Question about anti malware portion of firewall


I tried Comodo a couple of years ago and it was a great product but had my computer locked down too much so I switched to a competitor’s product. My son has a Windows 7 Professional laptop and I have a XP desktop and I like to use the same programs when I can since I am his “tech support”.

My question is about the protection level that the anti maleware portion in Comodo provides. His computer had gotten a malware/spyware/virus of “security tool” somehow and unfortunately it was hard to get rid of. He doesn’t remember if he opened something or said “yes” to something on a website but it iinstalled itself on his computer and made it virtually useless.

I use avast antivirus which has real time protection and that didn’t pick it up even on a boot time scan and “security tool” wouldn’t let me install any program to get rid of it. I did find a site that had the solution on how to get rid of it and it worked but I am looking to prevent this from happening again. I see that the Defense + offers real time malware protection -would this have prevented the “security tool” from installing? Does Comodo have any real life experience with this type of attack? I want to step up the security of both computers.

Thank you!

Nothing can get through Defense+ without the user clicking the button to allow it.

The downside to this is that you can get many pop-ups asking for permission to run this program or that. Usually there are only a lot of these pop-ups when first installing CIS and when installing another program. I would try it out on your computer and see if the pop-ups are too much of a nuisance or you can deal with it. I honestly don’t find it to be that much of a bother as I know that my system is safe.

When properly configured Defense+ is nearly bulletproof. Malware can only run if the user allows it.

Also the AV part is getting better every day. Out of curiosity which product was your son running when he got infected?

Almost every antivirus detects this family of rogues (security tool, antivirus 2009…), but apparently not avast…

Getting rid of them is another story, and usually needs manual intervention or a third-party tool in safe mode.

No antivirus is, as far as i am aware, able to avoid them, since they are linked by http redirection (e.g., you serach something in google, and a windows or link tells you you are infected and should download the thing to repair your system).

Too late: one should have thinked about it instead of clicking.

Now, if someone clicks and downloads the malware dll, i don’t actually know if comodo defense+ shall keep it from installing: it does so, if memory serves, in Temp Files, and it should be enough in these conditions to forbid in defense+ whatever modification of Temp Files, but that would be very uncomfortable…

Good preventive measures are, of course, not to click whatever link you did not ask yourself; you can add, e.g. in Firefox, more security by No Script and Ad Block addons and forbidding page redirection: but, basically, the infection results of visited sites themselves hijacked by a foreign http adress and, if you can limit http to TCP OUT, ports 80 and 443, you can’t forbid it alltogether.

Thanks to both of you for your answers.

My son claims he didn’t click on anything and only opened items from people he knows. Both our computers were at the time running Zone Alarm firewall (forget which version) and Avast antivirus (version 4.8 ). My computer had Malwarebytes installed but his didn’t since using Avast on my computer Malwarebytes never found anything to get rid of. Since I was using the free version of malwarebytes it wasn’t running in real time anyway.

I say “were” because I installed Comodo firewall onto my computer to give it another try yesterday and also updated avast to version 5 on my computer; he still has Zone Alarm and avast version 4. 8 . I did also download Windows Defender onto my computer but depending on how it goes with Comodo this time may get rid of Windows Defender. Comodo’s Defender + did let Windows Defender install without asking any questions and both firewall and defender + are on safe mode - maybe because the program came from Microsoft but I did expect Comodo to ask permission to install.

To get rid of security tool I did have to do it manually. I went to “mybleepingcomputer” after going to the avast forum and searched for help with this problem. I had to download a file, kill the processes and run Malwarebytes to clean up his computer, I also has to delete and add a file. I’m new to this stuff although not new to computers and it was a pain. I did a search here as well but couldn’t find antything on that particular problem.

My computer is also used by my 14 YO son so I do want to make sure that both computers are as secure from threats as they can be but as was said all you need is a unthinking click and you’re in trouble.

Thanks again!

Defense+ will not give a pop-up if the file has already been analyzed by Comodo and added to the safe list. That is why there was no pop-up. This allows the user to greatly increase security without much of the frustration that would otherwise come with it.

From what I can tell here:
ZoneAlarm Free is not a very secure product. Avast however, is a good addition to CIS if you do not want to install the AV.

By the way, if your sons computer had a problem with malware you may want to scan with a few other products to ensure that nothing else was added. Please see here:
What You Need To Know About Removing Infections and Securing Your Computer

As I was researching the problem I did see both items you pointed out. Getting his computer is a bit of a chore as he uses it for college and of course socially :slight_smile: which is how I think he got that stupid problem in the first place.

I do plan on putting Comodo firewall on his computer but wanted to know about it’s anti malware perfomance and at this point I still like avast as I guess every program has it’s limitations and avast has done a pretty good job except for this one time.