COMODO Internet Security 5.x Thread

Discussion in 'other anti-malware software' started by Mops21, Jul 4, 2011.

Thread Status:
Not open for further replies.
  1. Hungry Man
    Offline

    Hungry Man Registered Member

    I rarely install programs anymore.
  2. clocks
    Offline

    clocks Registered Member

    I understand that. I am just surprised after all this time that these programs still cause popups. Comodos whitelisting simply does not work.
  3. Hungry Man
    Offline

    Hungry Man Registered Member

    A single popup is not a big deal in my opinion.

    edit: And whitelisting the way they do it is not super efficient. I mean, Mamutu manages an excellent whitelist because they have community input. Comodo does not do this.
  4. allexif
    Offline

    allexif Registered Member

    I tryed almost all other known good antiviruses, internet securities, now I installed CIS latest version 5.5.x. Untill now it managed very well, I can say excelent, so excelent that I can't explain mysefl why all the tests prove that is so weak in comparation to other security suite, how do they test Comodo? Why are the tests so pooro_O?
  5. J_L
    Offline

    J_L Registered Member

    @clocks: Have you looked at their huge trusted vendors list? Stable works almost too well for me.

    @allexif: That`s because they test the AV only. AV-T worries too much about aesthetics and usability issues.
  6. cruelsister
    Offline

    cruelsister Registered Member

    Allex- JL is certainly correct in that many judge CIS based on their AV (which isn't the strongest by a long shot). But also note that the testing labs (and even U-tube testers) will only set a given product at the default settings. To make CIS much stronger you should set the Configuration to Proactive Security, Firewall to Custom Policy, and under Execution Control settings (in Defense Plus) set "Treat Unrecognized Files" to Limited.

    These tweaks will prevent harmful effects from any malware you may come across and will also prevent Malware running in the Sandbox from getting out to the Internet.
  7. clocks
    Offline

    clocks Registered Member

    That list doesn't mean much to me, because often programs by companies on that list still cause popups.
  8. Hungry Man
    Offline

    Hungry Man Registered Member

    Whitelisting is difficult. There are ridiculous amounts of applications. However I've seen more whitelist updates in the last 3 days than in the last month.
  9. allexif
    Offline

    allexif Registered Member

    Thank you J_L and Cruelsister :), keeping comodo then, until I get infected :p

    Edit: But PCWORLD, PCMAG, etc, are testing the entire Internet Security right?
    Last edited: Aug 2, 2011
  10. cruelsister
    Offline

    cruelsister Registered Member

    Yes they are, but at stock settings which really shouldn't be used. Aside from the above 2 tweaks, it is really a very good idea to uncheck (under D+- Sandbox Settings) the box "Automatically Detect Installers and Run Outside the Sandbox".

    But back to your question, when CIS is tested there are many true zero day items that the AV (and Cloud) won't detect. These items will be sandboxed and with the settings that I've suggested will remain in the sandbox totally inert (even on a reboot) until either the AV defs or Cloud catch and delete it. Also from today I came across 2 files that, when downloaded and run, will trigger the Red waning that "this file wants unlimited access to your computer!". If you block it (so it can't ever run) it will stay in the downloads folder.

    In both of the above cases CIS will leave files that have been rendered harmless on your machine (although they'll be picked up when the AV defs catch up with zero day stuff). AV tests, according to their procedure MUST consider this a fail. That is the type of FAIL that CIS gets.

    Now lets that the case of the latest Ransonware. Although Comodo's Cloud detected new all variants this morning, when this malware first showed up a few days ago CIS dealt with it as in the second case I presented above (D+ will alert, and on either Block or Sandbox it will be rendered useless but still left in the Download directory). On all of the other Majors that we tested the Ransomware ran and rendered the computer unusable.

    So CIS indeed failed a test because it left a useless file behind. The others failed because they let the computer they were protecting be trashed.

    Which one would you prefer to use?
  11. jasonbourne
    Offline

    jasonbourne Registered Member

    Been a user of CIS for quite sometime now and yeah I tend to agree there. Sadly the poor performance of the AV has been the issue but D+ with the firewall is superb. Of course not all programs are perfect and the user-preference depending on his/her liking or style will always be king but still a very good program there.
  12. cruelsister
    Offline

    cruelsister Registered Member

    I used to totally obsess over most AM solutions vs keyloggers; normally unless you have a secondary solution like Zemana, DW, or Spyshelter it wasn't going to be detected.

    I pretty much thought the same way about CIS vs Keyloggers until I found a few true Zero-day items. In these cases either D+ didn't allow the hook, didn't allow the driver install, or most importantly didn't allow the loggers to transmit out.
  13. luciddream
    Offline

    luciddream Registered Member

    It works fine for me. In fact it worked too good, and I unchecked "trust files from trusted vendors" and also deleted the "vendor.n" file. I like to decide on my own what to trust or not to trust.

    Since at this point I've set a rule for just about everything on my PC, and run a pretty static setup, I never get popups. I only really got them the first week or so. Since then it's been quiet. I think the whole thing is vastly exaggerated.
  14. Hungry Man
    Offline

    Hungry Man Registered Member

    Comodo's loud like UAC is loud. It'll pop up once in a while but once you're done setting the computer up/ installing your program you'll never hear it again.
  15. cruelsister
    Offline

    cruelsister Registered Member

    After playing with the beta on a VM I decided to install it on my main computer. Did anyone else notice that bootup is much faster?

    Also, except when non-Microsoft software is installed or when I'm testing it against malware I really don't remember CIS giving me any popups.
  16. clocks
    Offline

    clocks Registered Member

    Number of popups from CIS vs the number of pup-ups from most any other AV = huge difference.
  17. cruelsister
    Offline

    cruelsister Registered Member

    Could it be "Number of Malware blocked by CIS vs Number of Malware blocked by most other AV = huge difference"?

    Seriously, except when installing something (and I certainly demand popups for that). I get no alerts whatsover.
  18. ichito
    Online

    ichito Registered Member

    On the Polish forum Safegroup our colleague Morphiusz leads a campaign of collecting an applications to whitelist and than sends it along to the Comodo.
    Maybe you could participate in the campaign?
    http://forum.safegroup.pl/programy-ktorych-comodo-nie-ma-na-bialej-liscie-t4402.html
  19. cruelsister
    Offline

    cruelsister Registered Member

    Świetny pomysł! Dziękuję.
  20. clocks
    Offline

    clocks Registered Member


    CIS does a solid job, but there are a handful of others that do just as well or better without all the noise.
  21. blacknight
    Offline

    blacknight Registered Member

    Difficult to believe. It depends from you mean what an HIPS is and what it has to do. If for you an HIPS must decide for himself what should allow and what deny, may be autosandboxing in the doubtful cases, sorry but it isn't really an HIPS. " Noise " is the real power and aim of the HIPSs.
  22. clocks
    Offline

    clocks Registered Member

    Ok, whatever floats your boat.
  23. NSG001
    Offline

    NSG001 Registered Member

    Anyone know of any showstoppers preventing this beta from being unleashed ?
  24. cruelsister
    Offline

    cruelsister Registered Member

    Not yet for me. Exported the Proactive configuration file from the old version, uninstalled it. Installed the Beta and imported the cfgx file. Smooth as silk. The system is without a doubt more responsive upon bootup, but other than that everything is fine.
  25. NSG001
    Offline

    NSG001 Registered Member

    Yeah like wise, running exceedingly good for a beta.
    Hoping for a release soon now en route to Version 6 :)
Thread Status:
Not open for further replies.