The products boast such a wide range of computer protection tools as Comodo Internet Security. This free, powerful, user-friendly, complex antivirus with a pleasant interface would be good for everyone, if not for its settings, which often baffle a novice (and not only) user.
Honestly, the question so often asked of how to properly configure Comodo Internet Security seems to us to be incorrectly posed, because it all depends on how you are going to use this program, and what is of higher priority for you in protection. That is why we decided to pay attention only to the most important and worrisome questions for the bulk of users on setting up this antivirus.
Basic installation settings
But before proceeding with their consideration, let's say a few words about some of the settings that the user has to face when installing the program. First of all, pay attention to the suggestion of the Installation Wizard “Get additional security by going to COMODO SecureDNS server”. This checkbox is desirable if it is, of course, checked. If you leave it, all your connections will be passed through a special server from Comodo, where they will be analyzed and checked for threats; it will also replace your ISP's DNS addresses with Comodo's DNS addresses, which in turn can cause Internet problems in general.
You can only use this option by consulting your provider. In addition, some of the sites that you previously visited may be blocked if Comodo suddenly considers them to be potentially dangerous.
The second point, "Analysis of Application Behavior", need not be touched. The third checkbox can be unchecked or left as desired. After the installation is complete, the program will offer to select the type of network. Please note that Home and Work networks are internal and therefore, if you intend to work on the Internet, you must choose the "Shared Zone" network safely ignoring all the notes.
Okay, okay. Let's move on to the general settings. The advanced settings module is divided into two blocks: general settings and security settings. First, let's take a look at the general settings.
Interface
You don't have to change anything here. The “password settings” option is only useful if other people are actively using your computer. You can also leave the update and logging options unchanged.
Configuration
If real-time system protection is a priority for you, we recommend changing the configuration to proactive (Proactive Security). If the main emphasis is on protecting your computer while browsing the Internet, you should leave the Internet Security configuration.
It is also possible to exclude programs (executable files) and processes. Please note that this setting (exclusions) applies to all types of scans, including real-time protection.
Protection +. HIPS settings
So, HIPS or Host Intrusion Protection. The use of this technology will increase the security level of the system. Without going into details, HIPS can be defined as a technology that allows you to create rules governing behavior and defining the rights of any applications.
And HIPS technology can also be compared with controlling network access. HIPS works based on proactive protection. This means that this technology does not use virus databases; it either prohibits or permits something.
If you decide to use Host Intrusion Protection, we recommend that you first switch the program to learning mode. In the course of your work on the computer, the program will ask various questions related to security, and you will answer them. Thus, the program will learn how to respond correctly to certain actions. If you are absolutely sure that your computer is clean, you can set the “Clean PC” mode. In this case, monitoring will be carried out only with any subsequent changes in the system.
If you suspect the presence of malicious objects in the system, you can switch to safe mode. When you switch to paranoid mode, almost all changes on the computer will be monitored. You can clarify what exactly will be monitored by clicking on the "Monitoring settings" link. We also recommend checking the boxes as shown in the screenshot above.
HIPS rules
This subsection lists all the default rules in Comodo Internet Security. It is not necessary to change these settings. The same goes for the subsection “Rulesets”.
Protecting files, registry and COM interfaces
All files protected by default, important registry keys, and COM interfaces are listed here. In most cases, no additional user action is required here. However, if you want or need, you can add selected files, file groups, folders, processes, and hives (or individual keys) of the system registry.
Behavioral Analysis
This function is designed to protect your computer from possible infection when suspicious programs are launched. This means that a program identified by Comodo Internet Security as suspicious or unknown will automatically run in the sandbox. The default mode for processing unverified applications is “Partially restricted”. It is not necessary to change it. Also pay attention to the option “Do not block files from this list”. Here you can set exclusions for trusted files and processes.
Sandbox
But here everything is the other way around, you can forcefully specify which applications should be launched in a virtual environment. At the same time, it is also possible to set the level of restriction for the application (limited, untrusted, suspicious, etc.), as well as the size of the memory allocated to the application and the time of its operation. The rest of the settings can be left unchanged. Set the password for the virtual kiosk at will.
Like
Like
Tweet
What is the strength of Comodo Antivirus
If you read my article and news about WikiLeaks, then you are aware that now everything is hacked - from printers to smart TVs. Antiviruses, once designed to protect computers from threats, have become clumsy harvesters with functions that can only be called whistleblowers. Well, why does the antivirus come with a password manager, another browser, a system optimizer and other things? They are not directly related to the elimination of virus threats.
But sandbox mode- another thing. It does not relieve, but protects against viruses by running unknown programs in a mode isolated from the surrounding system. The isolation is not complete, but sufficient to protect critical parts of the operating system.
