Yes since a free version able to detect spyware and other malware like previous version of paid version.
For me Avira was a fastest scanner in free antivirus.
However Comodo was very fast scanning too.
You have very accurately pin pointed the primary weakness of Default Deny security and that is the requirement of an intelligent user and why Default Allow security systems are a better recommendation for users who are not capable of competently responding to a Defense+ security alert.
In the final analysis under the operation of skilled and well informed users Defense+ can detect and deny Malware 100% of the time while there isn’t a single AV program on the market not even the most competent ones operating from massive black lists that can detect 100% of all Malware all of the time not even Avira so eventually… Bammmmmm you will be infected without even a warning unless you have a Default Deny HIPS contingent in your computer security!
~Maxx~
Lets say all the alerts that will be displayed, the user will press 50% allow and 50% deny…
Now… with CIS we don’t show an alert if we already detect it…
So what that means is, on top of the detection, user will have a 50% chance of denying the malware, wheras with just default Allow AV you don’t have that chance…
of course from our Threatcast stats we are seeing that the users are not dumb as people make out them to be! They are denying a huge majority of malware (we suspect that the very little we see is mainly from malware testers who like to play with malware 
)!! You could say thats because Comodo has a sophisticated user base…so be it… We are protecting our users! Of course that doesn’t stop us from continually improving! Our goal is to protect everyone! With Parental control today we can do that! And with v4 you will see how easy it will all get
Melih
Are you saying that if we only install Comodo Firewall and Defense+ (no AV), Defense+ will not detect a lot of malware behaviour, since “with CIS we don’t show an alert if we already detect it”?
This doesn’t make sense to me, as Defense+ is a classical HIPS and it will pop-up if anything untrusted tries to modify or interact with the system. Right?
Also, I sent you a PM. Did you get it? Thanks for your time Melih.
I find it quite logical they turned defense + off, because we want to know the strength of the av component not the strength of the whole suite… (:WIN)
Hi…
Why worry the user with a D+ message if we know the exe is malware…
Melih
Sure I understand that, but I was just asking that Defense+ will still alert the user if for example, that .exe malware file is run. This means that Defense+ will still block the file from causing any problems.
If you know what you’re doing, all you need is Defense+ and a good on-demand scanner. I also use Sandboxie, and that makes for a bullet-proof setup.
yes it will…
To me the beauty with D+ is that not only it protects your computer but also it can protect other security software processes that do not have strong self protection. For example I successfully shut down Avira free processes, not just the gui but all of it processes with process explorer (sysinternals suite). However, when I protected Avira free processes with D+ then I was not able to shut them down, no matter what I did.
So to all users who do not use CAV and therefore use another AV or someone like me who uses a full featured CIS in conjunction to another AV like Avira, please protect their processes with D+. Such ability to directly protect other software processes is one of the most underrated features of CIS. :-TU
Peace.
Is there a tutorial on how to do it? Cause even after I add files to “My protected files” I still able to shut down that process I just added
Go to Defence+ /Advanced /Computer Security Policy choose the process you want to protect click edit click Protection Settings click yes on Process Terminations then click apply on all open screens.
Screenshot below explorer.exe as example.
Dennis
[attachment deleted by admin]
In addition to process terminations protection you could also protect interprocess memory access by clicking on yes to activate it.
Peace.
Thanks both of you, I have a better standing how D+ work now
Agreed.
I think it is slightly ridiculous A-Squared is so high. The only problem I see with A-Squared, is they use Ikarus signatures as well. Ikarus is known for a lot of FPs that they do not remove from their database.
I never received an answer to this question: With nearly 6 million virus signatures in the Comodo virus database, why did the anti-virus portion of CIS fail to stop the 6 malicious applications, according to the MRG test?