CIS 6.2.xxxx Releases!

Re: CIS 6.2.282872.2847 Released!

So do you have infections with CIS in default settings?

 

Re: CIS 6.2.282872.2847 Released!

Well you know living in a country like India there are people who will click allow or disable their AV to get crap in despite the fact they were warned earlier

I most install avast and CIS on alternate machines.

CIS- 3 times cases of infection in past 3 months because of people either clicking allow or either disabling CIS in some way.I did find some clients having junky greyware/adware being installed with default CIS set up,this is fail though not where I will consider it trash CIS because it doesnt have a real malware or too many fails.

Avast- 2/3 Cases of infections where people disabled it for some stupid software installation in past 4 months I had to dig it out from the clients about what actually happened while the infection took place initially it looked like a detection fail but later I came to know it was their kids or their wifes playing nuts.No apparent infections because of Avast failing to detect something,I had more fails past year and this year it has improved!! To me,I even came across sandboxing stuff too after checking avast logs and guess what I have seen almost every sandbox situation where there is a option to close or continue execution,I dont know what the deal was,99% where I saw these logs I noticed my clients clicked close on almost every such question asked to them.

 

Re: CIS 6.2.282872.2847 Released!

I know but the default i.e the popup is not hard to reply too, it clearly recommend to isolate.

And from my experience if you follow the recommendation the defaults are very effective for majority with very little to no probs with the kind of softwares they use.

On my family system I have yet to see anything autosandboxed. Any software they used were either in the TVL or cloud whitelist.

On my system any popup I get I follow the default action & yet to see any prob with any program.

In my opinion CIS default is very effective & easy for majority if they just follow the default action. Experts & type of softwares they use, well they are experts & can manage things.

 

Re: CIS 6.2.282872.2847 Released!

I dont understand why are you stuck with 1 thing about your family friends etc

This isnt what I call real life,it happens when people do risky browsing even after being earned and hit allow on something when CIS is set up and installed on defaults and a user is a blind guy and doesnt bother to change much of CIS.

CIS is indeed easy to use for majority but isnt 100% like any other securit suite.

 

Re: CIS 6.2.282872.2847 Released!

I manage 7 systems (relatives system) with CIS defaults & yet to see any infection or prob. I just asked them to reply any popup with default action.

I installed CIS 6 on their system within a week it was released as I found it easy enough for average users. I never installed or recommended any previous versions of CIS to average users as I found them not easy with all those COM, Protected, etc... popups.

 

Re: CIS 6.2.282872.2847 Released!

Excuse me but v5 pop ups where more informative with the additional info to read in front of your face unlike in v6 where you have to click the arrow to see more info.

Rather telling a person to only click default action button also doesnt count as real life usage as a normal user who installed CIS by himself doesnt know about CIS pop ups.

 

Re: CIS 6.2.282872.2847 Released!

Removed due to double post

 

Re: CIS 6.2.282872.2847 Released!

That was just a reference & personal experience. But yes looking at my posts I realize repeated couple of times.

If the users atleast follow the product recommendation then I think defaults are fine for majority, thats my opinion.

 

Re: CIS 6.2.282872.2847 Released!

Those information on popup, COM, Protected things, HKLM............ etc... were useless for majority coz they dont understand those things. Those are for experts. The current minimal popup with default action is fine for majority, thats my opinion.

 

Re: CIS 6.2.282872.2847 Released!

Ellison- I suggest Q360 with Comodo Firewall. There is no need to add the AV component (as in CIS); you will get the benefit of Comodo Cloud on file run anyway with the Firewall installation.

Regarding whether or not to shut off Q360's Proactive defense, I've found that the only difference it makes is that with it on you get Q's popup alerts. With it off you won't. Otherwise no difference in system protection. But the only thing that I would stress is change the sandbox level to anything above the default Partially Limited (go with either Untrusted, or if you are a True Geek, Full V). This will give added protection in a Worst Case scenario without any changes in popups or system impact.

 

Re: CIS 6.2.282872.2847 Released!

Thanks a lot for sharing your experience. So the weak point of CIS is the user's decision. That's why CIS can be recommended only to knowledgeable users.

I guess you are talking about Avast free? I like that Aast is good and can take care of careless users.

 

Re: CIS 6.2.282872.2847 Released!

Thank you for sharing your experience.

