Comodo Internet Security 6.xx Thread

It doesn't ask to save files like SB but rather has a shared folder to transverse. It creates the file location/shortcuts for you, but you can choose your own. You could easily do this in SB though, too.

It's pretty cool. It has a context to send to sandbox option. And now allows you to add a targethandler to launch directly to sandboxed apps. So now you can easily lauch virt and nonvirt versions which was a pain in <6.0

The command style:

"C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" -v "C:\foo\bar.exe"

It adds a "reset sandbox" button that must been done manually to erase things. Sandboxie advantage. The Virt is isolated to one hidden file, VTROOT, which makes 3rd party cleanup easy.

One caveat, really, IMO, versus SBie. The mouse/polling is different within the sandbox. Not quite as smooth.

I'd say Comodo is slightly faster. Slight stutter when opening either.

 

With all due respect to all the posters here but is this really the right forum to be posting about comodo bugs?
I feel it would be far more practical and sensible to be discussing the new beta at the comodo forum.

 

I tested Comodo Internet Security Beta 6 Default Settings with 70 zeroday malware.


In previous versions with autosandbox & elevated privilege rights, there were popups i.e anything autosandboxed, sometimes there were popups like COM, Protected things, etc & the same with elevated rights popup, when you hit sandbox on elevated rights privilege popup, sometimes there were additional popups.

The best part is, in my test there were no popups at all i.e anything autosandboxed then there were no COM, Protected things, etc popups at all & the same with elevated privilege rights popup, when I hit sandbox on elevated privilege rights popup, there were no additional popups at all.

It seems they have improved autosandbox & eliminated popups. I have asked this in Comodo forum to verify the popups are eliminated in this version. And I am also going to PM a Dev to verify this.

I did a little usability test too.

Every program autosandboxed run fine.

And programs for which I got elevated privilege rights popup, I hit sandbox & installed fine. 1-2 program gave error & I simply run the installer again & this time hit allow instead of sandbox & installed fine.

I find this version easy & comfortable for majority of users, especially popups eliminated.


I also tested auto full virtualization with 70 zeroday malware.

After restart, no malware, no malware changes & clean system.

 

nice good testing thank you

 

Interesting test here.
http://youtu.be/0SAO1sYiAl0
Is there any particular reason why a malicious keylogger would be in the trusted vendors list?
Can any of the "trusted" vendors actually be trusted
Its a perfectly valid question and deserves a proper answer.

I do hope the rumours i have heard about comodo are untrue in regard to signed malware etc.SSl certificates being distributed to malware authors.
Can somebody give a clear explanation to this please.

 

It's my understanding that it was a commercial keylogger not malware.Of course there's a debate as to whether or not such stuff should be flagged up anyway

 

Anyone else having issues with the sigs not automatically updating?

Actually it is working, but it doesn't seem to update when it should. For instance, if my PC is off for 10 hours, it should update as soon as I turn the PC on, not an hour later.

 

Commercial though not much info on their pedigree.Seems expensive though apparently lifetime updates.....
-http://www.spy-key-logger.com/order.html-

 

No problems whatsoever. The only bug (not really) is the program updates that don't update because there is no official release to compare it with, but it is working (The system cannot find the file specified). I have spoken to Comodo about this, and when we have an official release, it will update normally, or so it should i no bugs are found during the update. But removing the Beta and installing the final release is the suggested procedure.

 

I like this CIS 6 so far, but I am disappointed to see this as a trusted vendor.

 

Your link is an infected website.It is a malicious program.

 

Ok, could just be me. I have updates set for every hour, and often when I look at the GUI, it says 4 hours, 6 hours, etc... Maybe they changed it so that it only shows when signatures actually update, rather than every time it check, whether there are new sigs or not. (like in the past versions)

 

Makes you wonder how many other "nasties" are trusted.

 

I don't think so. I can safely go to the site.

 

I do think so.The WOT has given it a red.plus there are at least a dozen comments on the card about its a malicious domain.

 

WOT= peoples opinions, not necessarily reality.

 

Hmm well i beg to differ on this and over a dozen people cannot be wrong plus its been blacklisted by malware domains .com.
Also virustotal is detecting it as malware so are you telling me all those people are wrong

 

Maybe they are flagging the exe as malware, but the site itself is ok to go to without being infected. It is not an "infected website".

 

Wot is just a guide like others.I dont use any of them .

 

the majority of avs/malware detectors label it as PUP or a spy keylogger (which is exactly what it is) .. not nessacarily malware.

 

Norton DNS blocked the site.

 

No.on virustotal it is being flagged as a trojan.not PUP or anything like that and it is quite a few engines detecting it.

 

Only goes to show how inadequate site ratings are and is dependent on what your favourite site ranker is,Intrestingly enough at virus total comodo flags it as unclassified malware ,so i guess version 5 detects it as malware whereas version 6 has the trust certificate?

 

Your quite free to believe its a trojan if you wish.I believe it isnt anything more than a keylogger.Dont forget that many of these engines classify harmless keygens as trojans too.