Can someone tell me EXACTLY what the trusted vendor list in Defense +does? What are the ramifications of removing one or more of COMODO’s predefined vendors?
I ask because I own Adobe Acrobat and I don’t know if you read my last post but the last update Acrobat did broke my CIS. I had to reinstall both. So I (thougnt) I blocked it from doing that update, but somehow Acrobat found it’s way past the firewall and/or whatever other security CIS entails and did the update automaticaly again. SO I had to remove Acrobat and CIS and reinstall both. Now I am worried about it reinstalling that new update and this happening all over again. I removed all the Adobe entries from the trusted vendors list. Will this help?
Basically, it’s there to reduce alerts. If a program is deemed safe by the TVL, its allowed to run. You can clear any vendor you don’t want to trust (although you may get an alert). Personally I have my list cleared entirely (not trusting anything). Although, I don’t add a lot of programs to my system. When I do, I just give them permission through the D+ alert or the Sandbox alert.
Is that the only difference between Safe Mode and Paranoid Mode? Will alerts be elevated by switching from Safe Mode with an empty TVL and Paranoid mode with a full TVL?
Paranoid Mode: This is the highest security level setting and means that Defense+ monitors and controls all executable files apart from those that you have deemed safe. Comodo Internet Security does not attempt to learn the behavior of any applications - even those applications on the Comodo safe list and only uses your configuration settings to filter critical system activity. Similarly, the Comodo Internet Security does automatically create 'Allow' rules for any executables - although you still have the option to treat an application as 'Trusted' at the Defense+ alert. Choosing this option generates the most amount of Defense+ alerts and is recommended for advanced users that require complete awareness of activity on their system.
This is a little confusing. I guess what I’m asking is, is my Safe Mode with an empty TVL the same as the default Paranoid Mode? If that’s the case, I can just switch to Paranoid Mode and restore my TVL. But, if I will get more alerts in Paranoid Mode, I would prefer staying status quo.
Maybe I’ll give it a try just to see how it works out… :-\
Boy, that didn’t take long! As soon as I switched to Paranoid Mode, I got an alert for Firefox! I’ll stick with Safe Mode and an empty TVL.
Safe mode automatically trusts ALL aplications that were installed before CIS, TVL or not. In paranoid, you are gonna be bombarded because no rule will apply
Ok, yeah that’s what I went for, safe mode and cleared my TVL. Although I am one of those who likes to see everything that goes on on my PC. I can do without clicking ok every 2 seconds. This way I feel safe and won’t be bothered too much with popups. I also use custom firewall mode and statefull AV. But I protectd all my driver folders and files because for some wierd reason I was getting my CCC.exe (Catalyst Control Center) blocked evertime it tried to run.
