[Resolved]Certain settings unclear

Hi All,

I’ve been searching through forums and I find it tough to find answers on certain things, maybe someone can clear it up for me?

Im running version 5.3 (just firewall and defence+)

  1. How do I configure Comodo to ask on EVERYTHING including SYSTEM access attempts? so that I can have it learn what is safe and what I want to block.
    In my mind I want a firewall to block intrusions aswell as safe applications phoning home or requesting updates

  2. Whitelists… what is the deal with all those companies listed there? how do I clear them - nothing must be considered safe without my direct input.?



Paranoid Mode/Custom Policy Mode = Your in total control; you can’t blame CIS for allowing malware in :slight_smile:

For Firewall

CIS > Firewall > Firewall Settings > Slide the bar up to paranoid mode > check create rules for safe applications > Alert Settings you can move the bar and the description changes > Apply/OK

For Defense+

CIS > Defense+ > Defense+ Settings > Paranoid Mode > Create Rule for safe applications > execution control tab
uncheck the following
Automatically scan unrecognized files in the cloud
Perform cloud based behavior analysis of unrecognized files

Sandbox settings > unckeck the following
Automatically trust the files from the trusted installers

This means that you are in complete control (Firewall/Defense+/Sandbox)

(No need for remove the TVL but IF you wish CIS > Defense+ > Computer security policy > trusted vendors list > Select one > Alt R (Hold it down to remove quicker)


Thank you for the promt reply!
It is appreciated. :slight_smile:

Your most welcome;

is there anything else i can help you with?


Ok, another quick question,

I’ve had this installed for a week or so and Ive had some of the settings already enabled, but im going to mirror the ones you gave me, but I would like to be Re-asked for all applications and services ive already allowed aswell as system processes - to start with a clear contience so to speak :slight_smile: … any thoughts on that?

Apologies for the hassles…

No hassle at all!
I welcome questions :slight_smile:

If you go to
CIS> Firewall > Network security policy > Remove all but
comodo internet security
windows system application
windows updater applications

OK > stealth port wizard > Block all incoming (Bottom option) > OK

CIS > Defense+ > computer security policy >
Remove all but
comodo internet security
windows system application
windows updater applications
All applications

Also once you have done this i would recommend exporting this config so you can always ‘go back to defualt’ type of setting.

hope this helps


These defualt settings:

windows system application
windows updater applications

what to they cover?
Can I set them to ask for access?

Windows sys applications are critical applications that windows use to operate ;

windows updater app’s are 'windows update/windows installer/CIS installer etc)

Yes you can ask them to but not recommended thus will create ALOT of alerts/pop ups
(To set them to ask simply click on the item in question > edit > select custom policy bubble)

Hope this helps

Hope this helps

[attachment deleted by admin]

If you are still around please do not remove all Defense+ preset rules in one go.

This is liable to lock your computer wih overload of alerts.


Thank you guys both for the replies.

Dennis2 - noted, ill remove them one by one.

Your most welcome

any other questions or issues you are having?


These trusted vendors…

  1. What does it mean by that?
  2. There’s so many! isn’t there a quicker why to remove them all?


How do i export my settings? There are three options:

Comodo internet security
Comodo proactive security - active
Comodo firewall security

You select one that is active; then click export (CIS > More > Manage My Configurations)
and save it to somewhere you can remember; and then when you need it you can import it and then activate it;

1. What does it mean by that? 2. There's so many! isn't there a quicker why to remove them all?

Trusted Vendors:

Exit CIS *Right click cis icon > Exit > yes > go to start > run > %programfiles%\Comodo\Comodo Internet Security\database
and remove ‘vendor.h/sha’

Then start CIS once more (and disable automatic updates (CIS > More > Pref. > UnCheck Check automatic updates

Hope this helps


Thank you for the quick method,

However why must I disable my updates?

Also, what happens when a request pop’s up and is left unanswered and times out?
Is there a way to set it to display pop ups permanently until I answer them?

Your welcome;

Because on restart the list may be back again; but if you have the settings above then you’ll not to need about the TVL list…

Permanently ? no; but you may increase the wait time (CIS > defense+ > Defense+ Settings > Keep an alert on screen for (Seconds)

Hope this works


Allright thank you very much for the help, I feel alot more familliar with the configuration and this should protect my system well.

Great Product! Great forum Support!


Your welcome;

If you have any other issues with CIS please dont hesitate to come back and tell us about it so we can help you fix it :slight_smile:

Hope you have happiness on your travels :slight_smile: