For auto-containment, I've set the "run virtually" rule to "block" in the "action" setting. This blocks unrecognized files and programs with elevated rights. Additionally, I've changed the firewall setting to "allow" connections and enabled stealth mode. I have also suspended the alerts and password-protected CF. I apply this setup to both the kids' systems and mine, but I specifically keep alerts enabled on mine.
ErzCrz Security Config 2025
- Thread starter ErzCrz
- Start date
Just a tweak to setup. Now CF 2025 with CruelSister Config, DefenderuI Recommended & CyberLock.
I'm using FF primarily but should be using Edge since I'm using MD and some things work better on it so undecided about what for primary though CF and CL and MD will catch it no matter where it comes from
I'm using FF primarily but should be using Edge since I'm using MD and some things work better on it so undecided about what for primary though CF and CL and MD will catch it no matter where it comes from
- Apr 28, 2015
- 9,400
- 1
- 84,830
- 8,389
CruelSister Config, DefenderuI Recommended & CyberLock... overkill? 
He's already heard it before. He likes his setup.CruelSister Config, DefenderuI Recommended & CyberLock... overkill?
Technically, yes and chances are CL will block the virtualization like below when trying to run FF in Containment and I may just end up with WFC at some stage.CruelSister Config, DefenderuI Recommended & CyberLock... overkill?
@oldschool is right that I do like the setup and primarily having CF available to assist CF users. Maybe I need a VM for that and just use WFC hmm.
Gone down the WFC, DefenderUI, CyberLock, MD route for now and swapped back over to Edge. Holding off on amending config for the moment in this topic but will do if I stick with it for a bit.
Your return to Comodo is imminent. For those who understand how to use it effectively, Comodo is unmatched in simplicity and efficiency. Besides whitelisting and containment, you can also use HIPS and other advanced tweaks. You can open a virtual desktop for secure banking or online shopping. The contextual option allows you to run browsers or check programs virtually. Tools like KillSwitch, AutoRun Analyzer, and others quickly detect any malicious or unknown behavior on your system. No setup, whether layered or standalone, can guarantee 100% protection. I suggest using Comodo as a standalone solution for an effective and seamless experience.
Very minimal change. Swapped from KeepassXC to Keepass 2.x as KPXC update was silently crashing and I had to re-install MSVC Redistributable which is the second tim I've had an issue with a KeepassXC update. Normal Keepass 2.x just works well and I waa able to open the KPXC database including TOTP with Keepass
Did a test a unknown file with CIS installed as MD blocked the file and there wasn't any conflict when running unknown in containment manually though containment and CL alert when just running the unknown after bypassing Windows File block. Allowing in CL allowed CIS to put file in containment, block, blocked it from going to containment. File undetected in VT VirusTotal and Unknown in Valkyrie Verdict.
MD did well to block the download when I ran CF along side it:
Anyway, CF with MD/DefenderUI and CyberLock my current favourite combination at the moment as file allowed to be downloaded with CIS installed though contained when run. I don't have access to the file anymore but it was a useful test to see I'm protected from all sides
EDIT: it is overkill having CF which I'm aware of, WFC also a solution I've used but I guess it depends on my level of paranoia
Last edited:
Swapped uBO for Ghostery for my Edge Adblocker. I watch a fair bit of catch-up telly on my laptop and Ghostery for the moment seems to hand that well, keeping ads away and smooth no issue streaming. Had some issue with uBOL but not narrowed it t down yet. Anyway Ghostery working quite well, it's like uBOL in Complete mode out of the box. Will revisit uBOL though again in the near future.
Been thinking about using Emsisoft again. Probably just a passing contemplation but it worked well when I had it last year. Just a thought I guess. Been back and forth between UBOL and Ghostery but having to use the latter for some streaming sites.
R
root.
I haven't touched an AV in years, but Emsisoft to this day was the smoothest experience I had on a secure Windows machine. Fastest full scan but a little low on detection rate.
I still don't trust Ghostery so I'll throw in the suggestion of setting up blocklist as similarly as possible to GitHub - yokoffing/NextDNS-Config: Setup guide for NextDNS, a DoH proxy with advanced capabilities..
