Advice Request CruelComodo and safe online shopping

Please provide comments and solutions that are helpful to the author of this topic.

Durden

Level 3
Thread author
Verified
Well-known
Dec 21, 2013
132
Hello everyone,
so after giving away my Kaspersky, ESET, Bitdefender licenses to secure multiple devices of some relatives, nothing was left for me XD. (well except for a license for Thor premium which I don't wanna use)
Anyway, now with the resurgence of Cruelsister -thank you COVID-19?? - I instantly remembered CruelComodo, so I decided to maybe give it a spin, after all I used it before for a long period of time and had no major issues.

This time, however, I tend to use my laptop more in terms of online shopping, oh and I also game during this COVID-19 crisis .
Does Comodo have a dedicated secure shopping module ?? and if not what do you suggest ?
And how is combining it with WD + ConfigureDefender at (high settings) in terms of performance while gaming vs something like Kaspersky Free ?
 

Mariihh

Level 3
Verified
Well-known
Mar 30, 2018
139
Have you given antivirus licenses with good protection to use Comodo? :eek: What a suicidal way to be, forget Comodo, he and Avast are of the same species (trash)
 
  • Like
Reactions: [correlate]

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
And how is combining it with WD + ConfigureDefender at (high settings) in terms of performance while gaming vs something like Kaspersky Free ?
I would prefer KSC free. I've used the combo and it didn't feel heavy on a decent machine. It will cover good web protection and signatures that CFW lacks, and a strong BB to keep an eye on what you allow outside Comodo containment. Just make sure to create exceptions for each other.
WD with ConfigureDefender is also be a good option. However since you're already using a restrictive approach through Comodo, I would prefer KSC over WD+CD to complement.
The Max Protection Level blocks anything suspicious via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block) and cloud level (set to block) - Defender Security Center is hidden.
You can try using WD+CD first if you haven't and you're interested.
 
Last edited:

Back3

Level 14
Verified
Top Poster
Apr 14, 2019
654
I use Comodo Firewall at CS settings plus HIPS. Been using it for nearly a year now with Windows Defender and Configure Defender ( High). I don't game with my computer. For a brief period, I tried Voodooshield and Spyshelter but came back to Commodo. I don't use the web filter.
Before trialing a security app, I make an image with Macrium so it's easy to get back to my previous setup.
 
Last edited:

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
I suggest just running WD with Hard_Configurator and maybe Voodooshield if your paranoid. CIS hasn't been update in ages. Voodooshield acts the same way but I find running WD with Hard_Configurator locks down my system easily. Just my 2pence
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
The only advantage of comodo is that it has better performance than most av software on cruel comodo settings.
But it's basically a less secure sandbox then sandboxie but more convenient for a grandmother to understand!

I use Comodo Firewall at CS settings plus HIPS. Been using it for nearly a year now with Windows Defender and Configure Defender ( High). I don't game with my computer. For a brief period, I tried Voodooshield and Spyshelter but came back to Commodo. I don't use the web filter.
Before trialing a security app, I make an image with Macrium so it's easy to get back to my previous setup.
I suggest just running WD with Hard_Configurator and maybe Voodooshield if your paranoid. CIS hasn't been update in ages. Voodooshield acts the same way but I find running WD with Hard_Configurator locks down my system easily. Just my 2pence
Does voodooshield have a sandbox for unknown threats?
 

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,003
Does voodooshield have a sandbox for unknown threats?

It works differently but is a whitelist program like Comodo's default-deny approach. See below from that website. Anyway, whatever works for you is fine. Comodo is still usable I've just moved away from it for a system hardened approach and default-deny approach. I haven't been using it since it went paid for and then free if you know where to look.

Voodoo shield:
SIMPLE APPROACH
Traditional antivirus software can no longer keep up with the 200,000+ new viruses and malware created daily, so VoodooShield locks your computer and blocks all new, non-whitelisted executable code (including viruses and malware), while your computer is running a web app (browser, email, etc.). Traditional antivirus is great, but your computer should be locked when it is at risk.
THE VOODOOSHIELD DIFFERENCE
VoodooShield uses a proprietary proactive whitelist snapshot approach to virus and malware protection. VoodooShield is a patented toggling Desktop Shield Gadget / Computer Lock that automatically toggles to ON and locks your computer when you start a web app. There is never a good reason to let new, non-whitelisted executable code run while a web app is running.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Does voodooshield have a sandbox for unknown threats?
Yes. It gives the ability to run blocked applications in either a local sandbox or Cuckoo's online sandbox, although the local sandbox option isn't always offered and watching malware run in Cuckoo's sandbox via remote desktop is incredibly laggy and time consuming.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
My take: keep it plain and simple: use big data to your advantage, block programs with low reputation and prevalence. I really liked the BB in Comodo Cloud AV, sadly Comodo killed it. That is why I am using the alternative Microsoft-only setup below for relatives.

One of the setups using big (telemetry) data is based on Andy Ful's excellent freeware. With Configure Defender on MAX, Windows Defender turns into a whitelist (based on reputation and prevalence). This whitelist based on the largest PC user base works fine for most average PC users.

Add Hard Configurator with recommended settings. This enables the build-in Software Restriction Policies. The recommended settings will allow executables but will block risky file extensions in user folders. This will add a layer of protection against advanced (fileless) attacks for free.
 
