One month later…hope to see new version soon.
can not submit the malware through the cis 7. if all the time shows that the file already submitted and the file could not found what is this ? this submitting problem is not sloved yet. >:(
Thanks for the information! :-TU
Unfortunately I am not using CIS at the moment because of Firewall issue (incompatibility between CIS and Huawei driver on Windows 8.1).
Talked about Firewall issue wth COMODO staff via PM. - hopefully they can find solution for it.
I’d like to also say that COMODO staff is very good IMO. 
Regards,
Kardo
Thanks for the reply. :-TU
Regards,
Kardo
Dch48,
I saw your message in the version 7.0.313494.4115 thread regarding ccleaner & the registry key CIS.CisDebugInjector. This is still a problem with this version.
Do a search in the registry for the key without the 9 in the end. You will find that there are keys with and without the 9 in the end. Since Comodo is re-installing the key when ccleaner deletes it, I would guess that the entry is correct, and the keys without the 9 needs to be corrected. This key seems to be cmdagent related.
I’m going to try it this weekend, to see if it will fix some minor nuisances that I’m having.
Search for BBB01528-20FE-4bc2-9D26-C70E3ABB9CD1
Hi romil,
There was some earlier discussion in regards to this in the link below.
I uninstalled CIS.cis Debug Injector
Kind regards.
Thanks for the link, but I’m not sure what to think now. I saw messages about cmdagent problems, and I thought that my observations might help. I wonder now if I should try removing the 9, rather than adding it. And should I even be concerned about this. Are the keys just left-over keys during the testing period? I generally don’t let registry cleaning programs do what they want. If I do decide to remove the key, I would remove more than what ccleaner wants to remove. Are these keys needed maybe for self-repair?
I’m going to have to learn not to post in the morning. When I wrote “This is still a problem with this version”, what I meant to say is that ccleaner wants to clean the key, but I don’t let ccleaner do it, so I don’t know if the key will be recreated. Also, when I wrote “it will fix some minor nuisances that I’m having”, I was thinking about Windows 8.1 Home edition. I have finally decided to remove it, and go back to Windows 7 Ultimate. I think that the latest version of Comodo Anti-virus is the best yet on a Windows 7 system. Now I can go back to working on security issues, rather than machine or program problems.
was put Comodo firewall 7 approves the program called SpyShelter antitest and failure in all tests or test, never reported or block these actions. So where’s the security provided? improve product testing units do, here is the link to try the tester: ****://www.spyshelter.com/download/AntiTest.zip
comodo firewall 7 Faill…
Please do not post direct download links.
Well if you increase the level of autosandbox to untrusted you will pass the spyshelter test
is the AV updating as usual? for some reason for the past 10 hrs I can’t seem to get any AV updates, it starts to run but always gives me a red X error on signature updates and data base updates.
From what I see in weekend, sometime I don’t receive any av update all weekend. But hey you are still safe thanks to HIPS/BB/Default Deny.
Well it may be on my end, I fired up my old Vista machine with V6 on it and it does update, so now I will spend time trying to re install on my W8.1.1 machine to see if that fixes it.
Like I said even if there are no updates, it still shouldn’t just show red X errors.
I just did a manual update. The database is at 18321 now.
… I guess its time for a cis update solving the gui lags…
At the partially limited level CIS behavior blocker provides protection against background screencapture- a foreground screencapture is permitted. At higher levels both can be prevented.
You should say “at higher levels both should be prevented” >:-D
https://forums.comodo.com/format-verified-issue-reports-cis/limited-and-restricted-block-screen-capture-but-untrusted-does-not-m399-t95001.15.html
This bug has not been fixed yet… 88) :-TD
In fact it is marked in progress in the tracker because in 4142 it seems to me everything apart from PL and virtualised levels are fixed, and those may be due to the background foreground rule. But there is no confirmation from devs yet.
Here’s my analysis for 4142 please say in the bug report if you find differently
This is different in 4142, but at least it is not inconsitent in the previous sense. Not sure if it is fixed. Re-opening for QA to assess if it is off-spec. If it is not maybe it can be reconfirmed as a debatable.When Antitest.exe, downloaded today from spyshelter.com (no file version), is run untrusted virtualised using Advanced settings ~ D+ ~ Sandbox ~ add, CIS fails screenshot tests 1a, 2a, 3a, 4a, 5a but passes 1b, 2b, 3b, 4n, 5b and 6. I validated it was running untrusted using Killswitch. In all other levels it fails all tests.
When antitest.exe is run BB’d at blocked, untrusted, restricted or limited it passes all tests, but it fails all tests when running Partially Limited.
Where Antitest fails probably the foreground/background distinction is being applied. The fact it is being applied at levels up to restricted in virtualised mode seems strange, as it would seem easy for malware to use a foreground very small window. People may be doing sensitive things like banking when running virtualised. Also it seem to me to be wrong that 40% of screen capture techniques are applied in untrusted virtualised mode - files which the user thinks may be malware are likely to be run at this level.
Yes, I noticed a different behavior.
I just tested BB as “untrusted” and “restricted”. CIS fails the screenshot keylogging tests (1a, 2a and 3a if I remember correctly) when set on “untrusted”, but passes them all if set on “resticted”
Some other comments here:
Yes I agree. Must have made a mistake in the test. Have updated tracker, thanks. Still it has been marked in-progress, so there may be a fix in next version.
I hope so, this is a bug since CIS 6…