Anyone else heard of this with Comodo Pro Firewall?

I mentioned this in another thread here, but after reading more about it in the Comodo Forums I have more than a little concern over using Comodo Pro Firewall for now. I posted my concerns under my other user name in the Comodo Forums, but got nothing back so far to ease any of my worries. I have to admit that if this was about Online Armor, Mike would have been on it already. I will also admit that the new release of OA Free that'll soon be out, is starting to sound even better now.

http://forums.comodo.com/help_for_v...i_think_i_just_made_a_huge_mess-t18883.0.html

 

There is nothing too amazing about this. Most HIPS will question the user about explorer.exe so what makes it different with comodo? I bet online armor does it too. All depends on the users concentration on the alert.

 

It appears like it was a bad install or you made a booboo, so uninstall in safe mode clean out the registry and reinstall and don't let this little setback prevent you from using Comodo firewall Pro 3.

 

Honestly I don't remember Comodo or OA Free asking, but I know ThreatFire never did. As a matter of fact I don't recall Prosecurity Free asking after three days in learning mode. The part that bothers me is that a popular program like Photoshop was invloved. My wife uses it and although I wouldn't install Comodo on her PC, there has to be people who have both Photoshop and Comodo installed. Maybe I just don't understand this, but it seems to me that this shouldn't be happening.

 

You can put photoshop in under Firewall/Define a New Trusted Application, that is one you have CFP 3 back on your computer.

 

You need to ask yourself this.... Do you really need COMODO anyway? Why do you need it? Why exactly do you want to use it?

 

Honestly I ask myself why I need anything more than a decent AV. It's just I liked the idea of having a just in case set up software and Comodo seemed like a keeper. I doubt what happened to the person in the thread would happen to me. But if there is a chance then why use Comodo for protection, especially when in most likely hood, I would never need it.

 

Then lose it. If your having extra protection without it doing anything why keep it. A good av can stop most infections.

 

Ask yourself this Wordward. Is one post enough to dump one of the best firewalls on the market. NO.

 

Two ways:
1) The user selected Treat this application as "Isolated Application" + Remember my Answer + OK when asked about explorer executing photoshop
2) A bug in Comodo FW

 

Thank you. And for Dieselman, it's the number 2 in ggf31416's reply that concerns me.

 

After running CPF for a week or two without incident, liking it very much by the way, I answered a prompt wrong and found myself without sufficient rights to log on or off.

An image backup saved my bacon once again.

I will probably revisit this firewall when they change the way pending files are handled.

 

This is all I'm trying to convey as to why I have some concern using Comodo Pro 3.0 again. One little mistake some evening because I don't answer something properly and my wife's down my back. Oh wait, I mean I could end up getting locked out of my PC or something. LOL. Seriously though, I don't think this is any small matter. I too really like Comodo Pro and want to use it, but not before this gets fixed. The thing is there doesn't seem to be a lot of concern from the powers that be in the Comodo Forum as far as addressing this issue and as to when it will be fixed. I'm sure OA Free has never had a problem like this, and I hear the new version coming out soon is going to be very good, so maybe that's the way to go for now. Or maybe for good?

 

someone has said, "there are two sides to a story and then there is the truth". i would be willing to bet the OP did less than full disclosure on how he had Defense Plus set, and the precise, step-by-step actions he took. may sound mean, but not meant to. people seldom fully fess up to their culpability in these situations.

CFP3 while requiring attention to detail to safely/effectively configure, it provides many tools to assist. explorer.exe is most assuredly in Comodos safelist, and with CFP3 in Clean Computer or Train with Safe Mode, and Photoshop folder in My Safelist, i doubt he would have even received a pop-up. CFP3 would have just auto learned what explorer.exe needed to work with Photoshop (and now that i think about it, a very popular program like Photoshop, it too is probably in Comodos safe file list....again i doubt full disclosure was given). in fact i just checked. explorer.exe is under Predefined Security Policies as a Windows System Application, which provides full access rights. "Run an executible" provides only ask/block, but in modify there is an icon with a wildcard. i believe that to mean explorer.exe has free reign to execute any file in Comodos Safelist or the end-users My safelist without an alert.


Mike

 

Online Armor is a powerful, well supported FW/Hips. i have beta-tested for a year now, and in that time i have thrown leak/reg/termination tests at it, live adware/spyware/rootkits/trojans/keyloggers at it, and it has never been shutdown, terminated, bypassed, or allowed my machine to become infected. it also plays well with a wide spectrum of apps, security and otherwise, and it's pretty determined to not let you shoot yourself in the foot.


Mike

 

Thanks for the explanation simmikie. I feel better about Comodo now, but this person was still somehow able to do something with Comodo in order for this to happen, and we're still not sure what. On the other hand with Online Armor Free, or even the full version what could be changed by the user to cause such havoc? I don't think anything. I will say this. OA seems to stay in beta longer, and address and fix problems faster than Comodo. Maybe that alone is reason enough to switch.

 

There is nothing wrong with Comodo. It was user error.

 

If NOD32 let a virus in to someone I would still use it. No program is perfect.

 

I agree Dieselman. But... I am not comfortable with having a fear of doing something with my security software by mistake and then having troubles. I know ThreatFire's Quarantine has caused some ills, and Spyware Terminator had caused some problems in the past. However, from what I read about in regards to this particular problem, it concerns me enough to move on to OA Free. I guess if it were addressed by the proper people in the Comodo Forums I would be less concerned, however once again this is where OA stands out. Mike always stays on top of any problems.

 

How do you know that?

There are at least 2 similar threads:
Defense+ locks the desktop and program menus
Comodo FW and locked up computer

 

1 user post doesn't make Comodo at fault.

 

i believe when you have a highly configurable app such as CFP3, if you are not paying attention, and/or are lazy and won't use the help files when you don't fully understand something, one can dig themselves a hole.

people have and perhaps still do, lock themselves out of their systems with Prosecurity and SSM (i think). does not make them poorly designed or buggy apps. hell, even an app designed from the ground up to be user friendly; Online Armor, you can probably block explorer.exe (yep, just checked, it's in my programs list, presently Trusted and allowed) and lock yourself out of your box.


Mike

 

Agreed. Most people just click next,next,next or allow,allow,allow and never actually read what its asking you or telling you. Thats also how people get spyware or install unwanted tool bars cause they never fully read or comprehend what they are clicking.

 

The problem is that we don't know if it was user error (the only way is select Treat as Isolated Application, which it's hard to select by accident) or a bug or conflict.