Yeah, I like this v.6 popups. They were bewildering me in v.5.

 

Re: CIS 6.2.282872.2847 Released!

For me

CIS - Users may allow - unknown are autosandboxed, only unknown installers gives popup

Avast - Users may allow & Automatic allow - unknown gives autosandbox popup, unknown are automatically allowed

 

Re: CIS 6.2.282872.2847 Released!

It doesn't really have anything to do with CIS. The average user is always the weak link. Average users do best with fully automated security software. Even though that software will occasionally make incorrect decisions (FPs, etc) it will do a far better job at protecting the system than one which requires user interaction.

 

Re: CIS 6.2.282872.2847 Released!

I agree totally. When I was using CIS, I would always put the autosandbox to untrusted. I can remember a few folks on the forum would tell me that untrusted was too much. Partial limited was more than enough to stop every threat. This was before all the ransome ware floating around. After that it was either limited or untrusted.

 

Re: CIS 6.2.282872.2847 Released!

I think there is no known ransomware bypassing "limited", untruated is too much! It won't allow any legitimate software to run. You might as well use Blocked if you really want security, it is even more secured than fully virtualised.

 

Re: CIS 6.2.282872.2847 Released!

Yes, not much is going to get past limited but I have had remnants left. If something is untrusted and running in the sandbox, I don't want it to access much of anything.

 

Re: CIS 6.2.282872.2847 Released!

Thanks..Just wanted to be sure if the proactive defence might conflict with the hips in comodo.Im currently trying comodo firewall with twister av ,as i had a licence for it from last version (2005 i think?).Im not getting any cpu spikes like some are getting,and find twister more to my liking than qihoo.Gotta be honest though ,im liking comodos firewall and its suite.One question with comodo though.Sometimes its av doesnt detect a malicious file and its firewall categorises it as unregonized file and sandboxes it.However 9 times out of ten if i then upload the file to valkyrie ,it usually gets detected correctly as malware.So im wondering why CIS and the firewall doesnt have an inbuilt gui option to auto upload to valkyrie ? rather than have to visit the site?

 

Re: CIS 6.2.282872.2847 Released!

As for compatibility of Qihoo with CIS - I used them for a few days on 2 PC - win 7 x32/64. Full CIS (HIPS in safe/paranoid, AV enabled) and Qihoo (all its settings to max) was OK on both PC.

 

I hadent tried to submit any files yet but just tried and can confirm i get same error on trying to upload,

 

known issue. Thanks anyways.

 

Re: CIS 6.2.282872.2847 Released!

oh please! not another Mellih technique rant We know what happens when malware gets whitelisted by CIS dont we LOL

Rather you have got that absolutely wrong as a difference between avast and CIS.

Avast- Real World- sigs,evo-gen,filerep consituting of a good amount of automated technologies with some user dependency.Then where it comes to sandboxing it depends on dyna rules and it is NOT automatic Allow.It asks the user,now in my cases majority dumb users click close just because it looks more obvious like a button to click on.If not in sigs then filerep then evo-gen then sandbox.So if not in blacklist,then filerep question or autosandbox or the URL blocker gets it and we know what's coming along for avast this summer and further next year is gonna change things in time to come.Unless you are a dumb idiot and add something to avast exclusions you are calling for trouble or if you accidently click on continue exection thinking the file is legit and its not then you are in trouble,in my experience this is rare as to majority of the users they click close as a obvious button.

CIS-Real World- If not in AV and whitelist then sandbox,if in whitelist then allow and what will happen if the user is lucky to bang on a custom made malware and it bypasses CIS of course such cases are very rare but can happen.. and what if malware gets accidently added to CIS whitelist by cloud,then complete destruction and then what when CIS sandbox pop up appears with the info hidden in that arrow button and the dumb dangerous user click allow.LOL! Not saying CIS isnt good,its solid IMHO but when it comes to bypasses when it has cases where things can go wrong.Default Deny may be good but NOT 100% and in this case there are too many vulnerabilities of bypasses which may not be present in real world usage but cant say.

 

So, gentlemen. How good is the comodo av exactly? On a abcd scale (a. Being avast grade.and d being say clamwin) where.would you place it? Oh and i dont mean this question to.be a v.b

 

IMO 2nd tier or B.

Also, I believe if you are using CIS, may as well use their AV. The complete package protects well, and I'm not sure you gain much by using another AV instead.