Should Comodo users stop using Comodo?

If I correctly understand, the @cruelsister point of view is as follows:
No one showed the hash of malware that surely bypassed Comodo in the wild, so our thread does not make sense in practice. Comodo users are safe. People who say that there can be some weaknesses in Comodo are sensation-seeking or intentionally try to discourage Comodo users. :)

So, let's hear what other Comodo users think about it.
I think we were quite clear in what we said and how we said it. None of us said anything bypassed Comodo (at the moment or before the commentary). These practices of over-defensiveness and over-excitement (combined with many others) + the questionable Comodo quality (I mean I downloaded from an official Comodo page an installer that was 130 mb with revoked signature, I turned off SAC, later on I found out there is another installer 90 mb), all that fuels distrust and criticism.

Whenever I’ve discovered products being bypassed, I’ve shared the details and hashes.
 
Part of Comodo Game?
Thread open, thread locked, thread open,...
I asked the staff to reopen the thread. I hope that posters will follow the rules in the OP. Those rules are for a reason to keep the thread on the right track.
 
Contrary to @Trident, I did not have any issues with installing the right installer with a valid signature. As we can see, people can have different experiences with Comodo products. It usually does not mean that the opponent has bad intentions or tries to discredit Comodo.
 
Bad thing is (oops I said bad) that people have to visit the Comodo forum thread jungle finding the right thread to download the latest and correct CIS installer. Download on Comodo home page is always way behind.
 
Well i can say with some glee that i have ON NUMEROUS OCCASIONS used CFW and primarily with @cruelsister settings/config. I enjoyed the testing/study of malwares within it's Containment field as well as monitor those jumpers with KillSwitch to carefully ID the infection chain additional process spawns and network intents too. For that purpose only and just that. For the times and there are plenty, my host systems after such tests remained unaffected or escape proof with CFW. With some personal crafted tools i specifically use to monitor for drops or other actions AND even using an old abandonware named fiechangemonitor - in all the years i used Comodo Firewall (NEVER CIS Full) nothing ever kicked out of the Comodo Containment OR to my knowledge dickered with CFW itself in some hidden unknown fashion. That's about all this user can offer about it. I don't use even CFW fulltime on any Win 10 or Win 11 machines except for testing malwares. I keep BackUp Images regularly before AND after and can easily select an incremental restore to shuffle between system sessions. Common practice on this end.
 
It is a custom script and I am afraid to send it left and right. Can you just theoretically tell me the technical details. Very small script, injects a big executable in calc.exe, there is no visible calculator window. I can see some strange inbound/outbound connections.
Thats a Basic Trojan Dropper/Loader since it connects to a remote C2 server and it injects code to other procceses.If we are talking about the payload thats a RAT since it connects to a C2 server possibly to drop more Malware to the system

Best Regards
Nikola
 
I think I should share my rather complex experience with Comodo Firewall.
I used it many years ago on my father's computer in block mode. Everything worked well for a year. However someday, the new version of Comodo bricked the computer totally. I tried some other version a few years later with a similar issue. I also tested CIS (prior version) against Comodo's Challenge attack and found a serious bug that made my computer unusable (the bug was confirmed on the Comodo Forum).
I think that some issues could be related to Shadow Defender or other software conflicts. The last issue was related to applying an uncommon setting, which could hardly happen to Comodo users.
I know more users who were happy with Comodo, than those who had some issues. So, I treat my experience as an exception.
 
It is not recommended to run other security software together with CIS, that is what they say on the Comodo forum.
Sadly with new versions new bugs appear and add up to the existing ones.

Uncommon setting? Let me guess, related to HIPS?
 
"There are far worse things than Comodo."
 
Last edited by a moderator:
I hope this thread remains objective and professional. It's so professional that some (like me) can't contribute much.
Nevertheless:
1. I had no problems with the installation either:
I didn't use the latest uninstaller (as recommended in the Comodo forum). I manually deleted the remnants in the registry and directory in Windows Safe Mode.
2. Installed after a reboot - done.
However someday, the new version of Comodo bricked the computer totally.
I had a similar problem with Acronis once, but never with Comodo. Everything really runs like clockwork.

I attach great importance to factual information about weaknesses, because that's what I base my decision on whether protection is still guaranteed. But not with baseless insults (perhaps by a writer perhaps paid for by competitors:rolleyes: ).

Back to the topic:
I reported on Comodo disconnecting me from the internet due to remote attempts, two of them shortly after the last CVE release.
I enabled anti-ARP spoofing from the start. Could it be that Comodo blocked two of these apparently somewhat easier-to-detect CVEs?
The last time I tried the day before yesterday, I couldn't work on my computer anymore; it was completely blocked for Comodo's protection. I wanted to see if I could find anything about which remote attempts Comodo was blocking.
My subsequent search was unsuccessful, because everything I classified as suspicious turned out to be part of the Microsoft system.

