I mentioned this in another thread here, but after reading more about it in the Comodo Forums I have more than a little concern over using Comodo Pro Firewall for now. I posted my concerns under my other user name in the Comodo Forums, but got nothing back so far to ease any of my worries. I have to admit that if this was about Online Armor, Mike would have been on it already. I will also admit that the new release of OA Free that'll soon be out, is starting to sound even better now.

http://forums.comodo.com/help_for_v3/comodo_is_blocking_my_exes_i_think_i_just_made_a_huge_mess-t18883.0.html

There is nothing too amazing about this. Most HIPS will question the user about explorer.exe so what makes it different with comodo? I bet online armor does it too. All depends on the users concentration on the alert.

It appears like it was a bad install or you made a booboo, so uninstall in safe mode clean out the registry and reinstall and don't let this little setback prevent you from using Comodo firewall Pro 3.

Honestly I don't remember Comodo or OA Free asking, but I know ThreatFire never did. As a matter of fact I don't recall Prosecurity Free asking after three days in learning mode. The part that bothers me is that a popular program like Photoshop was invloved. My wife uses it and although I wouldn't install Comodo on her PC, there has to be people who have both Photoshop and Comodo installed. Maybe I just don't understand this, but it seems to me that this shouldn't be happening.

-{ Quote: "Honestly I don't remember Comodo or OA Free asking, but I know ThreatFire never did. As a matter of fact I don't recall Prosecurity Free asking after three days in learning mode. The part that bothers me is that a popular program like Photoshop was invloved. My wife uses it and although I wouldn't install Comodo on her PC, there has to be people who have both Photoshop and Comodo installed. Maybe I just don't understand this, but it seems to me that this shouldn't be happening." }-
You can put photoshop in under Firewall/Define a New Trusted Application, that is one you have CFP 3 back on your computer.

-{ Quote: "I mentioned this in another thread here, but after reading more about it in the Comodo Forums I have more than a little concern over using Comodo Pro Firewall for now. I posted my concerns under my other user name in the Comodo Forums, but got nothing back so far to ease any of my worries. I have to admit that if this was about Online Armor, Mike would have been on it already. I will also admit that the new release of OA Free that'll soon be out, is starting to sound even better now.

http://forums.comodo.com/help_for_v3/comodo_is_blocking_my_exes_i_think_i_just_made_a_huge_mess-t18883.0.html" }-

You need to ask yourself this.... Do you really need COMODO anyway? Why do you need it? Why exactly do you want to use it?

Honestly I ask myself why I need anything more than a decent AV. It's just I liked the idea of having a just in case set up software and Comodo seemed like a keeper. I doubt what happened to the person in the thread would happen to me. But if there is a chance then why use Comodo for protection, especially when in most likely hood, I would never need it.

-{ Quote: "Honestly I ask myself why I need anything more than a decent AV. It's just I liked the idea of having a just in case set up software and Comodo seemed like a keeper. I doubt what happened to the person in the thread would happen to me. But if there is a chance then why use Comodo for protection, especially when in most likely hood, I would never need it." }-
Then lose it. If your having extra protection without it doing anything why keep it. A good av can stop most infections.

Ask yourself this Wordward. Is one post enough to dump one of the best firewalls on the market. NO.

-{ Quote: "Honestly I ask myself why I need anything more than a decent AV. " }-

Firewall, Q&A (http://www.vicomsoft.com/knowledge/reference/firewalls1.html)
I s a firewall really necessary? (http://www.princeton.edu/~protect/BasicConceptsAndTips/NetworkSecurity/AreFirewallsReallyNecessary.shtml)

Interesting to read :).
A firewall can actually put an extra layer of security to your existing applications like anti virus and anti spyware.

Edit:
-{ Quote: "Lavasoft Personal Firewall does not detect or remove computer viruses. For that, you need a dedicated antivirus program. Lavasoft Personal Firewall does not detect rootkits as well.

The primary purpose of a firewall is to control how your computer communicates with the Internet. Although the Lavasoft Personal Firewall does not remove viruses or spyware, it can be used to block them from communicating with the Internet. This works by using something called Application Control. You decide which applications are allowed to access the Internet and which are not. If an unknown application attempts to connect to the Internet, then the firewall will inform you, and you may take the appropriate action." }-

Personally I wouldn't remove Comodo because of the problems mentioned at the Comodo forums.

-{ Quote: "I mentioned this in another thread here, but after reading more about it in the Comodo Forums I have more than a little concern over using Comodo Pro Firewall for now." }-

Two ways:
1) The user selected Treat this application as "Isolated Application" + Remember my Answer + OK when asked about explorer executing photoshop
2) A bug in Comodo FW

Thank you. And for Dieselman, it's the number 2 in ggf31416's reply that concerns me.

After running CPF for a week or two without incident, liking it very much by the way, I answered a prompt wrong and found myself without sufficient rights to log on or off.

An image backup saved my bacon once again.

I will probably revisit this firewall when they change the way pending files are handled.