Last edited:

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
It works differently but is a whitelist program like Comodo's default-deny approach. See below from that website. Anyway, whatever works for you is fine. Comodo is still usable I've just moved away from it for a system hardened approach and default-deny approach. I haven't been using it since it went paid for and then free if you know where to look.

Voodoo shield:
SIMPLE APPROACH
Traditional antivirus software can no longer keep up with the 200,000+ new viruses and malware created daily, so VoodooShield locks your computer and blocks all new, non-whitelisted executable code (including viruses and malware), while your computer is running a web app (browser, email, etc.). Traditional antivirus is great, but your computer should be locked when it is at risk.
THE VOODOOSHIELD DIFFERENCE
VoodooShield uses a proprietary proactive whitelist snapshot approach to virus and malware protection. VoodooShield is a patented toggling Desktop Shield Gadget / Computer Lock that automatically toggles to ON and locks your computer when you start a web app. There is never a good reason to let new, non-whitelisted executable code run while a web app is running.
the disadvantage with Voodoo shield is the false positive positive rate when you lock the computer
your family members won't be able to download software to stream play or browse the web
comodo on the other hand does have a lot of false positives but not close to voodoo shield .
so using something like voodoo shield may force your family members to set it to off to install software and you know what's gonna happen

My take: keep it plain and simple: use big data to your advantage, block programs with low reputation and prevalence. I really liked the BB in Comodo Cloud AV, sadly Comodo killed it. That is why I am using the alternative Microsoft-only setup below for relatives.

One of the setups using big (telemetry) data is based on Andy Ful's excellent freeware. With Configure Defender on MAX, Windows Defender turns into a whitelist (based on reputation and prevalence). This whitelist based on the largest PC user base works fine for most average PC users.

Add Hard Configurator with recommended settings. This enables the build-in Software Restriction Policies. The recommended settings will allow executables but will block risky file extensions in user folders. This will add a layer of protection against advanced (fileless) attacks for free.
great method !
if you have a good config for low false positives pm me !
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
great method !
if you have a good config for low false positives pm me !
Rename attached file (Dangereous_Filetype_Restrictions.txt) to Dangereous_Filetype_Restrictions.hdc and load this profile in Hard_Configurator. Launch ConfigureDefender from H_C and set it to MAX, launch FirewallHardening and select (add) MS Office (only when you use Microsoft Office) and H_C recommended.
 

Attachments

  • Dangereous_Filetype_Restrictions.txt
    875 bytes · Views: 329

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Rename attached file (Dangereous_Filetype_Restrictions.txt) to Dangereous_Filetype_Restrictions.hdc and load this profile in Hard_Configurator. Launch ConfigureDefender from H_C and set it to MAX, launch FirewallHardening and select (add) MS Office (only when you use Microsoft Office) and H_C recommended.
that config has too much false postive for pepole who install shady software
and defender can somtimes bottle neck some commputers especially low end that can barly run win 10.
my choices are Hard_Configurator/gpo for pepole whom use only office apps and broswing (dual account :non administrator for basic use and administrator
for troubleshooting ) .
comodo cruel like settings for peopole who want more compatibility and some usage of untrusted code(sandbox restricted ) /
wvsx for great ml that has good malware protection overall and it did allow some patched unsigned but safe code to run
so it can partly work with the bad piracy habit of users

kaspersky free / paid eset
for low to very low false postive

of course i try to set of some hardware gateway scanning to all setups above
and harden chrome via registry &flags
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
my choices are Hard_Configurator/gpo for pepole whom use only office apps and broswing (dual account :non administrator for basic use and administrator
for troubleshooting ) .
...
That will depend on the chosen settings. If you choose (on Windows 10) ConfigureDefender HIGH settings, allow EXE/MSI files in H_C and do not restrict LOLBins (Sponsors), then you probably won't see any difference in daily work. The user can apply "Run By SmartScreen" (as on-demand scanner) to safely install the applications via EXE/MSI files.

The setup posted by Lenny_Fox can produce false positives due to ConfigureDefender MAX settings and blocking by SRP the MSI files and Script Interpreters related to Command Prompt, PowerShell and Windows Script Host. So, one has to use an elevated shell to run them (if needed). Such setup is recommended for children or computer-illiterate users (occasional help from an advanced user is required).
 
Last edited:

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
That will depend on the chosen settings. If you choose (on Windows 10) ConfigureDefender HIGH settings, allow EXE/MSI files in H_C and do not restrict LOLBins (Sponsors), then you probably won't see any difference in daily work. The user can apply "Run By SmartScreen" (as on-demand scanner) to safely install the applications via EXE/MSI files.

The setup posted by Lenny_Fox can produce false positives due to ConfigureDefender MAX settings and blocking by SRP the MSI files and Script Interpreters related to Command Prompt, PowerShell and Windows Script Host. So, one has to use an elevated shell to run them (if needed). Such setup is recommended for children or computer-illiterate users (occasional help from an advanced user is required).
Yeah true btw there anyway to run by smart screen without the blue smart screen annoyance ?
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Yeah true btw there anyway to run by smart screen without the blue smart screen annoyance ?
RunBySmartScreen is on-demand option for application installers. It is not intended for running already installed applications. It will not be an annoyance for most users even if they install 100 new applications per month.:)(y)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top