- Instead of real system files, isolated software works with duplicates, so after infection of the virtual system or damage to system files, all changes will simply be deleted, Windows will work as if nothing had happened.
- Important folders with confidential information (saved passwords in the browser, cookies with authorization on websites, etc.) will be hidden from isolated programs (configured manually), so the launched Trojan will not be able to steal them.
In Comodo Antivirus, the sandbox mode is called Comodo Sandbox (or Containment in the new version). It is not unique - a similar mode is built into Avast Pro Antivirus and Avast Internet Security, as well as in the separate Sandboxie program. Previously, it was in the antivirus Kaspersky Internet Security, but for some reason the developers abandoned this function. All these programs are paid, while the antivirus from Comodo free.
Comodo Antivirus benefits:
- Free (really free!).
- Sandbox mode.
- Lots of settings.
Flaws:
- Intrusiveness - the program offers to upgrade to the paid version (disabled in the settings).
- Impact on performance - slow computers slow down if you do not turn off some of the functions.
- Unnecessary software is installed with the program.
You can overcome the disadvantages, I will tell you about this below.
Where can I download
The Comodo Antivirus installer can be found on the official website: https://ru.comodo.com/software/internet_security/antivirus.php(green button "Download for free").
Antivirus works in Windows 10, 8, 7, Vista and XP operating systems.
Key features:
- Default Deny technology (blocks the launch of known malicious programs).
- Auto Sandbox technology (or Auto-Containment, launching unknown programs in sandbox mode).
- Quarantine (so as not to permanently delete a suspicious file and be able to restore it).
- Cloud-based whitelisting system (developers have a file reputation database)
- Game mode (the antivirus lacks notifications and does not load the processor when the game is running)
How to install
After downloading and running the installer, take your time to run through the installation. Look carefully - at some stages you need to remove the jackdaws. For example, in the second window, not very popular software is offered:
In the next step, you most likely will not want to send statistics of the antivirus operation to the developers:
Then there will be a step of configuring Comodo Dragon - a protected browser, a relative of Chrome. You have your favorite browser, right? Therefore, remove both jackdaws:
After that, the installation will start:
After the installation is complete, the antivirus will start a full scan of the computer. During its operation, you can already start setting up.
Do not forget to remove the software installed in the load for the antivirus. Go to Control Panel - Programs and Features (in Windows 10, the classic Control Panel is invoked by right-clicking on the Start Menu icon - Control Panel) and uninstall Comodo Dragon and Comodo GeekBuddy.
Customization
Antivirus is VERY intrusive without setting it up. Therefore, in the main window, click "Settings":
Tab General settings - Interface. This is where the intrusive nature of the program is tamed:
Then you need to configure the actual operation of the anti-virus module. Tab Antivirus - Antivirus monitoring:
There are two important checkboxes here that affect computer performance and security.
Setting the checkbox to "Scan memory when starting the computer" will slow down the computer's startup, but the malware registered in startup will be detected faster.
The "heuristic analysis level" affects the quality of detection of unknown viruses. Without heuristics, antivirus can detect only those that are known in the database. With a high level of heuristics, the number of false positives is high and programs in general will become slower. In general, it's up to you to decide. On slow PCs, enabling heuristics will noticeably slow down the launch of programs.
HIPS mode- perhaps the second most important after the "sandbox" advantages of Comodo Antivirus:
HIPS stands for Behavioral Program Analysis. What exactly is monitored can be configured by clicking "Monitoring Settings":
By default, there is a safe mode, in which, in case of any serious interference with the work of the system, a question will be asked (appears at the bottom right of the screen) to select a program category - allow, deny, refer to trusted, and so on.
HIPS has a drawback: initially, this antivirus module does not know about your system nothing and gets him with questions. Even a full scan of disks with an antivirus will not let him know what programs are doing what and what they need to be allowed. All questions will appear while the programs are running. The most common problem is the appearance of a prompt after opening documents through the "Open with" menu item. It is annoying and tiring. Therefore, if you are convinced that the programs on your computer are safe, you can speed up the "training" process by switching HIPS to learning mode (instead of "Safe mode" put "Learning mode"). The antivirus will compose the rule base, allowing all software actions during your work. Then, a week later, HIPS needs to be switched to "Safe Mode" again, and then requests will appear only when the behavior of the programs differs from the previously recorded one.
Any rules - both for programs and the behavior of the antivirus module - are configured in the remaining tabs of the HIPS section. You can protect registry keys and files of some important programs for you that the antivirus developers did not know about.
All of this sounds complicated enough and does not add to the convenience of users who just use the computer. But if you care about security, HIPS mode will be your faithful assistant in the business of protection.