This is all I'm trying to convey as to why I have some concern using Comodo Pro 3.0 again. One little mistake some evening because I don't answer something properly and my wife's down my back. Oh wait, I mean I could end up getting locked out of my PC or something. LOL. Seriously though, I don't think this is any small matter. I too really like Comodo Pro and want to use it, but not before this gets fixed. The thing is there doesn't seem to be a lot of concern from the powers that be in the Comodo Forum as far as addressing this issue and as to when it will be fixed. I'm sure OA Free has never had a problem like this, and I hear the new version coming out soon is going to be very good, so maybe that's the way to go for now. Or maybe for good?

someone has said, "there are two sides to a story and then there is the truth". i would be willing to bet the OP did less than full disclosure on how he had Defense Plus set, and the precise, step-by-step actions he took. may sound mean, but not meant to. people seldom fully fess up to their culpability in these situations.

CFP3 while requiring attention to detail to safely/effectively configure, it provides many tools to assist. explorer.exe is most assuredly in Comodos safelist, and with CFP3 in Clean Computer or Train with Safe Mode, and Photoshop folder in My Safelist, i doubt he would have even received a pop-up. CFP3 would have just auto learned what explorer.exe needed to work with Photoshop (and now that i think about it, a very popular program like Photoshop, it too is probably in Comodos safe file list....again i doubt full disclosure was given). in fact i just checked. explorer.exe is under Predefined Security Policies as a Windows System Application, which provides full access rights. "Run an executible" provides only ask/block, but in modify there is an icon with a wildcard. i believe that to mean explorer.exe has free reign to execute any file in Comodos Safelist or the end-users My safelist without an alert.


Mike

-{ Quote: "This is all I'm trying to convey as to why I have some concern using Comodo Pro 3.0 again. One little mistake some evening because I don't answer something properly and my wife's down my back. Oh wait, I mean I could end up getting locked out of my PC or something. LOL. Seriously though, I don't think this is any small matter. I too really like Comodo Pro and want to use it, but not before this gets fixed. The thing is there doesn't seem to be a lot of concern from the powers that be in the Comodo Forum as far as addressing this issue and as to when it will be fixed. I'm sure OA Free has never had a problem like this, and I hear the new version coming out soon is going to be very good, so maybe that's the way to go for now. Or maybe for good?" }-

Online Armor is a powerful, well supported FW/Hips. i have beta-tested for a year now, and in that time i have thrown leak/reg/termination tests at it, live adware/spyware/rootkits/trojans/keyloggers at it, and it has never been shutdown, terminated, bypassed, or allowed my machine to become infected. it also plays well with a wide spectrum of apps, security and otherwise, and it's pretty determined to not let you shoot yourself in the foot.


Mike

Thanks for the explanation simmikie. I feel better about Comodo now, but this person was still somehow able to do something with Comodo in order for this to happen, and we're still not sure what. On the other hand with Online Armor Free, or even the full version what could be changed by the user to cause such havoc? I don't think anything. I will say this. OA seems to stay in beta longer, and address and fix problems faster than Comodo. Maybe that alone is reason enough to switch.

-{ Quote: "Thanks for the explanation simmikie. I feel better about Comodo now, but this person was still somehow able to do something with Comodo in order for this to happen, and we're still not sure what. On the other hand with Online Armor Free, or even the full version what could be changed by the user to cause such havoc? I don't think anything. I will say this. OA seems to stay in beta longer, and address and fix problems faster than Comodo. Maybe that alone is reason enough to switch." }-
There is nothing wrong with Comodo. It was user error.

If NOD32 let a virus in to someone I would still use it. No program is perfect.

I agree Dieselman. But... I am not comfortable with having a fear of doing something with my security software by mistake and then having troubles. I know ThreatFire's Quarantine has caused some ills, and Spyware Terminator had caused some problems in the past. However, from what I read about in regards to this particular problem, it concerns me enough to move on to OA Free. I guess if it were addressed by the proper people in the Comodo Forums I would be less concerned, however once again this is where OA stands out. Mike always stays on top of any problems.

-{ Quote: "There is nothing wrong with Comodo. It was user error." }-

How do you know that?

There are at least 2 similar threads:
Defense+ locks the desktop and program menus (https://forums.comodo.com/help_for_v3/defense_locks_the_desktop_and_program_menus-t18523.0.html)
Comodo FW and locked up computer (https://forums.comodo.com/help_for_v3/comodo_fw_and_locked_up_computer-t18895.0.html)

-{ Quote: "How do you know that?

There are at least 2 similar threads:
Defense+ locks the desktop and program menus (https://forums.comodo.com/help_for_v3/defense_locks_the_desktop_and_program_menus-t18523.0.html)
Comodo FW and locked up computer (https://forums.comodo.com/help_for_v3/comodo_fw_and_locked_up_computer-t18895.0.html)" }-
1 user post doesn't make Comodo at fault.

-{ Quote: "How do you know that?

