Comodo Internet Security v Comodo Proactive Security

Can anyone explain what the differences are between having Internet Security, or Proactive Security set in Configuration?. If it has been answered before, point me at a link. I did a search on it but found nothing.

Proactive Security has Defense+ monitoring all of your machine. Under the other configurations D+ has limited powers.
Go to Miscellaneous/Manage My Configurations/What do these settings do.

Thanks Jose.

If I change to Proactive Security, the PC freezes. I can get it back by killing the PC (off button), booting then changing back to my config. - any other action at all freezes the PC!

You don’t have to change to Proactive. It’s actually more inconvience for the average user then it is in security purposes due to more pop ups. If your running Firewall & AV, the default configuration is fine.


Thanks Josh. I was under the impression that Proactive was the ‘best’ configuration, but it would seem not to be.

I use a saved configuration, so that if I do need to remove-install the settings are there already.

In fact, if you watch Languy’s videos on both Internet Security and Proactive Security you will see that there is a big difference.
Internet Security is not a safe configuration.

I really don’t understand 3xist “advice”.

Neither I!

What system malfunction or instability have you observed against CIS to make such a claim?

Let’s focus on “Internet Security” Configuration here when users install AV & Firewall. There is an AV involved and this allows COMODO to skip some checks in Defense+ Settings for example. AV is a HUGE differentiator. Is is there into complement Defense+ and has very acceptable security along with acceptable user experience - A balanced approach off course needs be followed, Which Comodo does as a software vendor. All of those checks (DNS/RPC Client, Window Messages, Image Execution Control) are disabled because of the fact that all viruses attempt to make themselves permanent first and hence will be caught.

Here the point is, permanent damage needs to be prevented. And all the checkpoints are kept to prevent the permanent damage. Example: Key logger is not monitored, Key logger tries to send info over internet, Firewall will catch it anyway.

Internet Security Configuration is FINE and the checkpoints are kept to prevent permanent malware damage. Users should NOT be mislead that it is unsafe. There is no evidence of malware bypassing the default security either. Users are protected.


Yes there is. But I won’t go further into it. It is becoming trying to answer people that behave as religious subjects of a holly ghost called Comodo.

That’s why we don’t allow any other religion in here. :wink:

:smiley: :smiley:

I just use Comodo - Internet Security config with Firewall Custom Policy Mode and D+ Safe Mode.

Because you have not answered my question and haven’t got evidence for it. :slight_smile: So I ask you again… “What system malfunction or instability have you observed against CIS to make such a claim?”

Please do NOT bring religion into this. This is totally against policy and if this goes further, posts will be split. Let’s keep on topic please guys.


Funny… Matousec’s tests proves the contrary!

The word “religion” here is being used in another context…

There is a substantial distinctness betwixt religious as a subject and religious as an adjective

I understand one cannot be too exigent on other person’s mastery of semantics and syntax. But I do ask for a clear interpretation of my short texts.
One does not have to be religiously rigorous. But a reasonable endeavor would be much esteemed.

Yours, respectfully,

Not true… latest results show CIS the only one to pass all tests 100%

I use Internet security as well but I have turned on Image Execution and all the monitoring settings. I suppose I’m really running in Proactive by doing that and some of it is not needed.

What settings do you think matousec’s tests use for test CIS? Internet Security? When they do that mistake, COMODO lost position and rapidilly ask for a re-test with Proactive Security, than COMODO gots the right place, I guess first…

Today it’s a leak test tomorrow it’s a malware in the wild. Matousec leak tests do NOT measure every aspect of Firewall and HIPS Security. Some of those leak tests are not real threats at all.

Every product is configured to their highest usable security settings and CIS was not at the time. Have a look at Matousec’s Methodology here:

The tested products are installed on Windows XP Service Pack 3 with Internet Explorer 8 set as the default browser. The products are configured to their highest usable security settings and tested with this configuration only. We define the highest security settings as settings that the user is able to set without advanced knowledge of the operating system. This means that the user, with the skills and knowledge we assume, is able to go through all forms of the graphic user interface of the product and enable or disable or choose among several therein given options, but is not able to think out names of devices, directories, files, registry entries etc. to add to some table of protected objects manually, not even if such a configuration is suggested on the product's support forum or website.

Anyway, as I said, leak tests don’t measure everything - Let’s not forget CIS has a perfect 100% score and only product to have one.

You are not understanding how Defense+ works when the AV misses something. Here all we are seeing is a malware process in the memory and you assume this is a bypass? This is NOT a bypass and you need to understand technically Defense+ works. Defense+ stops ANY malicious execution, Defense+ won’t stop it from going in memory but when it performs malicious actions that cause REAL permanent damage to the system such as: Modifiying Userinit key or dropping a rookit in system32 - Defense+ will immediately pound on these actions.

The malware in memory, in the above video is simply gone after a reboot - Because those process are doing nothing because Defense+/Firewall blocked the malicious actions performed! Firewall and Defense+, when AV misses, do their jobs as expected and will block any malicious actions - There is no point stopping something going in memory when it won’t even do a thing (Or for that matter, malware going in hard drive and not doing anything just sitting there). EXECUTION is a key word here and Defense+ will stop any malware executing malicious actions that cause PERMANENT virus damage. Malware simply loading in memory or going in HDD is nothing. It’s the actions that are performed.

Jose, you have been asked at least TWO times to answer this question and you are still avoiding to answer it. The above video shows no system malfunction or instability at all. It’s not a bypass. I will again repeat my self… What system malfunction or instability have you observed against CIS to make such a claim? “internet security is not a safe configuration” I think the answer is nothing… Please state otherwise.