Mistakes in Online Help text for CIS v8.2

While going through Online Help for the latest CIS v8.2, I noticed several small mistakes:

The second sentence of the first paragraph says “Comodo Internet Security 6.2” instead of 8.2.

Set new maximum file size limit to - … Files larger than the size specified here, will not be not scanned.

Run only when computer is not running on battery - …the computer runs with the adopter adapter connected to mains supply and not on battery.

Run only when computer is IDLE - Select this option if you do not want to “be” disturbed when involved in computer related activities. The scheduled scan will run only if the computer is in idle state.

Click OK for to save the profile.

Note: The scheduled scan will run only if it is enabled.

You can choose to clean, move to quarantine or ignore the threat based in on your assessment.

The ‘Exclusions’ panel under the Antivirus Settings Settings displays a list of paths…

Excluded Applications - … Please note that these items are excluded only on real-time scans but will be scanned on running on-demand scans"." Refer to the section Excluding Programs/Applications from real-time scans “for” more details on manually adding and removing exclusion items in this interface.

The file groups will be added to Execute Excluded Paths

The ‘Excluded Applications’ tab allows you to manually add programs, applications of or files to Excluded Applications list

Editing the path of the application added to e Excluded a Applications

In the opening paragraph, the HIPS acronym is defined as Host Intrusion Prevention, but the CIS GUI says Host Intrusion Protection System. I couldn’t remember how it was in previous versions, so I checked the older Help pages. Both v7.x and v6.x GUIs also use the word Protection, although Help documentation keeps using Prevention. It seems this is a legacy from the v5.x days (or maybe even earlier), at which time Defense+ by itself was described as a host intrusion prevention system.


:oWell spotted lol

I’m creating a custom Configuration Profile from scratch after upgrading to Windows 10 and doing a clean install of the latest CIS. I decided to re-read the documentation as I go along, in order not to miss any new or changed functionality.

My habit of “automatically proof-reading everything” is an occupational hazard due to my past years in the academy :azn:

Having seen these mistakes, I thought “Why not report them?”. Compared to the free security and protection Comodo has provided me with for years, this is perhaps a very small contribution in return, but it’s the least I can do.

I’ll keep updating the first post if I encounter any other typos.

Hi Cybermutant,
Thanks for this information it is appreciated, it is very noble of you to use up your time checking for errors. :-TU


Thank you, captainsticks, for the compliment. As I said, it’s the least I can do.

And thanks to EricJH for moving the topic. The Comodo Forums are so extensive, I hadn’t realised there was a dedicated sub-section for Help and GUI text errors.

It seems I lost the ability to edit the first post after the move, though. I’ll keep reporting errors as new posts under this topic, if that’s OK?

And one quick question: Which forum section would be the correct place to suggest changes to the Help File or GUI text? Not corrections for simple typos, but bigger changes to improve clarity, such as different wording for descriptions in the help text, re-ordering of sections, or renaming GUI elements.


Paranoid Mode: … Similarly, the Comodo Internet Security does “!! not !!” automatically create ‘Allow’ rules for any executables - although you still have the option to treat an application as ‘Trusted’ at the HIPS alert.

Safe Mode: … It also automatically creates ‘Allow’ rules “for” these activities, if the checkbox ‘Create rules for safe applications’ is selected.

Training Mode: Defense+ monitors and learns the activity of any and all executables and creates automatic ‘Allow’ rules until the security level is adjusted.

The activities, entities and objects that should “be” monitored by HIPS can be configured by clicking the Monitoring Settings link.

Processes’ Terminations - … Press ‘Ctrl+Alt+Delete’“, open Task Manager” and click on ‘Processes’ to see the full list that are running on your system

… Distributed Denial of Service attack whereby an malicious entity sends …

… The requests are spoofed in so that they appear to come from the target or ‘victim’ server but in fact come from different sources - often a network of ‘zombie’ pc’s PCs which are sending out these requests without their owners’ knowledge.

… malicious applications can obtain data from a storage devices, …

Physical Memory: Monitors your computer’s memory for direct access by an applications and processes.

Set popup alerts to verbose mode - Enabling this option instructs CIS to display HIPS Alerts in verbose mode, providing more more informative alerts and …

Block all unknown requests if the application is closed when the application is not running - …” (to match the GUI text of this option)

Do heuristic command-line analysis for certain applications - … Visual Basic scripts and Java applications … made to execute Visual Basic scripts …” (capitalize proper nouns)

Real Time Scan, Custom Scan, and Exclusions links erroneously divert to respective sections of the older v7.0 Online Help pages.

