When will COMODO Internet Security have GAME MODE FEATURE?

[Guest]

[John Buchanan]

The AV will not stop everything (it relies on already knowing about a threat).  Defense+ does not require any such preknowledge to deal with threats.

If you wish a silent mode, turn off the alert notifications (this defaults to deny everything).

The best solution is to place the firewall and D+ in training mode prior to running the game the first time.  Any subsequent gaming (with that game) will not require any action on your part.

[J2897]

As I said, the process should be automatic. When a full screen program is running, CIS would automatically go to gaming/silent/whatever mode.

Then it would change Modes almost every time I visit YouTube.

This is why we have antivirus. Of course in gaming/silent/younameit mode there might be some kind of heuristic D+ still running and if it detects a suspicious behaviour, it would deny those suspicious actions or kill the process.

Defense+ doesn't use Heuristics (unless CAV is Installed). It doesn't need them. It works a bit like this...
(This is the simplest way I can describe it, sorry if it doesn't make much sense.)

Default Allow

This Door Man works for the 'Heuristics' Night Club.

Imagine a Night Club Bouncer (Door Man) standing outside a Club, looking at the Behaviour of people queing up outside. He's deciding which ones might not be safe to let in, and telling them to leave if he feels its nessesary.

Notice that he's looking at the Guy (Winamp) at the back, when he really should be Stopping the Nurse (Rogue Anti-Virus) on the left.

Default Deny™

This Door Man works for the 'DEFENSE+' Night Club.

Imagine a Night Club Bouncer (Door Man) standing in the door-way of a Club. As people try to come through the door-way, he looks at his clipboard and checks to see if each person is on the list. Those on the white-list get through, those on the black-list do not. Those not on either list are 'Stopped' (Default Deny), and reported to the Manager of the Club (You)...

Obviously there's no use for pop ups anyways "behind" the full screen program anyway.

... You don't have to respond to the Bouncer (you can safely ignore the Alert/Pop-up "behind" the full screen program) when he reports that person (program) to you. Your Door Man has taken care of the Security automatically. He won't let that person in the Club if you do not respond to his Alert (Pop-up). Your Night Club (PC) is still Safe.

Yes, the person (program) might be a little distressed about being temporarily quarantined like that, but who cares? Your Club (PC) is SAFE!


Note:
It is actually a bit more complicated than that, as the Defense+ Bouncer also has a list of Rules for what each person (program) on the white-list is allowed to do during their time at the Club (PC), but that's another story...

[OmeletGuy]

That is the best simple discription of D+ i have ever heard.


Maybe there could be a way to set CIS to tranning mode only for The games exe's and have CIS track a commands from the game the second time the game is launched it goes to safemode.

[Kyle]

I don't know what the fuss is about  You only have to do is once and that's it 

[Dch48]

The only thing it should do is be like the light silent mode of Norton. When you go full screen, Norton senses it and stops all updating and anything that might be scheduled. It continues monitoring everything though.

I play World of Warcraft every night and I never seem to have a problem with anything from CIS running. In fact,every time I exit the game, I get the balloon that the virus database is being updated. It's like CIS already suspends things when you go full screen. Is it possible that this is already a part of the program?

[panic]

The only thing it should do is be like the light silent mode of Norton. When you go full screen, Norton senses it and stops all updating and anything that might be scheduled. It continues monitoring everything though.

I play World of Warcraft every night and I never seem to have a problem with anything from CIS running. In fact,every time I exit the game, I get the balloon that the virus database is being updated. It's like CIS already suspends things when you go full screen. Is it possible that this is already a part of the program?

It's more likely that WOW is whitelisted.

Ewen :-)

[Kyle]

It's more likely that WOW is whitelisted.

Ewen :-)

Nope wow isn't whitelisted I can confirm that 

[Dch48]

... You don't have to respond to the Bouncer (you can safely ignore the Alert/Pop-up "behind" the full screen program) when he reports that person (program) to you. Your Door Man has taken care of the security automatically. He won't let that person in the Club if you do not respond to his Alert (Pop-up). Your Night Club (PC) is still Safe.

