Advice Request CIS 10 Config: Default or Proactive?

[vivid]

the autosandbox function does not need updated sigs to work. It will block by default anything that does not appear on the whitelist, no matter how old the whitelist may be.

Only the AV component needs updated sigs in order to work right.

Partially true. There are also administrator defined rules in Sandbox. Think of these as rules made by developers when something out of the ordinary is found.
(handled trough program updates-- from what I've seen)

 

[shmu26]

guys and gals, I don't know why COMODO has to be so mystical and esoteric. Every other security soft can be understood.

 

[Rengar]

I have a question. My English is not good, I am sorry. I have Windows 10 64b, CF 10 and I use settings for sandboxed files as UNTRUSTED. How difference is between RESTRICTED and UNTRUSTED? I have HIPS ON.

And another question is about AV. I want use some AV solutions. I used Avast with CF 8 and I had some problems. I switched to Quihoo but there are other problems - Quihoo does not work properly under user account. I need some AV for my Win with CF 10.

And latest question is about possible conflict between HIPS from CF and Avast. Will be work without problem or how settings can I use?

try Avira
or Bitdefender free

I use avast free with CFW 10, no conflicts.

or Panda

 

[AtlBo]

And another question is about AV. I want use some AV solutions. I used Avast with CF 8 and I had some problems. I switched to Quihoo but there are other problems - Quihoo does not work properly under user account. I need some AV for my Win with CF 10.

I sent feedback to qihoo about the settings requiring admin account access. Hope they respond with something. Having to change accounts to change settings is inconvenient to say the least. Even restoring from the quarantine is banned in the user account.

 

[radek178]

I do not want Bitdefender Free because there is no possibility settings. I do not like Avira, I tried it about 1 year ago and if I remember Avira has too much running processes. I do not know Panda. But I read Panda is not light for system.
About Quihoo - I wrote to Quihoo support manytimes, but they did not reply.
Sorry for my English.

 

[shmu26]

it doesn't really matter which AV you use, anything that works is fine, just not something heavy that conflicts with comodo, such as bitdefender paid edition or kaspersky internet suite

 

[Rengar]

I do not want Bitdefender Free because there is no possibility settings. I do not like Avira, I tried it about 1 year ago and if I remember Avira has too much running processes. I do not know Panda. But I read Panda is not light for system.
About Quihoo - I wrote to Quihoo support manytimes, but they did not reply.
Sorry for my English.

I had Panda and CF for a month. Panda is pretty good and very very light trust me

 

[shmu26]

if you have CFW on proactive config, you are already very well protected, so you can use the built-in Windows Defender, if third-party AVs are giving you trouble. You don't need more than that.

Or if you are willing to pay a few dollars, you can use webroot, it is super light.

 

[cruelsister]

Radek- Your English is very good! If you are using the Untrusted or Restricted sandbox setting you don't need the HIPS at all. The difference between these settings is that Untrusted will place more restrictions on what a file can do in the sandbox, and often they will just not work at all.

Also, I just tried Avast with the HIPS off and the sandbox at Restricted and there were no issues at all. Try it...

 

[radek178]

shmu26
yes, I have CF on proactive and Sandbox as Untrusted. HIPS ON because it is default. As a protection on my PC I prefer CF and I want to use CF Sandbox and if I would like to use HIPS I want to use HIPS from CF. I only look for some AV that can be used with CF without problem (no conflict).

cruelsister
Thank you for your answer. As I wrote above. I use CF Sandbox on Untrusted. HIPS is ON because it is default settings. I used Avast for 3 years but I think latest version of Avast does not work with CF properly. I had CF 8 and latest Avast free and my PC was slow. HDD very often runs on 80-100% and when I uninstall Avast the problem was gone. Now I want use CF 10 and some AV. Windows Defender slow down my PC, I tried it manytimes. So I decided to use other AV. I want light AV with the settings with good protection and I know - probably there is only Avast...

I use Voodooshield too.

 

[shmu26]

the problem you are having might be because you are using voodoo as well.
because when you start combining a lot of different security softwares, it gets much harder to make everything work the way you want.
you will just have to experiment and see which config works best for you

I recommend that you try webroot.
User Review - Webroot SecureAnywhere Internet Security Complete Review
If you decide you like it, you can probably get a good deal on it from bargain sites like amazon or newegg.

