Comodo 3.0.19.318

I have the 4 checkboxes checked (D+ mode). In Anti-Leak mode only Physical Memory is checked.

 

I am paranoid I don´t like if something checks for updates without my permission even if it is comodo.
So the problem remains, no possibility to access Icon and GUI of Comodo, protection seems to work but I can´t modify anything.

 

I never said auto update. I said updater. Have you tried uninstalling using Revo Uninstaller in advanced mode. When Comodo says reboot, don't and delete all registry and program entires. Then reboot and install Comodo.

 

yes works well. Now latest 3.0.19 works with GUI. Everythink okay and to prevent auto update GSS works fine too.

 

Or you could turn auto-update off in the settings .

 

Your welcome. I always use Revo. You can turn off auto update under miscellaneous.

 

No wonder I'm sticking with Sygate, Comodo=probs, probs, probs....

 

More Comodo bugs. Processguard is installed here.
Upon opening the CFP3 installer, a warning popped up that CFP3 had
detected Processguard, and to use the workaround, and install only
the firewall. So that's what I did. I checked off the firewall only
box (bottom one, which also recommended the Leak protection).

CFP3 then proceeded to fully install the whole works, including D+.

Prior to the CFP3 install, I uninstalled my existing FW and set
PG into Learning Mode. PG does not live well with any other HIPS.

Fortunately, I can restore an image, so I don't have a mess to deal with.

 

I have uninstalled Comodo. It ran all right, but I just like the look and feel of Online Armor better, and will wait until Mike gets things straightened out with the Explorer exe. situation. I had to delete the Repository Folder to remove Comodo from Windows Security Center, and delete a few Legacy Reg entries and folders, but uninstall went fine. I like the idea behind Comodo, but I guess OA spoiled me.

 

No wonder, process guard has some strange behavior, last time I uninstalled it, it showed a kind of one sided additive pyramid of strings in its service:

"DisplayName"="procguard"
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-.]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-./]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-./0]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-./01]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-./012]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-./0123]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-./0123$]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\procguard\$%&'()*+,-./0123$%]
...until two or three rows were filled with ....0123$%&.... be aware

 

Hey SystemJunkie. No need for process guard when you have D+ set to "Clean PC Mode".

 

I agree, it is a little redundant. I did have PG on (Full version) but that was when Comodo didn't have D+.

 

I have been studying and reading more and more about pc security. Layered approach is all wrong. Avira forums are very helpful. Running Comodo 3.0 with D+ active in "clean pc mode" and Avira Premium keeps me very safe. Avira always comes out in the top 3 of most av tests. Scanning once a week with SAS and Spybot is also a good idea. I have tested Comodo against alot of different attacks and it always does a good job.

 

"Clean PC Mode" is not the recomended setting after every application on your PC is learnt. After a few days D+ should be set to "Paranoid Mode" otherwise everything is learned, also malware.

 

I guess your not a Comodo user. Training mode will allow all programs. Clean PC Mode is the default value. In Clean PC mode your computer is considered clean and everything in is also. After all programs are learned ANYTHING new gives you a pop up alert and ends up in pending files. Only if your pc is clean do you use Clean PC Mode. Paranoid mode will give an alert for every single program you launch and most users don't need this. A quote from the help file.

Clean PC Mode: From the time you set the slider to 'Clean PC Mode', Defense+ will learn the activities of the applications currently installed on the computer while all new executables introduced to the system are monitored and controlled. This patent-pending mode of operation is the recommended option on a new computer or one that the user knows to be clean of malware and other threats. From this point onwards Defense+ will alert the user whenever a new, unrecognized application is being installed. In this mode, the files in 'My Pending Files' are excluded from being considered as clean and are monitored and controlled

 

Yes you are right Dieselman, i forgot that "Clean PC mode" asks for permission for every new unrecognized application. The "Paranoid Mode" is for the more classical HIPS approach.

 

But Paranoid mode will give you a zillion D+ alerts. This is why I dont use it or recommend it.

Paranoid Mode: This is the highest security level setting and means that Defense+ will monitor and control all executable files apart from those that you have deemed safe. The firewall will not attempt to learn the behavior of any applications - even those applications on the Comodo safe list. and will only use your configuration settings to filter critical system activity. Similarly, the firewall will not automatically create 'Allow' rules for any executables - although you still have the option to treat an application as 'Trusted' at the Defense+ alert. Choosing this option will generate the most amount of Defense+ alerts and is recommended for advanced users that require complete awareness of activity on their system.

 

Just after install, train it in learning mode( off internet) for a while, run all ur ususall applications once, open different OS settings once, reboot ur PC twice and then put in paranoid mode. It takes a short time and no more pop ups except few, Also u will have a pranoid set of rules as well. U can even make custom rules for critical system applications like svchost.exe, smss.exe etc. I did it without any issues.

 

I have been using the paranoid mode but i notice now that perhaps i could get the same level of protection with the clean pc mode with less popups and less work overall.

 

Yes do that. Firewall is set to "train with safe mode" and D+ is set to " clean pc mode" on both my desktop and laptop.

 

I uninstalled this relict of the past some times ago. I only use D+ paranoid mode. As my nature is

Yes, but did you test it against shark 3 full kernel level unhooking + firewall bypassing? I did not saw a test against latest version of Comodo, but I can tell you that Comodo Pro 3 (3.0.16 or 3.0.17) stayed quiet and was fully bypassed. As long as it comes not against the real evil guys it does definitely a good job.

Important: Always watch out for a long delay in Comodo without any special reason,
this is a sign that CFP was bypassed in action.

and Remember: CFP is still the best firewall protection we have.

 

Oh I am sorry. Hopefully Comodo is running great for you now. Hey I was talking to Melih and he sent me a link for a security test site to join. Check it out.

http://www.testmypcsecurity.com/

 

Comodo works with ease. I will check your link, thanks. Beside I already know about 70-80% of these tools.
But think about: Test tools are no real trojans... up-to-date trojans adapt their skills to the actual security level of latest firewalls to succeed against them. Remember cat and mouse game never ends. Like the snake that bites herself into the tail.

 

does the new GUI make CFP more user friendly/less daunting?
How does it now stack up against ZAPro for ease of use?

 

Comodo can be overwhelming at first but it comes with a great help file system. ZAP cannot touch it and i use to use ZAP. The GUI is well laid out and informative. ZAP cost $40 and lacks HIPS where has Comodo cost. Let me think now...........About $0000.