App Review Comodo Firewall 2025 Setup and Commentary

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
cruelsister

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,208
Awesome video! Your setup is always very effective. Out of curiosity, do you always keep Firewall in Custom Ruleset or eventually change it back to Safe Mode?
EDIT: I've decided to stick with Custom Mode and preferring it to being safe mode.

Will have to listen later with headphones to check out the music but I'm sure it's good as always :D

P.S. Comodo website updated but only CIS Pro Installer. The CIS 2025 Premium can be direct downloaded from this link: CIS 2025 Premium Installer
 
Last edited:

cruelsister

Level 43
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Out of curiosity, do you always keep Firewall in Custom Ruleset or eventually change it back to Safe Mode?
I personally will just use FW Custom Mode only after initial when I want to Block those Apps that I want blocked from calling home (that's why I don't check the Create Rules For Safe Applications box in FW settings- even though they may be Safe, I may have a reason to block their access to the Network).

Otherwise Safe Mode is optimal.
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,208
I personally will just use FW Custom Mode only after initial when I want to Block those Apps that I want blocked from calling home (that's why I don't check the Create Rules For Safe Applications box in FW settings- even though they may be Safe, I may have a reason to block their access to the Network).

Otherwise Safe Mode is optimal.
Thanks.


 
Last edited:

Nunzio_77

Level 2
Dec 3, 2023
58
I still don't understand why COMODO doesn't include a WEB protection module against phishing sites, malicious sites, sites with malware scripts etc... and I also don't understand why the detection percentage of the antivirus module is always lower than the average of other AVs .
I would keep the AV module during the installation of CIS 2025, I don't understand why only the FW is installed instead.
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,208
I still don't understand why COMODO doesn't include a WEB protection module against phishing sites, malicious sites, sites with malware scripts etc... and I also don't understand why the detection percentage of the antivirus module is always lower than the average of other AVs .
I would keep the AV module during the installation of CIS 2025, I don't understand why only the FW is installed instead.
It's enabled but I've found it only works on Firefox. There is their own extension but not been updated for some time. Either way, browser's and dedicated extensions protect you from phishing. e.g. Smartscreen in Edge and Google Safe Browsing in Chrome/Chromium browsers and Firefox. I use uBlock Origin in Medium Mode and Necraft.

1718471940659.png
 

cruelsister

Level 43
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Hi sister et al, what do you think about setting the containment to block all (block unknown instead of run inside the sandbox) and disabling virus scope?
Block All will essentially prevent anything unknown from running (won't even get to the Sandbox). In this case there would be no need at all for VirusScope as the file attempting to be run wouldn't even get that far.

Although doing this (Block) will certainly protect, it is, for me, far, far too restrictive.
 

vaccineboy

Level 3
Verified
Well-known
Sep 5, 2018
139
Block All will essentially prevent anything unknown from running (won't even get to the Sandbox). In this case there would be no need at all for VirusScope as the file attempting to be run wouldn't even get that far.

Although doing this (Block) will certainly protect, it is, for me, far, far too restrictive.
Thanks sister, I only use popular software so so far, it's working ok for me. In rare occasion where something is blocked, I find Comodo reasonably fast (a few days) in verifying and whitelisting the file.
 

cruelsister

Level 43
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
I still don't understand why COMODO doesn't include a WEB protection module against phishing sites, malicious sites, sites with malware scripts etc... and I also don't understand why the detection percentage of the antivirus module is always lower than the average of other AVs .
I would keep the AV module during the installation of CIS 2025, I don't understand why only the FW is installed instead.
Well, it kinda does-In settings, go to "Website Filtering", then click on "Blocked Sites". Click edit and there check both "Malware Sites" and Phishing Sites". Also you can Add other stuff like Suspicious and PUA). (note that I have no clue as to the effectiveness of this as it bores me).

Although I'm positive that this is a minority opinion, but I view Web filtering (by anything) to be just like any AV module- things that are known to be bad will be stopped, things unknown will get through.