There are at least 2 similar threads:
Defense+ locks the desktop and program menus (https://forums.comodo.com/help_for_v3/defense_locks_the_desktop_and_program_menus-t18523.0.html)
Comodo FW and locked up computer (https://forums.comodo.com/help_for_v3/comodo_fw_and_locked_up_computer-t18895.0.html)" }-

i believe when you have a highly configurable app such as CFP3, if you are not paying attention, and/or are lazy and won't use the help files when you don't fully understand something, one can dig themselves a hole.

people have and perhaps still do, lock themselves out of their systems with Prosecurity and SSM (i think). does not make them poorly designed or buggy apps. hell, even an app designed from the ground up to be user friendly; Online Armor, you can probably block explorer.exe (yep, just checked, it's in my programs list, presently Trusted and allowed) and lock yourself out of your box.


Mike

-{ Quote: "i believe when you have a highly configurable app such as CFP3, if you are not paying attention, and/or are lazy and won't use the help files when you don't fully understand something, one can dig themselves a hole.

people have and perhaps still do, lock themselves out of their systems with Prosecurity and SSM (i think). does not make them poorly designed or buggy apps. hell, even an app designed from the ground up to be user friendly; Online Armor, you can probably block explorer.exe (yep, just checked, it's in my programs list, presently Trusted and allowed) and lock yourself out of your box.


Mike" }-

Agreed. Most people just click next,next,next or allow,allow,allow and never actually read what its asking you or telling you. Thats also how people get spyware or install unwanted tool bars cause they never fully read or comprehend what they are clicking.

-{ Quote: "i believe when you have a highly configurable app such as CFP3, if you are not paying attention, and/or are lazy and won't use the help files when you don't fully understand something, one can dig themselves a hole.
Mike" }-

The problem is that we don't know if it was user error (the only way is select Treat as Isolated Application, which it's hard to select by accident) or a bug or conflict.

-{ Quote: "Agreed. Most people just click next,next,next or allow,allow,allow and never actually read what its asking you or telling you. " }-


Yeah but when we say "most people" we usually refer to other people except those posting here..

We are too clever to have that problem.

-{ Quote: "Yeah but when we say "most people" we usually refer to other people except those posting here..

We are too clever to have that problem." }-


LOL.................................................:) My cousin is one of those people thats why he got 2 viruses.

http://forums.comodo.com/feedbackcommentsannouncementsnews/free_commodo_firewall_pro_v3-t16262.0.html

Doesn't sound like the fellow in the second post of this thread that also had the "lock out" problem with Comodo, was one of those people who just clicks next, next, next, allow, allow, allow.

-{ Quote: "http://forums.comodo.com/feedbackcommentsannouncementsnews/free_commodo_firewall_pro_v3-t16262.0.html

Doesn't sound like the fellow in one of these posts just clicks next, next, next, allow, allow, allow." }-

And your point is? That post was back in Nov.

Why are you so worried. Comodo has been running fine for me for about a month now and millions of others.

He was also using an emulator which are known to lock up pc's cause they try and make your cd drive encryption run differently.

OA has there share.

http://support.online-armor.com/forums/viewtopic.php?t=2966

http://support.online-armor.com/forums/viewtopic.php?t=2944

EC edit: Combined 4 posts.
Dieselman, next time you want to add something to your previous reply, please use the EDIT button in stead of posting three more replies. Thank you.

Honestly i hardly had any troubles with any of the software's I've used, and love trying different ones out. However, since I also believe I would most likely be fine with only an AV, I figure why take the chance at this point that the problems slowly cropping up with Comodo may happen to me. If 3.1 is deemed to run well than fine i may reinstall Comodo, but right now ZAAS has been running fine along with Avast Home and ThreatFire and in my opinion just as protective as Comodo would be. Also that thread began back in November and since then other people are posting about these "new" incidents. What bothers me is that at least Mike Nash and others are addressing and trying to help with the OA problems in that forum, where no one seems to be even be acknowledging them in the Comodo forums. Again if Comodo 3.1 which is scheduled for release on Monday gets a thumbs up I most likely will install it again. Remember although I do love trying out security programs, Comodo is my favorite and I hope it is a keeper this time.

-{ Quote: "Honestly i hardly had any troubles with any of the software's I've used, and love trying different ones out. However, since I also believe I would most likely be fine with only an AV, I figure why take the chance at this point that the problems slowly cropping up with Comodo may happen to me. If 3.1 is deemed to run well than fine i may reinstall Comodo, but right now ZAAS has been running fine along with Avast Home and ThreatFire and in my opinion just as protective as Comodo would be. Also that thread began back in November and since then other people are posting about these "new" incidents. What bothers me is that at least Mike Nash and others are addressing and trying to help with the OA problems in that forum, where no one seems to be even be acknowledging them in the Comodo forums. Again if Comodo 3.1 which is scheduled for release on Monday gets a thumbs up I most likely will install it again. Remember although I do love trying out security programs, Comodo is my favorite and I hope it is a keeper this time." }-

Comodo does not reply to bugs because it wastes time. Egemen, the lead developer replies to ones which keep getting posted.

