For those that are interested, head over to there beta forum to download. Both 32 and 64 bit available.

Whats new in 3.5.61373.458 BETA?
--------------------------------------------------

NEW! Threatcast integration: COMODOs community based alerts reply statistics reintroduced
NEW! Native Vista Firewall: New COMODO Network Stack based firewall engine using new vista technologies(dramatic performance improvements)
NEW! Native Vista HIPS: New Vista HIPS compatible with Vista PatchGuard. Now Defense+ introduces kernel level protection in Vista SP1 X64 or later
NEW! COMODO Memory Firewall integration: CIS now includes builtin system wide buffer overflow protection
NEW! AV Heuristics: The AV engine now includes heuristics scanning capable of detecting unknown viruses generically
IMPROVED! Trusted software vendor list is expanded, capable of detecting thousands of applications generically without any signatures
IMPROVED! Revised AV engine: AV engine scanning and updating speed increased significantly

Known Issues:
-----------------------
* First boot after the installation might sometimes take longer than expected: This issue is being investigated
* The virus database in this version is a test database and is therefore different from the virus DB of the released version. This means detection rates are different
---------------------------------------------------------------------------
looks promising....:thumb: :thumb:

Having used this for a day or 2 my initial experience is very positive,it runs light as a feather and has been extremely stable up to now.Hopefully it'll soon be ready for a full release since the AV especially is a huge improvement.:thumb:

There have been a few reported issues including one bug with Firefox 3.05 that should be noted before trialling this suite.

http://forums.comodo.com/beta_corner_cis/comodo_internet_security_3561373458_beta_bug_reports-t33171.0.html

Hmmm.... Defence Plus failures are not yet addressed... contrary to OA.

- clipboard logger detection
- any program,s window,s GUI manipulation detection
- detection of hidden process

>:(

I don,t like ThreatCast BTW( not used but i mean the idea does not click me).

We want the screenshots of Threatcast! ;D

(I have the feeling that Drive Sentry won't like it...).

Thanks for the "heads up" clocks.

A few initial impressions/comments.
I opted out regarding Threatcast, so I can't comment on it. CIS 3.5.61373.458 installed on XP ok but froze during initial updating which required a reboot.

Firewall set to Safe Mode, Defense+ to training mode. No problem and little if any slow down logging on and surfing.

The antivirus scanner produced 23 false positives, 18 related to Glary utilities, the other 5 to DVDFab Platinum. This surprised me as both are well known applications. The previous version of CIS produced no FPs with the same configuration.

So far, so good. The FPs were a surprise, but I can deal with them.
I hope we will soon see an in-depth product review for the antivirus component.

Thanks Comodo ! :thumb:

-{ Quote: "
I opted out regarding Threatcast, so I can't comment on it. CIS 3.5.61373.458 installed on XP ok but froze during initial updating which required a reboot.

" }-

Ah, shame, i was curious to see how Threatcast is today. The only screenshot i found googling, is supposed to be from an old beta:

http://img176.imageshack.us/img176/1993/74069475an7.png

(Drive Sentry users find anything familiar? ;D )

Good to know that you can opt out! I am not sure i 'd like TC either. :thumb:


-{ Quote: "The antivirus scanner produced 23 false positives, 18 related to Glary utilities, the other 5 to DVDFab Platinum. This surprised me as both are well known applications. The previous version of CIS produced no FPs with the same configuration. " }-

Ah, i think this has something to do with the new heuristics and the "* The virus database in this version is a test database and is therefore different from the virus DB of the released version. This means detection rates are different"

I was rather dissapointed by the heuristics. They seem to be based on packers mostly (by mostly i mean like nearly all of them if not all of them). I trully hope there will be a way to disable packers detection separatelly and that they'll actually implement something based on CAMAS in CIS...

-{ Quote: "I was rather dissapointed by the heuristics. They seem to be based on packers mostly (by mostly i mean like nearly all of them if not all of them). I trully hope there will be a way to disable packers detection separatelly and that they'll actually implement something based on CAMAS in CIS..." }-

Well, despite Melih's optimism, i don't think he can reach the top 5 (?)AVs within a year with the AV only. With the entire CIS probably yes. But the AV alone... I will stick with my Twister. Just think that AV companies with years on their back are still trying to make good heuristics...

-{ Quote: "I was rather dissapointed by the heuristics. They seem to be based on packers mostly (by mostly i mean like nearly all of them if not all of them). I trully hope there will be a way to disable packers detection separatelly and that they'll actually implement something based on CAMAS in CIS..." }-

Sad but its true. I was expecting to see some Sandbox analyse like in CAMAS too :'( , Maybe in the next version , and maybe we are wrong hehe ( i expect that we are).

