Advice Request Using COMODO Firewall as a default-deny security software

Please provide comments and solutions that are helpful to the author of this topic.

Do you like this COMODO concept?

  • Yes

  • No

Results are only viewable after voting.
Status
Not open for further replies.
TheMalwareMaster, comodo maybe back in 2005 (more or less) was very simple app. Hips was perfect. Right now it's better to disable containment, or disable hips. Back in 2012 i set comodo to block everything unknown because i had to share my PC with 8 years old daughter (When she was 6 years and 6 months old I taught her how to use Sandboxie, how to react in comodo and Avira's alerts). Comodo blocked some trojans without damage to my computer (without antivirus installed).
 
  • Like
  • Love
Reactions: kylprq, AtlBo and TheMalwareMaster
Maxwell Sien said:
If you disable cloud look up (cloud scan), I think geek buddy prompt will stop. CMIIW
Click to expand...
If I disable cloud lookup, keep the original trusted vendors list and I try to run the installer for a new chrome version, that will be blocked or allowed?
 
  • Like
Reactions: AtlBo
Geek buddy? Try this: settings (leave only ,,show notification messages", unchek other things). And when you see geekbudy look for ,,do not show alerts". Maybe that will help? I don't remeber the last time i saw this alert. Maybe last year?
 
  • Like
Reactions: AtlBo and TheMalwareMaster
Bombus said:
Geek buddy? Try this: settings (leave only ,,show notification messages", unchek other things). And when you see geekbudy look for ,,do not show alerts". Maybe that will help? I don't remeber the last time i saw this alert. Maybe last year?
Click to expand...
I have only selected "show notification messages" and I disabled the messages from COMODO message centre, but I still see geekbuddy. Maybe one is forced to tick the option "do not show again" in the notification
 
  • Like
Reactions: AtlBo
In the end, is the cloud lookup needed for something or it can just cause troubles for whitelisted malware?
 
  • Like
Reactions: AtlBo
TheMalwareMaster said:
In the end, is the cloud lookup needed for something or it can just cause troubles for whitelisted malware?
Click to expand...

Cloud database is more update than Newest AV database. AV database will catch up Cloud database in next update. (I have confirmed it in Comodo forum)

Cloud Scan is for protect user between each interval of AV Database update.
 
Last edited:
  • Like
Reactions: floalma, AtlBo, Bombus and 1 other person
Maxwell Sien said:
Cloud database is more update than Newest AV Signature. AV Signature will catch up Cloud Signature in next update. (I have confirmed in Comodo forum)

Cloud Scan is for protect user between each interval of AV Database update.
Click to expand...
Yes, but I'm running comodo firewall, so I don't have the local AV database, but only the default-deny sandbox and the cloud scanner. I was asking if the cloud was really needed for something
 
  • Like
Reactions: AtlBo
If you have the cloud lookup disabled and you try to install a product present in the trusted vendors list, COMODO won't block it. Can you link me some safe unsigned software?
 
You can try this : Как подготовить лог SecurityCheck by glax24 This tool is used in safezone and Kaspersky forums to check for missing updates. I used that file yesterday. Comodo autocontainment isolated securitychek. After i unblocked it, firewall gave me alert. I let it go to internet. After all job done, i removed it from file ratings. Cloud Was enabled. Today i launched it, and it was blocked by comodo. That means, cloud isn't working???
 
  • Like
Reactions: TheMalwareMaster and AtlBo
I have never used torrents, but I know utorrent is bundled with a lot of junk.
I installed utorrent in my VM, without unticking anything (as a beginner would do)
-Cloud lookup enabled: only an EXE is blocked during installation. In the end, I have ByteFence antimalware installed, a PUP detected by malwarebytes. But that can be easily uninstalled
-Cloud lookup disabled: some scripts are blocked and, in the end, I have no PUPs installed
 
  • Like
Reactions: Bombus and AtlBo
TheMalwareMaster said:
Can you link me some safe unsigned software?
Click to expand...

If Ignatu or Elaborate Bytes aren't in the TVL those are a couple of apps Ive been using for years in SmartPower and Virtual Clone. I can link one of them if you don't see the dev in the vendor list. Not sure I think they are both seen as unsigned.

EDIT actually I think Virtual Clone is signed but not Smart Power.
 
  • Like
Reactions: TheMalwareMaster
TheMalwareMaster said:
I have never used torrents, but I know utorrent is bundled with a lot of junk.
I installed utorrent in my VM, without unticking anything (as a beginner would do)
-Cloud lookup enabled: only an EXE is blocked during installation. In the end, I have ByteFence antimalware installed, a PUP detected by malwarebytes. But that can be easily uninstalled
-Cloud lookup disabled: some scripts are blocked and, in the end, I have no PUPs installed
Click to expand...
Do you mean, that ByteFence was installed into computer? It didn' go to autocontainment?
 
  • Like
Reactions: TheMalwareMaster and AtlBo
TheMalwareMaster said:
I have never used torrents, but I know utorrent is bundled with a lot of junk.
I installed utorrent in my VM, without unticking anything (as a beginner would do)
-Cloud lookup enabled: only an EXE is blocked during installation. In the end, I have ByteFence antimalware installed, a PUP detected by malwarebytes. But that can be easily uninstalled
-Cloud lookup disabled: some scripts are blocked and, in the end, I have no PUPs installed
Click to expand...

Can we conclude that Cloud Already whitelist Bytefence?
 
  • Like
Reactions: AtlBo and TheMalwareMaster
Status
Not open for further replies.

You may also like...