Durden

Level 3
Hello everyone,
so after giving away my Kaspersky, ESET, Bitdefender licenses to secure multiple devices of some relatives, nothing was left for me XD. (well except for a license for Thor premium which I don't wanna use)
Anyway, now with the resurgence of Cruelsister -thank you COVID-19?? - I instantly remembered CruelComodo, so I decided to maybe give it a spin, after all I used it before for a long period of time and had no major issues.

This time, however, I tend to use my laptop more in terms of online shopping, oh and I also game during this COVID-19 crisis .
Does Comodo have a dedicated secure shopping module ?? and if not what do you suggest ?
And how is combining it with WD + ConfigureDefender at (high settings) in terms of performance while gaming vs something like Kaspersky Free ?
 

Mariihh

Level 3
Have you given antivirus licenses with good protection to use Comodo? :eek: What a suicidal way to be, forget Comodo, he and Avast are of the same species (trash)
 

Parsh

Level 25
Verified
Trusted
Malware Hunter
And how is combining it with WD + ConfigureDefender at (high settings) in terms of performance while gaming vs something like Kaspersky Free ?
I would prefer KSC free. I've used the combo and it didn't feel heavy on a decent machine. It will cover good web protection and signatures that CFW lacks, and a strong BB to keep an eye on what you allow outside Comodo containment. Just make sure to create exceptions for each other.
WD with ConfigureDefender is also be a good option. However since you're already using a restrictive approach through Comodo, I would prefer KSC over WD+CD to complement.
The Max Protection Level blocks anything suspicious via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block) and cloud level (set to block) - Defender Security Center is hidden.
You can try using WD+CD first if you haven't and you're interested.
 
Last edited:

Back3

Level 5
I use Comodo Firewall at CS settings plus HIPS. Been using it for nearly a year now with Windows Defender and Configure Defender ( High). I don't game with my computer. For a brief period, I tried Voodooshield and Spyshelter but came back to Commodo. I don't use the web filter.
Before trialing a security app, I make an image with Macrium so it's easy to get back to my previous setup.
 
Last edited:

Vitali Ortzi

Level 20
Verified
The only advantage of comodo is that it has better performance than most av software on cruel comodo settings.
But it's basically a less secure sandbox then sandboxie but more convenient for a grandmother to understand!

I use Comodo Firewall at CS settings plus HIPS. Been using it for nearly a year now with Windows Defender and Configure Defender ( High). I don't game with my computer. For a brief period, I tried Voodooshield and Spyshelter but came back to Commodo. I don't use the web filter.
Before trialing a security app, I make an image with Macrium so it's easy to get back to my previous setup.
I suggest just running WD with Hard_Configurator and maybe Voodooshield if your paranoid. CIS hasn't been update in ages. Voodooshield acts the same way but I find running WD with Hard_Configurator locks down my system easily. Just my 2pence
Does voodooshield have a sandbox for unknown threats?
 

ErzCrz

Level 6
Verified
Does voodooshield have a sandbox for unknown threats?
It works differently but is a whitelist program like Comodo's default-deny approach. See below from that website. Anyway, whatever works for you is fine. Comodo is still usable I've just moved away from it for a system hardened approach and default-deny approach. I haven't been using it since it went paid for and then free if you know where to look.

Voodoo shield:
SIMPLE APPROACH
Traditional antivirus software can no longer keep up with the 200,000+ new viruses and malware created daily, so VoodooShield locks your computer and blocks all new, non-whitelisted executable code (including viruses and malware), while your computer is running a web app (browser, email, etc.). Traditional antivirus is great, but your computer should be locked when it is at risk.
THE VOODOOSHIELD DIFFERENCE
VoodooShield uses a proprietary proactive whitelist snapshot approach to virus and malware protection. VoodooShield is a patented toggling Desktop Shield Gadget / Computer Lock that automatically toggles to ON and locks your computer when you start a web app. There is never a good reason to let new, non-whitelisted executable code run while a web app is running.
 

Lenny_Fox

Level 13
Verified
My take: keep it plain and simple: use big data to your advantage, block programs with low reputation and prevalence. I really liked the BB in Comodo Cloud AV, sadly Comodo killed it. That is why I am using the alternative Microsoft-only setup below for relatives.

One of the setups using big (telemetry) data is based on Andy Ful's excellent freeware. With Configure Defender on MAX, Windows Defender turns into a whitelist (based on reputation and prevalence). This whitelist based on the largest PC user base works fine for most average PC users.

Add Hard Configurator with recommended settings. This enables the build-in Software Restriction Policies. The recommended settings will allow executables but will block risky file extensions in user folders. This will add a layer of protection against advanced (fileless) attacks for free.
 
Last edited:

Vitali Ortzi

Level 20
Verified
It works differently but is a whitelist program like Comodo's default-deny approach. See below from that website. Anyway, whatever works for you is fine. Comodo is still usable I've just moved away from it for a system hardened approach and default-deny approach. I haven't been using it since it went paid for and then free if you know where to look.