-{ Quote: "Yeah but when we say "most people" we usually refer to other people except those posting here..

We are too clever to have that problem." }-

Well I don't post a lot here but I have to question that statement LOL.;D

Wordward. Those are isolated problems related to user error. Not Comodo error. Just cause it happened to 2-3 people doesn't mean it will happen to you. Do you releaize how many people have Comodo on there pc's with no problems. Probably atleast 10,000 or more. I may be wrong about that number but whatever. So 2-3 people cannot account for a bad product. I am a GM mechanic and just cause a truck has a problem doesn't mean all the other thousands of people with the same truck will have that same problem. Mike and the OA team keep addressing problems but with each new release comes more and more problems. 30 releases later since .31 and they still cannot get it right. Somebody might have gotten a virus using Avast. Then does that mean you will stop using Avast and go to another av. Come on now think. PC Mag wouldnt have wrote that article if they thought Comodo was faulty. Most people just click allow or deny without ever reading what they are clicking. Every problem can be fixed easily and is not permanent.

-{ Quote: "Comodo does not reply to bugs because it wastes time. Egemen, the lead developer replies to ones which keep getting posted." }-
Agreed. Spend time fixing real problems not user errors. If pay attention to what your clicking you should never have any problems.

EC edit: Combined 2 posts.
Dieselman, once again: next time you want to add something to your previous reply, please use the EDIT button in stead of posting three more replies. Thank you.

-{ Quote: " Mike and the OA team keep addressing problems but with each new release comes more and more problems. 30 releases later since .31 and they still cannot get it right." }-

While off topic, this is an inaccurate statement. Yes there have been 30(Builds/not releases), but there have also been many new features added.

Take a look at the number of builds of other software between releases, and you might find 30 is a small number.

Pete

I just wish there was no way that a user error could cause the problems I read about that some are experiencing with Comodo now, that's all. My wife uses my PC every so often instead of hers and although I doubt an intrusion may happen while she's using it or that if it does she wouldn't allow some nasty into my PC. But I believe I don't have to worry about a user error of hers locking me out of my PC with ZAAS or ThreatFire installed.

Dieselman,do you know if 3.1 will have the leak protection missing from 3.0? I want to run the firewall without Defense +. Right now I am using 2.4.

i

-{ Quote: "Dieselman,do you know if 3.1 will have the leak protection missing from 3.0? I want to run the firewall without Defense +. Right now I am using 2.4.
i" }-
Yes, there will be leak protection option during install located under the basic install option. Look at my diagram below. CAVS 3 engine may also be included.

Installation Modes

Defence+

Basic Firewall
Leak Protection

-{ Quote: "I just wish there was no way that a user error could cause the problems I read about that some are experiencing with Comodo now, that's all. My wife uses my PC every so often instead of hers and although I doubt an intrusion may happen while she's using it or that if it does she wouldn't allow some nasty into my PC. But I believe I don't have to worry about a user error of hers locking me out of my PC with ZAAS or ThreatFire installed." }-
With any firewall there can be user error by simply clicking deny by mistake. No firewall is perfect. If any mistakes are made thats why you do daily back ups and use system restore if things go wrong.

Has anyone compared the number of posts in the ZoneAlarm Pro help forum to the number of ones in the Comodo Pro 3.0 help forum? While I understand there are a lot people who use Comodo, there are many many more who use ZoneAlarm Pro, and yet it looks as if the number of people who need help in the Comodo v3 help forum is increasing at a faster pace than the number of people who need help in the ZoneAlarm Pro help forum. Maybe version 3.1 of Comodo Pro will help with this.

There are thousands of complaints in ZA. look

http://forums.zonealarm.org/zonelabs/

Woodward

Seems to me you are beating a dead horse. If you are worried about Comodo, then just don't use it. That's easy. No money lost. Just seems like you keep asking hoping eventually everyone will agree with you.

Pete

Comodo has one area for V3 help. Where as ZA has tons of areas. Add it up your self. There are tons and tons more complaints in ZA forums then Comodo's. There are over 4000 in just installation.

-{ Quote: "Has anyone compared the number of posts in the ZoneAlarm Pro help forum to the number of ones in the Comodo Pro 3.0 help forum? While I understand there are a lot people who use Comodo, there are many many more who use ZoneAlarm Pro, and yet it looks as if the number of people who need help in the Comodo v3 help forum is increasing at a faster pace than the number of people who need help in the ZoneAlarm Pro help forum. Maybe version 3.1 of Comodo Pro will help with this." }-

You do need to consider how long these have been available when making comparisons of this sort. The number of new users of the Comodo programs is increasing very rapidly. I would imagine that most ZA users have been familiar with it for years.

