Regarding Comodo

Status
Not open for further replies.

Elemec

Level 1
Verified
Jan 23, 2015
111
Alright , I'm experiencing no lag or alikes. Only thing i noticed is that both TF2 and my brower (Baidu Spark.) Dont get instantly Sandboxed , Any reasons? (Proactive mode is on , And run virtually is for any file)
 

vivid

Level 5
Verified
Dec 8, 2014
206
Alright , I'm experiencing no lag or alikes. Only thing i noticed is that both TF2 and my brower (Baidu Spark.) Dont get instantly Sandboxed , Any reasons? (Proactive mode is on , And run virtually is for any file)

Probably related to Viruscope.
 
H

hjlbx

... and the last time it sandboxed an executable from my ati software...

Some AMD/ATI Catalyst Control Center modules are not yet on COMODO's Trusted white list. Consequently, if you do not perform a Rating Scan and transfer those modules to the Trusted File list they will get auto-sandboxed as Unrecognized. The AMD/ATI stuff is legit but digitally unsigned so, despite being from a Trusted Vendor, Defense+ does not recognize them as Trusted.

Even running fully virtualized it was bad news on my AMD system running W8.1. Experienced issues up to an including an unbootable system (Black Screen).

Bright side is COMODO has added most ATI CCC modules to the Trusted white list over the past few months. There were still 4 that had not made it the last time I checked about a month ago.
 
Last edited by a moderator:
  • Like
Reactions: Nikos751

Elemec

Level 1
Verified
Jan 23, 2015
111
My comodo detected and removed a file called " netfilter.sys " , I feel a lot safer with both comodo and 360 total security.
Anyways , What does said .sys do?
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
http://systemexplorer.net/file-database/file/netfilter-sys

Its something to do on network interface cards, if you feel its like an error for detecting it then you need to revert the changes. Because Comodo isn't yet full on the trusted vendor list to isolate those legitimate files and other crucial components.

My comodo detected and removed a file called " netfilter.sys " , I feel a lot safer with both comodo and 360 total security.
Anyways , What does said .sys do?
 

Elemec

Level 1
Verified
Jan 23, 2015
111
http://systemexplorer.net/file-database/file/netfilter-sys

Its something to do on network interface cards, if you feel its like an error for detecting it then you need to revert the changes. Because Comodo isn't yet full on the trusted vendor list to isolate those legitimate files and other crucial components.

Apparently it was a virus disquising as Netfilter.sys , Since it was on c:\windows , istead c:\window\system32
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Apparently it was a virus disquising as Netfilter.sys , Since it was on c:\windows , istead c:\window\system32

Yes I've found also in some research that it can be a virus, it will differ on the publisher company/ digital signature since the original itself is came to be on Microsoft.

Any idea where do you encountered this .sys?
 

Elemec

Level 1
Verified
Jan 23, 2015
111
Yes I've found also in some research that it can be a virus, it will differ on the publisher company/ digital signature since the original itself is came to be on Microsoft.

Any idea where do you encountered this .sys?
As far as i know , These nasty viruses that disquise as " Original Microsoft stuff " Comes from downloads. I probably downloaded something infected and it come along. Both 360 total security , My old avg and comodo detected some of the children of said virus , And comodo then killed the fake .sys
 

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
If you still have netfilter.sys on your system, see if it is signed by AdPeak. That company is pretty active in the world of adware and netfilter is common to all their stuff.
 

Elemec

Level 1
Verified
Jan 23, 2015
111
Alright , It was from AdPeak , But isnt on my pc anymore.
Pretty decent perfomance , My only problem (Which probably is because of my internet) Is that sometimes , Some pages takes years to load or even crash my browser.
 

Elemec

Level 1
Verified
Jan 23, 2015
111
Also , What would be " DigitalLocker " On c:\windows? I've seen it , And clicked , It appears " En-US " But inside it there's nothing.
 

Elemec

Level 1
Verified
Jan 23, 2015
111
Kay , It runs very well , Reboot is always 36-1min dependent of things , Feels good.
But , I would want to ask , Is there any need of cryptoprevent?
 

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
I must make a change to my past comments regarding the optimal settings for Comodo Firewall, specifically in regard to the different Configuration settings.

Formerly I had thought that changing the Configuration setting from “Firewall Security” to “Proactive Security” would be the easiest way to achieve maximum protection. Sadly I made this statement without adequate testing being done, and now that I have (and found this change to be lacking), I would suggest any who use CF to change the configuration back to Firewall Security with the following added change made to the Sandbox setting- Edit the first “Run Virtually” setting from “Internet” to “Any”. This can be seen in the installation video found on this post at 6:46.
 

Elemec

Level 1
Verified
Jan 23, 2015
111
I must make a change to my past comments regarding the optimal settings for Comodo Firewall, specifically in regard to the different Configuration settings.

Formerly I had thought that changing the Configuration setting from “Firewall Security” to “Proactive Security” would be the easiest way to achieve maximum protection. Sadly I made this statement without adequate testing being done, and now that I have (and found this change to be lacking), I would suggest any who use CF to change the configuration back to Firewall Security with the following added change made to the Sandbox setting- Edit the first “Run Virtually” setting from “Internet” to “Any”. This can be seen in the installation video found on this post at 6:46.

Done.
 

Elemec

Level 1
Verified
Jan 23, 2015
111
Everything's fine. I downloaded a virus pack for test quihoo , It detected only 1 of 6000 in a .rar , However it simply detected the entire rar as a virus and removed. I got a little scared of my pc getting infected (I didnt unzip , So i was safe) But later i got calm again.
I would like to ask , @cruelsister , What's your opinion on baidu products?
 

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
In a nutshell, Qihoo takes their Security product more seriously than Baidu, evidence of which can be found in raw detection scores. Proactive protection is also more mature (and effective) with Qihoo.
 
  • Like
Reactions: Cats-4_Owners-2
3

379EXHD

We have run CFW on two computers with cruelsisters's settings in this tread . It has been almost a year with no problems compatibility wise or infection wise. These are just everyday family computers used for games by the kids and banking and shopping by their parents. The only security software other than CFW on the computers is Adguard. This is just some positive feedback . Posted here because this was the thread that motivated us to try it. Thanks again cruelsister.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top