Advanced Plus Security LDoggs Security Setup

Last updated
Aug 21, 2018
Windows Edition
Pro
Security updates
Allow security updates
User Access Control
Always notify
Real-time security
Comodo Firewall & Netcraft
Firewall security
Periodic malware scanners
CCE w/ Killswitch, Zemana Antimalware, Norton Power Eraser & Emsisoft Emergency Kit
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Browser: Opera (latest version) (default browser)
Extensions: Nano Blocker & Defender, SingleClick Cleaner, Cookie Autodelete, Random User-Agent, Privacy Possum, CSS Exfil Protection, Auto History Wipe, Netcraft, Script Defender & i don't care about cookies.

Browser: Comodo Ice Dragon
Extensions: Scriptsafe, uBlock Origin, ClearURLs, Behind The Overlay, Netcraft, Cookie Autodelete, Random User-Agent, Trace, Decentraleyes & CanvasBlocker

Browser: Firefox Quantum (not on current system)
Extensions: NoScript, Decentraleyes, Cookie Auto Delete, Trace, uBlock Origin, IDN Safe, CSS Exfil Protection, ClearURLs, Skip Redirect, Smart Referer, Malwarebytes, BehindTheOverlay, Ghostery, Keyboard Privacy, CanvasBlocker, Netcraft & Random User Agent
Maintenance tools
O&OShutup 10, Defraggler, RevoUninstaller, SysHardener 1.5 (Evjl Rain settings) for additional system security and lockdown, procexp, Windscribe VPN Free 15GB plan, VLC Media Player, OpenOffice, 7zip, Virtual DJ Pro, CDBurnerXP, AOMEI Backupper Standard, Bleachbit, PrivaZer & Wise Care 365
File and Photo backup
AOMEI Backupper Standard
System recovery
AOMEI Backupper Standard

DeepWeb

Level 25
Verified
Top Poster
Well-known
Jul 1, 2017
1,396
Very interesting extensions especially CSS Exfil Protection. I will look into it thanks to you. (y)
 
  • Like
Reactions: LDogg

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
Thinking about ditching this current setup.

@HarborFront @Umbra @Evjl's Rain in your opinion what software out there offer a very light config, but also covers most attack vectors on a system?

I was thinking maybe CFW + Immunet
Tinywall + OSArmor + Browser Extensions
CFW on it's on (not too confident with it alone)
Immunet (Clam AV off) + Forticlient (Web only) + Tinywall.
CFW + Second opinion scanners + web extensions
CFW + OSArmor
OSArmor + Zonealarm Firewall.

Or CCAV with something else.

I'm not quite sure. I don't wish to get rid of Comodo Firewall as I know what to do with it.

~LDogg
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
But why isnt windows firewall option as tweaked?

I will vote for:
Either cf + cs + hips
or cfw + immunet, disable clamAV+ packet file scanning
 

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
I don't mess with the default FW. Just something personal I guess.

Edit: could also clash with CFW.

~LDogg
 
  • Like
Reactions: Moonhorse

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
I prefer CF + immunet or CF + avast tweaked for max performance (crippled security)
CF + K9 is also very nice, actually better web filter than forticlient

But why isnt windows firewall option as tweaked?
there are still many ways to bypass windows firewall but it's extremely hard to bypass CF
WF+tweaked avast or voodooshield can eliminate most infection vectors

for example, even KFA+WF can be bypassed by random exe malwares but avast has hardened mode which can easily deal with exe malwares

avast+syshardener+WF is an almost bulletproof setup
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
But why isnt windows firewall option as tweaked?

