op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB
Guess im gonna test this combo, myself aswell.. since even cs said cf is lighter than CCAV
 
  • Like
Reactions: Evjl's Rain

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
Guess im gonna test this combo, myself aswell.. since even cs said cf is lighter than CCAV
CCAV without the cloud AV module might be lighter than CF? I guess
any AV is heavier than a firewall

if you want to test immunet, please be careful with FPs if you can tolerate it
it's okay for me but not sure for other people
 

imuade

Level 8
Verified
immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my seconds op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB
Does Immunet register as AV on Windows Security Center?
I tried it few weeks ago, but I can't remember if it did... I'm getting old :p
But I do remember I tried to make a right-click scan on a file and nothing happened...
 

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
Does Immunet register as AV on Windows Security Center?
I tried it few weeks ago, but I can't remember if it did... I'm getting old :p
But I do remember I tried to make a right-click scan on a file and nothing happened...
sometimes, it randomly fails to connect to servers for unknown reason, usually after we wake up the pc from a long sleep, when the internet disconnects
immunet right-click scan is not reliable and buggy, I prefer entering the UI and use the custom scan
I don't remember if immunet does it or not because I always disable security notifications. i don't think it matters

I'm using avast + CF now just because I like avast :))
it has BB in case I allow something to bypass cf sandbox
 

Moonhorse

Level 26
Content Creator
Verified
Immunet register as av on security center yes, when i had immunet a go i cant remember what actually happened but it was conflicting something with comodo, maybe because i didnt add immunet as trusted with cis

Anyway ccav + syshardener is lightest solution i have ever tried myself, might try immunet + cf later but as paranoid person i will end up to uninstall it anyway
 

Nestor

Level 8
sometimes, it randomly fails to connect to servers for unknown reason, usually after we wake up the pc from a long sleep, when the internet disconnects
immunet right-click scan is not reliable and buggy, I prefer entering the UI and use the custom scan
I don't remember if immunet does it or not because I always disable security notifications. i don't think it matters

I'm using avast + CF now just because I like avast :))
it has BB in case I allow something to bypass cf sandbox
Can Immunet be used as a second opinion scanner?I mean instead of HPA or EEK,is actually effective?Did it has a portable version?
 
  • Like
Reactions: Moonhorse

LDogg

Level 28
Verified
So @Evjl's Rain would you say if I take off VDS + Unchecky replace both with Immunet and look at certain settings (ClamAV off) it would be a bit better? Also obviously testing myself too, I've used it once before.

~LDogg
 

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
So @Evjl's Rain would you say if I take off VDS + Unchecky replace both with Immunet and look at certain settings (ClamAV off) it would be a bit better? Also obviously testing myself too, I've used it once before.

~LDogg
I think so because CF+VDS overlap each other a lot => you will get double prompts for the same application
immunet is just an AV so it will block malware without generating extra popup

it's a very basic AV with only signatures, nothing more
 
Last edited: