- Jun 21, 2011
- 591
windows firewall
bitdefender antivirus free
mbam free
bitdefender antivirus free
mbam free
[Windows 7-10] What would be in your opinion the most lightweight yet effective security?
- Thread starter Electr0n
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Jan 5, 2018
- 163
I've installed Comodo Cloud Antivirus and shut off the AV keeping only the Sandbox on. I've found the settings more intuitive for achieving the same settings you use for CFW. Though I wanted to ask if the Cloud Sandbox is any less powerful than the one with the Firewall? I use Windows Firewall Control and have no interest in running Comodo's FW. I can still block all outbound/inbound internet traffic for all programs running in the sandbox.
Am I less secure going this route?
- Feb 19, 2018
- 182
Comodo firewall with cruel sister's settings uses the sandbox feature as an anti executable. Bonus is the comodo firewall. If you're using the comodo cloud av for the sandbox feature only, wouldn't voodooshield or sandboxie have served that purpose as well?
- Jan 5, 2018
- 163
Sure it could. The cloud sandbox can be set to auto-deny too as well as block all internet traffic from programs within the container. You could honestly use voodooshield instead of Comodo Firewall too, windows firewall is just as good. As for Sandboxie, Cruel Sister has made videos showing Sandboxie to be less secure than Comodos sandbox so I wouldn't consider Sandboxie a replacement.
- Feb 19, 2018
- 182
Thanks for the info, I had to stop using sandboxie because the free version has conflict with office click to run, but it seems that replacing sandboxie with comodo was right decision.
- Jan 5, 2018
- 163
Thanks for the info, I had to stop using sandboxie because the free version has conflict with office click to run, but it seems that replacing sandboxie with comodo was right decision.
I agree. If Cruel Sister uses it then I trust it completely.
I use CFW @ Cruelsister settings + Windows Defender + Zemana as an on demand scanner on a different pc. It's light and I've never had an infection or anything.
- Dec 29, 2014
- 1,716
In CCAV Do you have the option to Block/Run Restricted/Run Virtual for each rule? Any of these will block malware (or anything else honestly). Only Ignore will let malware by with CF. It could still be blocked by the cloud via Viruscope, or by Heuristic command line analysis, or HIPS...even the Firewall gives you the ability to terminate a process. If you have the above options for each sandbox rule, I'm sure it's as powerful.
After a year, I now feel there really isn't anything to be scared of with Comodo, but here's what I take seriously at this point:
1. Comodo's TVL and Cloud Lookup. If Comodo trusts the file that means alot. It's an exhaustive list of trusted vendors, so things that aren't properly signed and/or then aren't allowed by Cloud Lookup should be blocked....period. I mean, OK, go through the submission process for a FP, but wait to see what Comodo says before running the app. Trust the TVL and Cloud Lookup. There are a good many stories of installers that seemed like a known but weren't etc.
2. Command-line heuristics is the cornerstone of Comodo protection. If anything gets by, chances are it will try to use command line. Comodo is there.
3. HIPS is helpful but only for taming legit apps really and only for those who understand the HIPS rules and the keys they point to etc. Probably not worth the trouble for most.
4. In the containment settings, it's not necessary to run with the "Detect which programs require elevated privileges..." setting unchecked. Honestly, it won't affect what Comodo thinks about the program, but unchecked you will have the opportunity to allow the program to run with highest privileges which can mean curtains.
5. Remember it's a security program and it's there to block sketchy and malicious software. Respect Comodo's opinion like it's the word of faith. You will be able to run most of what you attempt to install without a single alert and you can also fill in below the surface with security like NVT OSArmor or good policy setting software like @Andy Ful's Hard_Configurator.
This is what I feel like I have learned after running for a year with a trimmed TVL to see the dynamics of the program in action. The trimmed TVL means I have gotten (and still get during installations since HIPS is on in Safe Mode) constant alerts from Comodo. I did this mostly to examine the effects of Trust on the number of firewall/connection alerts. Still don't know how the relationship works, but I have the alert frequency level set to High. I am happy with the way the alerts come through. I get a firewall alert for every connection attempt from each unruled application and it will come back unless I choose to remember the choice.