If this happens in a full screen game and the thing being auto-blocked is an update or other neccessary element, the game might freeze or lock up completely with the only way out being a hard reset of the machine via the power button. I have had this very thing happen more than once while receiving a game patch or update.  A popup will be there asking for action but you can't see it because you're in full screen. Then the action will be blocked and the updater will shut down. There should be something implemented that prevents this from happening. It happened to me with the latest WoW patch even though I was in installation mode.

[EricJH]

I just bookmarked the D+ bouncer analogy..

[J2897]

If this happens in a full screen game and the thing being auto-blocked is an update or other neccessary element, the game might freeze or lock up completely.

Could you not tell the DEFENSE+ Bouncer to treat WoW as a 'Trusted Application' on his 'white-list'? I don't play WoW, but as long as it doesn't do crazy things just to install the Patch, that may solve the problem.

It happened to me with the latest WoW patch even though I was in installation mode.

If you were going into Full Screen and Downloading & Installing a Patch through the Game, you should have been in 'Training Mode', not 'Installation Mode'.

I would Install the Patches while the Game isn't running if I were you, in 'Installation Mode'. That's what I do with my Games anyway.

[Endymion]

Although it would be more reasonable to manually safelist games before they are launched (Drag& drop support would help too),

it is possible to define a trusted path where to install games (eg %ProgramFiles%\Games\*) and provide a default policy to allow Firewall and Defense+ actions.

Defense+ Tasks > Common Tasks >My Protected Files > Groups... button


Games Mode group defined as %ProgramFiles%\Games\*

Firewall Tasks > Common Tasks > Define a New Trusted Application

Games mode defined as trusted

Defense+ Tasks > Advanced >Computer Security Policy

Games mode defined as Windows system application

PS: Parental control friendly, one-time configuration.

[adioz86]

The gaming should be in the "Treat As" list, where Windows System App, Trusted App, and so on are. So if D+ shows an alert, you can treat this application as game.
I think that's easy, and not so dangerous then putting CIS to Training Mode, where every app can do what it want, and not only the game.
I don't know how often i mentioned it here in forum, but I don't think that a Training Mode is any kind that should D+ have, cause Clean Mode is much better, and it's SAFE.
What kind of D+ setting is it, to learn everything. Cause that means, learning every bad action(also of malware), too. Don't think that this is the sense of an Security App.
The Game Mode rule also should learn the specific action, and not only wildcards, which can't really be edited, cause then you will nearly block everything again, and the game crashes.
And treat an game as an windows System app would give it so much rights, that aren't needed for a game.

[Dch48]

If you were going into Full Screen and Downloading & Installing a Patch through the Game, you should have been in 'Training Mode', not 'Installation Mode'.

I would Install the Patches while the Game isn't running if I were you, in 'Installation Mode'. That's what I do with my Games anyway.

I told CIS to treat the downloader as an installer or updater, which it is, and still encountered the problem. Wow patches come in two parts. First you get the downloader which downloads the patch through the bit torrent protocol as an exe. Then the .exe file patches the game. The process terminated twice and when I checked the logs it said that the downloader had been blocked even though I had told CIS to treat it as an updater.  I told CIS in the first popup to treat the downloader as an installer/updater but when the second popup about connecting to the internet came up, CIS blocked it before I even had a chance to choose what action to take. The popup closed in a few seconds and so did the update process.

To get the patches, you have to start the game in the normal way and it senses when updates are present. Users  always put the patch files on mirror sites but usually that takes hours or days after the patch goes live.

[Kyle]

The gaming should be in the "Treat As" list, where Windows System App, Trusted App, and so on are. So if D+ shows an alert, you can treat this application as game.
I think that's easy, and not so dangerous then putting CIS to Training Mode, where every app can do what it want, and not only the game.

.
[/quote]

Treat As "Trusted Application" would give you the permissions your looking for..

[Dch48]

I added Blizzard Entertainment to my trusted software vendors. That might keep the problem from recurring with the next patch. I'm really surprised it wasn't already whitelisted seeing how it's the most popular game around.

[Tags:]