My new security setup

Installed CFP3 w/ Defense+, BOclean and Avira PE Premium into my XP Pro (SP2) system today. I am running them along with CounterSpy v2 in realtime and everything is running great! All the installs went without incident and have had no conflicts! All I can say is so far Comodo rocks! Learning the ropes now on all the settings to try. Heck the Comodo Malware scan before the install even found 1 Malware on it (and that was with KIS 7 previously running on system).

As a newbie with this setup, I’m open to any “settings” suggestions the experts here might have.

BTW, I’ve also run the above setup “Sandboxied” with no issues either. :BNC

There is some debate on whether BOClean is even necessary with today’s AVs trying to cover all the bases…
With a superior AV soft such as Avira Premium IMO it may be overkill to also have BOClean…
CounterSpy I used for half a year… very unlikely than Avira Premium would miss something dangerous that CounterSpy would be able to catch.

IAC, With D+, why do you feel the need to have all these extra apps bogging down your cpu?


With CFP 3 and Defense+ enabled, you don’t really need anything more, but keep Avira. You should be fine without BOClean and CounterSpy. Maybe add CMF (Comodo Memory Firewall) until it’s integrated in CFP 3.
I also suppose that your using either Firefox with NoScript (and Adblock Plus) or Opera instead of Internet Explorer?

Are you running your security softwares sandboxed? Wouldn’t the database files get wiped when you clear it?


I am no “expert” by any stretch of the imagination. I run CFP3, Avira free, and run various other scans at least once a week (Spybot, the CFP scan that resides on the Defense + page, Adaware [which doesn’t find much any more], clean out cookies, temp files, disc cleanup, etc.). I keep the Microsoft Updates current. Almost everytime the dipstick comes up dry for any malware. I run CFP Custom Policy mode for firewall, and Paranoid mode for D+, and I actually take the time to read the CFP popups.
Good luck, and you made the right choice with CFP


On the contrary to opinion above, I think BOClean is an excellent addition. It’s lite on resources, it’s a program that will stop the bad guys who you may have carelessly allowed to operate. It helps greatly with zero day exploits, or oldies that may have been disguised.

If you look at cost benefit, it seems very cheap for a last line of defense before execution of a malware.

Precisely because it has a different mechanism of protection I like it. I don’t see how you can have too many layers of protection unless they conflict or in total use too many resources.

D+/CPF cover a lot of bases but do allow human error and do NOT guard against threats that may have been on your machine before you added that powerful layer of protection. Avira or any good scanner for malware might spot the bad guys that are missed, but there is a delay until the scan or the update of the database. BOC often catches oldies packaged in new form and has value if for no other reason.

IMO - BoClean is absolutely necessary even with a decent AV.

I use to use Antivir PE Premium until last month when my subscription ran out so I’m using free avast these days.

At any rate, BOClean caught and removed a Trojan from my system even before Antivir was able to catch it. I was installing a free accounts software called EasyCash and it put a Trojan in my temp directory. At any rate, BoClean stopped Easy Cash from installing while Antivir detected nothing. (See my BOCLEAN saved the day Post in the BoClean Topic)

With the suggestions I have gathered here, I have made the following adjustments to my “real time” set-up…

CFP3 w/Defense+
Avira PE Premium
Comodo Memory Firewall
Comodo Verification Engine

On demand as needed…


Well? Opinions?

It looks good.

I just done some quick reading about Returnil and Shadow Defender. Both seems to be virtualization softwares. It’s a waste to have two virtualization softwares. Also, Sandboxie is not necessary if you’re running your PC in a virtualization mode.


Yeah, you’re right. Returnil shadows your C drive and ShadowDefender shadows all drives and yes I agree with you about Sandboxie. I’m just one of those guys that likes lots of “toys” to play with. (:NRD) (:LGH)

Comodo and their many offerings here have actually made security fun! :BNC

You certainly have a secure set up there,it’s extremely unlikely your system would be compromised with that little lot running. :■■■■

Also I agree that security can be fun,CFP offers loads of tweaking potential. :BNC

Not bad but your setup needs at least one from the following category

“Behavior blocker”

CPF3 Defense+ covers a bit of this (though it is by and large still pretty dumb), while memory firewall covers attempts at bufferoverflows but you are wide open to other attacks.

Particularly for a self-confessed “far from expert”, you need to have software with “smarts” built in , so it is highly recommend you add one of these…

Threatfire/Mamutu/Primary Response SafeConnect

Don’t get me wrong CPF3 defense+ is not bad, and tries to be “smart” but it is not on the level of TF …

Any conflicts with TF?

There shouldn’t be any issues with running Threatfire and CFP together,to its credit I’ve run CFP alongside numerous other security apps,in various configurations with very few conflicts.

Not necessarily. While in shadow/virtualization mode, you are almost sure of a 100% recovery to a clean state, it does not give you assurance that malware running during the shadow/virtualization mode can’t hurt you.

For instance, imagine some exploit (that would have being blocked by sandboxie), installing a keylogger. Sure, once you reset out of virtual mode, the keylogger is gone, but while the keylogger is running it can log your passwords and send it off…

Retunril and company are good, but you still cannot neglect the threat that malware brings between the clean states…

TF added w/no conflicts so far.

That’s a valid point.Given that sometimes computers are left running for long periods between reboots that could be a long time for malware to steal your data,etc.While it’s great to boot up to a malware-free state each time,the threat of infection during a session shouldn’t be underestimated.

I am always curious about how many IT professionals would actually use products like Returnil for personal use.
The significance of Uptime is something they never forget, often times learned the hard way; they talk about Five-Nines, Six-Nines…
Frequent and constant rebooting is something of an anathema for them.

I just can’t see them doing it unless it was an absolute task requirement…

That’s correct.Even many home users leave their machine running for extended periods,for downloading etc,only rebooting when necessary for updates.

6 sigma, 3.4 defects in a million…

I would say the setup of the OP is now about 90% secure.