Latest Changes
Apr 24, 2019
Operating System
Windows 10
Windows Edition
Home
Build
1809
System Architecture
64-bit OS
Security Updates
Automatic Updates - All security and feature updates
User Access Control
Always Notify
Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen (Windows 10)
User Account
Standard - User has some control over the settings
Recent Security Incidents
No malware or privacy issues
Malware Testing
None - No Malware on host PC or VM
Real-time Web & Malware Protection
Windows defender
Configure defender
Runbysmartscreen
Documents anti-exploit
appcheck antiransomware free
Custom Settings For Real-Time Protection
Custom - Major changes for Increased Security
Custom Settings For Real-Time Protection Details
Windows defender: Controlled folder protection
Configure defender: max settings
Documents anti-exploit: both settings ''on''
Virus and Malware Removal Tools
Malwarebytes free
Adwcleaner
Zemana free 3.0
Roguekiller
Browsers and Extensions
Google chrome:
  • Nano adblocker
  • Nano defender
  • Blocksi (block unrated, block all ''sketchy domains'')
  • Https everywhere ( encrypt all sites (Ease) )
  • Netcraft
  • Bitwarden
Web Privacy
Chrome flags enabled:
  • block downloads over insecure connections
  • Anonymize WebRTC
  • Disable smooth scrolling
  • Enable GPU appcontainer lockdown
  • Enable appcontainer lockdown
  • TLS 1.3 downgrade hardening
  • NoState Prefetch
  • Parallel downloading
  • Mark non-secure origins as non-secure
  • PDF Isolation
  • Enable lazy image loading
  • Enable lazy frame loading
Cleanbrowsing DNS
Password Management
Bitwarden
Default Web Search
Google
System Utilities
Privazer Free
Data Backup
External drive
Frequency of Data backups
Monthly
System Backup
Aomei backupper Free
Frequency of System backups
Regularly
Computer Activity
PC Gaming
Online banking
Browsing web and email
Install new programs on a weekly basis
Watch movies and other entertainment content on the Internet
Shared device is used by family members
Computer Specifications
Asus m5A97
AMD FX-6300 @ 3.8ghz
MSI GTX-970
HDD 1TB
8GT Kingston Ram, @1600Hz

Moonhorse

Level 25
Content Creator
Verified
Why did you stop using Kaspersky?
Also looking forward to Microsoft Chromium based Edge (y)

Have you thought about Tinywall or MWFC to compliment Windows Firewall at all?

Nice to see another post from you as well!

~LDogg
Nope, i just want the main idea for this setup be, using as much default softwares ( from microsoft) and avoid installing 3rd party programs...Firefox just because edgeHTLM one is horrible

Cleanups done by firefox exit = remove cookies/ history
System clean up = Windows clean up & defrag
Using microsoft store apps
I can disable powershell/script host and play with firewall rules without 3rd party software
Etc.
 

Moonhorse

Level 25
Content Creator
Verified
I must admit i feel bit naked, and im going to add comodo firewall to pair it with WD
I wanted to see comodo cloud avs new gui, but cf is less prone to bugs than CCAV is

I use netcraft + malwarebytes extensions so kaspersky feels bit useless there

+ added comodo firewall
 

Moonhorse

Level 25
Content Creator
Verified
Replaced WD with forticlient , did not choose web filter, because it will restrict youtube for me. But with antivirus installation ill get protection against suspicious sites anyways, and it wont restrict my youtube experience

So:
Antivirus: Forticlient ( good signatures/web filtering)
Comodo firewall ( default deny: auto-sandbox)
210867
 

LDogg

Level 28
Verified
Good choice. I would of went back to Forticlient if it's web filter didn't get in the way of me using the free Wifi at my DJ residency, I was fed up of turning it off. Hence using CCAV. :p

~LDogg
 
  • Like
Reactions: Nestor and Raiden

Moonhorse

Level 25
Content Creator
Verified
Good choice. I would of went back to Forticlient if it's web filter didn't get in the way of me using the free Wifi at my DJ residency, I was fed up of turning it off. Hence using CCAV. :p

~LDogg
Lol i just noticed that you have to install web filter aswell, the antivirus as standalone wont block malicious websites :cry:
 

LDogg

Level 28
Verified
Yeah, the webfilter completely died this morning. Im back to the normal config, wich means KFA+ comodo firewall.....atleast it works.
That is true. Sometimes it's important to never change something that actually works :p, but even I like to change things at times.