-{ Quote: "Sad but its true. I was expecting to see some Sandbox analyse like in CAMAS too :'( , Maybe in the next version , and maybe we are wrong hehe ( i expect that we are)." }-

Excuse the ignorance, but what's CAMAS?

Thanks in advance.

-{ Quote: "Excuse the ignorance, but what's CAMAS?

Thanks in advance." }-

CAMAS is COMODO Istant Malware Analysis (http://camas.comodo.com/cgi-bin/submit)

-{ Quote: "CAMAS is COMODO Istant Malware Analysis (http://camas.comodo.com/cgi-bin/submit)" }-I sent them a mail bomb, a zip file of 42kb that unpacks to 42tb or sth.

Process Failed
• Verdict
Auto Analysis Verdict
Not Rated as Suspicious

:P

-{ Quote: "CAMAS is COMODO Istant Malware Analysis (http://camas.comodo.com/cgi-bin/submit)" }-

Thank you. I had no idea they provided such a scanner service.

is this beta just as light as the current stable version? no added slowdowns?

-{ Quote: "is this beta just as light as the current stable version? no added slowdowns?" }-


Pretty close. Often just as low, but on avg it may eat a few more meg. I need to do more testing to say for sure though. They packed a lot into this release.

-{ Quote: "Pretty close. Often just as low, but on avg it may eat a few more meg. I need to do more testing to say for sure though. They packed a lot into this release." }-

i dont mind about memory, im more concerned with CPU and general system slowdown (especially at system startup) compared to current stable version?

The new beta runs very smooth & no slow downs, had to uninstall the antivirus CPU ran very high while scanning not to mention it caught 62 infections all of them tuneup utilities with the exception of anvir task manager.

ye, wasnt planning on using the AV anyways, just the firewall and D+

EDIT

do i need to uninstall CIS before i install CIS beta? or will it overwrite?

I would suggest that you do an uninstall befor installing the Beta did that my self & everything went very smooth , by the way its very stable & no popups .

-{ Quote: "I would suggest that you do an uninstall befor installing the Beta did that my self & everything went very smooth , by the way its very stable & no popups ." }-

last thing i gotta know is, does it slowdown system startup anymore than the current version of CIS?

-{ Quote: "Sad but its true. I was expecting to see some Sandbox analyse like in CAMAS too :'( , Maybe in the next version , and maybe we are wrong hehe ( i expect that we are)." }-


From my understanding the next release or so of CIS will incorporate the 'Comodo time machine' which I believe will have elements of sandboxing/virtualisation and rollback functionality so I'd expect some form of malware analysis technology within this.

-{ Quote: "last thing i gotta know is, does it slowdown system startup anymore than the current version of CIS?" }-

On my particular test system startup time was reduced by a few seconds with this beta.

each time an update is released to the beta do u have to re-download the new version of beta or would it be auto updated?

-{ Quote: "last thing i gotta know is, does it slowdown system startup anymore than the current version of CIS?" }-

No startup delay on my system - Online Armor gives me a large delay, so that's another reason I'm using CIS beta.

It's running smooth with a little higher ram footprint (1-2megs). I guess the extra stuff in it, memory firewall, AV heuristics and Threatcast are taking some memory but still very low at around 9meg total.

Ice

Here is an example of Threatcast popups:

http://www.megaportal.it/imghost/2009/01/17/1359411232197181.png

It's a great improvement, when the elements listed in the database will be incremented it'll be a very useful feature;D

Good job Comodo;)

-{ Quote: "Here is an example of Threatcast popups:

http://img207.imageshack.us/img207/7518/immaginexn8.th.png (http://img207.imageshack.us/my.php?image=immaginexn8.png)

It's a great improvement, when the elements listed in the database will be incremented it'll be a very useful feature;D

Good job Comodo;)" }-

Thank you Kronos. It's too small to read (maybe you took the wrong imageshack link. The "direct" one should be better), but i get the idea that now they have horizontal bars telling the community decisions.

sorry, post edited:P

Regards

Thank you again. Do you happen to know if Threatcast uses a database downloaded on the user's PC or each time connects to Comodo to use their online database?

Honestly I don't know, but I suppose this feature is a sort CIPS, so it requires an active internet connection to compare files to an online database...

However I've installed it two hours ago, so I'm not sure of this...;D

Regards

EDIT:
Obviously Threatcast is referred only to hips/firewall popups, so it's independent from CAVs, that can be disabled/not installed...
During installation, after the choose to do/not add CAV, it offers the opportunity to "Join the Threatcast Community"... here you can check/uncheck the option...
Image (http://img401.imageshack.us/my.php?image=immaginecm4.png)

-What about adding BOClean in CIS?

a) Does anyone know why they did NOT add it?

b) Are there any plans for adding BOClean
in the future CIS releases?