-{ Quote: "Has anyone compared the number of posts in the ZoneAlarm Pro help forum to the number of ones in the Comodo Pro 3.0 help forum? While I understand there are a lot people who use Comodo, there are many many more who use ZoneAlarm Pro, and yet it looks as if the number of people who need help in the Comodo v3 help forum is increasing at a faster pace than the number of people who need help in the ZoneAlarm Pro help forum. Maybe version 3.1 of Comodo Pro will help with this." }-

IMHO, Comodo is stable. But it has a learning curve, due to the fragmentation of the information tabs. And many people, don't want to read the help file. If you don't read the help file, you will soon need "forum help".

For example, why is this user even trying to run Comodo?
http://forums.comodo.com/help_for_v3/which_bit_version-t19079.0.html

If he can't tell if he is running 32 or 64bit Windows, he will become desperate soon after he starts using Comodo. What can that person understand from a D+ alert?

Or this "Comodo is blocking my exes".
http://forums.comodo.com/help_for_v3/comodo_is_blocking_my_exes_i_think_i_just_made_a_huge_mess-t18883.0.html

Is it trully Comodo's fault or the man's behind the keyboard that doesn't pay attention on what he clicks on pop up alerts? Why don't all others lock ourselves out too? Comodo with D+ is supposed to provide total lockdown from malware. If you are not careful enough, it is obvious that will block you out too. That's what HIPS are supposed to do. Same thing used to happen with classical HIPS, in case you were abbandoning learning mode before doing a reboot. It's like installing an armored antiburglar door on your house, you accidentally go out and shut the door behind you. Uh, oh... I forgot the keys and the simple locksmith says he can't open it. My door locked me out! Now i have to call the fire brigade... It's the door's fault...

Zone Alarm is easier to use. It doesn't have so many pop up alerts and the interface is less fragmented. Of course it doesn't have the same level of security either. But has its fair share of real bugs.

-{ Quote: "IMHO, Comodo is stable. But it has a learning curve, due to the fragmentation of the information tabs. And many people, don't want to read the help file. If you don't read the help file, you will soon need "forum help".
" }-
I couldnt have said that better myself. thank you. Maybe now Wordward will get it.


.

More and more people are moving to free protection ( Comodo, Online Armor ). Less people are using shareware so there number are decreasing and so is the need for help. Wih more and more people using Comodo and or Online Armor then the need for help is gonna go up. Fuzz is correct.

-{ Quote: "More and more people are moving to free protection ( Comodo, Online Armor ). Less people are using shareware so there number are decreasing and so is the need for help. Wih more and more people using Comodo and or Online Armor then the need for help is gonna go up. Fuzz is correct." }-

I think also that Comodo HIPS are still very young and needs fine tuning. It took quite sometime for ZA to develop the ZA OSfirewall (the HIPS part), improve it and make it user friendly (balancing protection and usability).

It is not easy at all to find a good balance that will make everybody happy.
Give to Comodo some more time... and they will get there (hopefully).

Than its FREE what do you want more?

Cheers,
Fax

Actually all I was hoping for was the reassurance that has now been given in this thread. I didn't get it in the Comodo forum however, and that was more of my concern than anything else. I will in most likely hood install Comodo Pro 3.1 this week and be happy, but again I do hope some kind of "safety net" is added to it in the future to prevent any possible user "lock out" problems. Thanks to everyone here who helped me feel better about Comodo and take care.

-{ Quote: "I think also that Comodo HIPS are still very young and needs fine tuning. It took quite sometime for ZA to develop the ZA OSfirewall (the HIPS part), improve it and make it user friendly (balancing protection and usability).

It is not easy at all to find a good balance that will make everybody happy.
Give to Comodo some more time... and they will get there (hopefully).

Than its FREE what do you want more?

Cheers,
Fax" }-

True. Comodo isn't suitable for everyone. It needs patience, basic HIPS knowledge and time to read help files. Personally i still think a bit before going to the right tab, when i want to inspect some settings. I don't remember them on the first click yet. Comodo's HIPS is a geeky one. It's like classical HIPS, while ZA follows a semi-automatic mode.

ZA on the other hand, can be set to make many things automatically (even by asking the ZA online database), it doesn't ask so many things and the user isn't necessary to know what a HIPS is. Also you are less prone to take some catastrophic decision.

But, as stated, Comodo is free, excellent in leak tests and very light even when handling many connections (CPU Time is very low). So, one must decide what can handle.

-{ Quote: "Actually all I was hoping for was the reassurance that has now been given in this thread. I didn't get it in the Comodo forum however, and that was more of my concern than anything else. I will in most likely hood install Comodo Pro 3.1 this week and be happy, but again I do hope some kind of "safety net" is added to it in the future to prevent any possible user "lock out" problems. Thanks to everyone here who helped me feel better about Comodo and take care." }-

Wordward, it isn't enough to read a bug report only, but the description of the bug too. Now, if that fella were to go and say "Ι was merrily surfing when out of the blue, i couldn't execute anything", i would think it is a Comodo bug. But, when you see a person who says "I got a pop up alert, which i don't remember what it was about, and i clicked something, which i presume blocked something and then i couldn't execute files anymore", odds are, that he screwed up the HIPS rules by his own bad decision.