I still don't trust Ghostery so I'll throw in the suggestion of setting up blocklist as similarly as possible to GitHub - yokoffing/NextDNS-Config: Setup guide for NextDNS, a DoH proxy with advanced capabilities..
Thanks. Just a fleeting though regarding Emsisoft, MD with DefenderUI and CyberLock is more than sufficient.
Thanks. Will re-try uBOL, it's been updated since so filter list will have been updated. My ISP doesn't allow change of DNS as the router is theirs and altering DNS not possible with it. I can do DNS over HTTP at least. Anyway, will figure out what's been allowed through and a way to block it
R
root.
Can't change your VPN's DNS upstream?Thanks. Just a fleeting though regarding Emsisoft, MD with DefenderUI and CyberLock is more than sufficient.
Thanks. Will re-try uBOL, it's been updated since so filter list will have been updated. My ISP doesn't allow change of DNS as the router is theirs and altering DNS not possible with it. I can do DNS over HTTP at least. Anyway, will figure out what's been allowed through and a way to block it
Back after brief hiatus.
Reverted to WFC for now. CF wasn't starting today for some reason and some network stability issue lately which I'm troubleshooting.
Swapped back to UBOL in Edge as Ghostery allowing ad on a streaming site I frequently use. UBOL in Complete Mode.
Reverted to WFC for now. CF wasn't starting today for some reason and some network stability issue lately which I'm troubleshooting.
Swapped back to UBOL in Edge as Ghostery allowing ad on a streaming site I frequently use. UBOL in Complete Mode.
You are an experienced user who knows CF well. Why not just stick with CF and not use anything else? From the start, I've only used CF and have encountered no issues.
I'm just between installs and just trying to narrow down whether it was a full CIS thing or CF with CS's settings. It'll be back on before long, I think it was just a router channel issue or browser cache or browser extension. It may have also been down to changing install CIS components to just CF after trialling full CIS for a couple of weeks.
Anyway, it's just temporary and CF runs along side CL and DefenderUI just fine. Trialled full CIS for awhile but I think it'll not be until next fix release before I use the whole CIS product again.
I would stick to either defenderui + cyberlock or defenderui + cf, but if you have lifetime license on cyberlock i would use that config instead
defenderui+ cyberlock + cf is just too overkill
WFC doesnt offer same protection than cf though, not even close
defenderui+ cyberlock + cf is just too overkill
WFC doesnt offer same protection than cf though, not even close
Thanks. I have 2 years of CyberLock which I bought at the start of this year. CF with CL is a bit of an overkill and I bough CL to be less reliant on CFs blocking due to lack of updates. The only reason I use WFC with CL & DefenderUI is for the additional firewall control but maybe I don't need WFC in reality. Anyway, I chop and change a lot and I try to revert to my setup at the start of the year when that's too often and it really has been lately. Appreciate the input
EDIT: If not using WFC I'd certainly use @Andy Ful 's FIrewall Hardening.
Last edited:
Its fine to try out different setups/configs, i do that often myself tooThanks. I have 2 years of CyberLock which I bought at the start of this year. CF with CL is a bit of an overkill and I bough CL to be less reliant on CFs blocking due to lack of updates. The only reason I use WFC with CL & DefenderUI is for the additional firewall control but maybe I don't need WFC in reality. Anyway, I chop and change a lot and I try to revert to my setup at the start of the year when that's too often and it really has been lately. Appreciate the input
EDIT: If not using WFC I'd certainly use @Andy Ful 's FIrewall Hardening.
I meant to be referring on cruelsisters video where its easier to disable windows firewall by malware than comodo firewall, so i rather use comodo firewall over windows firewall if possible...but cf+cl+dui is maybe too much for someone ( if it works for you thats okay to keep it then )
You may also like...
-
-
-
uBlock0rigin in Medium mode for Lighter and Stronger Protection, with Less websites breakage and hassle- Started by Windows_Security
- Replies: 129
-
4
-