-{ Quote: "I was rather dissapointed by the heuristics. They seem to be based on packers mostly (by mostly i mean like nearly all of them if not all of them). I trully hope there will be a way to disable packers detection separatelly and that they'll actually implement something based on CAMAS in CIS..." }-
According to melih they are just testing the emulator, and CIMA based heuristics will be in next version.

Yeah i've read it. But i hope we'll have an option to turn off packer detection.
I hate it if AV detects something as Heur.Pck.Armadillo just because some program is packed using Armadillo protection system.
As an long year avast! user i really appreciate their determination not to detect packers as malware itself. There are some exceptions but they try to avoid them if possible. So i hope Comodo guys will do the same and give us the option to disable it easily. And if possible i'd also like to see option to enable/disable CIMA based engine when it'll be implemented.
I really liked this part in NOD32 where AH could be enabled or disabled.

Does anybody know how good the AV is in CIS, if its any good maybe I will give it a try, if now....oh well.

-{ Quote: "Does anybody know how good the AV is in CIS, if its any good maybe I will give it a try, if now....oh well." }-

I'm a comodo fan, but I'm honest saying that Av is too young...personally I've turned off the CAV, but I recognize that it's improving day after day (talking about database and heuristic)...


After all good job Comodo!

I'm very satisfied of their product;)

-{ Quote: "-What about adding BOClean in CIS?

a) Does anyone know why they did NOT add it?

b) Are there any plans for adding BOClean
in the future CIS releases?" }-


Yes Boclean will be added to the next upgraded version (4?).

-{ Quote: "It's running smooth with a little higher ram footprint (1-2megs). I guess the extra stuff in it, memory firewall, AV heuristics and Threatcast are taking some memory but still very low at around 9meg total.

Ice" }-

Initially I thought it may be a little heavier also, but now I don't know. Using process explorer, often it is 7-8meg, while the last version was usually 9-12. I would say this beta has a wider range.

I would be more concerned about CPU usage in the future. Many modules are being added. Anyway, we will see... In the worst scenario, one can stick the the .439 version of the firewall for quite some time.

-{ Quote: "I'm a comodo fan, but I'm honest saying that Av is too young...personally I've turned off the CAV, but I recognize that it's improving day after day (talking about database and heuristic)...


After all good job Comodo!

I'm very satisfied of their product;)" }-

That is good to hear, we can't expect a product to be fabulous from the begging, in time they should be able to put all the things together and make one good product:thumb:

I'm running the beta as I type this. My computer has a P4 630 (3.0 ghz) and 2.5 gig of ram; it is a very basic machine by today's standards.

Boot time is very good and I have no perceptible delay in log-on and surfing speed vs. Avast Home Edition and Comodo firewall 3.5 only.
My speed from boot to shut-down is definately faster than with the new Online Armor and any AV.

I'm using ThreatCast and like it so far. It isn't very intrusive but at first, you will (as expected) be prompted before certain programs/processes run.
I can live with that. It's absolutely less of a PITA than Vista's UAC.

I have set the antivirus heuristics to high and after training the AV component to ignore four programs that triggered false positives, everything ran smooth as silk.

I'm becoming more convinced by the day that CIS will be a real winner !
When BoClean is fully integrated, CIS will give the subscription security suites very serious competition.
If CIS continues to improve and stays free, it will be a top contender for software product of the year.

Well done (so far), Comodo ! :thumb: :thumb: :thumb:

-{ Quote: "-What about adding BOClean in CIS?

a) Does anyone know why they did NOT add it?

b) Are there any plans for adding BOClean
in the future CIS releases?" }-

For that question is far more better to visit comodo forum and inform yourself there. Maybe will leak some info about that.


http://forums.comodo.com/

BOclean will be added quite soon,I'm guessing first half of this year by the look of it.It'll be a completely different version than the current resource hog thankfully.

well, supporting what I've just said about Comodo, here is a couple of interessant link...

1. CIS have just exceeded over 1 million signatures for the AV:
https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/cis_have_just_exceeded_over_1_million_signatures_for_the_av-t33264.0.html

...when Kaspersky, for example, has 1.641.468 records in their database.

2. Here is a small malwares comparative, made with 565.400 samples (so I think it's believable):
http://malwareresearchgroup.com/?page_id=2

...and CIS scored 90-91,4 % (considering that the version tested is 3.5.57173.439, released on 3rd December, further improvements wasn't tested, as the new imminent heuristic module or a lot of DB records)


however we'll see:P ;D

Well looks like Comodo is adding more signatures and with heuristics they should improve, but until the final product is out we can only speculate.

what i will say is this is one of the most stable beta release products ive ever used, i havent experienced a single bug since i started using it like a week ago maybe. the added features they put in work perfectly fine to.