Phishing sites are tough as being safe from these really depends on how careful a User is (I really hate to shift blame, but in this case...). As to malware sites, if you viewed my last ESET video, the initial file run connected out to my personal server (not blacklisted by anyone as I'm a Kind and Gentle person) to download and automatically run malware (also unknown by the AV) that trashed the System (on second thought, perhaps not really so Kind and Gentle). So web filtering would no assist in this case.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,712
@cruelsister: post-install sidenote: I ran NPE after CF 2025 installation setup and NPE finds a malicious or suspect script
C:\Users\vmmetoo\AppData\Local\Temp\ComodoWebStart.vbs
and suggests deleting it along with 2 related registry keys. vbs reads:
WScript.Sleep 15000
Set WshShell = CreateObject("WScript.Shell")
Call WshShell.Run("Internet Security Products From Comodo | PC Security Software", 0, False)
WshShell.RegDelete("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ComodoWebStart")
Set fsObject = CreateObject("Scripting.FileSystemObject")
fsObject.DeleteFile("C:\Users\vmmetoo\AppData\Local\Temp\ComodoWebStart.vbs")

can I let NPE delete this vbs, or is it needed to properly start CF on reboot. wonder is it a run one-time script? :unsure:
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,208
@cruelsister: post-install sidenote: I ran NPE after CF 2025 installation setup and NPE finds a malicious or suspect script
C:\Users\vmmetoo\AppData\Local\Temp\ComodoWebStart.vbs
and suggests deleting it along with 2 related registry keys. vbs reads:
WScript.Sleep 15000
Set WshShell = CreateObject("WScript.Shell")
Call WshShell.Run("Internet Security Products From Comodo | PC Security Software", 0, False)
WshShell.RegDelete("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ComodoWebStart")
Set fsObject = CreateObject("Scripting.FileSystemObject")
fsObject.DeleteFile("C:\Users\vmmetoo\AppData\Local\Temp\ComodoWebStart.vbs")

can I let NPE delete this vbs, or is it needed to properly start CF on reboot. wonder is it a run one-time script? :unsure:
I think the webstart is the script for the browser to be launched after uninstall completed to offer you other products or keep using it. If you've recently uninstalled a version, it's probable that it's just a temporary that can be ditched.
 

kailyn

Level 2
Jun 6, 2024
85
I still don't understand why COMODO doesn't include a WEB protection module against phishing sites, malicious sites, sites with malware scripts etc
There are three reasons:

1. It is a free product and the product owner stated years ago that he did not want to devote resources to web protections. If he did, it would not be any better than already free browser extensions that block malicious sites.

2. Phishing and other malicious sites have a life of about 2 hours on average. So by the time the web block list is updated, many of the sites are already offline. So putting resources into this kind of protection is very bad return on effort. They don't provide much in the way of protections. The topic of malicious website blocking has been discussed many times on MT and elsewhere. There are those that insist that it is a vital protection but that is not accurate nor reality.

3. CIS has the ability for you to import web block lists.

and I also don't understand why the detection percentage of the antivirus module is always lower than the average of other AVs .
I would keep the AV module during the installation of CIS 2025, I don't understand why only the FW is installed instead.
Because the product owner stated many times in the past that he is not going to invest the money or devote company resources to prioritize or improve signature detection. The only purpose of the AV module in CIS is to detect old malware and that is by intent and design as stated by the product owner. It is there as a convenience to detect old malware and newer malware is meant to be handled by virtual containment\auto-sandboxing.

The owner does not want to emulate other security products. He already said many times that he doesn't care what people think. Autosandboxing works and the user can configure the product to various levels of default deny.

All of this was on the Comodo forum years ago. I do not know if it is there any longer, but the owner has said these things many times over the years.
 

n8chavez

Level 20
Well-known
Feb 26, 2021
961
@cruelsister: post-install sidenote: I ran NPE after CF 2025 installation setup and NPE finds a malicious or suspect script
C:\Users\vmmetoo\AppData\Local\Temp\ComodoWebStart.vbs
and suggests deleting it along with 2 related registry keys. vbs reads:
WScript.Sleep 15000
Set WshShell = CreateObject("WScript.Shell")
Call WshShell.Run("Internet Security Products From Comodo | PC Security Software", 0, False)
WshShell.RegDelete("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ComodoWebStart")
Set fsObject = CreateObject("Scripting.FileSystemObject")
fsObject.DeleteFile("C:\Users\vmmetoo\AppData\Local\Temp\ComodoWebStart.vbs")

can I let NPE delete this vbs, or is it needed to properly start CF on reboot. wonder is it a run one-time script? :unsure:

It's a .vbs. Just open it in notepad and see what is does. It's most likely harmless.
 

rashmi

Level 12
Jan 15, 2024
562
I still don't understand why COMODO doesn't include a WEB protection module against phishing sites, malicious sites, sites with malware scripts etc... and I also don't understand why the detection percentage of the antivirus module is always lower than the average of other AVs .
I would keep the AV module during the installation of CIS 2025, I don't understand why only the FW is installed instead.
COMODO... Comodo Obviously Means One Default-Deny Option 😊
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top