Dont Give Popup Alerts

To most people, it’s extremely illogical to want to disable the majority of the protection that a security suite gives you. This is why you’re being asked if you really understand what it is you are asking for.

I agree with Eric. Perhaps a bit of education for these users that are experiencing issues is a better solution than severely limiting your protection? I have a sister that is definitely not great with computers. I showed her how she can click the links in the alerts to tell which application is asking to do what. If it’s something she knows and trusts, she allows it. If it’s something she doesn’t understand, she blocks it (without telling D+ to remember her decision) and asks me about it. She has been using CIS with very little trouble for several years now…

I already mentioned in few previous posts here that I understand the risk & accept the security consideration.

But I dont think it is not logical coz

  1. This will be an option & not default setting.
  2. Why disable D+ completely & run FW & AV only when you can keep it enable & get Autosandbox too.


You want defenders of default deny policy to basically accept a default allow policy.
That will never happen :smiley: :wink: ;D

Seriously, I can see your point, you do not want 100% Default deny policy nor 100% Default allow policy. Something like avast if i am not mistaken (but they use some kind of heuristics to decide what gets sandboxed).
But that is a huge step for comodo (they have always defended DDP). But your argument is true, lately the have changed their strict policy (Firewall, etc)

But why not just wait 1 or 2 moths and just uncheck "automatically detect installers/updaters and run them outside the sandbox).
If there is true virtualization (like sandboxie) there will be no problem.

How the Virtualization will make it easy?

Avast virtualizes based on heur & other sensors as you mentioned . So Avast doesn’t virtualizes each & every unknown softwares. But even when Virtualization is introduced, I guess the functioning of D+ will be the same i.e it will throw the popup for each & every unknow softwares to Comodo. So Virtualization solves the prob of dropped files of malware & not reduces the popup.

I have VLC Player installed which was recoznized as safe by Comodo Cloud whitelist. Few days back there was an upgrade & this time Comodo mentioned Unknown software & recommended to Sandbox & the installation corrupted. Now you will say if you know the software you should allow it or teach the users this. Offcoz you are right but not many users can distinguish what should be allowed/blocked when infact the same popup you get for legit as well as malware softwares.

I dont think any harm in giving such an option. The users who dont want the popup will use the option, who want it will not use the option.


I was referring to true virtualizattion (like sandboxie), for new installers that asks for “unlimited access”.
Of course i do not know how comodo will implement the new sandbox, if it will include D+ restrictions or not. But at least the com pop up will be eliminated.

CIS 6 will have a new sandbox with much reduced alerts and increase compatibility. Alerts like COM etc will be eliminated without reducing security. Our Research has been going into how to increase usability while improving security.

every version of CIS will be better than the previous one!


Regarding updates, i never understood why Comodo simply does not use some of the technology of CPM, and creates something like Secunia or ninite and basically scans the computer and updates it automatically without user interaction (of course it should be as an option). If ninite, secunia, filehippo can have a database that shows the updates to the files (and sometimes installs them), why can not comodo do this? The updater problem would be greatly reduce for newbies and it would improve protection (vulnerabilities).

The approach i use with friends and family is basically to install secunia and let it ran in the background and do the updates automatically, for the applications that secunia can not install (like vlc, kmplayer) i just tell them to once a week to double click the icon of ninite because it will download and install them.

In the following situation, which one will you select?

sandbox, allow,or block

:smiley: >:-D >:-D >:-D >:-D >:-D >:-D >:-D >:-D >:-D

:smiley: >:-D >:-D >:-D >:-D >:-D >:-D >:-D >:-D >:-D

Comodo recommended sandbox i would chose sandbox :slight_smile:
Looks like an exploit, when it pop uped unexpectedly I would block.

Actually, the process is the regsvr32.exe.

New Draft FAQ on the new alert settings, if anyone is interested:

All comments welcome - it’s draft, and so can be modified.