Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Comodo
Cruel CF still safe? What companion AV? and a minor issue.
Message
<blockquote data-quote="Stronghold" data-source="post: 991025" data-attributes="member: 95285"><p>Thank you for this information, it helps a lot.</p><p></p><p>WV looks like it works great next to cruelCF as a solid buffer. </p><p>I turned off all web protection awaiting the reaction from WiseVector on how they actually use their firewall and URL protection (it's a good program but not new yet it's still free, it's Chinese, you never know), if they use certificates that MITM your HTTPS connections like many AV's do I'd rather have it turned off, use uBlock malware and phishing blocking and whatever is built into CF to avoid any data harvesting like Avast did with Jumpshot (used that for years). If they don't I'll turn it back on. </p><p>I lowered the firewall to Low just in case.</p><p>Is it important to set the HIPS to low? I have it set to default right now and don't notice any slow downs or any problems, my current computer is high end gaming from April this year, I don't notice much delay of anything so I might not be the best judge of that.</p><p>Should I leave Machine Learning to the default also or set it to High?</p><p></p><p>It's very good to hear that Cruel settings are still working so well and that you're still testing it in the wild. I have used it for many years and I'm still grateful to you for bringing these settings to our attention. I wasn't sure if any of what I heard was true but the bad CIS tests not using Cruel CF in the malware hub did make me question it for a moment. </p><p>Are the current settings still the same settings as these attachments <a href="https://malwaretips.com/threads/where-can-i-find-cruelsisters-config.103245/post-943911" target="_blank">Q&A - Where can I find @Cruelsisters Config?</a> ?</p><p>I don't know if it matters but I exported the proactive defense from my previous device (to multiple others with the same file configuration) and enabled that instead since all my program and network configuration is already done there which would be a lot of work to set up on each device. I don't think it matters too much since it's still the Proactive defense module but I have to ask to be sure.</p><p></p><p>Comodo does block a lot of legitimate files which are hard to evaluate but a virustotal check usually helps or I ignore them until Comodo whitelists them. </p><p>I noticed that anything generated with Ngen.exe will be an unsigned copy of it which will end up in the blocked section. A good example is Keepass.ni.exe which is a virtual copy made by Keepass that suddenly showed up asking to be submitted to Comodo. It's the same file but unsigned and doesn't seem to be malicious but Keepass functions fine without whitelisting it so I leave it there anyway.</p><p></p><p></p><p>This is something I really needed to know too. Since WV still doesn't register in Windows as AV I do want a fall back in case everything fails. It is not so much that I don't trust WD with what it does at all but I don't always trust it to keep me completely safe. It is fine as a final fall back and a nice signature scanner. </p><p>What kind of settings would you suggest to leave that on? I have DefenderUI but that doesn't work well with Comodo since all commands are run through PowerShell and auto-contained so I would have to manually set them or disable auto-containment for 15 minutes.</p></blockquote><p></p>
[QUOTE="Stronghold, post: 991025, member: 95285"] Thank you for this information, it helps a lot. WV looks like it works great next to cruelCF as a solid buffer. I turned off all web protection awaiting the reaction from WiseVector on how they actually use their firewall and URL protection (it's a good program but not new yet it's still free, it's Chinese, you never know), if they use certificates that MITM your HTTPS connections like many AV's do I'd rather have it turned off, use uBlock malware and phishing blocking and whatever is built into CF to avoid any data harvesting like Avast did with Jumpshot (used that for years). If they don't I'll turn it back on. I lowered the firewall to Low just in case. Is it important to set the HIPS to low? I have it set to default right now and don't notice any slow downs or any problems, my current computer is high end gaming from April this year, I don't notice much delay of anything so I might not be the best judge of that. Should I leave Machine Learning to the default also or set it to High? It's very good to hear that Cruel settings are still working so well and that you're still testing it in the wild. I have used it for many years and I'm still grateful to you for bringing these settings to our attention. I wasn't sure if any of what I heard was true but the bad CIS tests not using Cruel CF in the malware hub did make me question it for a moment. Are the current settings still the same settings as these attachments [URL="https://malwaretips.com/threads/where-can-i-find-cruelsisters-config.103245/post-943911"]Q&A - Where can I find @Cruelsisters Config?[/URL] ? I don't know if it matters but I exported the proactive defense from my previous device (to multiple others with the same file configuration) and enabled that instead since all my program and network configuration is already done there which would be a lot of work to set up on each device. I don't think it matters too much since it's still the Proactive defense module but I have to ask to be sure. Comodo does block a lot of legitimate files which are hard to evaluate but a virustotal check usually helps or I ignore them until Comodo whitelists them. I noticed that anything generated with Ngen.exe will be an unsigned copy of it which will end up in the blocked section. A good example is Keepass.ni.exe which is a virtual copy made by Keepass that suddenly showed up asking to be submitted to Comodo. It's the same file but unsigned and doesn't seem to be malicious but Keepass functions fine without whitelisting it so I leave it there anyway. This is something I really needed to know too. Since WV still doesn't register in Windows as AV I do want a fall back in case everything fails. It is not so much that I don't trust WD with what it does at all but I don't always trust it to keep me completely safe. It is fine as a final fall back and a nice signature scanner. What kind of settings would you suggest to leave that on? I have DefenderUI but that doesn't work well with Comodo since all commands are run through PowerShell and auto-contained so I would have to manually set them or disable auto-containment for 15 minutes. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
