- Sep 9, 2013
- 1,054
CIS 2015 review (nsm0220)
- Thread starter nsm0220
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
souhrid
Level 5
- Jun 29, 2012
- 226
Great review my friend, comodo failed terribly. Did you use default settings on test?
- Sep 9, 2013
- 1,054
yes and it was mess even with malwarebytes clean it 2 times and the internet was killed after reboot
- Sep 26, 2014
- 2,973
I was expecting more from Comodo in default settings
.
But anyone knows that if you are going to install Comodo you have to tweak it to get better protection.
Thanks for the review
.But anyone knows that if you are going to install Comodo you have to tweak it to get better protection
.Thanks for the review
- Sep 26, 2014
- 2,973
I saw the log, sysWOW64 is badly infected.
But as i said before if anyone is going to install Comodo has to tweak it to get max protection
Again thanks for the great review
.But as i said before if anyone is going to install Comodo has to tweak it to get max protection
Again thanks for the great review
Why there were no autosandbox popup?
Autosandbox was enabled?
Malware folder was there on the system before CIS install?
Autosandbox was enabled?
Malware folder was there on the system before CIS install?
- Sep 9, 2013
- 1,054
1. i think to reduce pop ups
2.yes
3.yes for av testing i always make a malware folder zip for that so i don't have to put my usb stick in danger
- Apr 13, 2013
- 3,147
I always enjoy your videos (and especially liked your passion at the end of this one!). As for why Comodo was penetrated so easily here, it is due to that stupid default sandbox setting that they are using.
At default settings the sandbox is set to only protect files coming from the Internet, which means ONLY things in the Downloads directory will be auto-sandboxed (isn't that insane?). As your malware pack wasn't in that directory none of these things were isolated and thus got through. In order to rectify this foolishness, CIS users should make this change to the Sandbox setting- Edit the first “Run Virtually” setting from “Internet” to “Any”. The sandbox can (and should) be tested with the following calculator app:
http://www.mariottini.net/roberto/superbcalc/
Download the above app twice- put one in the Downloads directory and save another one to the desktop. When the above java calculator is run, one should get a sandbox popup as well as seeing the app itself as well as a text license agreement box bordered in Green (showing that these things are isolated). Resetting the sandbox will wipe them out. Without the sandbox setting change it can be seen that Comodo will only isolate the one in Downloads and not the one run from the Desktop; which the setting change both will be in Jail. And by the way- the sandbox is set to run in Full V mode all the time- the old Partially Limited, Limited, etc don't exist anymore.
But it actually was good that you tested in the way that you did as it exposed the relative ineffectiveness of Comodo's AV (which is why I would never bother with CIS and instead go with CF).
At default settings the sandbox is set to only protect files coming from the Internet, which means ONLY things in the Downloads directory will be auto-sandboxed (isn't that insane?). As your malware pack wasn't in that directory none of these things were isolated and thus got through. In order to rectify this foolishness, CIS users should make this change to the Sandbox setting- Edit the first “Run Virtually” setting from “Internet” to “Any”. The sandbox can (and should) be tested with the following calculator app:
http://www.mariottini.net/roberto/superbcalc/
Download the above app twice- put one in the Downloads directory and save another one to the desktop. When the above java calculator is run, one should get a sandbox popup as well as seeing the app itself as well as a text license agreement box bordered in Green (showing that these things are isolated). Resetting the sandbox will wipe them out. Without the sandbox setting change it can be seen that Comodo will only isolate the one in Downloads and not the one run from the Desktop; which the setting change both will be in Jail. And by the way- the sandbox is set to run in Full V mode all the time- the old Partially Limited, Limited, etc don't exist anymore.
But it actually was good that you tested in the way that you did as it exposed the relative ineffectiveness of Comodo's AV (which is why I would never bother with CIS and instead go with CF).
- Sep 9, 2013
- 1,054
Similar threads