Please note that in the screenshot above, I marked the option "Perform heuristic analysis on the command line for specific applications." Withdrawal checkboxes from this item will save you from the windows that appear that the program at the address "C: \ Program Data \ Comodo \ Cis \ tempscript \ C_cmd.exe ..." has entered the sandbox.
UPD from 04/04/2017: Thanks to Georg for the amendment: it turns out that my advice is to check the box "Adapt the mode of operation with low system resources", which causes a decrease in performance.
Sandbox antivirus is configured in the section Sandbox - Sandbox Settings (Containment in the new version):
In principle, there is nothing to configure here, except, perhaps, for the moment that by default the browser folders with all the settings are available for sandboxed programs. This is fraught with the theft of passwords saved in browsers and the installation of "left" add-ons to them. Therefore, click on "... the specified files and folders", then right-click on "Shared Areas" - "Change" - "Yes" - a new window will open where you can remove the required permissions:
Then the programs running in the "sandbox" will not be able to get to the private data.
Whether you need cloud verification is up to you. It does not significantly affect performance, I did not notice any changes.
Chapter VirusScope it's better not to touch it, everything is optimal there:
What affects the speed of the PC
By the speed of work, I mean:
- time from turning on the computer until the desktop is fully loaded,
- the speed of launching programs and their reaction during the operations of writing and reading data from the disk.
Both are influenced by the degree of paranoia of the antivirus. The fewer functions are enabled, the higher the speed of work.
If your computer is slow, disable:
- Heuristic analysis (Settings - Antivirus - Antivirus monitoring - bottom item).
- HIPS (alas, it greatly slows down the speed of programs). Disabled in the settings and in the antivirus menu when you click on its icon near the clock.
- The function of automatically launching programs in the sandbox (Settings - Sandbox - Auto-Sandbox - uncheck the box "Use Auto-Sandbox").
One more point: the antivirus, on duty, must scan all open files, run programs and analyze their content and activity. If the files have been scanned earlier, the scan speed increases many times over. So full check immediately after installing the antivirus, it is necessary for the antivirus to know what's what.
Afterword
Comodo Antivirus is an example of good software. Yes, a browser and GeekBuddy are installed along with it, but after finishing the antivirus it performs its task without hindrance. Unlike competitors, it tries to do only what it is designed to do - protect against threats. And in three ways:
- Standard virus scan.
- Behavior analysis.
- Running in isolated sandbox mode.
Can you ask for more from a free antivirus?
But about paid software I want to say a couple of gentle ones. In my opinion, security developers should have high qualification... Or they should work according to the rules dictated by common sense. After all, people pay them money and trust them not for their pretty eyes. What can be said about the developers from Trend Micro, who allowed the opening sites to execute any commands on the computer and steal user passwords. Is this complete carelessness or what? The developers just made a security hole like this:
The developers of the hero of today's note also proved their carelessness. The GeekBuddy program, which is installed with Comodo Antivirus, in its first versions allowed connecting to a computer no password. Think about it: the user help program for displaying screen content (to solve the problem, Comodo support should see it) had the same password on all computers! Of course, the problem was eliminated, but with the proper level of responsibility, it would not exist at all.
Like
Like
Summary of previous articles: an example of setting up and using Comodo Internet Security 8
Attention! The article is addressed to users who have experience using the Comodo Internet Security complex and have read previous articles about it. It is recommended that "beginners" study this product first. For information and relatively effective use, the following setting procedure is proposed:
- disconnect the computer from the Internet and / or local network;
- install CIS;
- open "Main Window"> "Tasks"> "Advanced Tasks"> "Advanced Configuration";
- on the "General Settings"> "Configuration" tab, double-click on the "Proactive Security" line;
- on the tab "Protection +"> "Sandbox"> "Auto-Sandbox" disable the option "Use Auto-Sandbox";
- on the "HIPS" tab> "Protected objects"> "Protected files" add any file via the context menu;
- through the context menu replace the added line with?: \ *
- click "Ok" to close the settings window;
- open "Main Window"> "Tasks"> "Firewall Tasks"> "Hide Ports";
- select the option "Block incoming connections";
- reboot;
- connect the computer to the network.
Preliminary remarks
This setup procedure is abbreviated. The purpose of this article is to give readers a guideline in the variety of configuration options for Comodo Internet Security. It is assumed that readers are familiar with the previous articles and understand the reasons for the recommendations. Only the most general setting details are given here. Additional measures, for example, against bypassing the firewall (through interprocess memory access, DNS queries and BITS), protection against ransomware or keyloggers, are described in the article on using proactive protection; about access to the local network - in the article on firewall, etc.
Let me emphasize that this configuration is not "maximum", but more or less balanced in terms of protection and usability. Unidentified programs in it are automatically virtualized without notifications. HIPS alerts are possible, but very rare.
The proposed option is intended for personal use by an experienced user, but it is not difficult to adapt it for "beginners" or users with limited rights. You can, for example, disable all notifications, or replace the automatic virtualization of unrecognized programs by blocking them, or put the firewall in "Safe mode", etc.
If following these instructions leads to any problems, I ask readers to report in the comments. Messages supported by configuration export files, file list and each CIS log for the entire period, as well as video recording and / or provision of remote access for diagnostics are encouraged.
Installation and configuration
Installation
It is advisable to install CIS on a system that is guaranteed to be free of malware. Let me remind you that you need to update the system and make a backup copy. It makes sense to disable Windows Firewall through Control Panel first.
If the system is clean of malware, it is advisable to "acquaint" CIS with the files on it. To avoid conflicts, you can disable protection components at this time: antivirus, Auto-Sandbox, HIPS, firewall and Viruscope. First, we will perform the "Reputation scan" ("Main window"> "Tasks"> "General tasks"> "Scan") and after it we will make all found files trusted. Then we will launch the various installed programs and their components. Let's reboot. In the advanced settings window, on the File Reputation> File List tab, mark all files and use the context menu to set a trusted rating for them.
Basic setting
After installation, open the "General Settings"> "Configuration" tab in the advanced settings window and enable the "Proactive Security" configuration. We will answer "Postpone" to the reboot proposal.
If the CIS was previously configured, import the original "Proactive Security" configuration from the program directory under a different name and activate it.
If a notification about the choice of the network status appears, select the option “Public place.
On the "Content Filter"> "Rules" tab, make sure that the "Blocked sites" rule is located at the bottom, and change it: add the categories "MVPS Hosts list" and "Symantec WebSecurity" and set the type of restrictions not "Block", but "Ask ".
Context Menu Extensions
To copy files blocked by the antivirus, add the corresponding item in the context menu. All the materials necessary for this with instructions are given in the archive.
Usage
Upon detection of an unidentified program, we do not make any relaxation in protection without making sure that it is safe. The easiest way to check the program for is through the context menu. Note that the absence of antivirus detections is not an absolute guarantee of security. But you can more or less confidently judge the security of a file if it has been known for a long time and leading antiviruses do not recognize it as malicious.
As an additional check, you can run an unknown program in a virtual environment and then send the contents of the VTRoot directory to VirusTotal. You can independently investigate the behavior of an application in a virtual environment by enabling Viruscope with the option "Apply Viruscope action only to applications in Sandbox" and opening the activity report. Also, Viruscope sometimes automatically classifies program behavior as malicious.
To install a new safe program, while holding down the Shift key, call the context menu on its installer and select the "Run as installer" item. If a HIPS alert appears during installation, disable the Remember selection option and select the Install or Update policy. After installing the program, we make its first test run through the context menu item "Run as an installer without elevation" and close the program. Then, on the File Reputation> File List tab, we translate the unrecognized files of this program into trusted ones. We also add the directory with the new program to the trusted ones.
To update the installed program, launch it with the context menu item "Run as installer", perform the update procedure and similarly translate new files from unidentified to trusted.
A situation is possible when the program is launched in isolation even after being added to the trusted ones. This usually happens when the program is larger than 40 MB. The solution is to add the path to such a program to the "AllowedProgs" group.
If any program needs to be temporarily launched without restrictions, we call on it, holding Shift, the context menu and select the item "Run as an installer without elevation". It is important to remember that such a program and its child processes will be able to launch any unrecognized file without hindrance.
When any unrecognized file is first isolated by Auto-Sandbox, a pop-up notification appears. Let me remind you that it is dangerous to click the "No longer isolate" button in it.
If any data should be carefully protected from damage, for example, by ransomware viruses, add the word "WriteProtected" to the end of the name of the directory containing them. The contents of directories like "C: \ Docs \ My Projects - WriteProtected" will be prohibited from being changed by any program other than Explorer. When you need to change the data, either we will temporarily rename the directory, or we will move the data to another directory, and at the end of the work we will return it under protection.
You should look at the event log from time to time, especially the firewall and proactive defense ("Protection +"). There you may find that a certain program requires additional permissions, for example, to perform an update. Then you need to adjust the configuration accordingly.
When any program is blocked by the antivirus, first of all we send it to VirusTotal via the context menu. In case of complete confidence in security, add this program to the trusted ones. If, despite doubts, the program needs to be used, copy it to the exclusions directory. To do this, open the context menu on it while holding Shift, select the "Copy infected file ..." item and save it to the C: \ Exclusions directory. From this directory, the program will be launched as an ordinary unrecognized one in a virtual environment.
If you fear that the program being launched will block the OS interface and prevent the sandbox from clearing, you can limit its execution time. A convenient way to do this is the "Run in Comodo Sandbox as Limited" context menu item suggested in the article on virtual environment.
If it is necessary to execute a questionable program in a real environment, we do it through the item of the extended context menu "Run without restrictions Auto-Sandbox". We control the activity of the program by means of HIPS notifications. To avoid a large number of them, you can immediately select the "Restricted application" or "Isolated" policy in the notification (by enabling the "Remember selection" option). Attention! A malicious program can launch a trusted program, and HIPS will no longer control the activity of the child process, which can cause damage. As a mitigating measure, you can temporarily enable Viruscope in order to observe in more detail the activity of not only the dubious program, but also its child processes, and, if necessary, roll back the changes.
Typically, HIPS notifications in this configuration will appear only when using the menu item "Run without Auto-Sandbox restrictions" or, less often, the items "Run as installer" and "Run as installer without elevation". However, if HIPS announces activity unidentified programs in other cases are an alarm. It may mean that an unrecognized program started before CIS or received SYSTEM privileges. I recommend that you select the "Block and complete execution" option in this notification (by disabling the "Remember choice" option in it), and then check the system for vulnerabilities.
Comodo Internet Security is a free, multi-layered application that protects against hackers and saves information. It is built in a completely different way from what you imagine "Security" and offers multifaceted protection, combining powerful antivirus, industrial-grade firewall with packet filtering, advanced attack prevention and automatic cleanup of unfamiliar files.
Unlike stripped-down versions of commercial software that other companies offer for free, this is a complete, completely functional version of the product.
Users can upgrade to Comodo Internet Security Pro for as little as $ 19.99 per year and get unlimited online help from virus removal experts and a No Virus Guarantee
Comodo Internet Security Secrets
- Antivirus: monitors and destroys any existing malware hidden in the PC
- Anti-spyware: detects and removes spyware
- Anti-rootkit: scans, finds and destroys rootkits on your computer
- Bot-protection: Kills malware that turns your PC into a zombie
- Defense + technology: protects critical system files and blocks viruses before they attempt to install
- Auto Sandbox technology: opens unfamiliar files in an isolated space in which they cannot do harm
- Memory Firewall: advanced protection technology against the smallest attacks in the buffer
- Anti-malware: destroys malware and other malicious processes before they harm the system
System requirements:
Windows 10, Windows 8, Windows 7 / Vista / XP SP2 / Windows 8, 152 MB RAM / 400 MB
Still not sure about the upgrade? Free downloadWhat's special about Comodo Internet Security?
Default Deny Technology (DDP)
Known and listed data files and applications that are safe for your PC are easily recognized and opened on your PC
Prevention-based protection
Firewall and Anti-Virus are combined to stop viruses and malware before they enter the PC
Auto Sandbox Technology
Sandbox is a virtual operating environment for untrustworthy programs that guarantees complete isolation of viruses and malware from the rest of your computer's information.
Personalized security signals
The firewall instantly accepts the rules that you set for downloading programs and configures their signals according to your requirements
Spyware scan
Spyware scanner detects and cleans malicious infections in the registry and on PC drives
Cloud Antivirus
Antivirus cloud scanner detects a malicious file even if the user does not have the latest virus data
Cloud Behavior Analysis
Cloud analysis system instantly identifies zero-day malware
Cloud whitelisting system
Cloud-based whitelisting system easily identifies safe file and publisher status
Filtering malicious web pages
Our SecureDNS service helps you stay safe online by checking the blacklist of dangerous web pages in real time and warning you when you try to connect to them (must be enabled during installation)
Game Mode
Suspends operations such as alerts, antivirus updates or scans that may interfere with the user while playing a computer game
Application management
Allows users to lock PCs to use only secure applications
Scan for viruses in one click
Make sure your computer is clean with one keystroke
Uncluttered, easy-to-use interface
Allows you to view various functions of the Firewall
Full Defense Master
Pre-built security settings for easy point-and-click installation
Unique slider that allows you to change the current protection level
Switch between settings that reflect your preference for the level of protection at a given time
Exclusive access to Comodo's Safe List
List of over 2 million files and applications that can safely open on your PC
What is the advantage of Comodo Internet Security over the antivirus and firewall suite on my computer?
Comodo Internet Security is more than a security suite. More than an anti-virus program. It includes the award-winning Firewall, Intrusion Prevention, Auto Sandbox technology for questionable programs, malware, and buffer overflow protection to provide comprehensive protection against today's many threats.