Voodoo shield:
SIMPLE APPROACH
Traditional antivirus software can no longer keep up with the 200,000+ new viruses and malware created daily, so VoodooShield locks your computer and blocks all new, non-whitelisted executable code (including viruses and malware), while your computer is running a web app (browser, email, etc.). Traditional antivirus is great, but your computer should be locked when it is at risk.
THE VOODOOSHIELD DIFFERENCE
VoodooShield uses a proprietary proactive whitelist snapshot approach to virus and malware protection. VoodooShield is a patented toggling Desktop Shield Gadget / Computer Lock that automatically toggles to ON and locks your computer when you start a web app. There is never a good reason to let new, non-whitelisted executable code run while a web app is running.
the disadvantage with Voodoo shield is the false positive positive rate when you lock the computer
your family members won't be able to download software to stream play or browse the web
comodo on the other hand does have a lot of false positives but not close to voodoo shield .
so using something like voodoo shield may force your family members to set it to off to install software and you know what's gonna happen

My take: keep it plain and simple: use big data to your advantage, block programs with low reputation and prevalence. I really liked the BB in Comodo Cloud AV, sadly Comodo killed it. That is why I am using the alternative Microsoft-only setup below for relatives.

One of the setups using big (telemetry) data is based on Andy Ful's excellent freeware. With Configure Defender on MAX, Windows Defender turns into a whitelist (based on reputation and prevalence). This whitelist based on the largest PC user base works fine for most average PC users.

Add Hard Configurator with recommended settings. This enables the build-in Software Restriction Policies. The recommended settings will allow executables but will block risky file extensions in user folders. This will add a layer of protection against advanced (fileless) attacks for free.
great method !
if you have a good config for low false positives pm me !
 

Lenny_Fox

Level 13
Verified
great method !
if you have a good config for low false positives pm me !
Rename attached file (Dangereous_Filetype_Restrictions.txt) to Dangereous_Filetype_Restrictions.hdc and load this profile in Hard_Configurator. Launch ConfigureDefender from H_C and set it to MAX, launch FirewallHardening and select (add) MS Office (only when you use Microsoft Office) and H_C recommended.
 

Attachments

Vitali Ortzi

Level 20
Verified
Rename attached file (Dangereous_Filetype_Restrictions.txt) to Dangereous_Filetype_Restrictions.hdc and load this profile in Hard_Configurator. Launch ConfigureDefender from H_C and set it to MAX, launch FirewallHardening and select (add) MS Office (only when you use Microsoft Office) and H_C recommended.
that config has too much false postive for pepole who install shady software
and defender can somtimes bottle neck some commputers especially low end that can barly run win 10.
my choices are Hard_Configurator/gpo for pepole whom use only office apps and broswing (dual account :non administrator for basic use and administrator
for troubleshooting ) .
comodo cruel like settings for peopole who want more compatibility and some usage of untrusted code(sandbox restricted ) /
wvsx for great ml that has good malware protection overall and it did allow some patched unsigned but safe code to run
so it can partly work with the bad piracy habit of users

kaspersky free / paid eset
for low to very low false postive

of course i try to set of some hardware gateway scanning to all setups above
and harden chrome via registry &flags
 

Andy Ful

Level 62
Verified
Trusted
Content Creator
...
my choices are Hard_Configurator/gpo for pepole whom use only office apps and broswing (dual account :non administrator for basic use and administrator
for troubleshooting ) .
...
That will depend on the chosen settings. If you choose (on Windows 10) ConfigureDefender HIGH settings, allow EXE/MSI files in H_C and do not restrict LOLBins (Sponsors), then you probably won't see any difference in daily work. The user can apply "Run By SmartScreen" (as on-demand scanner) to safely install the applications via EXE/MSI files.

The setup posted by Lenny_Fox can produce false positives due to ConfigureDefender MAX settings and blocking by SRP the MSI files and Script Interpreters related to Command Prompt, PowerShell and Windows Script Host. So, one has to use an elevated shell to run them (if needed). Such setup is recommended for children or computer-illiterate users (occasional help from an advanced user is required).
 
Last edited:

Vitali Ortzi

Level 20
Verified
That will depend on the chosen settings. If you choose (on Windows 10) ConfigureDefender HIGH settings, allow EXE/MSI files in H_C and do not restrict LOLBins (Sponsors), then you probably won't see any difference in daily work. The user can apply "Run By SmartScreen" (as on-demand scanner) to safely install the applications via EXE/MSI files.

The setup posted by Lenny_Fox can produce false positives due to ConfigureDefender MAX settings and blocking by SRP the MSI files and Script Interpreters related to Command Prompt, PowerShell and Windows Script Host. So, one has to use an elevated shell to run them (if needed). Such setup is recommended for children or computer-illiterate users (occasional help from an advanced user is required).
Yeah true btw there anyway to run by smart screen without the blue smart screen annoyance ?
 
Top