Unfortunately, people like him, are afflicted by the "happy clicking" syndrome. They use such a firewall, just because THEORETICALLY they are safe. But, if you are a happy clicker, you might as well drop Comodo alltogether and use ZAF. Because a classical HIPS, like D+, is only as good as the user behind it. If you click some pop up alert, that you don't pay attention too and take a decision that you don't remember etc, it means that for you HIPS is useless and you should move to another firewall... People like this, can easily get infected and then go again to the forum and say "Malware passed through D+!!!".

So, a bug report, must be critically read, to see the circumstances and the credibility of the person that reports it.

An explanation as to how he might have locked himself out, is already given in the thread.

After all, reboot in safe mode and uninstall isn't all that terrible... If couldn't boot into Windows at all, now that would be a problem.

Another good point Fuzz. I always read my pop ups and what they say. I never just click away.

I rest my case.

http://forums.comodo.com/help_for_v3/comodo_is_blocking_my_exes_i_think_i_just_made_a_huge_mess-t18883.30.html

-{ Quote: "CFP allows the users to quarantine exlporer and default file groups" }-

It is the users fault.

The mod also said this in their post.

This should be considered as a major issue because a novice user can easily make a mistake and make it's system unusable!
And it has to be fixed as soon as possible.

I think at least the mod agrees that it still needs to be fixed Coolio10. And Dieselman, since I know you'll be posting soon. LOL.

-{ Quote: "The mod also said this in their post.

This should be considered as a major issue because a novice user can easily make a mistake and make it's system unusable!
And it has to be fixed as soon as possible.

I think at least the mod agrees that it still needs to be fixed Coolio10. And Dieselman, since I know you'll be posting soon. LOL." }-

Its only a problem if you do not pay attention to what you are clicking. This guys problem did not happen by itself. he clicked and block things without reading them. Things that should not be blocked. What the modder means is that for a novice it can be a problem but it still is user error.

The fixing of this issue maybe also reduce security. Taking away the option to block with explorer.exe will take away some parent-child protection.
I am still wondering how this happened because clean-pc mode would of classified the explorer.exe or other processes as clean.....hmmmm

-{ Quote: "I rest my case.

http://forums.comodo.com/help_for_v3/comodo_is_blocking_my_exes_i_think_i_just_made_a_huge_mess-t18883.30.html" }-

"his should be considered as a major issue because a novice user can easily make a mistake and make it's system unusable!"

I rest my case too. Happy clicker case... Some people shouldn't be using certain programs...

-{ Quote: "The fixing of this issue maybe also reduce security. Taking away the option to block with explorer.exe will take away some parent-child protection." }-

Could be. I think some classical HIPS have had a heated debate in the past about trusting or not explorer.exe. I think PG was one of them. It was like usability vs security issue.

If I can chime in, I don't use Comodo but I do use System Safety Monitor HIPS. The ss shows just a handfull of "child" applications that explorer.exe controls, where I have changed the child application iexplore.exe from "allowed" to "blocked", just for illustrative purposes. There was/is nothing to stop me from doing this! If I leave this be, IE will not start.

Do we blame SSM for this and, while we are at it, other HIPS and applications (Comodo included) that incorporate HIPS functionality in their products? Of course not. We use a HIPS at our own risk. If we know enough of what we're doing or take the time to learn, then there is less chance of making these semi-catastrophic errors, but they could still happen. It's the risk we take when using these utilities. However, the pay-off in the long run such as preventing malware can be extremely beneficial.

Haven't heard of any problems lately, but again when one of the Comodo Mods agrees it needs to be fixed at least for the novice user. Well then maybe there's something more to it, and it should be fixed. The old Comodo website page use to mention the firewall can be used by novices. However, the new and improved website says nothing about novices that I saw. Time will tell if any more problems pop up, but I guess it's time to give the new version a spin. Thanks for everyones input and hopefully Comodo Pro will deliver what has been promised.

-{ Quote: "If I can chime in, I don't use Comodo but I do use System Safety Monitor HIPS. The ss shows just a handfull of "child" applications that explorer.exe controls, where I have changed the child application iexplore.exe from "allowed" to "blocked", just for illustrative purposes. There was/is nothing to stop me from doing this! If I leave this be, IE will not start.

Do we blame SSM for this and, while we are at it, other HIPS and applications (Comodo included) that incorporate HIPS functionality in their products? Of course not. We use a HIPS at our own risk. If we know enough of what we're doing or take the time to learn, then there is less chance of making these semi-catastrophic errors, but they could still happen. It's the risk we take when using these utilities. However, the pay-off in the long run such as preventing malware can be extremely beneficial." }-

That's exactly the point. This is a similar screenshot, from Comodo's policy regarding explorer.exe access rights. As you can see, nobody prevents me from idiotically change "run an executable" from ask (default setting) to Block...

http://img175.imageshack.us/img175/1960/99005647uy1.png

If i click "apply", i will have locked explorer.exe from executing any exe on my pc. And who should i blame? The whole point of not giving an always allow option, is for security. If i click modify, i then have an allowed exe list and a blocked one, that i can modify too and block a specific application, like in your SSM setup.

