if your settings would be well, comodo would avoid infections BEFORE they happen. disable the comodo sandbox, and switch defense+ to safe mode.
as an antivirus i would suggest Avira personal free (enable expert mode in settings, and go through it one time). its one of the good ones.
if you disabled the sandbox, and run defense+ in safe mode, nothing can run automatically without your allowing! the rogue wouldnt have been installed, even if the av (comodo or avira example) would not know it!
comodo firewall and defense+ is one of the best, combined with avira free its a very good combination, which would not been beaten easily by anything else.
comodos sandbox is not suggestable, like you experienced now. COMODO should take care of this problems (rogue and sandbox so often appear in the same posts!!!)
but if You allow something to be executed, then it might infect you (but you will be asked before by defense+ if you want to allow “name” to be executed). thats one little rest of risk, and its in your hands then.
if you would use additional sandboxIE (a real sandbox program, free if you dont WANT to pay for it, it gives you the choice, while giving nearly all needed features in both cases)
then even if you would get “infected”, after the browser is closed ALL changes would be erased. with this combination you are very safe in a big amount of situations.
BUT be careful to make the settings right before first using. otherwise you might have a false mind of been protected, or the sandboxIE would maybe never be emptied.
and you are sure, that you read what the poster before me wrote???
because it HAS BEEN allowed to run in the comodo sandbox, it had the chance to execute and infect the pc AND erase all DATA
this sandbox doesnt protect as it should. and even more, in some cases its more dangerous to have it run.
comodo until version 4 was secure, without sandbox. and with sandbox now, ONLY questions have been reduced from defense+. but its NOT like if the sandbox would make the comodo more secure in any cases.
for example: this rogue, even if it was “sandboxed by comodo” had the rights to make internet connections by default. i dont know if they changed this default rule in 4.1. but as you see, sandbox is not like sandbox, first of all in this case.
it reduces questions, for userfriendlyness… and as it often is, userfriendlyness can be insecure somehow.
JohnHerland, i have no idea why you faced 5 rogue-malwareprograms while browsing. i have the idea, maybe your pc is infected, and thats why you are facing more and more things. maybe its a rootkit, hidden from antivirus products… just in case, i wanted to mention it.
i never faced a rogue antivirus when i browsed the internet. if i would, sandboxIE had erased it after i closed my browser…
comodo sandbox doesnt erase like a sandbox should.
AND one thing: an antivirus is not your father. its a friend, but he cant know everything. so load only things that you know, and test them with an antivirus if they are clean … at least as clean like the last virussignatureupdate says. if you dont know a program, then “google” about it.
security programs should be load only with reputation from known sites, and maybe with a link from a much more trusted site, to be sure that you get the real homepage.
The first can’t run in the sandbox and in fact Anubis could not execute it saying “Either your file is not a valid Windows executable or some of its startup-dependencies have not been met.”
When I run them the second is able to run in the sandbox (I disabled the AV). The “installation” freezes and doesn’t advance. I blocked all firewall alerts. I have installed a pic of the “installation”.
johnerland, can we please get some more information about how this rogue bypassed CIS on your computer? What was your security setup and how did you answer any alerts?
chiron the second file (packupdate107_2129.exe)tht u hve tested is know caught by comodo but his time the database is 5188.
when i face this rogue the comodo database is 5115. i hve send this file by mail to this address (malwaresubmit@avlab.comodo.com).
may be they added to there database.
the one tht corrupt my window is came from some online gaming site i don’t know the exact site
thnks for responding to my question.
and tell me one thing can i use this comodo in my laptop a lot of personal information like credit card bank information is there
comodo is capable of take care of all these things.
when you look at tests about comodo firewall and its defense+ section, you will see that it is one of the very good programs.
but no product can be perfect, if the user doesnt make the right settings. dont forget that.
as an antivirus, i would again suggest to use avira free edition. (disable the antivirus of comodo before, if)
its a real good combination. security depends on good settings (avira: activate the expert mode to be able to make all settings).
personally i would not suggest to use the comodo sandboxfeature.
in result, comodo will be my first choice for firewall and defense+
and
avira free edition will be my choice for antivirus
and
sandboxIE will be first choice for a real sandbox.
all 3 are free versions, all 3 are one of the bests.
(with the right settings of course!)
It seems to me that this particular thread (the old one ) went “a bit” !ot!
Disabling Autoruns / “Rogue Antivirus” & new issues with Comodo’s “sandbox” that cannot possibly ever be fixed are different/separate issues
LOL your website sure does look dicey to me.You have the rogue registry cleaner regcure up for sale. :o.
You can take your rogue site and stick it in the dustbin.Ive never seen such a conglomeration of utter garbage in all my days.
:o.