Wonder when they'll submit their AV for independent testing then?
Virus Bulletin and AV-Comparatives?

Will be good to see how far its come on.

Obviously CIS, nowadays, is not comparable to other products like Avira, Eset or Kaspersky (for the AV component)...We have to wait a lot... I don't think that, after the first three months from the public stable release(23 October), Nod and Avira were able to detect malware as they do it now, or to exceed over 1 million signatures...

Considering this, we have only to be reliant about this software future: we are talking about a security suite that is completely free and that is having an incredible, uninterrupted, development.
And the results that it's reaching are very confortable...

However, time'll see...

This is my opinion;)

I agree with _kronos_ : once, when the only defense programs were av and fw, I had waited a bit for Comodo av growing. But today the security is a complex system, the HIPS is an essential element of the defense, may be the most important, and we have BB softwares, programs sandboxing and virtualising... so we can test Comodo av alone many worries.

NEW VERSION RELEASED:

http://forums.comodo.com/beta_corner_cis/comodo_internet_security_3861948459_beta_released-t33533.0.html

is that from an old beta of threatcast because im using the latest beta downloaded today and all i get from threatcast is no info available,i dont think its workin yet its there but does nothing-{ Quote: "Here is an example of Threatcast popups:

http://www.megaportal.it/imghost/2009/01/17/1359411232197181.png

It's a great improvement, when the elements listed in the database will be incremented it'll be a very useful feature;D

Good job Comodo;)" }-

-{ Quote: "is that from an old beta of threatcast because im using the latest beta downloaded today and all i get from threatcast is no info available,i dont think its workin yet its there but does nothing" }-

no that is not an old beta, that IS what it looks like, their database isn't that big yet since it is new, but its getting larger, it usually has info on well known apps or windows processes.

i havnt seen an alert on anything even well known ones,if you dont mind me askin what is your configuration set at(example-proactive)?i have mine at default

-{ Quote: "i havnt seen an alert on anything even well known ones,if you dont mind me askin what is your configuration set at(example-proactive)?i have mine at default" }-

i have a custom config, something between proactive and default. and are u sure u have threatcast enabled? i get ratings for a decent amount of my apps.

yup i have it enabled im gonna try a reinstall and see if i get any ratings,thanks

-{ Quote: "yup i have it enabled im gonna try a reinstall and see if i get any ratings,thanks" }-

did u download the new beta? they released a 2nd beta and they said if ur still using the first beta, threatcast may not work.

just downloaded today its 3.8.61948.459 and this is what i see all the time from tc

It is a Beta.

-{ Quote: "It is a Beta." }-

maybe so, but i still get ratings for several of my progs.

i know its a beta im just seeing if its just me or other people thats all
people in comodo forums say they get ratings also

Well, I had the same problem of hyatt69...
I resolved unistalling CIS and deleting all the "comodo" entries with RegSeeker...
after i installed the new version again...and no problem yet, TC works great8)

Regards,
Kronos

I'd recommend a full uninstallation of the previous beta,either Kronos' method or using a util such as Revo Uninstaller to remove any residual files before installing the new beta.You should hopefully find Threatcast works correctly then.According to Melih this should be the final beta before a RC is finalised.

-{ Quote: "i know its a beta im just seeing if its just me or other people thats all
people in comodo forums say they get ratings also" }-

Yep same problem here. However, I did not try to remove all entries for Comodo in the registry, so that could very well be the problem.

Ice

I know that technically we should not have to use a registry cleaner, but I always use Revo Unistaller, CCleaner, etc.. Seems to help in a lot of cases.

yep, i ALWAYS use Revo Uninstaller for security software.

-{ Quote: "yep, i ALWAYS use Revo Uninstaller for security software." }-
Why use Revo Uninstaller when you have Rollback? Seems pointless to me...

-{ Quote: "Why use Revo Uninstaller when you have Rollback? Seems pointless to me..." }-

I've not used Rollback but doesn't it revert the whole system to a prior state? If so he might well not want to lose a couple of weeks of updates,etc just to go back to before that first beta.

*Update*Just read up on the site and it would be able to just reverse the CIS beta by the look of it,so shut up me.

-{ Quote: "Why use Revo Uninstaller when you have Rollback? Seems pointless to me..." }-

as andy said, i ALWAYS make a backup image with Rollback Rx before installing any security software just incase there are MAJOR issues, if im just uninstalling but the program worked fine, someitmes i use REVO Uninstaller, OR my rollback, it all depends. but REVO uninstaller does work really well on the cleanup.

-{ Quote: "just downloaded today its 3.8.61948.459 and this is what i see all the time from tc" }-

The ThreatCast DB is being rebuilt and when CIS v3.8 goes final the numbers will increase too. ThreatCast & The beta has been only out for 2 weeks so it will take time...

Cheers,
Josh