@Andy Ful: If you think the post isn't appropriate, you can delete it.
 
Bad thing is (oops I said bad) that people have to visit the Comodo forum thread jungle finding the right thread to download the latest and correct CIS installer. Download on Comodo home page is always way behind.
The correct installer can be downloaded from the dedicated Comodo website Advanced Website Protection for Unmatched Cyber Defense :
Products >> Consumer Security ...

@Trident happened to download it from an outdated (buggy) link:
 
The correct installer can be downloaded from the dedicated Comodo website Advanced Website Protection for Unmatched Cyber Defense :
Products >> Consumer Security ...

@Trident happened to download it from an outdated (buggy) link:
On Antivirus Download Now button I get : cispro_installer 84.9Mb - 12.3.4.8162
On Antivirus Free version button I get : cispro_installer 131Mb - 12.2.4.8032
On Antivirus Full version button I get : Payment instructions first.

Depends on where you click on what you get on Comodo page as usual.
 
Last edited:
On Antivirus Download Now button I get : cispro_installer 84.9Mb - 12.3.4.8162
On Antivirus Free version button I get : cispro_installer 131Mb - 12.2.4.8032
On Antivirus full version button I get : Payment instructions first.

Depends on where you click on what you get on Comodo page as usual.
I went ahead and downloaded DOWNLOAD from the box under Containment. The 84.9 Mb one. I will assume it is CFW. Probably as always we need fish through prompts to UNCHECK the AV part. I would like to see what it can or cannot offer in comparison to CFW's i used in the past.

You all have got me walking through revisiting my Zoo again. Likely there are different various and brutal Windows m'ware/ransom's in there that demands my 100% DAYLIGHT alertness when i go testing that junk again. o_O Many of which can be remodified easy into a 0-day. Probably some to rival todays villains.
 
Last edited:
If I correctly understand, the @cruelsister point of view is as follows:
No one showed the hash of malware that surely bypassed Comodo in the wild, so our thread does not make sense in practice. Comodo users are safe. People who say that there can be some weaknesses in Comodo are sensation-seeking or intentionally try to discourage Comodo users. :)

So, let's hear what other Comodo users think about it.
My point of view is quite simple:
1). First off, no emotional attachment here at all! I like the product and over the years gave numerous demonstrations on why that is.
2). Emotional attachment has come from those that dislike the product. The other thread has been going on for over a month with the same accusations repeated over and over by the same crew without a single verifiable flaw given up into evidence (and perhaps without even installing the program to self reflect on their negative feelings).
3). My SINGLE outburst was done primarily due to disappointment as some who, without doubt, know better have joined in occasionally with those that know the least (nothing personal).
4). It should be noted that I have solely been a fan of CF. Not CIS, not Xcitium. And the CF settings should be MINIMAL as many of the "bugs" noted have been to enabling things that the user may not really understand.
5). There was indeed an issue with the Comodo certificate for a short period when the latest build was released, but this has been LONG since fixed.
6). All I request (and have requested for a long time) is a single file hash showing that CF sucks. After hundreds of negative posts over numerous threads I don't feel that this is too much to ask.

m
 
And the CF settings should be MINIMAL as many of the "bugs" noted have been to enabling things that the user may not really understand.
You wrote "bugs". Does that imply that CF does not have real bugs?
Are these "bugs" only caused by users because they don't understand the CF settings and CF is not to blame?
 
  • Like
Reactions: Khushal and Trident
All I request (and have requested for a long time) is a single file hash showing that CF sucks. After hundreds of negative posts over numerous threads I don't feel that this is too much to ask.

m
Comodo Internet Security, great protection, but you won’t catch it shredding powder with Santa. And average users? Forget it, one look at the settings and they’ll tap out faster than a Wi-Fi signal in a snowstorm.
 
You all have got me walking through revisiting my Zoo again. Likely there are different various and brutal Windows m'ware/ransom's in there that demands my 100% DAYLIGHT alertness when i go testing that junk again. o_O Many of which can be remodified easy into a 0-day. Probably some to rival todays villains.
Have enough coffee or thea while testing. :)
 
  • Like
Reactions: Khushal and Trident
Have enough coffee or tea while testing? :)
Only do coffee after the first frost. Tea however is the prime ingredient for another month or so. No rush anyway. It requires some heavy concentration just to re-sort all the death roll inmates lodged in solitary confinement within the zoo. M'ware/Ransom files were cleverly crafted to be vicious which demands a new separate rig to plaster that garbage with, and journal the obvious cascade of actions they take. One by one.