How is Comodo Internet Security different from other products?
It's simple: warning-based, Default Deny technology. It works by allowing only safe files to run on your system. Suspicious files are opened in a new sandbox.
What is Sandbox technology and how does it protect me?
Sandbox is a virtual operating environment created on your computer for unfamiliar and suspicious programs. Intenet Security automatically launches suspicious programs in the Sandbox, where they cannot make changes to the processes, programs or data of your "real" system. This protection works much better than traditional Anti-Virus, guaranteeing the isolation of any new viruses and the impossibility of causing harm.
Will programs run normally in Sandbox?
Yes. Applications in the Sandbox are run with a carefully chosen set of privileges and are written to a virtual file and register system instead of the real system. This means that untrustworthy (but harmless) applications have complete freedom of operation, while malware is blocked from entering and infecting your computer. This provides the user with reliable and safe operation.
Do programs stay in the sandbox forever?
No. The sandbox is the first part of a good decision making device. After an unfamiliar application has been sent to the sandbox, Internet Security also automatically sends it for confirmation to the Comodo laboratory, where it is analyzed by our experts. If the application is considered harmless, then it is added to the so-called. a global safe list that will be downloaded by all Comodo Internet Security users in the next system update. Once an app is added to the safe list, it no longer goes through the Sandbox. If an application is found to be malicious, it is added to the Comodo Malware Blacklist and will be removed in the next system update.
Is it free for business users too?
Yes. However, enterprises looking to provide protection across large networks will have greater privileges by opting for the Comodo Endpoint Security Manager (CESM).
Can I install only Firewall or Antivirus only?
Yes. You have the option to install only those components that you prefer
Comodo internet Security offers complete protection against viruses, Trojans, worms, buffer overflows, zero-day attacks, spyware and hackers. Comodo Internet Security will warn you of danger whenever malware tries to attack or gain access to your system.
Comodo internet Security combines powerful anti-virus protection, industrial-grade firewall with packet filtering, advanced intrusion protection, application control and anti-spyware. And all this in one extremely powerful program.
It is built in a completely different way from what you imagine "security" and offers multifaceted protection, combining powerful antivirus, industrial-grade firewall with packet filtering, advanced attack prevention and automatic cleanup of unfamiliar files.
Comodo Internet Security suite differs from traditional antivirus software in that it contains other protections such as spyware, parental controls, privacy protection and more. This free Internet Security suite is the full version that you can download and install.
By using this free software, you protect your PC from malware such as viruses, prevent identity theft and protect your children from the evils of the Internet.
Friends, a lot of letters have come with a request to make a review free antivirus Comodo internet security... In my opinion, the antivirus is good and I will recommend it to all my friends, but it has a lot of settings and, most importantly, you have to configure this antivirus when you install it on your computer. I assure you, there is nothing difficult in this and you will succeed. Let's take a look at all the settings of this antivirus together and see how it deals with malware. For our article, let's take a Windows 8 computer infected with viruses, which my acquaintances brought to work.
Note: The Windows 8 operating system has its own built-in "Windows Defender" antivirus, which many users do not know about, details in our article "" A description of most of the existing antiviruses and their rating is described in our other article -.
Letter. Hello, I would like to consult with you about a free antivirus. I bought a new laptop with a preinstalled Windows 8 operating system, I am thinking of installing myself a free antivirus comodo internet security. This antivirus program is installed on my friend's computer and for a year now he has not had any problems with viruses. I read all your articles about free antiviruses, that's why I decided to consult with you. On the Internet, as usual, opinions were divided, who scolds (especially difficult antivirus settings) and who praises. You know, there is even such a service as the help of an expert, that is, a specialist from Comodo can personally help you, but I don’t know if this is available in the free version. What is your opinion?
Free antivirus Comodo internet security
A fairly good antivirus program, or even a whole complex of computer security. Born in the USA, the developer is the American company Comodo Group Inc. This free antivirus carries on board everything a real modern antivirus should have. Particularly good (can be installed separately) and the updated "sandbox", which is now called the Virtual Kiosk. A virtual kiosk is a virtual environment isolated from the main operating system, I would compare it to a small virtual machine that even has its own desktop, which is very convenient. Many applications can now be checked for malware by running inside a virtual kiosk (sandbox), without the risk of infecting the main system.- Personally, I do not use any special test programs to test any antivirus for performance. In this article, we will install with you free antivirus Comodo internet security to a computer with Windows 8 infected with malware. Of course, you must understand that everything is relative and you can only know the quality of an antivirus program one hundred percent while working with it.
