COMODO's past is better than COMODO's present

Hi COMODO I just wanted to point out that COMODO isn’t 100% yet like there are some viruses bypass it, in the past like vertion 5.0 or 4.x nothing used to bypass it but in the following test 3 malwares(Well, One is a folder) bypass it
look at the MBAM result and Hitman Pro

AFAIK, scripts used to bypass older versions of Comodo.
This test shows that only few dropped files or traces were left after restart…no active malware was found on the system.
Therefore CIS successfully protected that PC.

It protected the machine in terms of RAM or proccesses not in terms or files in hard drive

Defense + protects against dropping files.
If he would disable sandbox - only Defense + he would get warnings about premission to drop files in Program File and so on.
Sandbox on partially limited allow dropping files. However they can’t autostart with windows - there aren’t any harmful software active (in memory).
System is protected.

no, every hips is bypassable .

Yes, but i mentioned about dropping files by those malware in thevideo :slight_smile:

It all depends on the user!
If you are experienced with Comodo then turn the setting in the the sandbox to block unrecognized files.The sandbox default setting is set to partially limited for new users to make comodo usable for newbies.
A few dropped files on your system is not a problem because they are not active ( your PC is not infected) If you are worried about dropped files then sandbox your browser by using sandboxie or GeSwall or set your sandbox setting in Comodo to block unrecognized files.

You can not judge a product by throwing 10 links at it and that includes products such as AVG etc.
Stop watching You tube videos and stop worrying and enjoy the internet with Comodo as your security or any other product you decide to use.

I have been testing security products since 1998 so I have a little bit of experience and knowledge to share.

Comodo is a very solid product and is the best free product (period!) and Comodo puts many a paid product to shame.IMHO


Which products are 100%?

If one of your program files got corrupted or it got deleted, then I would call it a bypass, in terms of protection, static files DO NOT harm the computer, it’s actually ashame that someone is testing a security software and he/she doesn’t know that simple fact … 88)


and it is this ignorance that we are fighting against :frowning:

Some people are NOT educated enough to give advice about Computer security. And many are NOT educated enough about security to ignore such uneducated advice.


This is why its a smart idea to layer your security. I love CIS and have used it solely. Nowdays I have it tweaked a little and use sandboxie along with it. There are no conflicts and its light and easy. Anything that might make it past the AV, sandbox or D+, won’t make it out when I delete the sandbox and terminate all the programs. Of course as I just posted over at wilders, nothing is 100%. If someone wants to hack into your system or target just you, they’re going to do it eventually.

Yes totally agree +1

I could have a folder with 100,000 malware sitting in it and it would do no harm, infact this is pretty much what some testing organizations do when doing a static detection test!
They just select the folder and say scan with X

Personally I don’t use the sandbox, nor do I use the safelist. I just use D+ and firewall. Feels unsafe with so many whitelisted malwares, and personally I don’t trust my system files to do whatever either, they should not. The old design has for me always felt better, and preformed better. It feels unlogical to let malware run. Even “hevily” restricted. Just “guessing” here but old design is mecanicaly safer and preventing execution is much more powerful than trying to run it and then put on some restrictions hoping it will do no bad.

I think you just answered your own question CTC :wink:

What im trying to say is that CIS is now able to be used in default (with very few alerts), yet still be very secure (not 100%). At the same time it is highly configurable for the likes of yourself and can be set up to alert to many different scenarios. Granted it takes some time and knowledge to set up in different ways, thats half the fun :stuck_out_tongue:


What if the malware in sandbox does not alter any of the OS files,but

replicates itself in all the folders and fills the whole disk with junk to slow it down (Happened to me twice, mgy.exe (16 MB) used to fill the whole directory structure with it’s replications of different hashes, no space left on even C drive to do anything) (don’t panic, it is now detected by CAV)


just deletes all the data files on the disk (not OS)?

Will it also be called perfect protection?

good question …

What setting is the sandbox set to for this? default, untrusted or somewhere in the middle? Each security level for sandbox restriction gives you more protection and the sandboxed application less rights.


of course the default is partially limited, which is still weak.

does it behave in the same manner for untrusted setting?