Advice Request Using COMODO Firewall as a default-deny security software

Please provide comments and solutions that are helpful to the author of this topic.

Do you like this COMODO concept?

  • Yes

  • No

Results are only viewable after voting.
Status
Not open for further replies.
B

Bombus

Level 2
Verified
Jun 12, 2016
50
TheMalwareMaster, comodo maybe back in 2005 (more or less) was very simple app. Hips was perfect. Right now it's better to disable containment, or disable hips. Back in 2012 i set comodo to block everything unknown because i had to share my PC with 8 years old daughter (When she was 6 years and 6 months old I taught her how to use Sandboxie, how to react in comodo and Avira's alerts). Comodo blocked some trojans without damage to my computer (without antivirus installed).
 
  • Like
  • Love
Reactions: kylprq, AtlBo and TheMalwareMaster
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
Maxwell Sien said:
If you disable cloud look up (cloud scan), I think geek buddy prompt will stop. CMIIW
Click to expand...
If I disable cloud lookup, keep the original trusted vendors list and I try to run the installer for a new chrome version, that will be blocked or allowed?
 
  • Like
Reactions: AtlBo
B

Bombus

Level 2
Verified
Jun 12, 2016
50
Geek buddy? Try this: settings (leave only ,,show notification messages", unchek other things). And when you see geekbudy look for ,,do not show alerts". Maybe that will help? I don't remeber the last time i saw this alert. Maybe last year?
 
  • Like
Reactions: AtlBo and TheMalwareMaster
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
Bombus said:
Geek buddy? Try this: settings (leave only ,,show notification messages", unchek other things). And when you see geekbudy look for ,,do not show alerts". Maybe that will help? I don't remeber the last time i saw this alert. Maybe last year?
Click to expand...
I have only selected "show notification messages" and I disabled the messages from COMODO message centre, but I still see geekbuddy. Maybe one is forced to tick the option "do not show again" in the notification
 
  • Like
Reactions: AtlBo
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
In the end, is the cloud lookup needed for something or it can just cause troubles for whitelisted malware?
 
  • Like
Reactions: AtlBo
Maxwell Sien

Maxwell Sien

Level 2
Verified
Nov 15, 2016
97
TheMalwareMaster said:
In the end, is the cloud lookup needed for something or it can just cause troubles for whitelisted malware?
Click to expand...

Cloud database is more update than Newest AV database. AV database will catch up Cloud database in next update. (I have confirmed it in Comodo forum)

Cloud Scan is for protect user between each interval of AV Database update.
 
Last edited:
  • Like
Reactions: floalma, AtlBo, Bombus and 1 other person
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
Maxwell Sien said:
Cloud database is more update than Newest AV Signature. AV Signature will catch up Cloud Signature in next update. (I have confirmed in Comodo forum)

Cloud Scan is for protect user between each interval of AV Database update.
Click to expand...
Yes, but I'm running comodo firewall, so I don't have the local AV database, but only the default-deny sandbox and the cloud scanner. I was asking if the cloud was really needed for something
 
  • Like
Reactions: AtlBo
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
If you have the cloud lookup disabled and you try to install a product present in the trusted vendors list, COMODO won't block it. Can you link me some safe unsigned software?
 
B

Bombus

Level 2
Verified
Jun 12, 2016
50
You can try this : Как подготовить лог SecurityCheck by glax24 This tool is used in safezone and Kaspersky forums to check for missing updates. I used that file yesterday. Comodo autocontainment isolated securitychek. After i unblocked it, firewall gave me alert. I let it go to internet. After all job done, i removed it from file ratings. Cloud Was enabled. Today i launched it, and it was blocked by comodo. That means, cloud isn't working???
 
  • Like
Reactions: TheMalwareMaster and AtlBo
TheMalwareMaster

TheMalwareMaster

Level 21
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
I have never used torrents, but I know utorrent is bundled with a lot of junk.
I installed utorrent in my VM, without unticking anything (as a beginner would do)
-Cloud lookup enabled: only an EXE is blocked during installation. In the end, I have ByteFence antimalware installed, a PUP detected by malwarebytes. But that can be easily uninstalled
-Cloud lookup disabled: some scripts are blocked and, in the end, I have no PUPs installed
 
  • Like
Reactions: Bombus and AtlBo
AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
TheMalwareMaster said:
Can you link me some safe unsigned software?
Click to expand...

If Ignatu or Elaborate Bytes aren't in the TVL those are a couple of apps Ive been using for years in SmartPower and Virtual Clone. I can link one of them if you don't see the dev in the vendor list. Not sure I think they are both seen as unsigned.

EDIT actually I think Virtual Clone is signed but not Smart Power.
 
  • Like
Reactions: TheMalwareMaster
B

Bombus

Level 2
Verified
Jun 12, 2016
50
TheMalwareMaster said:
I have never used torrents, but I know utorrent is bundled with a lot of junk.
I installed utorrent in my VM, without unticking anything (as a beginner would do)
-Cloud lookup enabled: only an EXE is blocked during installation. In the end, I have ByteFence antimalware installed, a PUP detected by malwarebytes. But that can be easily uninstalled
-Cloud lookup disabled: some scripts are blocked and, in the end, I have no PUPs installed
Click to expand...
Do you mean, that ByteFence was installed into computer? It didn' go to autocontainment?
 
  • Like
Reactions: TheMalwareMaster and AtlBo
Maxwell Sien

Maxwell Sien

Level 2
Verified
Nov 15, 2016
97
TheMalwareMaster said:
I have never used torrents, but I know utorrent is bundled with a lot of junk.
I installed utorrent in my VM, without unticking anything (as a beginner would do)
-Cloud lookup enabled: only an EXE is blocked during installation. In the end, I have ByteFence antimalware installed, a PUP detected by malwarebytes. But that can be easily uninstalled
-Cloud lookup disabled: some scripts are blocked and, in the end, I have no PUPs installed
Click to expand...

Can we conclude that Cloud Already whitelist Bytefence?
 
  • Like
Reactions: AtlBo and TheMalwareMaster
Status
Not open for further replies.

Similar threads

Amnesia
    • Like
Advice Request Decade old Firewall hardware, a huge security risk or beneficial under the right usage?
Replies
9
Views
349
General Security Discussions
simmerskool
simmerskool
Trident
    • Like
    • Applause
    • +Reputation
  • Poll
Serious Discussion Pre-execution vs post-execution protections explained
Replies
6
Views
1,075
General Security Discussions
Trident
Trident
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
862
ChromeOS & Linux
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top