And then the file is sent to Valkyrie for static and behaviour testing
2 Likes
While the unknown file is contained VirusScope will do the static and behavioral analysis of the file and the report is sent to Valkyrie Static and Dynamic Analysis
Melih, you’re very nice and we owe you a lot. A lot, in fact. So, thank you very much. I really do.
The problem I see is that Comodo is losing customers as a result.
There’s a kind of technical ostracism at Comodo. Repeating over and over that you don’t need a good antivirus base won’t give you a good antivirus base.
You may think like an avangardist engineer at the cutting edge of tech, and that’s true, but I have to convince you that your customers think like henhouse keepers. They don’t want foxes around their hens!
Even if you say they’ll never get in.
One day, a hacker will find a flaw in your system, or Silverlight’s, or whatever, and the hundreds of viruses left on the disk on purpose will wake up.
Bad guys are better off in jail, and computer viruses in quarantine.
People sleep better with that in mind 
1 Like
Every day there’s more bad news about IT security.
You also have to go with the customer’s flow to win them over.
If the customer feels more secure with a more complete antivirus base and more effective real-time scanning, you’ll keep them with that idea longer.
You’re too far ahead of the market.
2 Likes
Ok, thanks for the info 
100% detection does NOT exist…we have 99.8%!
Also how about all the malware/ransomware that we detect and noone else detect… who reports these?
https://threatmap.xcitium.com/
3 Likes
Firstly – very nice what you said.
Second – when will this happen? Question: Suppose there are hundreds of viruses left by malware on a PC. Isn’t there any software that detects them? If I scan my PC with Hitman Pro, AdwCleaner or Malwarebytes and they never detect a virus, are they (the viruses) so well hidden that they can’t be traced - not a single one? Are hackers still not so sophisticated that they can’t find a bug? Like other users, I have been using Comodo for decades - so far nothing has “happened”. Sometimes I feel a bit unsettled by posts like this because I’m not a computer scientist. But then I rely again on my experiences with Comodo.
1 Like
Technically you can have a piece of malware that lay dormant on your PC but 1. it has to get onto your system in the first place and it’ll get detected if it’s in Comodo’s signature base the or at the very least flagged as an untrusted file and 2. as soon as it attempts to do anything or it’s executed in some way it’ll be blocked or contained. It’s like this cmd.exe bypass that’s been flagged up recently. A piece of malware has to get onto he system, saved to the disk, executed and then in turn execute that cmd link/file but it’d be blocked at the execution of the malware itself in the first place and therefore every part of that attack chain would be contained or blocked no matter whether it’s a trusted program or not.
I wouldn’t stress over it, your still protected. Just my 2p.
3 Likes
virussign are my samples at Xcitium Threat Map
Well…
In fact, all this is due to the fact that interventions by moderators to defend the product sometimes do the opposite in fact :
This sentence is counterproductive and scared me! :
“You can have hundreds of pieces of malware on your hard disk without any problem, as long as you don’t run them, of course.”
It’s never good when someone from Comodo writes that with Comodo hundreds of viruses can remain in the PC… (No need to troll to continue with Citizen_K explanations) (To err is human)
Thank goodness you stepped in to restore peace of mind Melih 
Thank you.
There’s something else I’d like to say.
Why, since people have been complaining about CIS not being updated, haven’t you guided them more often to this page, where you can see for yourself the multiple and permanent updates of the product in fact.
From this point of view, there is NO, and I mean NO, doubt that version 2024 will be updated!
https://cdn.download.comodo.com/cis/download/updates/release/cis/inis_8050/release_notes.html
(For those who doubt…)
Thank you EricCryptid
I’ve noticed that since C.O.M.O.D.O_RT has been on vacation, this page has had less access to the beta, and there’s less incentive to report bugs. The conversation revolves more around the product itself than specifically the beta.
I also find it odd that when bugs are reported, there are no really detailed technical questions.
I’ve already taken part in several betas, and this is the first time I’ve been asked no specific technical questions.
I had already asked the question, but I didn’t get any feedback (to my recollection):
Is it not worth it? Do you already know everything via telemetry?
How do you know that C.O.M.O.D.O_RT is on vacation?
C.O.M.O.D.O_RT most likely left the forum and Comodo because he didn’t like the script which he had to follow and he couldn’t provide the feedback CIS users were waiting for.
No problem.
My overall point was that if you install Comodo onto an infected machine in the first place, you should do a full scan. Anything that enters the system or is run/activated after Comodo is installed CIS/CF will protect you from.
Not sure if it’s the case with the current paid version but in order to activate the guarantee, you had to have HIPS enabled and perform a full system scan in order to activate it.
CIS Premium (Free) does a quick scan of common infected areas so if you had active infections, it will pick those up but it would be rather time consuming if you had to wait for a full system scan to be done before the machine was restarted. Personally, I run a Rating Scan after I first install CIS https://help.comodo.com/topic-72-1-766-9116-Run-a-Rating-Scan.html
P.S. People can use whatever product they want, I’m just doing what I can to assist/help and advise on how Comodo works in what free spare time I have.
3 Likes
On permanent vacation… ?
Arrrrgh!
The Pro version does not validate the license, if you don’t do all these things
Since we’re testing the Pro version of Comodo CIS beta…
I’d like to say something about Geekbuddy, which is normally part of it.
Is user authorization required before a Comodo technician can take over a PC?
On a forum, there’s a testimonial from someone who complained that, all of a sudden, while he was working on his PC, the mouse started moving by itself.
It was someone from Comodo who had taken over his PC without warning him or asking him first (probably following his call to support).
Is this possible?
Is there some kind of security, as with Teamviewer (for example), when intervention is authorized, or can the Geekbuddy guys intervene without authorization whenever they want?
I’m not talking about the internal procedures normally followed by staff. Nor am I talking about appointments or prior consent.
I’m talking about a technical lock with double authorization = one for Comodo and one for the customer. (If the customer doesn’t give a code, the technician can never reach his PC).
Because if that’s not the case, it’s time to ask for a change : 
If you have any images to argue that others would like to see when reading this later, thank you very much!
1 Like
I would agree with this and add that you should run the “Kill Switch” and literally kill any “unknown processes” as well
2 Likes
heu… I have installed in the past the browser Midori… Which I also use under Linux… it seems to me that it has declared it as unknown…
What to do in such cases… Is it up to me or Comodo CIS?
I installed it, I don’t want to kill it.
I’d prefer it if it could tell me whether to kill him or not …
I can’t keep going through the tasks to stop certain elements… It would be nice if something could be changed with this archaic process with version 2024.
With artificial intelligence?
Agreed. Killswitch is really useful and something I install within CIS every time. There’s a lot of useful tools within it that I really should explore more and it’s great for identifying and killing off unknown processes, as you say
2 Likes