Another free antivirus comodo internet security protects you from viruses, worms, rootkits, spyware (Anti-Spyware). It has a powerful firewall, an autostart analyzer, a whole set of computer security tools - COMODO Cleaning Essentials, and a unique process monitoring system - COMODO KillSwitch.
This antivirus solution supports Windows 7, 8, Windows Vista and Windows XP (32 and 64-bit versions).
So let's go. We go to the official website http://www.comodo.com, select Comodo Internet Security
Launch the installer.
Very easy installation.
We accept the license agreement.
If you don't need Yandex. Uncheck the bar.
Install.
Complete.
Choosing the Russian language.
Entering an email address is optional.
"I want to get additional security on the Internet by going to Comodo's SecureDNS service"In the first paragraph, you do not need to tick the box, if you still tick this item, then after installing the free Comodo internet security antivirus, you will change the DNS server settings to 8.26.56.26 and 156.154.70.22. Internet, you will travel through a kind of filter of the Comodo company, that is, they will decide for you where you can be and where not. On the one hand, this is good and you will avoid many malicious sites, and on the other, glitches with the Internet are possible. Therefore, before put a tick in the first paragraph, consult with your provider
In the second paragraph, we note - I want to use Cloud Application Behavior Analysis Comodo Internet Security uses analysis of the behavior of unidentified files in the cloud and any unrecognized file will be sent to Comodo Instant Malware Analysis (CIMA) for further analysis. According to the developer, the result will be known in 15 minutes.
The third point is clear, check the box and after installing the antivirus, the Home page will change in some browsers.
Read the User License Agreement before clicking Agree, Install.
Push Customize installation... We read carefully which component and why. This is where all the checkboxes come in handy.
Configuration options. If you want to communicate less with the antivirus, you can leave the checkmark, but be aware that in the process of work, sometimes you will not understand why this or that program does not start or this or that archive does not open. I personally unchecked the box, since information about what is happening on my computer will not be superfluous
File location. Antivirus installation path - I advise you not to change it.
The first is the Comodo internet security antivirus widget (you can configure the information content of the widget, check the items you need)
and icons of utility programs, then the main window of the program.
At the same moment, comodo internet security warns us that it has detected a new network. Join the new network, choose - I am in the public area (it is more secure).
Antivirus update starts automatically.
After complete installation, Comodo internet security updates its anti-virus databases and the computer needs to be restarted.
After the reboot, there is a gratitude to the Comodo internet security program, so that it does not appear again, check the Do not show this window again
The main window of the free antivirus Comodo internet security contains the main elements that we will use all the time:
In the middle of this window, you will have access to one or another information about the security status of your computer, in our case, Safe. The main window contains a panel for quickly scanning any file for viruses, drag and drop a suspicious file and immediately get information about the harmfulness of the file of interest.
If you select Yes, assign cleaning to an expert, you can contact a certified specialist if you speak English and have paid for support. Click on the button and here's the price.
If you choose - No, I'll try it myself, then you have the options that are visible on the screenshot, I suggest choosing Neutralize and the virus will be neutralized
If you click on the arrow, the Sandbox panel will open and we can drag the installer of an unfamiliar program into this panel and start the installation of this program in a safe "sandbox".
In the upper right corner of the main antivirus window, you can access the buttons
Communication with a certified professional - if you speak English and paid for support.
By selecting the Help button, you will have access to Online Help, Support service, Support Forums(all in English)
Diagnostics will tell you if all modules of the free Comodo internet security antivirus are working properly.
The antivirus also has its own built-in Comodo Dragon Web Browser
Scanning
I'm getting ahead of myself, I installed the free Comodo internet security antivirus on a computer infected with viruses. Fast scan (scanning of frequently infected areas and computer memory) It didn't help me, 25 percent of malware was not found.
Full scan - scans all files and folders on your computer(takes a lot of time)
Helped Ranked scan (cloud scan of frequently infected areas and memory)
And then scan the entire drive C: Select P Custom scan (scan custom files and folders)- Scan folder - Local drive (C :)
Update
Virtual kiosk
Let's take a closer look at this tool, in order to get access to all the features of the virtual kiosk, Comodo internet security offers to install the Microsoft silverlight software platform, we agree
A virtual kiosk is launched, it has its own desktop, as I said, it is a virtual environment isolated from the main operating system. In it, we can run unfamiliar applications and files, if they turn out to be malicious, then internet security will warn us about this. Click on the yellow arrow and you will see everything on your desktop.
If you are working on a simple computer, then I advise you to enter the settings of the Virtual Kiosk and select the Normal PC mode, then the control of the virtual kiosk desktop will practically not differ from the control of the usual Windows desktop. We select settings and Normal PC.
