CIS v5 vs CIS v6 against pack of malware

Since the forum is divided between pro v5 users and pro v6 users, it will be interesting to test both version against the same pack of malwares in default mode.

i know that the dissension is mostly about the UI, usability and resource usage, but why not.

if someone want to do it? ;D

I edited topic title to better reflect the subject

I don’t really see the point, V6 probaby has a better default mode and perhaps security overall but that is not what I’ve seen the arguments are about for V5, many (not all) who go back to V5 do this becuase the GUI in V6 is horrible (in their and my oppinion) also because V6 has more of a performance hit on some systems, at least if you read some posts.

Then there are also a lot of people who configure CIS to their liking (like me) and then the comparison becomes invalid instantly.

But sure, for the fun of it maybe? Though I’m not doing any such things until I get a system I can test on.

with the late flaws discovered on v6, i think this “test” could be interesting.

Which flaws are these? I thought the only significant vulnerabilities found in V6 were related to the FV sandbox. Were you looking for a comparison between the two FV sandboxes? If so, I’m not even sure how to adequately test V5’s. I think you may need to manually add each one to be FV sandboxed by path, but I’m not sure. I never even used it in V5.

by “flaws”, i also meant malwares bypassing the BB/HIPS/FW/FV (we have a lot of threads about it made by a256886572008).

i just want to see if the old version is strong enough versus recent malwares and how the v6 behave against them.

Which setting are you looking at being compared between the two? I ask because I know the default settings have been improved for V6, but I believe (but could be wrong) that untrusted should at least provide the same protection. Either way, I believe it would be very difficult to find malware which can bypass the higher levels of the sandbox.

I would be willing to do the test of both CIS5 & 6 :slight_smile: but Im in need of a fresh pack of malware.

I did a test of CIS 6 On default settings :slight_smile:


  1. “Direct Disk Access” protection can block the malware for reading certain areas.
    For example, the root of the disk, the root of %windir%, the root of %program files%,…,etc.

  2. “Partially limited” can block keylogger and screenlogger.

  3. no HIPS alert windows for BB
    For example, install global hooks,…,etc.

  4. The malware can be terminated from the alert windows.

on, malware hub section, you will find what you need. :wink:

Which setting are you looking at being compared between the two? I ask because I know the default settings have been improved for V6

proactive mode, Untrusted. It will be fair with V5.

Do you want me to use default settings or any specific changes to V5 or V6?

All Firewall requests will be allowed and the sandbox in V5 will be disabled if I use default settings.

Also in V6 HIPS is disabled in V5 it is enabled
also V6 allows all firewall requests if using default settings

So any changes you want me to make?

I would like to see V5 v/s V6 with default Internet Security Config with default settings. This is Comodo’s default & recommended settings for most of the users. And if I have time I will test this comparison myself & post the results here.

People would also like to see tests with increased or custom security settings.

If you have time plzz test with both default & custom settings the users here would like to test.

I have zero faith in v6.

Do you mean in terms of the protection? If so can you please explain why?

I think he was just here to vent his frustration. It looks like Elvis may have left the building: