Advice Request How can I install Comodo Firewall without Antivirus?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
D

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Jashin said:
and why not installing proactive defence?
Click to expand...
Proactive defense is a preset in both Comodo Internet Security (which has an offline antivirus on top) and the Firewall (which only has a cloud antivirus, making it most compatible to an AV product of your choice, with better signatures than Comodo Internet Security).
Both products have Auto-Sandbox on, in both the stock "Internet Security / Firewall Security" preset as well as in Proactive Security preset. Last mentioned will activate HIPS on top and protect even more registry entries / drivers... which can lead to conflicts with products not contained in the huge list of trusted vendors. And you'll get more alerts in Proactive Security.
Depending on your choice, Proactive is way more secure, but can lead to conflicts. I've tested Comodo Internet Security for nearly a month now (without the Proactive Preset) and only due to a sudden (and not repeatable) technical error I had a ransomware not being sandboxed. Every other harmful file I threw on it was sandboxed as not being in the list.
 
  • Like
Reactions: Venustus, shmu26 and Deleted member 2913
cruelsister

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Jashin- I could go on for a while about this, but the main reason for using Proactive over Firewall configuration is that in the Firewall configuration only files that execute from CERTAIN AREAS will be isolated in the sandbox; in Proactive configuration files executing from ANY AREA will be isolated in the box. An example- with the Firewall Configuration if you download a malicious exe from the internet and save it to the Download directory and run it from there you will be protected. But if you save that same file to the Desktop and run it from there you are screwed. With the Proactive Security configuration you can save the file anywhere and run it from anywhere and you will be fine.

The first thing you must do when installing CF is to make that change to Proactive security. NEVER EVER use the Firewall Security configuration (NEVER EVER).
 
  • Like
Reactions: Handsome Recluse, Dirk41, _CyberGhosT_ and 7 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
the sandbox of proactive config applies to your whole system.
the sandbox of internet security config only applies to your downloads and a few other select areas. So it is less secure, but much less troublesome. It won't mess with your Windows folder and your installed programs that you know and trust.
It's up to you -- more security means more headache.

EDIT: I see that CS and Der.Reisende already addressed these points...
 
Last edited:
  • Like
Reactions: Deleted member 2913, Venustus, Solarlynx and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Der.Reisende said:
I've tested Comodo Internet Security for nearly a month now (without the Proactive Preset) and only due to a sudden (and not repeatable) technical error I had a ransomware not being sandboxed.
Click to expand...
that sounds interesting. could you elaborate on that technical error? Do you mean a user error, or a malfunction in COMODO defense?
 
  • Like
Reactions: Deleted member 2913 and Der.Reisende
D

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
shmu26 said:
that sounds interesting. could you elaborate on that technical error? Do you mean a user error, or a malfunction in COMODO defense?
Click to expand...
A malfunction related to my OS I'd say. When I started testing CIS, I regularly had BSODs, which I thought (and might be) related to conflicts of malware being sandboxed and performing their actions in there. However, since I had to refresh (kinda reinstall) my OS due to a beta test of CIS 10, which I couldn't get uninstalled, I never had any BSOD related to CIS again. I think there was something wrong on my base system (ShadowDefender protected) which you couldn't know by normal usage, but by chance due to CIS testing. The infection happened because a ransomware was not sandboxed, UAC accepted, encryption done.
However, I retried on the same system before the refresh, and did not have the infection again (sandboxed before and after UAC). I have tested many malware since then, everything unknown got sandboxed, system was clean every time (encryption inside sandbox), only dropped malware was detected by 2nd opinion scan when using Macro Viruses, because the Word file was not suspected malicious. However, the dropped payload was indeed sandboxed when triggered.
 
  • Like
Reactions: Deleted member 2913, shmu26 and Venustus
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Der.Reisende said:
A malfunction related to my OS I'd say. When I started testing CIS, I regularly had BSODs, which I thought (and might be) related to conflicts of malware being sandboxed and performing their actions in there. However, since I had to refresh (kinda reinstall) my OS due to a beta test of CIS 10, which I couldn't get uninstalled, I never had any BSOD related to CIS again. I think there was something wrong on my base system (ShadowDefender protected) which you couldn't know by normal usage, but by chance due to CIS testing. The infection happened because a ransomware was not sandboxed, UAC accepted, encryption done.
However, I retried on the same system before the refresh, and did not have the infection again (sandboxed before and after UAC). I have tested many malware since then, everything unknown got sandboxed, system was clean every time (encryption inside sandbox), only dropped malware was detected by 2nd opinion scan when using Macro Viruses, because the Word file was not suspected malicious. However, the dropped payload was indeed sandboxed when triggered.
Click to expand...
thanks.
I learn from this story that if a person is seeing BSODs related to COMODO, then he should not assume that COMODO will always behave as expected when malware comes along. This is probably true of all security software.
 
D

Deleted member 2913

I like all the suggestions here, every one have their experience, setup, etc... with Comodo software.

I am a long time user of Comodo & it was the first ever firewall I installed & the first ever forum I joined And learned a lot there in the initial days. I am with Comodo & used FW & AV right from Beta 2 of the software. Later CIS was born combining both & they have come a long way improving the product, usability, protection, etc...

I have mostly used CFW with no AV, no 3rd party AV, no additional realtime security, etc...
My setup was mostly -
Customize the GUI/Appearance stuffs like Comodo messages, upgrade tab, sound notifications, etc...
Protection wise, always used defaults with little customization.
I have always used "Internet Security" config --- Its default config with CIS suite install --- Balanced protection & usability.
But with CFW only install too, I use "Internet Security" config.
Few customization only ---
FW settings - "Dont show popup messages" --- Unchecked
"Do not virtualize access to the specified files/folders" --- Unchecked
"Enable automatic startup for services installed in the Sandbox" --- Unchecked

Previously I use to test security software for my personal review. And I had tested CFW many times with the above mentioned defaults & customization And its kinda one of my fav software, I use to test it longer i.e I use to start a test & after test completion, use to keep the system as it is & continue the test in couple of days then again in couple of days.......... I use to test on real system (no personal data, etc... but software Adobe, Java, Office, PDF, etc... installed) And the system was never infected.

Guess, our frd "Der.Reisende" here also test CIS defaults in MalwareHub And CIS is excellent everytime.

If you ask me "Comodo Firewall without AV", I would say ---
If you are familiar or have experience with CFW/CIS then understand the customization & start with couple customization (Better test with software install, etc... & experience the usability, protection, etc... with the applied customization, understand & learn to move files to Trusted/Unrecognized or out of sandbox, etc...)
If you are new to CFW/CIS then start with defaults, get familiar with the GUI, understand & learn the basics like moving files out of sandbox, set programs/files as trusted, etc... And then step by step understand/learn/test & apply customization.

As for me, I have used the mentioned settings/customization only & never had probs, malware, etc...
 
  • Like
Reactions: Av Gurus, Der.Reisende and shmu26
Status
Not open for further replies.

Similar threads

vitao
    • Like
    • Wow
Kaspersky Antivirus PROTECTED Comodo from an EXPLOIT!
Replies
9
Views
610
Comodo
Andy Ful
Andy Ful
vitao
    • Like
    • Applause
Kaspersky Antivirus Free + Comodo Firewall Test Against 100 New Malwares (10/2024)
Replies
5
Views
533
Comodo
vitao
vitao
rashmi
    • Like
    • +Reputation
Serious Discussion Comodo Containment "Restricted" Restriction Level
Replies
24
Views
1,819
Comodo
rashmi
rashmi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top