Q&A Good companions for CruelComodo (CIS)

ebocious

Level 5
Thread author
Verified
Well-known
Oct 25, 2018
206
I read somewhere (possibly MT) that CruelComodo FW has supposedly been successfully circumvented. I don’t remember seeing any details as to whether the system itself was compromised, or the malware escaped auto containment, or if it simply ran inside the sandbox and was able to capture sensitive information, encrypt files, or whatever. If anyone knows, that would be material information.

I have an older laptop with a 2nd gen i3 at 1.5 GHz, 4 gigs of RAM, and a little 128 GB SSD. MS Defender’s process monitoring ran the system into the ground, so I installed CIS instead of CFW to permanently disable MD’s AV component. I believe cruelsister mentioned that she had Comodo and WVSX on a test unit. Is this the best companion for CruelComodo, or are there other candidates? Default-deny is preferable, but I’m open to other suggestions.
 
Last edited:
  • Like
Reactions: show-Zi

oldschool

Level 67
Verified
Top poster
Well-known
Mar 29, 2018
5,683
I believe cruelsister mentioned that she had Comodo and WVSX on a test unit.
She's using both as her regular setup AFAIK. Pretty bulletproof.
are there other candidates?
You could use Comodo AV with their browser extension. Panda is another option and shouldn't slow you down, if you just want something to replace Defender.
 

ebocious

Level 5
Thread author
Verified
Well-known
Oct 25, 2018
206
She's using both as her regular setup AFAIK. Pretty bulletproof.

You could use Comodo AV with their browser extension. Panda is another option and shouldn't slow you down, if you just want something to replace Defender.
On my other systems, I have CruelComodo FW with MD and Configure_Defender. I think I previously tried CFW with 360TS and WV, but it was too much. I might try it with just CIS and WV, and see how it does.
 

ebocious

Level 5
Thread author
Verified
Well-known
Oct 25, 2018
206
Windows Defender (preferably with a tool like DefenderUI) its the combo i've been using and I've used it in the past. its quite solid and light.
Up ’til now, I’ve been using MD (WD) and CD with Cruel CFW on most of my systems. I’ve made myself at home with CFW, adding an ignored folder separate from Downloads in each user, so I can install software without having to toggle auto-containment. But MD is just too heavy on this particular unit. It takes forever to scan a process before launch. On newer systems, it’s nothing. But not this one. MD took longer than CAV and WV combined.

Even though I knew I couldn’t use MD on this machine, I looked up DefenderUI upon your recommendation, and it looks delicious. So many controls! But then I think about it, and I see how it could get pretty frustrating to keep track of them all, in the event that a single switch stops me from accessing something legitimate. I would probably just toggle the protection altogether in such instances, leaving Comodo as a single point of failure.

I’m pleased to say that the laptop is still usable with Cruel CIS and WV. A bit slow, but usable. And it’s actually kind of nice, when I consider that I have two sentinel apps (besides AppCheck and MBAE), one with signatures and one that’s entirely focused on behaviors — on top of UAC and DEP on max settings, Neustar DNS, uBO, BDTL, and MDBP — to take action in case of weaknesses in auto-containment. I’m liking this new apparatus.
 
Last edited:
  • Like
Reactions: Antimalware18

ebocious

Level 5
Thread author
Verified
Well-known
Oct 25, 2018
206
Really, while I appreciate AppCheck’s automatic backups, MBAE may be superfluous at this point. I can probably get rid of it, even if it has almost no system impact.
 
  • Like
Reactions: Moonhorse