I will vote for:
Either cf + cs + hips
or cfw + immunet, disable clamAV+ packet file scanning
if a malware is trusted and bypasses CF, if HIPS is set safe mode => HIPS will be useless because it will be bypassed too

unless, you set HIPS as paranoid, HIPS will have no effect on trusted malwares

HIPS is for paranoid users or users who want to lockdown their PC and don't install anything
totally not recommended for daily usage
 

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
I prefer CF + immunet or CF + avast tweaked for max performance (crippled security)
CF + K9 is also very nice, actually better web filter than forticlient


there are still many ways to bypass windows firewall but it's extremely hard to bypass CF
WF+tweaked avast or voodooshield can eliminate most infection vectors

for example, even KFA+WF can be bypassed by random exe malwares but avast has hardened mode which can easily deal with exe malwares

avast+syshardener+WF is an almost bulletproof setup

I'm thinking of adding Immunet and removing Unchecky & VoodooShield. VDS is great. How good is Immunet though?

~LDogg
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
if a malware is trusted and bypasses CF, if HIPS is set safe mode => HIPS will be useless because it will be bypassed too

unless, you set HIPS as paranoid, HIPS will have no effect on trusted malwares

HIPS is for paranoid users or users who want to lockdown their PC and don't install anything
totally not recommended for daily usage
Thanks, eye opening. Might go for immunet + cf later, im just in love with CCAV for now
 
  • Like
Reactions: Evjl's Rain

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
I'm thinking of adding Immunet and removing Unchecky & VoodooShield. VDS is great. How good is Immunet though?

~LDogg
immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my second op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my seconds op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB
Guess im gonna test this combo, myself aswell.. since even cs said cf is lighter than CCAV
 
  • Like
Reactions: Evjl's Rain

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Guess im gonna test this combo, myself aswell.. since even cs said cf is lighter than CCAV
CCAV without the cloud AV module might be lighter than CF? I guess
any AV is heavier than a firewall

if you want to test immunet, please be careful with FPs if you can tolerate it
it's okay for me but not sure for other people
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my seconds op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB
Does Immunet register as AV on Windows Security Center?
I tried it few weeks ago, but I can't remember if it did... I'm getting old :p
But I do remember I tried to make a right-click scan on a file and nothing happened...
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Does Immunet register as AV on Windows Security Center?
I tried it few weeks ago, but I can't remember if it did... I'm getting old :p
But I do remember I tried to make a right-click scan on a file and nothing happened...
sometimes, it randomly fails to connect to servers for unknown reason, usually after we wake up the pc from a long sleep, when the internet disconnects
immunet right-click scan is not reliable and buggy, I prefer entering the UI and use the custom scan
I don't remember if immunet does it or not because I always disable security notifications. i don't think it matters

I'm using avast + CF now just because I like avast :))
it has BB in case I allow something to bypass cf sandbox
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Immunet register as av on security center yes, when i had immunet a go i cant remember what actually happened but it was conflicting something with comodo, maybe because i didnt add immunet as trusted with cis

Anyway ccav + syshardener is lightest solution i have ever tried myself, might try immunet + cf later but as paranoid person i will end up to uninstall it anyway
 

Nestor

Level 9
Verified
Well-known
Apr 21, 2018
397
sometimes, it randomly fails to connect to servers for unknown reason, usually after we wake up the pc from a long sleep, when the internet disconnects
immunet right-click scan is not reliable and buggy, I prefer entering the UI and use the custom scan
I don't remember if immunet does it or not because I always disable security notifications. i don't think it matters

I'm using avast + CF now just because I like avast :))
it has BB in case I allow something to bypass cf sandbox
Can Immunet be used as a second opinion scanner?I mean instead of HPA or EEK,is actually effective?Did it has a portable version?
 
  • Like
Reactions: Moonhorse

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
So @Evjl's Rain would you say if I take off VDS + Unchecky replace both with Immunet and look at certain settings (ClamAV off) it would be a bit better? Also obviously testing myself too, I've used it once before.

~LDogg
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
So @Evjl's Rain would you say if I take off VDS + Unchecky replace both with Immunet and look at certain settings (ClamAV off) it would be a bit better? Also obviously testing myself too, I've used it once before.

~LDogg
I think so because CF+VDS overlap each other a lot => you will get double prompts for the same application
immunet is just an AV so it will block malware without generating extra popup

it's a very basic AV with only signatures, nothing more
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top