I told you at the beginning of the article that my friend downloaded a movie with the .exe extension on the Internet, this “movie” is nothing more than a banner ransomware Trojan.Winlock (Winlocker) - a malicious program that blocks the desktop and requires transferring money to the attacker's account. Video files come in different extensions, mostly avi, mpg, mov or mkv, but not exe, which means an executable file (containing a program) is sometimes malicious.
Let's run this "movie" in the sandbox, downloaded by an inexperienced person in Internet affairs. Click on Computer and find our file in Explorer,
We launch it, as we can see, the sandbox reacted immediately, giving us a warning that the file was malicious. If we ran it in the operating system environment, then our desktop would be blocked by the ransomware banner.
You can also run an unfamiliar program in the virtual kiosk environment, if it turns out to be malicious, the sandbox will inform you about it. You can also go online using a browser. You can exit the virtual kiosk to the operating system and then go back as needed, or you can exit the sandbox altogether.
Quarantine
Quarantined files can be deleted, excluded from the list, or sent to Comodo
Task Manager
It displays everything that the Comodo internet security antivirus is doing now (you can see on the screenshot that an update is in progress)
Tasks
So, using this arrow, go to the additional antivirus settings, the so-called tasks.
Scanning. Update . Quarantine. Task Manager . We have sorted it all out. Event log.
What we did not analyze with you is the Event Log (records of events, actions taken and notifications) - displays all information on security events.
Active connections(viewing applications using an active internet connection)
Contains information about all active connections for each application.
Firewall tasks
When a suspicious program is launched, it will display such a window. If we know the program, then we run it without restrictions.
Allow connection... You can enable or disable any application to connect to the Internet.
Block connection... Deny the application from connecting to the Internet
Hidden ports
Manage the visibility of a computer on the network. You can block all incoming connections and make your computer invisible on the network.
Network management
Stop network activity... You can block all inbound and outbound traffic
Uncheck the box Don't show alerts, since we need all the notifications
Additionally, we mark the items
Enable IPv6 traffic filtering
Enable filtering of loopback traffic (e.g. 127.x.x.x, :: 1)
Block fragmented IP traffic
Analyze the protocol
Enable ARP Spoofing Protection
ARP spoofing is used by cybercriminals to eavesdrop on the Ethernet network, the goal is to steal your confidential data.
We have already disassembled the virtual kiosk.
Launching in Sandbox. In this window, we can select an application and run it in a virtual environment. We can also create a shortcut on the desktop and next time we can launch this program in the sandbox using the shortcut.
Advanced Sandbox Settings- everything is configured optimally, we do not change anything.
Advanced tasks
Reasonable scanning. Full scan. Custom scan.
Advanced settings
Advanced settings are divided into General settings and Security Settings... Let's consider everything.General settings . Interface.
Show a greeting at startup - you can uncheck the box.
Updates. Everything can be left as default.
Configuration. COMODO - internet security
By default, you should have a COMODO configuration - internet security. What is configuration? This is the preferred type of antivirus protection. The COMODO - internet security configuration aims to protect against malicious attacks coming mainly from the Internet. If you spend a lot of time on the Internet, I advise you to use the COMODO - internet security configuration.
If you choose Comodo - Proactive Security, then the protection of your computer will be based on proactive protection, such protection mainly monitors the integrity of the operating system itself and registry vulnerabilities. We have installed our antivirus on a computer already infected with viruses, which means it makes sense to select this mode during the scan.
Comodo - Firewall Security
Before changing the configuration, you can save the settings of your current configuration by exporting. If in the future you decide to revert the old configuration along with your settings, select import. All changes made to you will take effect after reboot.
Security Settings.
Antivirus. Realtime scan.
In this window, you can increase the level of the Heuristic analysis to medium or high.
Do not show alerts (send to quarantine). I will uncheck this box as I want to know everything that happens in my operating system.
Here you can add your own scan option or change an existing one, set up options and scan schedule.
The folders you specify will be excluded from malware scanning.
Protection - one of the most important parameters.
HIPS settings
The computer we are checking is infected with viruses, so we turn on Paranoid mode
We put a tick on the item Provide detailed explanations in alerts and then everything is like on a screenshot
Protected objects.
As you can see, autoload is protected. Important registry keys are protected.
Automatically launch a detected unknown application in the Sandbox and treat it as Partially Restricted.
Then we leave everything as it is. Set up exceptions if necessary.
Global rules. Rule sets. Network zones. Port Sets... We leave it unchanged.
File rating settings. We put a tick on Perform cloud analysis of unknown files for fast results and save computer resources
Uncheck the items
Trust applications signed by vendors.
Trust applications installed using trusted installers 
Trusted files.Unrecognized files.
Sent files. Trusted Suppliers... We leave everything unchanged.
