In the past this has been extensively discussed here at the Comodo forums.
At the forums we are not happy with Comodo’s choice for its default settings and Comodo is aware of this. Comodo is making choices with security in mind as well as usability for the big group of users who want to be bothered as little as possible. There is a trade off to make between security and usability. :-\
At the forums we make a different choice. We suggest to follow Chiron’s recommendations as described in his article How to Install Comodo Firewall.
I know what you mean, but that just sounds amusing: quickly judging by the topic’s title you aren’t happy with keylogger not being able to bypass comodo’s protection.
Not everyone on this forum has the time to expend studying english just like you have. As of example, me. I can talk a little in english but I expend my time with more important things, such as my job, my family and my life…
Even I have the settings according to Chiron, I found more then 10 files only during the last week that are infected and CIS let them go. I have ON: HIPS, fully virtualized sandbox, AV …
It is enough if the file has right digital certificate and even it is infected, CIS leaves it. It is a big problem. I stopped believe to Comodo. The files are the ones that are not in the AV database of Comodo and has digital sign.
It lasts for few months now since I found it out. But lately there is still more and more infected files with the digital sign - the sign is very often frmo Rising - it is not antivirus in any case as somebody tried to tell me here in my topis where I wrote aobut it.
CIS only ignores digitally signed malware if the signature is in the TVL. Did you report the files you ran into in here?
Yes I know but many infected files has signature from CIS TVL. For example Beijing Rising. It is a reason why I think that rating files/apps according by TVL is very dangerous.
I founded one file without digital sign yesterday and when I launched it, CIS add this file to Trusted Files…
I am very surprised how many files can bypass Comodo.
I do not know if cloud scan can cause this (my) problems. I found that many infected files cause those problems. It did not happen before so often.
But I have now few files (I deleted lots of them when I was angry) with digital sign and some without it. It seems CIS does not put those files in the sandbox but runs them as untrusted.
I tried to run 1 infected file that should be screensaver. Comodo correctly put it in Unrecognized files but cannot be deleted from it. I uninstalled CIS Pro. Install again only Firewall and file is stil in unrecognised and cannot delet it from there even I already delet it from HDD.