BSOD on startup caused by Early Launch AntiMalware->Boot-Start Driver Initialization Policy.
With the GPO set to Good and unkown no problems.
Hello Team,
Been testing and using the latest beta. Everything looks okay but here are few things that should and must be fixed in the final release.
There was some active malware/threat in the system which wasnât detected or removed by realtime protection, had to run a full scan to detect and remove it which doesnât looks good because realtime protection should be capable and sufficient enough to catch and remove any active malwares/virures from the system.
Secondly secure shopping feature is failing installations despite multiple attempts.
So please kindly get this issues fixed.
Please check attached screenshot for reference.
Comodo issues.pdf (151.4 KB)
Hi Nanto01 !
Itâs better to put an image in the message please, rather than an attached PDF. Thanks
Wow! Super fast!
Thanks
Downloads folderâŚ
I think you need an answer from the âsecurity staffâ, not from a participant like me, nor from the moderators.
You have to wait for an answer from the current staff.
This will make it more real and increase confidence.
Or a reply from Comodo_RT back from vacationâŚ
Ilgaz ?
Ok the main problem here is that if there is some active malware/viruses/threats running on the system & it is not properly detected & removed by realtime protection which should be then that malware/virus will already cause some kinda damages to the system or any system files. So this looks like quite a serious issue and needs to be addressed ASAP.
Do you have the possibility of scanning this disk from another PC or another Windows and with the official version of Comodo (not beta) or another Antivirus as reputable as Comodo?
Maybe you can get the Geekbuddy guy to do it?
(Mind you, Iâm not telling you what to doâŚ)
I think itâs a big problem. Maybe the development team (and only them) (No lower levels) would be happy to take over your PC remotely to figure out whatâs going on?
Hope you got my point it is already mentioned : There was some active malware/threat in the system which wasnât detected or removed by realtime protection, had to run a full scan to detect and remove it which doesnât looks good because realtime protection should be capable and sufficient enough to catch and remove any active malwares/virures from the system.
So the realtime threat/malware detection & protection & removal components needs to be improved a lot and made lot more pro-active in terms of detecting & removing threats & malwares in realtime.
Yes, yes⌠alas, I understand very wellâŚ
Especially since I had the same problem
Did you do the CIS diagnosis?
(question mark, bottom right, then diagnosis)
For me, it was of no use. But itâs always a good place to start.
Did everything, checked a lot of things before finally posting it here.
They did a lot of changes back in 2018/19 to increase usability while still maintaining protection which is something I hope they change.
For some time now the Downloads Folder is excluded by Containment by default which I really thing should be removed but any file executed will then be loaded in memory and detected/contained.
The Initial quick scan only scans common areas, start-up apps and memory. It doesnât include Downloads because these are usually installers or downloads that havenât been run yet so as soon as they are accessed, CIS will detect them.
I havenât had a chance to test the current beta as I only have a production machine but I believe the above is still the case with the current beta version. â
P.S. if it was an âactive infectionâ your system would have malware actively running.
Thank you very much EricCrypti for your detailed and much appreciated reply. Personally, I am also interested in the problem of nanto01.
Weâre reading everywhere that many infections also come from attachments included in e-mails (for example).
Sorry if Iâm being too picky⌠But itâs technical curiosity that gets the better of meâŚ
Does this mean that these also escape analysis?
I need to understand how Comodo CIS works to avoid getting infected.
Does this mean that files that arrive in the âDownloadsâ folder are not analyzed in memory before being written to? I was convinced that before being written to disk, they pass through memory?
Is this reasoning different for different Windows (7,(the 8th we donât count )10,11) or for different Windows settings? (Windows memory access protection, for example, or Virtualization).
Perhaps direct transfer (without passing through memory) only takes place for NVME disks or depending on certain interfaces and their drivers?
Would we be less protected when writing directly from CPUâ>NVME than from CPUâ>RAMâ>HDD?
Iâd be really curious to know how this happens in the machineâŚ
Please donât reply, like some other moderators, âWhatever happens, youâre protected with Comodo CISââŚ
We get thatâŚ, itâs the process that interests meâŚ
Is it any different with the beta?
If I could, Iâd immediately add the Downloads folder to the quick scanâŚ
(can we have this option for version 2024?)
If itâs downloaded from anywhere it will be detected no matter where itâs saved to. If itâs executed from anywhere it will be detected. I donât have exact knowledge but @ilgaz or @C.O.M.O.D.O_RT or one of the other mods with more detailed knowledge can elaborate.
This video that Melih has posted about a few times recently gives it in laymenâs terms:
https://www.youtube.com/watch?v=Frx52YMHZ24&t=3s
Thatâs how
Xcitium Transparency Page - Historical Statistics and this is our historical data of infection/breaches Audited by third parties. We are the only company in the world
a)Sharing our historical infection numbers
b)getting it audited by third parties.
Why are other cybersecurity vendors not doing that, ask yourself .
Iâm trying for many days now to update the previous beta version (12.3.1.8104) to this new beta version. But it always says it is already up-to-date.
Canât the previous beta not be updated to this one?
I only installed the Firewall, if that makes a difference.
Thank you both for your response, EricCryptid and Melih.
OK⌠weâre not used to it yetâŚ
We used to need a watchdog who could spot foxes, buzzards and snakes.
Now, almost, youâre telling us to "let the fox into the henhouse - as soon as it gets in, itâs cooked!
(((I understand perfectly well that he has no chance of catching a hen)))
That requires a change of perspective after so many years of different practicesâŚ
So⌠Will EDR, XDR, MDR Comodo solutions soon be available for home or small office use?
(Easily manageable and understandable)
Sorry, I leave a lot of messages, but when the beta is over, Iâll be around a lot less (yesâŚyes⌠I reassure you )
So, about the betaâŚ
When I export my customized configuration, as time goes by, its size gradually increases. (Logical)
Only sometimes, when I save the configuration again, its size decreases drastically. Sometimes by more than 2/3⌠a quick check shows me that my personal configuration is missing somethingâŚ
I then have to import the penultimate backup to get back to where I was.
So Iâm wondering if there isnât some kind of fault in the configuration export?
Whether I validate âsave current changesâ or not, it still happens.
I systematically export after every two or three modifications and every day. (Also because Iâm testing the beta version on several machines).
So this problem occurs, letâs say, every ten or fifteen exportsâŚ
I invite developers to do the same and export their config several times a day until it happens to them too (I should point out that this problem occurs on Windows 10 Pro, like Windows 11 Pro and whether Comodo CIS is alone or not).