App Review Comodo Firewall Setup- An Addendum

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
AtlBo said:
For anyone who would like to follow this a little bit on the Comodo Forum:

Login

I just posted the last post which I hope will help lead to correction of the error in Windows 10. First I guess it seems to me like fixing the privilege elevation alert would be something to focus on, since it doesn't describe what happens when the user makes a choice. Pls let me know how you feel about the alert and if you could understand what is says better than the current one.

EDIT: don't know why the link says Login btw. It's the thread page for me that is linked...
Click to expand...

Anything that corrects this issue I'm for.
 
  • Like
Reactions: Syafiq and AtlBo
I think I found another bug with Comodo Sandbox in Windows 10 :confused:
If a file that requests privilege elevation runs, the Sandbox will fail to reset itself, it will actually finish the processes inside it but it will generate a error, so it is necessary to reboot the system to clean the Sandbox properly.

Screenshot_1.png


Oh well ...
 
  • Like
Reactions: Deletedmessiah, Av Gurus, AtlBo and 2 others
Nightwalker said:
I think I found another bug with Comodo Sandbox in Windows 10 :confused:
If a file that requests privilege elevation runs, the Sandbox will fail to reset itself, it will actually finish the processes inside it but it will generate a error, so it is necessary to reboot the system to clean the Sandbox properly.

View attachment 182201

Oh well ...
Click to expand...

Well that doesn't look good. Have you reinstalled CFW to see if it fixes it? Restored a backup maybe?
 
  • Like
Reactions: AtlBo and Syafiq
Night- On Win10, when run in a VM with limited resources one would indeed notice what you observe. Privilege elevation has nothing to do with it. Somewhere I have a test program which will attempt to inject into running processes resulting in the creation of an elevated command prompt. With the settings I suggest not only will the entire process be contained, but so will consent.exe (UAC) as well as any command run from the cmd prompt (eg net stop spooler, or any sc command). As soon as I have time to find it I'll do a quickie on it- it's actually cool to watch.
 
  • Like
Reactions: Hector1, simmerskool, Deletedmessiah and 5 others
Nightwalker said:
I think I found another bug with Comodo Sandbox in Windows 10 :confused:
If a file that requests privilege elevation runs, the Sandbox will fail to reset itself, it will actually finish the processes inside it but it will generate a error, so it is necessary to reboot the system to clean the Sandbox properly.

View attachment 182201

Oh well ...
Click to expand...
I notice that too. It happens to me couple of times.
I was thinking it has to do something with virtual machine.
 
  • Like
Reactions: AtlBo
Nightwalker said:
I think I found another bug with Comodo Sandbox in Windows 10 :confused:
If a file that requests privilege elevation runs, the Sandbox will fail to reset itself, it will actually finish the processes inside it but it will generate a error, so it is necessary to reboot the system to clean the Sandbox properly.

View attachment 182201

Oh well ...
Click to expand...
Av Gurus said:
I notice that too. It happens to me couple of times.
I was thinking it has to do something with virtual machine.
Click to expand...
It's a BUG and happened to me several times on my main PC when UAC is activated
So it has nothing to do with virtual machine
 
  • Like
Reactions: Av Gurus, Gandalf_The_Grey, AtlBo and 1 other person
cruelsister said:
Night- On Win10, when run in a VM with limited resources one would indeed notice what you observe. Privilege elevation has nothing to do with it. Somewhere I have a test program which will attempt to inject into running processes resulting in the creation of an elevated command prompt. With the settings I suggest not only will the entire process be contained, but so will consent.exe (UAC) as well as any command run from the cmd prompt (eg net stop spooler, or any sc command). As soon as I have time to find it I'll do a quickie on it- it's actually cool to watch.
Click to expand...

Hi Cruelsister, did you tried the malware file that @Av Gurus tested?
Video Review - Comodo Firewall Setup- An Addendum

My config: Windows 10 + Admin user + UAC off (Control Panel) + Comodo Firewall 10 with your setttings.

I think you can reproduce this "bug" using that malware and the config above.

Ps: I know that Comodo even at the Partial Limited setttings is still very powerful, but I am a little bit OCD so these "bugs" annoys me a lot :LOL:
 
Night- If you mean GrandCrab2, on my system (Win10) everything, including nslookup, was contained at the restricted level.

Also, I just viewed AVG's video (Post #30). You may have noted that some of the samples run didn't work. This normally is indicative of adware/system hack type things. To actually get them to run, there is a setting in File Rating settings- 'Detect potentially unwanted applications". With this unchecked those would just run in containment (not suggesting anyone outside of testing do this!).

Finally, about what started this whole thing- the Spyshelter test running at PL- frankly I have no clue as to how the Comodo developers prioritize files that act in certain ways under Win10, and could care less. The only thing that is of the upmost importance to me is if my system could in any way be changed by malware, and so far I haven't seen it.

I've actually stayed away pretty much from this thread as I don't want to be seen as a Mindless FanGirl, but CF is really, really good.
 
  • Like
Reactions: Hector1, simmerskool, AtlBo and 6 others
cruelsister said:
Night- If you mean GrandCrab2, on my system (Win10) everything, including nslookup, was contained at the restricted level.

Also, I just viewed AVG's video (Post #30). You may have noted that some of the samples run didn't work. This normally is indicative of adware/system hack type things. To actually get them to run, there is a setting in File Rating settings- 'Detect potentially unwanted applications". With this unchecked those would just run in containment (not suggesting anyone outside of testing do this!).

Finally, about what started this whole thing- the Spyshelter test running at PL- frankly I have no clue as to how the Comodo developers prioritize files that act in certain ways under Win10, and could care less. The only thing that is of the upmost importance to me is if my system could in any way be changed by malware, and so far I haven't seen it.

I've actually stayed away pretty much from this thread as I don't want to be seen as a Mindless FanGirl, but CF is really, really good.
Click to expand...

You wouldn't be seen as a mindless fan girl, honestly if this one issue about why anything requiring admin privileges is immediately dropped to partially limited regardless of the settings you've chosen was answered it would lead to many being comfortable using CFW. If a malware launches and asks for admin privileges I DON'T want Comodo dropping the level of security in the sandbox. You tell us to use your settings but then Comodo doesn't use them, you tell us to use restricted as the setting for the sandbox but then say you don't care that Comodo chooses to run the sandbox at partially limited with UAC elevation.

It just doesn't make any sense and makes it hard to trust in the product.
 
  • Like
Reactions: abdou17, AtlBo and erreale

You may also like...