App Review Comodo and "New" Boot Time Malware

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
cruelsister

Bot

AI-powered Bot
Apr 21, 2016
4,793
Thanks for sharing this video! It's always helpful to see visual content related to Comodo and boot time malware discussions. Let's dive into it and discuss further.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,826
In your opinion, is CIS 2025 reliable and safe as a PC protection?
It is (one of the best), for non-enterprise users.
The situation is more complex in the enterprise environment. However, Xcitium can still be as reliable as most EDR products.

One thing must be remembered when using CIS containment. Files that look benign in the Comodo sandbox, can still behave as malware when run without containment (added to the ignored group).
 
Last edited:

Decopi

Level 8
Verified
Oct 29, 2017
361
In your opinion, is CIS 2025 reliable and safe as a PC protection?

Comodo is a "dumb blocker". In other words, Comodo is NOT an antivirus/antimalware.

That being said, if anyone (enterprise or non-enterprise-user), for whatever reason is interested in using "dumb blockers", then (and only) in this specific case, Comodo can be defined as "a software to block something". For example, someone (enterprise or non-enterprise-user) may want to block "specific telemetry or trackers", and in this case the user will label Comodo as "privacy software". Or someone (enterprise or non-enterprise-user) may want to block "specific executables", and in this case the user will label Comodo as "security software".

In short, enterprise or non-enterprise-users can label Comodo as they want, according to their own "specific needs", saying it's for privacy or security etc. It's totally specific and subjective!

However, in real world and objectively speaking, Comodo is an abandonware (since 2018), it is full of unfixed dangerous bugs, it is not an antivirus/antimalware, it does not detect or identify viruses/malware, it is not an universal blocker and can be bypassed... it is a simple specific "dumb blocker", and therefore should never be recommended/promoted to anyone (neither to enterprise or non-enterprise-user).

It is important to mention that in 2025, if an enterprise or non-enterprise-user decides to use "blockers" as a privacy or security system, there are many other alternatives, much more modern and totally freeware.
 
Last edited:

bazang

Level 12
Jul 3, 2024
552
Comodo is a "dumb blocker". In other words, Comodo is NOT an antivirus/antimalware.
  • It is virtual containment (at the default settings), so it isn't blocking anything actually.
  • There is no such thing as a "smart blocker." All default deny must be programmed with allow and block rules. Now whether that is done categorically using generic rules or someone thinks they are slick and tries to get AI/ML to do it, either method is not "smart." Automated, but not "smart."
  • Comodo does have an antivirus component, but the Owner stated on the very first day that Comodo was released that it is meant only to detect "old" malware.


Comodo can be defined as "a software to block something".
It is called "Default Deny."



Comodo is an abandonware (since 2018)
It was just updated multiple times (2024/2025).



it is full of unfixed dangerous bugs
Proofs? Receipts? (As in demonstration videos that you show the bugs and you demonstrate that said bugs are dangerous.) Otherwise your claim that "it is full of unfixed dangerous bugs" is not true.



therefore should never be recommended/promoted to anyone (neither to enterprise or non-enterprise-user).
No one in this thread, or elsewhere, has stated "You should use Comodo." This thread is a demonstration that speaks for itself. No human speech or writing required.



if an enterprise or non-enterprise-user decides to use "blockers" as a privacy or security system, there are many other alternatives, much more modern and totally freeware.
Microsoft uses default deny all the time. It is a part of most every enterprise IT ecosystem. The technologies are over 20 years old and they work extremely well today, as they did in yesteryear.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,826
... and therefore should never be recommended/promoted to anyone (neither to enterprise or non-enterprise-user).

"Reliable and safe" does not mean recommended for most users. The worship for any AV/EDR is based on illusions.
Let's apply your reasoning for other solutions.
------------------------------------------
Those solutions use "smart" ML models and AI that are as wise as a mouse (probably less). They cannot effectively protect users against new malware, for example:

Over 30% (or more) of new malware is active in the wild. So, those "smart" AVs/EDRs should never be recommended/promoted (neither to enterprise nor non-enterprise users).
-------------------------------------------

On the contrary, the "dumb" CIS protection can protect against older and most new malware (in the home environment or hybrid work). Indeed, CIS can still have some irritating bugs (after some tweaks it crippled some of my machines three times). It is kinda dumb, and containment is not an acceptable solution for many users. As always, the truth is somewhere between the extreme opinions. :)
 
Last edited:

Nikola Milanovic

Level 4
Verified
Oct 17, 2023
186
Comodo is a "dumb blocker". In other words, Comodo is NOT an antivirus/antimalware.

