Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Comodo
Comodo Internet Security 2025 does not contain RANSOMWARE (bypass, infection and lost of files)
Message
<blockquote data-quote="Andy Ful" data-source="post: 1107860" data-attributes="member: 32260"><p>It looks like a few possible Comodo bypasses recently posted on MT might discourage some readers from using CIS. I do not think that it is justified.</p><p>CIS on default settings is as good as any popular AV on default settings. Indeed, the Comodo detection is rather poor, but it is strongly supported by the auto-containment.</p><p>If one wants very strong protection then the below solutions are very similar (high number of false positives):</p><ol> <li data-xf-list-type="ol">Microsoft Defender (ConfigureDefender HIGH or MAX settings) + Smart App Control.</li> <li data-xf-list-type="ol">Kaspersky (paid) with [USER=36043]@harlan4096[/USER] settings.</li> <li data-xf-list-type="ol">Microsoft Defender + Comodo Firewall ([USER=7463]@cruelsister[/USER] settings) + Script Analysis tweaks (or Defender ASR rules).</li> </ol><p>I am not sure about the setup similar to point 3 based only on CIS. I cannot evaluate the impact of the attacks based on pure DLL hijacking (benign EXE + malicious DLL and nothing else). The detection of DLLs by CIS is poor, and containment cannot help either. So, the protection against such attacks depends mainly on HIPS. There are no tests that could show how effective can be HIPS. However, pure DLL hijacking attacks are probably very rare in the non-enterprise environment, so it is possible that CIS protection can be similar to those previously mentioned. I mentioned Microsoft Defender because from my tests it follows that it has the top detection of malicious DLLs, so it can support the potential weakness of Comodo.</p><p></p><p>I am not going to discuss other aspects like detection, usability, performance, etc. Some people like the protection model of CIS, and many probably do not. But all can live in peace. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></p></blockquote><p></p>
[QUOTE="Andy Ful, post: 1107860, member: 32260"] It looks like a few possible Comodo bypasses recently posted on MT might discourage some readers from using CIS. I do not think that it is justified. CIS on default settings is as good as any popular AV on default settings. Indeed, the Comodo detection is rather poor, but it is strongly supported by the auto-containment. If one wants very strong protection then the below solutions are very similar (high number of false positives): [LIST=1] [*]Microsoft Defender (ConfigureDefender HIGH or MAX settings) + Smart App Control. [*]Kaspersky (paid) with [USER=36043]@harlan4096[/USER] settings. [*]Microsoft Defender + Comodo Firewall ([USER=7463]@cruelsister[/USER] settings) + Script Analysis tweaks (or Defender ASR rules). [/LIST] I am not sure about the setup similar to point 3 based only on CIS. I cannot evaluate the impact of the attacks based on pure DLL hijacking (benign EXE + malicious DLL and nothing else). The detection of DLLs by CIS is poor, and containment cannot help either. So, the protection against such attacks depends mainly on HIPS. There are no tests that could show how effective can be HIPS. However, pure DLL hijacking attacks are probably very rare in the non-enterprise environment, so it is possible that CIS protection can be similar to those previously mentioned. I mentioned Microsoft Defender because from my tests it follows that it has the top detection of malicious DLLs, so it can support the potential weakness of Comodo. I am not going to discuss other aspects like detection, usability, performance, etc. Some people like the protection model of CIS, and many probably do not. But all can live in peace. (y) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
