Few questions

Comodo Internet Security - CIS Defense+ / Sandbox Help - CIS
1

  1. I have parental controls on and have suppress defense+ and firewall alerts. But if someone were to download malware and defense+ is suppressed , how would it answer, allow or block?

  2. If i uncheck " automatically run installers out of sandbox" does this mean EVERYTHING that is un known to comodo will be sandboxed? ( I have automatically run unknown programs in the sandbox checked too)

  3. Lastly, if i wanted too, is there a way to set comodo to block everything unkown automatically, and i dont mean sandboxed, just completely block everything unknown.

Cool, thanks!!!

2

  1. Block. That is because of the default deny principle. Everything gets blocked unless the program is on the white list, added to My Own Safe Files by the user and when the user would allow it. Since the user can not answer it will always be blocked.

  2. I think that would run installers in the sandbox. However notice that CIS is not made (yet?) to be able to install programs in the sandbox. When installing make sure you trust the program and the site you downloaded it from.

  3. I think the parental controls pretty much do that trick for you:
    How To Achieve Max Security With ZERO Alerts!
    Configuring CIS for Max Security with Zero Alerts - Simplified by 3xist.

3

Thanks for answering those! VERY helpful!

Instead of making a new thread i thought id ask a couple more questions here :slight_smile:

  1. If i turn parental controls on and suppress alerts, should i use the sandbox or no? I basically dont want anything unknown to run on my computer and am unsure if i need the sandbox to be on.

  2. Lets say comodo was accidentally exited out of, or it wasnt even installed on a computer yet and there was malware running on the computer. If you install comodo and put on parental controls and suppress alerts like usual, with sandbox off, would this make comodo block all the malware on the computer? or will comodo do nothing?!

thanks again@

4

In that case you can keep the sandbox disabled. The sandbox facilitates to run unknown program in a safe manner.

2. Lets say comodo was accidentally exited out of, or it wasnt even installed on a computer yet and there was malware running on the computer. If you install comodo and put on parental controls and suppress alerts like usual, with sandbox off, would this make comodo block all the malware on the computer? or will comodo do nothing?!

thanks again[at]

With malware present before installing Comodo mileage may vary from case to case. Basically when the AV doesn’t find it it will run unnoticed. When you are not sure a computer is clean it is always wise to let multiple scanners run as different scanners will find different things. You might be interested in What to do if you’re infected - eXPerience Rev.3

You can add another layer of security by enabling “Block all unknown requests if the application is closed” (Defense + → Common Tasks → Defense + Events). When cfp.exe crashes for whatever reason cmdagent.exe will not make new rules for unknown apps.

This may interfere with starting of apps during boot in incidental cases. When that happens boot in safe mode and check the D+ logs to see what is getting blocked.

5

Ok sweet thanks again for replying! I Really love comodo, because it doesnt matter what it is it cant hurt or really even touch your computer!!

Once again, thanks eric for all replys!