Links in the left side tree navigation do work correctly, though.

Hi Cybermutant,
I guess the best place to get your message across about changes would still be in the bug reports section.
Another Mod controlling the bugs may correct me if they do not agree.


Bug Reports - CIS

  • This These applications do not belong to a FILE GROUP …
  • Custom rules can be created by the user and deployed to individuals applications

The first column, Application Name, displays …

The second column, Treat As, column displays …

You can use the search option to find a specific file or a company in the list.

Add - Allows the user to Add a new Application to the list “and” then create it’s its ruleset.

To begin defining an application’s HIPS Ruleset

General Note: … If you require the ability to add or modify settings for an specific application then …

Select the ‘Allowed Applications Files/Folders’ or ‘Blocked Applications Files/Folders’ tab depending on …” (to match the GUI text for these tabs)

“Clicking ‘Modify’ then adding ‘operasoftinfo.exe’ to the ‘Allowed Applications Files/Folders’ tab creates an exception to this rule. New Software.exe can now modify the memory space of operasoftinfo.exe.” (the sample screenshot displays an application named softinfo.exe added to the exceptions)

Navigate to: Advanced Tasks > “Open Advanced Settings >” Security Settings >Defense+ > HIPS > Rulesets. There are four default Rulesets listed under the ‘Ruleset Name’ column.

Hi captainsticks, thank you for the clarification.

Best regards.

The “Click the handle from the bottom center and select ‘Add’.” line is repeated.

First add Accounts.odt ods to Protected Files area.

Regarding the example of protecting a spreadsheet file, given in the Exceptions section:
After adding Accounts.ods to the list of Protected Files, shouldn’t the user be creating a custom HIPS rule for the spreadsheet application (in this case, scalc.exe), not the .ods file itself?

Select the item from the list, click the up arrow handle from the bottom and select ‘Delete’.
(For consistency, the ‘up arrow’ is called a ‘handle’ throughout the Online Help text.)

You can add items by browsing the registry tree in the right left hand pane, selecting the key and moving it to right hand side pane …

Edit the key path, if you have relocated the file key and click OK.

Select the item from the list, click the up arrow handle from the bottom and select ‘Remove’.

You can add items by browsing the registry tree in the right left hand pane, selecting the key and moving it to right hand side pane …

To remove an individual file key from a group, click …

The Defense+ engine determines, through various analyses, whether an application is trusted, unrecognized or malware. You can define rules “for” how these identified applications can be run in the Sandbox …

This data will can also be accessed by non-sandboxed applications.

Enable the ‘Do not virtualize access to the specified files/folders’ check-box then click on the words 'the specified files/folders.

Enable automatic startup for services installed in the sandbox - By default, CIS does not permit sandboxed services to run at Windows startup. Select this check-box to allow them to do so. (Default = Enabled)
(There’s a contradiction between the stated default behavior and the actual default setting)

The following example shows an .odt document opened with a sandboxed version instance of OpenOffice Writer:

You can decide on whether or not to allow the installer or updater based on your assessment, …

Select the ‘Protect Virtual Desktop with a password’ check-box then click the words password. The ‘Create/Change password’ dialog will appear.

We recommend a password of at least 8 characters in length.

Add - … See the section ‘Adding an Auto-Sandbox Rule’ for guidance on creating a new rule.

Edit - … See the section ‘Editing an Auto-Sandbox Rule’ for more details.

The options under the Action drop-down button combined with the Set Restriction Level setting in the Options tab determine the amount of privileges an auto-sandboxed application has access to “regarding” other software and hardware resources on your computer.

The options available are same as “those” available under the Browse button beside Target as explained in Step 2. Refer to previous section for each of “the” options for more details.

The following example describes how to add an Ignore rule for Unrecognized files from a network source:

By default, the ‘Log when this action is performed’ “is selected.” The options available for Ignore action are: …

The procedure is similar to adding Adding an Auto-Sandbox Rule.

Portsets - Predefined groups of regularly used ports that can “be” used and reused when creating traffic filtering rules.

“Both application rules and global rules are consulted when the firewall is determining whether or not to allow or block a connection attempt.”

Should be fixed.