One last thing. Before unblocking from the widget, know this one thing. That dynamic creates a firewall, a HIPS, and a containment rule all set to allow. Also, it changes the file rating from "Unrecognized" to "Trusted". I like it being there, since I run with the trimmed TVL. However, the day is coming when I will be trusting the TVL and Cloud Lookup in the near future. Already do on other PCs here, just not the main one yet.
Oh yeah. @cruelsister's settings are the cold blooded essence of Comodo. She trusts Comodo to decide what is malware and what shouldn't be run, and it works. However, she doesn't recommend turning off the firewall and she doesn't disable command-line heuristics. The rest of her settings are rock solid and I wouldn't say just a anti-exe in reality. Close but not exactly.
Last edited:
- Dec 23, 2014
- 8,592
The home users may trust Comodo TVL + Cloud Lookup, except if someone is highly paranoid about security.
I think that Comodo Firewall with @cruelsister's setup is a sufficient solution for Windows 8 (and below). It really does not require anything else, if the user installs only applications which are allowed by Comodo TVL + Cloud Lookup.
The problems arise when the users want more, and allow the applications which are sandboxed.
Unfortunately, most people do not want to be just safe. They want to run also applications that are not recognized as safe or malicious, and demand from the security to guard them when the application happened to be malicious. So, they turn on HIPS or use behavior blocker, anti-ransomware, anti-exploit, etc. The system soon gets unresponsive, there are problems with Windows Updates. The presence of several securities usually makes the system to behave strangely.
Personally, I like using CF on computers up to Windows 8.
I think that Comodo Firewall with @cruelsister's setup is a sufficient solution for Windows 8 (and below). It really does not require anything else, if the user installs only applications which are allowed by Comodo TVL + Cloud Lookup.
The problems arise when the users want more, and allow the applications which are sandboxed.
Unfortunately, most people do not want to be just safe. They want to run also applications that are not recognized as safe or malicious, and demand from the security to guard them when the application happened to be malicious. So, they turn on HIPS or use behavior blocker, anti-ransomware, anti-exploit, etc. The system soon gets unresponsive, there are problems with Windows Updates. The presence of several securities usually makes the system to behave strangely.
Personally, I like using CF on computers up to Windows 8.
The industry cannot protect people from themselves. That has been the #1 issue from the very first day - people are the problem.
The are more clamorous and desperate calls that security software must be made foolproof. The only way to do that is to lock people completely out of the system. If that is done, then there are bloody cries of foul that the user has no access or choice to customize. It's either one or the other; you cannot have it both ways.
Either way, the main issue is the same - people are the problem.
- Jul 3, 2015
- 8,153
1 Comodo Firewall does not play well with all AVs.
2 Comodo Firewall is famous for being buggy, so user beware. Sometimes the protection stops working, or works erratically, or there are various and sundry other bugs.
When it is working as expected, and it is not conflicting with your OS or software, it is good.
- Dec 29, 2014
- 1,716
I agree with much of what you say. The flip side is that Comodo is a security program, and it does have a large TVL that guarantees free passage to hoards of software installations. Also, however, as @cruelsister testifies, Comodo blocks malware...and without alot of FPs. Probably going to be some blocks that users don't like, but when I think of all I can run with Comodo it's really effective software. Now, with a gamer...I would have to do alot of testing with this type of rig. I just don't know how it does with game devs and their super complex programs.
One thing I have to say. On one system I have Comodo, Q360, AppCheck A/RW, EMET, and NVT OSArmor. I never have a single conflict, and Comodo may be quirky, but it doesn't break on me any more. I feel safe in SUA under UAC and this security, and the setup has a very small profile system resource-wise. I could exchange Qihoo for any a-v btw, but I do like the program, once it is "tamed".