 

[Rengar]

shmu26
yes, I have CF on proactive and Sandbox as Untrusted. HIPS ON because it is default. As a protection on my PC I prefer CF and I want to use CF Sandbox and if I would like to use HIPS I want to use HIPS from CF. I only look for some AV that can be used with CF without problem (no conflict).

cruelsister
Thank you for your answer. As I wrote above. I use CF Sandbox on Untrusted. HIPS is ON because it is default settings. I used Avast for 3 years but I think latest version of Avast does not work with CF properly. I had CF 8 and latest Avast free and my PC was slow. HDD very often runs on 80-100% and when I uninstall Avast the problem was gone. Now I want use CF 10 and some AV. Windows Defender slow down my PC, I tried it manytimes. So I decided to use other AV. I want light AV with the settings with good protection and I know - probably there is only Avast...

I use Voodooshield too.

Uninstall VoodooShield and download Panda free AV. You dont need Voodooshield. If you are surfing carefully and dont download crap softwares you have nothing to be afraid of.

 

[shmu26]

Uninstall VoodooShield and download Panda free AV. You dont need Voodooshield. If you are surfing carefully and dont download crap softwares you have nothing to be afraid of.

I tend to agree. CFW on proactive config + VS = overkill.
Besides that, the dev of VS says that you must disable "allow by parent process" if you use VS together with COMODO autosandbox.

 

[radek178]

I tend to agree. CFW on proactive config + VS = overkill.
Besides that, the dev of VS says that you must disable "allow by parent process" if you use VS together with COMODO autosandbox.

I have "allow by parent process" disabled and I use Comodo autosandbox. I tried VS with "allow by parent process" enabled and CF autosandbox ON. Then VS has few pop up.
I like VS. I got 2 years licence for KIS 2017 and I tried it in virtual machine but I stay with CF, probably VS and some AV.

 

[Rengar]

I have "allow by parent process" disabled and I use COMODO autosandbox. I tried VS with "allow by parent process" enabled and CF autosandbox ON. Then VS has few pop up.
I like VS. I got 2 years licence for KIS 2017 and I tried it in virtual machine but I stay with CF, probably VS and some AV.

Well if you dont use KIS can you give me the license pls?????

 

[Mercifulrelease]

Shmu- About the configuration difference between Firewall Security and Proactive Security: it's kinda-sorta both complicated and boring to get into, but as a rule of thumb if you use the default Firewall Security config you MUST keep the HIPS on, even with the sandbox at the max. With Proactive this is not the case.

I'll be (finally) releasing a CF10 setup video on the 28th and have included a malware file that I coded which should make this point rather clearly.

Im using CF 8.4. 0. 5165 , with settings shown in one of your vids (auto sandbox set to untrusted ,hips off etc)I don't use any av ,and to be honest ,Ive been very happy with this setup and nothings got through no matter what I throw at it .Is version 10 any better at this point?,and is there a good reason to update?
tia

 

[Rengar]

Im using CF 8.4. 0. 5165 , with settings shown in one of your vids (auto sandbox set to untrusted ,hips off etc)I don't use any av ,and to be honest ,Ive been very happy with this setup and nothings got through no matter what I throw at it .Is version 10 any better at this point?,and is there a good reason to update?
tia

well i have tested CF 10 and is pretty much the same but lets wait @cruelsister

 

[shmu26]

Im using CF 8.4. 0. 5165 , with settings shown in one of your vids (auto sandbox set to untrusted ,hips off etc)I don't use any av ,and to be honest ,Ive been very happy with this setup and nothings got through no matter what I throw at it .Is version 10 any better at this point?,and is there a good reason to update?
tia

10 is much less buggy. it might be too early to tell, but I suspect that 10 will generally work more reliably, without those occasional glitches that let something run when it is not supposed to.

 

[Mercifulrelease]

Thanks for comments.Since Ive been using CF 8.4. 0. 5165 . I haven't really noticed any bugs or reliability issues in it,though I'm not saying there isn't any.I should have mentioned I use windows 7.I know lots of programs are updated/upgraded for OS compatibility ,so I'm not sure whether CF 10 is just that , or rather something new or better that might be beneficial for windows 7.

 

[shmu26]

Thanks for comments.Since Ive been using CF 8.4. 0. 5165 . I haven't really noticed any bugs or reliability issues in it,though I'm not saying there isn't any.I should have mentioned I use windows 7.I know lots of programs are updated/upgraded for OS compatibility ,so I'm not sure whether CF 10 is just that , or rather something new or better that might be beneficial for windows 7.

there are significant changes under the hood, it's not just a matter of compatibility with windows 10 etc.
But that doesn't mean you have to switch. If you are happy with comodo 8, you should stay with it, IMO, unless you enjoy experimenting with new things. Just make sure you have things configured properly for the level of protection you need.