That being said, if anyone (enterprise or non-enterprise-user), for whatever reason is interested in using "dumb blockers", then (and only) in this specific case, Comodo can be defined as "a software to block something". For example, someone (enterprise or non-enterprise-user) may want to block "specific telemetry or trackers", and in this case the user will label Comodo as "privacy software". Or someone (enterprise or non-enterprise-user) may want to block "specific executables", and in this case the user will label Comodo as "security software".

In short, enterprise or non-enterprise-users can label Comodo as they want, according to their own "specific needs", saying it's for privacy or security etc. It's totally specific and subjective!

However, in real world and objectively speaking, Comodo is an abandonware (since 2018), it is full of unfixed dangerous bugs, it is not an antivirus/antimalware, it does not detect or identify viruses/malware, it is not an universal blocker and can be bypassed... it is a simple specific "dumb blocker", and therefore should never be recommended/promoted to anyone (neither to enterprise or non-enterprise-user).

It is important to mention that in 2025, if an enterprise or non-enterprise-user decides to use "blockers" as a privacy or security system, there are many other alternatives, much more modern and totally freeware.
1: Xcitium/Comodo is not a blocker,Containment is only there for Unknown files the one that Xcitium has never seen before
2: Xcitium/Comodo does have an AV and every file that is in containment does get a verdict either good/bad
3: Xcitium/Comodo is updating CIS every day
 

Vitali Ortzi

Level 30
Verified
Top Poster
Well-known
Dec 12, 2016
1,928
I
"Reliable and safe" does not mean recommended for most users. The worship for any AV/EDR is based on illusions.
Let's apply your reasoning for other solutions.
------------------------------------------
Those solutions use "smart" ML models and AI that are as wise as a mouse (probably less). They cannot effectively protect users against new malware, for example:

Over 30% (or more) of new malware is active in the wild. So, those "smart" AVs/EDRs should never be recommended/promoted (neither to enterprise nor non-enterprise users).
-------------------------------------------

On the contrary, the "dumb" CIS protection can protect against older and most new malware (in the home environment or hybrid work). Indeed, CIS can still have some irritating bugs (after some tweaks it crippled some of my machines three times). It is kinda dumb, and containment is not an acceptable solution for many users. As always, the truth is somewhere between the extreme opinions. :)
It's niche but I prefer it to smart screen , smart app control as my experience with comodo was less false positives then the alternative Wich is the built in reputation based prevention (smart app control ,smart screen etc)

Not that I didn't experience I ton of false positives with comodo but it is better for the stuff I use
 

Vitali Ortzi

Level 30
Verified
Top Poster
Well-known
Dec 12, 2016
1,928
1: Xcitium/Comodo is not a blocker,Containment is only there for Unknown files the one that Xcitium has never seen before
2: Xcitium/Comodo does have an AV and every file that is in containment does get a verdict either good/bad
3: Xcitium/Comodo is updating CIS every day
Comodo Av does almost nothing in tests av based detection is far lower in comodo over most av vendors
But the reputation based prevention blocks usually all samples so basically I will ditch the av and replace it and use comodo specifically for it's strengths and not include all the subpar modules like av
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,826
It's niche but I prefer it to smart screen , smart app control as my experience with comodo was less false positives then the alternative Wich is the built in reputation based prevention (smart app control ,smart screen etc)

SmartScreen does not produce false positives for application auto-updates, and when using an updater like UniGetUI to install/update applications.
Comodo will produce false positives, especially when the application is unsigned or the vendor is not on the Trusted Vendors List.

When installing new applications originating from the Internet, both SmartScreen and Comodo can give a similar number of false positives, but this number can be smaller for Comodo after extending the Trusted Vendor List.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top