shmu26

Level 83
Verified
Trusted
Content Creator
Your right, I left everything in Default. However, the only way I get Roboform to work, leaving the left script button on is to Unblock CMD.exe in the Blocked List for the Security Program that blocked it. That in effect creates an Ignore Rule in Containment rules, and Roboform is back to normal. See my further screenshots.View attachment 216654View attachment 216653View attachment 216655
I see. Maybe someone else who uses Roboform can tell us what is going on under the hood? I never used it. Cmd.exe is by far the hardest script interpreter to control, because so many programs use it.
 

SearchLight

Level 9
Verified
I see. Maybe someone else who uses Roboform can tell us what is going on under the hood? I never used it.
So in regard to CMD.exe, I should still leave the left toggle for CMD.exe, on(green), and use the Unblock Function for any security program that blocks it?

Aside from this particular exe. with your config I should not have any further problems with everything set like you described? For point of info, in my case here, the problem shows up as a Block File, not as Unrecognized File. Is this normal?
 

shmu26

Level 83
Verified
Trusted
Content Creator
So in regard to CMD.exe, I should still leave the left toggle for CMD.exe, on(green), and use the Unblock Function for any security program that blocks it?
Yes, I would do it that way.
Aside from this particular exe. with your config I should not have any further problems with everything set like you described?
Probably. But it depends on your software. If you start running programs that use powershell or mshta or wscript, you will see blocks. However, these programs are not so common.
For point of info, in my case here, the problem shows up as a Block File, not as Unrecognized File. Is this normal?
Yes, it is normal for cmd.exe to be recognized.
Whether cmd.exe itself will be blocked, or whether it will create a script file that is blocked -- that depends on how roboform works. I am not familiar with the program.
 

shmu26

Level 83
Verified
Trusted
Content Creator
I am running this config again, but I added a couple allow entries to the firewall:
C:\Program Files (x86)\*
C:\Program Files\*

This is in addition to the previously mentioned allow entries:
C:\Windows\*
C:\ProgramData\Microsoft\Windows Defender\*

With these firewall rules, Comodo is very quiet. The log doesn't show any blocking of processes that should have been allowed.
 

shmu26

Level 83
Verified
Trusted
Content Creator
I wanted to say thank you for this setup if i setup them up again i sure will use this
Thanks. I wouldn't try to claim that ComodoFix is the ultimate lockdown setup, but in my real-world experience, it works, and that's what is important to me. Protecting against theoretical threats that I will probably never encounter is nice, but protecting against real threats that I do encounter is more important. Especially since it does not impact system performance, does not mess up my legit software, and works silently. And it's free. :)
 

show-Zi

Level 20
Verified
but in my real-world experience, it works, and that's what is important to me. Protecting against theoretical threats that I will probably never encounter is nice, but protecting against real threats that I do encounter is more important. Especially since it does not impact system performance
Agree. This is similar to the reason why tanks are not necessary for home security.
 

Umbra

Level 11
Verified
Agree. This is similar to the reason why tanks are not necessary for home security.
Indeed, however people like me, with a corporate mindset/experience can't just get along with classic AVs (or stockpiling solutions) and needs serious and efficient Default-Deny.
I shifted to Windows 10 Enterprise with 1903 for that exact reason and i dont regret it.
Just using and customizing built-in security feature offered by enterprise version gave me peace of mind, i can now toy with 3rd party stuff like AppGuard or OSA knowing the bedrock of my system is more than secure.

Different use, different needs, different strategy.
 

show-Zi

Level 20
Verified
Indeed, however people like me, with a corporate mindset/experience can't just get along with classic AVs (or stockpiling solutions) and needs serious and efficient Default-Deny.
I shifted to Windows 10 Enterprise with 1903 for that exact reason and i dont regret it.
Just using and customizing built-in security feature offered by enterprise version gave me peace of mind, i can now toy with 3rd party stuff like AppGuard or OSA knowing the bedrock of my system is more than secure.

Different use, different needs, different strategy.
I understand and agree with your opinion. Security is considered to be a combination of software and user knowledge. There is no best security software that can be recommended for all users because it is influenced by their knowledge.

I personally believe that reviewing comodo settings is a good way to gain knowledge about security software.
 

Back3

Level 2
I understand and agree with your opinion. Security is considered to be a combination of software and user knowledge. There is no best security software that can be recommended for all users because it is influenced by their knowledge.

True, I helped a friend harden his computer last week. He's not very good with computers. So I just added a few security extensions in Chrome; Configure Defender with a high profile, a good password manager and Zemana free on demand. I showed him how to use Zemana and clean Chrome once a week. That's all. Every six months, I check and tune his computer. Make all the required software updates.He should be fine.