Now, novices, should either stay away from Comodo or learn their lessons. If a leak test comes out that now takes advantages of this new "novice protection mode", which they are imposing to us, the same novice will be thundering in the forum for Comodo's failure to protect effectively explorer.exe from being used to launch X application.

Novices, should start with ZAF, then move to Kerio which has a basic HIPS for example and then move further to SSM . Comodo is the most complicated firewall i have seen. I have also installed 2.4 once and couldn't figure it out. Seems much more complicated than 3.0.

Also, if the novice is a daredevil and wants to swim in deep waters, it is more wise to let him be taught a lesson. I have lost count of the times i have screwed my own pc and for each time, i learnt something new. And didn't blame the software for it when it was my fault. I remember in early SSM betas, i had locked myself out. It is much more educative for the novice to learn to be very careful with explorer.exe and to learn to READ what he clicks on, than tell him "No worries buddy, we will change settings, so that you won't be able to block it anymore".

Hi guys,

As I already said over at the comodo forums, that problem most probably was a user mistake and not a bug in CFP. But:

1. Even if you block all actions on explorer.exe and reboot you will be able to enter in the windows enviroment and navigate through the various folders. (This seems a bug to me; CFP should not allow you to do it...)

2. If you use the quarantine to quarantine exlorer.exe you will not be able to enter in windows enviroment (you will see the desktop background and nothing else).

3. CFP should never allow a user to quarantine his sytem files, or explorer.exe or all exes. At least not without a BIG WARNING! If you quarantine your system files and reboot, you will enter in an infinite loop of reboots. CFP should have warned you about this, but it didn't. And this for me is a big issue!

4.The simpliest fix should be just that. A big popup that will recall the users attention that he is doing something wrong. If even after that he decides that he want to proceed, he will now that it was his fault...

Panagiotis

Finally. Thank you pandlouck.

This can be done with any firewall. I was able to do it using ZA as a test. I was allowed to block explorer.exe. Most novices don't know that explorer.exe is part of Windows hence the happy clicker.

Microsoft should also put a big warning with neon lights: "Are you mad?? This is Window's system folder! Are you completely sure?" every time a user tries to delete a file from C:/Windows. Because you can actually delete plenty. ;D

-{ Quote: "Microsoft should also put a big warning with neon lights: "Are you mad?? This is Window's system folder! Are you completely sure?" every time a user tries to delete a file from C:/Windows. Because you can actually delete plenty. ;D" }-

So very true.

It's not just Comodo on this issue. When I was testing KAV, I used to cringe on every install when PDM would pop up a warning saying explorer.exe was an invader, and give you options.

Can just see what a newbie would do with that.

All these programs need some common sense on certain windows files.

-{ Quote: "It's not just Comodo on this issue. When I was testing KAV, I used to cringe on every install when PDM would pop up a warning saying explorer.exe was an invader, and give you options.

Can just see what a newbie would do with that.

All these programs need some common sense on certain windows files." }-

It's not just KAV either. Prolly every HIPS since SSM and Process Guard can create catastrophic results if you make wrong decisions or rules changes.

The question is... Comodo is one of the most complex firewall-HIPS combos out there. If someone isn't capable to recognizing the importance of explorer.exe or other windows processes so to be careful on what he decides, will he really take any advantage of the HIPS? Should he really be using it? A person that doesn't know about explorer.exe and needs a warning to tell him that "this thing is dangerous!" , what is he going to think when he will get a pop up alert like in CPIL leak test for example, that patches explorer.exe? What's is going to understand from "memory access", "global hooks" etc? Nothing! He is going to play russian roulette.

To use Comodo with *some* probability of success against infections, you must be already in the position to know who are the basic windows processes and what are the common attack methods (launchers,process-reg injection, direct physical memory access, global hooks etc). If you don't, it means you must start from lower difficulty programs , because using Comodo without some knowledge only gives you a false sense of security.

It's much better to have a less capable firewall, but which you understand fully and you are aware that it is not "extremely safe", so to take more defence measures, than go to the "complete lockdown" firewall you don't understand, just because it "is much safer firewall".

If you know nothing about weapons and you buy a machine gun , should the manufacturer put a warning pop up flag on the safety pin, when you switch it to "automatic fire"? Then another pop up warning flag saying "Attention! This is automatic gun. Recoil can be severe. Make sure you position firmly the gun on your shoulder to avoid injury?" No. If you shoot your foot, or if the recoil brakes your shoulder,it's your fault. You should be practising with paint ball, then with light hand guns, then with heavy hand guns, then rifles , to finally be able to handle maching guns.

So we all are in agreement that Comodo is not at fault for that guys lock out problem. Correct !

-{ Quote: "So we all are in agreement that Comodo is not at fault for that guys lock out problem. Correct !" }-

Personally, i don't think it's Comodo's fault, unless someone manages to recreate a non idiotic way with which i could lock myself out.