~LDogg
 
  • Like
Reactions: Moonhorse

Moonhorse

Level 25
Content Creator
Verified
That is true. Sometimes it's important to never change something that actually works :p, but even I like to change things at times.

~LDogg
Actually i just flashed drive, to get rid of driver remnants. Installed CCAV as only protection, since i will always end up using comodos container. WD just takes too much resources for nothing, when paired with cf

Edit: CCAV still has it bugs, with child processes blocking something for me
So Comodo internet security to replace it
 
Last edited:
  • Like
Reactions: stefanos and LDogg

LDogg

Level 28
Verified
Actually i just flashed drive, to get rid of driver remnants. Installed CCAV as only protection, since i will always end up using comodos container. WD just takes too much resources for nothing, when paired with cf

Edit: CCAV still has it bugs, with child processes blocking something for me
So Comodo internet security to replace it
Fair enough man! It seems to be very good for me to use so far! Different users seem to have different experience compared to other people using the same software, kinda interesting with each scenario really.

~LDogg
 

Moonhorse

Level 25
Content Creator
Verified
Fair enough man! It seems to be very good for me to use so far! Different users seem to have different experience compared to other people using the same software, kinda interesting with each scenario really.

~LDogg
I have old java based game client, wich couldnt run with CCAV or either H_C enabled. But when i use CF or either CIS it works without problems. Its more like specific problem for me
 
  • Like
Reactions: stefanos and LDogg

LDogg

Level 28
Verified
I have old java based game client, wich couldnt run with CCAV or either H_C enabled. But when i use CF or either CIS it works without problems. Its more like specific problem for me
Makes sense. That's why I don't any 3rd party DNS services/clients or Forticlients web filter as it gets in the way of me logging into my pubs wifi where I have to do my DJ job and other wifi spots in the town.

~LDogg
 
  • Like
Reactions: Moonhorse

Moonhorse

Level 25
Content Creator
Verified
22.3.2019

Current setup updated to

Realtime protection:
Windows defender; configuredefender= max settings
Hard_Configurator; Recommended settings

Browser setup:

+Google chrome:
  • Nano adblocker
  • Nano defender
  • Netcraft
  • Malwarebytes extension
  • Bitwarden
  • Privacy possum
Chrome flags enabled:
  • block downloads over insecure connections
  • Anonymize WebRTC
  • Disable smooth scrolling
Windows built in junk removed with Geek uninstaller + also gave O &O shutups uninstaller a go, wich went quite well

Only problem im having is the GPU plugin wont work with my java based game, but its not a huge loss. Im using H_C until 1909 march/april update and see how it goes
 

Andy Ful

Level 39
Content Creator
Trusted
Verified
...
Im using H_C until 1909 march/april update and see how it goes
No surprises for now in the Insider 1909.

I have old java based game client, wich couldnt run with CCAV or either H_C enabled. But when i use CF or either CIS it works without problems. Its more like specific problem for me
Post here the specification of your java based game client, I can look at it and try to find the solution.
22.3.2019

Current setup updated to

Realtime protection:
Windows defender; configuredefender= max settings
Hard_Configurator; Recommended settings
...
With ConfigureDefender on max settings you will get more false positives, especially from the below ASR rules:
Block executable files from running unless they meet a prevalence, age, or trusted list criteria
Block credential stealing from the Windows local security authority subsystem (lsass.exe)

The first rule can block some application updates, because the updater executable will have for the first few days a low prevalence.
The second usually do not block the application, but only the access to lsass.exe - it can be ignored, but will produce some alerts.
If you have activated Controlled Folder Access, then it will usually prevent creating the shortcuts on the Desktop when installing applications (you can drag the shortcut from Start Menu).
 

Moonhorse

Level 25
Content Creator
Verified
@Andy Ful The problem actually just were the one i posted in your thread some time ago, was kinda busy but now when i got back to computer, took me minute to fix that problem.

Well when i installed whatsapp/ spotify, i just whitelisted > path > shortcut. And after that i had to do same thing for whatsapp/spotify updaters, throught wildcard

So when im whitelisting stuff, should i always just go to program whiles and whitelist whole folder, since run.exe is always there aswell instead of that shortcut thing

Well for now im gonna keep looking at blocked events now and then if something is getting blocked for no reason

Anyways im probably gonna do clean install since 1909 is big patch, and probably test allowing exe/tmp and just use comodo firewall along