- Nov 17, 2016
- 1,242
Wouldn't Comodo Firewall's Autosandbox and Avast Free Hardened Mode overlap since they do the same thing?
CIS 10 stable released
- Thread starter Janl1992l
- Start date
- Status
- Nov 17, 2016
- 1,242
@Mops21 When are the offline installers coming?
- Aug 22, 2013
- 886
Its comodo...it may and it may not. The objective of not providing a standalone installer is to provide an always updated content. Well we can wait and see
Hi
So its
regsrv3 %systemroot%\system32\ vbscript.dll and "Enter", right?
At step 3 (above) after "Enter" it says 'regsrv3' is not recognized as an internal or external command, operable program or batch file
BTW, a bit confusing following your instructions. Can write it down, please?
Thanks
- Dec 29, 2014
- 1,716
Anyone know why Comodo uses the "Purge" button as the way to keep the various file lists fresh? Seems like the program could just offer user the chance to purge for themselves with a choice box or else auto-purge. Maybe I'm not seeing a problem here.
- Jul 6, 2015
- 153
What you meant is CyberCapture, previously known as DeepScreen. Hardened Mode at Aggressive setting is more like an application white list and does not involve the sandbox This could be why it copes with Comodo AutoSandbox. Not sure about the moderate setting though.
Last edited:
- Dec 8, 2014
- 206
Huh? Offline installer was posted.
- Nov 17, 2016
- 1,242
Comodo does seem like an application whitelist except it autosandboxes instead of autoblocks.
It now has an option to auto-block.
- Nov 17, 2016
- 1,242
Yeah. In this context though, he might be using autosandbox.
- Dec 29, 2014
- 1,716
Is there a way in Comodo Firewall to do this:
HIPS or another component responds to unknown with "ask"->Allow Block or Whitelist->If Allow autosandbox
Don't want four or 5 pop ups from HIPS...just a chance to block or blacklist, then auto-sandbox the unknown on allow.
HIPS or another component responds to unknown with "ask"->Allow Block or Whitelist->If Allow autosandbox
Don't want four or 5 pop ups from HIPS...just a chance to block or blacklist, then auto-sandbox the unknown on allow.
Its there in Comodo Cloud AV But not in CIS/CFW.
- Dec 29, 2014
- 1,716
Thanks. Almost worth it to me to have that. I have NVT ERP, but it's not quite the same. Guess I need to learn more about Trusted Publishers and unsigned alerts in NVT ERP, see if I can make the pop ups stand out more. Not many trusted Publishers in the list by default.
- Aug 31, 2016
- 578
These instructions are all over the Internet and they all have the same typo! Obviously noone has actually tested it works before posting!
It should be regsvr32 not regsrv3.
Nb it's svr and not srv
- Nov 26, 2016
- 699
People just copy stupid guides without actually checking them...
Hi
Thanks @Terry Ganzi and @askmark
Couldn't get rid of the message during start up so I spent the whole morning formatting my laptop and re-installed CFW 10 latest version and now everything is fine.
Thanks @Terry Ganzi and @askmark
Couldn't get rid of the message during start up so I spent the whole morning formatting my laptop and re-installed CFW 10 latest version and now everything is fine.
- Sep 9, 2012
- 470
Hi you must run the Chrome sandbox Comodo? Or Comodo Protects against exploits without chrome running in the sandbox. According to Me every unknown process will be sandboxed at it exploit or some other malware.
Last edited:
- Jul 3, 2015
- 8,153
If you want proper exploit protection, run chrome in sandbox, because of fileless exploits, if you are concerned about them.
COMODO HIPS, if you have it enabled, does trigger a prompt when a trusted app tries to execute another process. But it will not monitor the actions of a trusted process, such as chrome. So it might see the exploit as Chrome, and not block its actions.
Furthermore, HIPS allows system processes to execute another (trusted) process without triggering a prompt -- although the actions of that second process will trigger a prompt.
In short, the default HIPS settings will not provide full exploit protection.
Another option: You can set up COMODO HIPS to alert for any vulnerable processes that you might be concerned about, such as the two cmd.exe processes, for instance. Just mark that process as "unknown", and make an "ignore" rule for it in sandbox. (You only need to make the ignore rule if you are in proactive config).
This way, you will get a HIPS alert every time the process executes, because it is "unknown", and you can then whitelist the command line strings you need, when you get the prompt for it.
A third option: you can make "block" rules in autosandbox for processes such as powershell, wscript, etc. These rules support wildcards, such as C:\*\powershell*.exe
- Sep 9, 2012
- 470
So because it is chrome credible process triggers harmful thread as trustworthy? This can be avoided assistance (voodooshield paid) or AppGuard or novirustnx)
- Jun 12, 2014
- 314
Chrome is already using the most sophisticated sandboxing available on Windows. The slave processes, which handle the untrustworthy code and have a chance of being exploited, have no file system access, can't spawn child processes and can't access the memory of other processes. Aside from that, the chances of running into an actual Chrome 0-day is so small that worrying about it rather qualifies as the early stages of fear and paranoia related mental diseases than being careful.
Chrome users get infected by downloading and executing the malware on their own and not through 0-day exploits.
Chrome users get infected by downloading and executing the malware on their own and not through 0-day exploits.
- Status