For example, apart that guy's case... This "2. If you use the quarantine to quarantine exlorer.exe you will not be able to enter in windows enviroment (you will see the desktop background and nothing else)."

Why would a logical person quarantine explorer.exe?

This is like "If you are driving uphill on a mountain road and you leave the engine rpm to drop too much because you don't know what that "stick"next to you and clutch are for ,then your engine will shut off".

No kidding! That's what driving lessons are for! If you don't know how to use the clutch, you should have bought an auto-transmission car. Don't blame the car!

-{ Quote: "So we all are in agreement that Comodo is not at fault for that guys lock out problem. Correct !" }-
Correct!

-{ Quote: "For example, apart that guy's case... This "2. If you use the quarantine to quarantine exlorer.exe you will not be able to enter in windows enviroment (you will see the desktop background and nothing else)."

Why would a logical person quarantine explorer.exe?" }-
Because mistakes do happen. And default groups like Explorer.exe, system files, etc. should not appear in the quarantine dialog! A bad mouse click (not intentional) can give headaches even at the advanced users!

Maybe you do not use defence+ to create your own group of files and to quarantine them with a simple click.

And this can easily happen with a not so responsive mouse, or a wireless mouse in low battery state!

Panagiotis

Yes, i have only one folder quarantined. I know mistakes happen, so i have learnt that nobody rushes you with a decision in a hips. And i always read well before i hit apply. After all, is there a time bomb about to explode that forces me to do the happy clicking routine? No.

You can make all changes you like to help newbies, i simply don't regard such things as Comodo's bugs or as outstanding issues.

Pandlouk,

Given the opportunity, could you answer my post no. 56, here?

http://www.wilderssecurity.com/showthread.php?p=1177060#post1177060

Because IMHO, this IS an outstanding issue. A new feature - av scanner - is in the new version and nobody seems to able to tell if and when and how it updates.

-{ Quote: "Yes, i have only one folder quarantined. I know mistakes happen, so i have learnt that nobody rushes you with a decision in a hips. And i always read well before i hit apply. After all, is there a time bomb about to explode that forces me to do the happy clicking routine? No." }-
True, but you should consider that a security program should protect also the novice users from themselves. ;D

-{ Quote: "You can make all changes you like to help newbies, i simply don't regard such things as Comodo's bugs or as outstanding issues." }-
I never said that it was a bug or that is an outstanding issue. I only said that should be considered as a big issue especially for novice users.

For me the bug (not a big one) is that although I block explorer.exe (not quarantine) it still executes after the reboot...

For that Av scanner: I do not have a clue if and when it updates. But a wild guess is that will check for updates when you will update manually or when CFP checks for automatic updates.

ps.I never discuss critical bugs or outstanding issues in public fora. For those there is the private section for moderators/administrators at the http://forums.comodo.com/ .:)

-{ Quote: "True, but you should consider that a security program should protect also the novice users from themselves. ;D " }-

Ok, acceptable. Simply, being discusses these issues in the same thread with the "lock out" thread, can give the impression that we talk of bugs.

-{ Quote: "
I never said that it was a bug or that is an outstanding issue. I only said that should be considered as a big issue especially for novice users.

For me the bug (not a big one) is that although I block explorer.exe (not quarantine) it still executes after the reboot... " }-

LOL! Yes, i can understand that. But, just immagine. If a newbie does block explorer.exe, then you will have complaints that he got locked out. ;D :argh:

-{ Quote: "
For that Av scanner: I do not have a clue if and when it updates. But a wild guess is that will check for updates when you will update manually or when CFP checks for automatic updates.

ps.I never discuss critical bugs or outstanding issues in public fora. For those there is the private section for moderators/administrators at the http://forums.comodo.com/ .:)" }-

Ah, thank you! I haven't seen any updates yet. No big deal, i just wanted to know.

For the history, i asked twice about the av update issue in Comodo's forum, but got no reply, although both threads were read by either Melih or Egemen, who replied to other posts. That's why i disturbed you here.

Here's yet another problem I'm wondering if anyone heard about. I started getting the itch to use Comodo again, but I'm glad I checked their forum first as it helped to scratch that itch. I'm also glad ThreatFire is running so smoothly as it scratches the itch even more. LOL.

http://forums.comodo.com/help_for_v3/oh_my_god_security_policy_got_screwed_up-t19609.0.html

-{ Quote: "Here's yet another problem I'm wondering if anyone heard about. I started getting the itch to use Comodo again, but I'm glad I checked their forum first as it helped to scratch that itch. I'm also glad ThreatFire is running so smoothly as it scratches the itch even more. LOL.

http://forums.comodo.com/help_for_v3/oh_my_god_security_policy_got_screwed_up-t19609.0.html" }-
If you take the time to actually read those posts those are mainly Vista problems with "In place updates" Not full install of a new version.

Those problems are from newbies who do not know how to export and import there settings.