All this said, what's the most important element of all this to me?...NVT OSArmor LOL. Not to encourage it, but if you run Comodo unrecognized outside of Comodo chances are malware won't run with OSA. And it's brand new with I suppose even more to come in the future. I hope to get a chance in the near to work with Hard_Configurator and I'll probably be saying the same thing about it...
- Jul 3, 2015
- 8,153
- Jun 22, 2014
- 878
Voodooshield(or NVT ERP or Crystal Security), OSArmour, Immunet(Clam off) and Toolwiz Timefreeze.
Got this on all my systems even a win xp ( P4 500mb ram) machine and it`s still incredibly light.
My only issue with Comodo is that it can be a real bugger to uninstall should the need arise.
Regards Eck
Got this on all my systems even a win xp ( P4 500mb ram) machine and it`s still incredibly light.
My only issue with Comodo is that it can be a real bugger to uninstall should the need arise
.Regards Eck
- Dec 23, 2014
- 8,592
It seems that my setup is functionally similar to yours. In my Windows 10 I sometimes use:
- Default-deny + file reputation service: Hard_Configurator (with forced SmartScreen) instead of CF.
- Antivirus + Anti-Exploit + AntiRansomware: Defender + Controlled folder access + Exploit Guard, instead of Q360 + AppCheck + EMET
- Shadow Defender on boot
I like OSArmor and ReHips very much, but I do not need them with the above setup. In fact, my setup can be reconfigured with a few mouse clicks from locked to almost unrestricted due to Hard_Configurator and ConfigureDefender.
I also install many programs for testing, and after finishing tests my system is untouched due to Shadow Defender.
Anyway, for most people the default-deny setup will be inconvenient, because they have habits adjusted to default-allow security like standard Antivirus suites.
- Dec 23, 2014
- 8,592
Several crashes on my computer.
I prefer Windows built-in security on Windows 10, with one exception of Shadow Defender (very useful for temporary installations, and testing the system tweaks).
Last edited:
- Jun 22, 2014
- 878
Voodooshield(or NVT ERP or Crystal Security), OSArmour, Immunet(Clam off) and Toolwiz Timefreeze.
Got this on all my systems even a win xp ( P4 500mb ram) machine and it`s still incredibly light.
My only issue with Comodo is that it can be a real bugger to uninstall should the need arise
Regards Eck
Damn!!! How could I forget to include the venerable SANDBOXIE ???
Regards Eck
Last edited:
- Aug 30, 2012
- 6,598
Testing a lot AVs lately I've found that 360 Total Security Essential, ESET and Avast are probably the lightest and the most responsive.
Emsisoft is pretty light on resources also, of course if you have more than 1GB of RAM. On modern machines it is very light.
Other AVs are not lighter as much as Emsisoft is capable. Or in other words Emsisoft protection * performance > probably any other AV's protection * performance. My examination...
Emsisoft is pretty light on resources also, of course if you have more than 1GB of RAM. On modern machines it is very light.
Other AVs are not lighter as much as Emsisoft is capable. Or in other words Emsisoft protection * performance > probably any other AV's protection * performance. My examination...
- Jan 5, 2018
- 163
I discovered some videos showing ransomware getting past Comodo Cloud's Sandbox but not getting past Comodo Firewalls Sandbox.
I would like to follow up my previous posts with saying ONLY use Comodo Firewall with CS's settings. Just stay away from CCAV.
I would like to follow up my previous posts with saying ONLY use Comodo Firewall with CS's settings. Just stay away from CCAV.
- Dec 29, 2014
- 1,716
Did this have something to do with Cloud Lookup being disabled on CCAV? I can't remember what video I saw (maybe a different video), but the settings weren't the same for the programs. In that one I think enabled Cloud Lookup allowed the malware errantly on CCAV while it was blocked on the Cloud Lookup disabled CF PC. Think it was a Cloud Lookup allow mistake that actually caused the infection. Only one I have heard of, and I recall that malware was quickly blacklisted.
Similar threads
