App Review NotPetya vs Comodo Firewall

[EASTER]

Good to see this particular version of Comodo FW taking on some of the worse and dealing with them with superior results.

Does anyone know of some other free version combo app like this one is, which can provide safety anywhere near on the level as this does?

 

[simmerskool]

Good to see this particular version of Comodo FW taking on some of the worse and dealing with them with superior results.
Does anyone know of some other free version combo app like this one is, which can provide safety anywhere near on the level as this does?

couple days ago I added avast free with just minimal components, file shield and web shield, and seems aok with CF10@cruel_comodo. avast install was easy, easy to opt-out of components. I also liked avast website, seems solid av company and getting good results at av-comparatives fwiw. Somewhere CS recently posted that she liked avast... search MT, you'll probably find it. something like "if I could only use just av, then avast..."

 

[VeeekTor]

Here's a new one for you guys.

Ransomware Defender: Ransomware Defender - ransomware detection & removal software

The most downloaded Anti-Ransomware software in 2017, preferred and recommended by experts!

Review here:

 

[bribon77]

Great video like all the realizes, I really like Comodo Firewall, it is my favorite program, and I use the configuration that you recommend .. But now I am testing the kis, but strange to Comodo
Regards!!

 

[Bombus]

Great video CS I think comodo firewall is better than emsisoft firewall imo

I agree with you, but i fink that Emisoft has much and more better sig and heuristics. Comodo antivirus is very bad, but Comodo firewall with autoContainment is better than the most ,,traditional antivirus" because it kills ,,unknown". This concept/ approach is simple and effective.

 

[AtlBo]

Question for @cruelsister or anyone else. You ran the test Partially Limited. So I have 2 scenarios->1. Admin acct and 2. Standard Limited rights acct.

1. Admin acct.-So Partial Limited in Admin account can create a startup entry or a scheduled task unless UAC is on? Could changes happen outside the container using this combination or is this known? I am guessing with UAC off program could create startups and scheduled tasks at this setting?
2. Standard Limited Rights acct-So in this type acct with UAC on, the same result? Container blocks everything designated for a UAC prompt? In this case I assume no task and no startup even with UAC off because of the limited rights nature of the account and Comodo container will auto-block rather than invoke UAC.

These are like c/s settings HIPS off. I like Safe Mode HIPS which can help see what an "Unrecognized" app wants to do. HIPS on, even if app in container set to Partially Limited in either type acct could create startup or task, I would get the HIPS alert about the attempt.

Curious how any of you would make your best description of what you think an application can do outside the container at Partially Limited. I am guessing at the Limited setting the container mimicks a Limited Rights acct but silently blocks each action which attempts to invoke UAC interaction.

 

[Claw]

Have you dug deeper into it AtlBo ? I would like to hear your findings.

 

[cruelsister]

AtBo- At either Partially Limited aor at my settings that malware is totally contained. At the PL level NotPetya was able try to call up schtasks, but was unable to do anything. And as I had my Firewall setting in place the malware was not able to connect out to the network, so everything was contained on this system. Please note also as CF exceeds what UAC can do for you, having it active is not needed.

As for NotPetya in an SUA, UAC, Admin account (on an otherwise unprotected system- None of this matters with CF active. However in about an hour I will be releasing a video that dwells exactly on these issues which highlights something you may or may not be familiar with- process elevation by malware.

 

[AtlBo]

Have you dug deeper into it AtlBo ? I would like to hear your findings.

Hey Claw. How you been? OMG, I been racking my brain over Comodo for about 7 months now. I guess it was all piled up after issues with Viruscope or something before. I kept losing rules and files. Seems stable now.

AtBo- At either Partially Limited aor at my settings that malware is totally contained. At the PL level NotPetya was able try to call up schtasks, but was unable to do anything. And as I had my Firewall setting in place the malware was not able to connect out to the network, so everything was contained on this system. Please note also as CF exceeds what UAC can do for you, having it active is not needed.

As for NotPetya in an SUA, UAC, Admin account (on an otherwise unprotected system- None of this matters with CF active. However in about an hour I will be releasing a video that dwells exactly on these issues which highlights something you may or may not be familiar with- process elevation by malware.

Cool kind of cruel @cruelsister. Look forward to the vid. Any way at all the sandbox is primo.

Well, I would like to know if I run without restriction but virutally if the app would just run but only change the sandbox. I understand what you mean by container is safer than UAC/native restriction. It goes further than Windows restrictions. I assume this is still true even if restriction level is set to run Virtually but with no restriction.

I am beginning to want to watch malware fight for its life and die. . What has become of me. Thx.

 

[Claw]

Hey AtlBo, I'm glad you got Comodo figured out, I know how you are with your Comodo.

 

[Sunshine-boy]

Ransomware Defender:

50$! lol
you can buy App guard with this price
Hitman Pro alert
Bitdefender antivirus plus which is OTP against ransomware
I tried that Anti-Malware 1 year ago it's like Adware...you can't remove it from your god damn PC I mean you can but its pain ...

 

[AtlBo]

Hey AtlBo, I'm glad you got Comodo figured out, I know how you are with your Comodo.

Working on it. You still pushing avast and panda and the like? Seems like that's what you ran mostly before. Maybe AVG?

I would say try Comodo but it's a brain teaser. I think it's mostly hiding in 1000 unknowns. It's little things like how the HIPS rules change when a file rating is raised by a user with a HIPS alert choice or how the file rating itself changes with some choices.

 

[Claw]

@AtlBo, Bitdefender Free and Zemana Anti-malware free.

 

[AtlBo]

Oh yeah, Bitdefender would have been my next guess. I won a key for a year of Zemana. I really like the live version. It's a really good scanner to have too tho. I'm still with 360 TS cause of BD defs...and the behavior blocker/system guard. Good choices you have...

 

[EASTER]

AtBo- At either Partially Limited aor at my settings that malware is totally contained. At the PL level NotPetya was able try to call up schtasks, but was unable to do anything. And as I had my Firewall setting in place the malware was not able to connect out to the network, so everything was contained on this system. Please note also as CF exceeds what UAC can do for you, having it active is not needed.

As for NotPetya in an SUA, UAC, Admin account (on an otherwise unprotected system- None of this matters with CF active. However in about an hour I will be releasing a video that dwells exactly on these issues which highlights something you may or may not be familiar with- process elevation by malware.

You gotta just love all that confidence laid into this program, and who else would know more about just how well that it stops a lot of the woes C0LD!

Thanks as always Cruelsister. You are a very valuable asset for many and will be again for those still groping in the dark with solutions that, well, let's just say have their limitations in comparison.

Sure won me over big. Plus I had no idea Comodo was quite this generous.