The thing is, it is being flagged as malware after looking up in cloud. This wasn’t happening before with same CIS version. To me it sounds more like bug in detection mechanism rather than FP.
If so it is probably a bug in the cloud detection and so need reporting as an FP.
CIS just uploads the file - its possible that there is a problem with this but you would need more evidence.
It’s not local heuristics…
These XML files are a standard part of an MSI installer. I believe they are part of the installation instructions, but am not totally sure.
What you are seeing is the files left when the MSI installer unpacks to ready itself for installation.
In this case they relate to a branded version of CIS, the Yandex version
Kind regards
Mike
Video circumvention Сomodo 8 version. The CIS 7 and CIS 6 version of this Statement is not allowed.
Can you give a brief description of what the video is showing and how that circumvents CIS v8?
The file name changes per installation, but always begins with cisxxxx.exe
==Bump==
[attachment deleted by admin]
I’m using CIS since v3.x and, to make it short, I’ve only seen it getting worse at each release.
I used to love Comodo, and I still have hope for this company, but something has to change here.
I am a coder and I repair computers, and I’ve been installing CIS to each one of them, been suggesting it to friends and other people, but the amount of problems that both myself and these people are having with it are increasing with each release of CIS, to a point that I can’t no longer suggest it, and I actually even stopped installing it in the computers I repair, sometimes just because it just doesn’t work.
The problems are countless, starting from poor protection at default settings (I often get infected computers in return, which I can only clean with other, non-Comodo software like malwarebytes, as Comodo either don’t detect the malware which it let in, or it simply stopped working (they disables the AV) and won’t work even after clean reinstalls), random installation problems even in fresh Windows installations, countless bugs that can hang your whole system, it repeatedly ask you the same questions over and over (like the inability to set some executable as safe, inability to exclude detection of certain files as possible malware if these files are in a removable drive, and so on), and a generally intricate, slow and time wasting way of reporting bugs, that can only prevent people from doing so, without mentioning the unprofessional support that you get, like when you’re asked to do a clean reinstall by using a third-party registry cleaner…
There’s plenty more, though, like the broken updater that often fails when you’re updating from a previous major version, which is something that hasn’t been fixed in YEARS.
Seriously, you need to think how much does it take to anyone to just uninstall your product and go elsewhere, compared to the efforts needed to report a bug, that needs you to read through pages and pages of forum posts, made by someone which isn’t even a developer of Comodo and that obviously don’t even know how Windows works, all in the intent of making you fix your own “problems” (which are really problems of CIS, as it’s the only application out of the hundreds I have installed that don’t work right), instead of finding out why CIS has problems with certain configurations and fixing it. Once my “problem” is fixed, you’ll no longer have a chance of finding out why it wasn’t working properly, and that’s telling alot about a developer.
All of this frustration was there since a lot of time, but this new v8 is the icing and made me wanting to post about it.
I went ahead and uninstalled v7 completely, then manually removing all the remaining traces of Comodo from filesystem and registry, just to find out the new version is as bad as v7, if not more.
First my problem described here https://forums.comodo.com/bug-reports-cis/cmdagent-memory-leak-t105786.0.html is still present (sorry but I’m not going to “clean my registry” just because you say so), then I got a problem while installing it (on win7 x64), which needed me to do it all over again, eventually working but now it keeps showing me that “call a technician” window whenever it detects what it considers as malware, no matter if I tell it to not show me that again, and the topping is that I can’t just install it on a client’s pc that’s running win 8.1 x64, and that’s a new laptop, that just came out of the factory, it just returns me that error that’s already been posted in this forum: “Fatal error during installation”.
All of that leads me to a question: do you really test your software or you just rush a release out to make it in time for the “december internet security suites release party”?
You’ve done a lot of good things with CIS, adding features that potentially can make it really rock, but the amount of problems and bugs that you get from installing to daily use is astounding. You have to understand that very small issues like that one I described (the call a technician window) makes you wonder “if they couldn’t make this silly thing right, am I really sure everything else is good and I am really protected under ANY circumstance?”. If it’s so easy to make CIS go haywire, how can I trust its security? Why should I spend so much time trying to make it work in my clients computers if they get infected anyway, while I can just enable the default windows firewall and install another AV software in 5 minutes and get my money in less time and without headaches?
Can’t you just add a “report a bug” menu item in CIS that automatically collects all the needed informations and sends everything at once to the developing staff?
You may think this is just some hateful and angry post made by some hateful and angry person and well, you’re right. I’m angry because I love Comodo and I love CIS, and I can’t use it anymore. I’m angry because I need to uninstall it from my clients computers and install something else, when they hit problems with it. I’m angry because you could have the best Security Suite out there if only you wouldn’t rush it to make it in time for each december release date. I hate you for driving away so many old time users with this attitude, because I’ve seen this happening alot in the past and the only answers they would get was from some fanboi defending Comodo at 100%, and/or just the usual “please go through countless hours of bug reporting so that you’ll eventually give up and we won’t have to fix anything”-path.
What I’m asking is to stop and realize that there are problems, and don’t deny them. Take your time and develop a better way to report bugs, which would only require the user minimal interaction and then fix those silly bugs, and make CIS the best one again.
You may not realize how many people are having problems with CIS right now, and that’s just because they don’t even care to report them. They just uninstall and forget. Don’t take forum as a real statistical source because most users don’t care to join it, and even more users don’t even care to report any problem, because it’s easier to just install something else.
I’m having problems in so many different configurations and OS versions that I’m 100% sure it’s not me, even more because in most cases I’m just using the default setup. But even if it was my fault, if it fails on the hands of a coder and technician with over 25-years of experience, how many problems would it give to a computer illiterate?
If you need my help to help you identify problems and fix them just ask, but please give me some experienced person to talk with, as I don’t have time to waste with basic stuff such as “did you update windows?”, or “install ccleaner”. No offense to anyone, but that’s something that only people with no idea of system internals use. I used to be like that too when I started playing with Windows, but those times are long gone now.
You have the luck to have an active forum with lots of good and experienced people that WANTS to help you, and not just fanbois and illiterates like it happens for other companies. Make use of all this man-power in the right way, and you’ll become the best.
And the odious attitude of “XYZ product is worse than CIS anyway, so it’s all fine” isn’t helping, either. Just because CIS isn’t the worst under some conditions or for some specific feature, it doesn’t mean it can’t get better than it is, or that it doesn’t need to improve.
The first thing I want in ANY product is stability and reliability, and that should become your strong point in my opinion. Most people don’t have the will power or the time to fix problems, even if it’s just silly and small ones, and any bug can drive a user away, so that should always be #1 priority for me.
I hope you take all of this in the right way, as a constructive criticism. I wouldn’t be that angry if I didn’t care about your product.
Either way, I don’t care if you’ll hate me as long as you’ll work hard and make CIS good once again. Please show me that I didn’t waste the faith that I’ve put in you in all these years, and show me that you care about your product at least as much as I do.
–edited to make it clearer I’m not 25yo but I have 25 years of experience 
The proposal announced:
https://forums.comodo.com/wishlist-cis/reporting-errors-by-cis-add-menu-item-to-report-bugs-t108308.0.html;new#new
I understand your frustration but I will comment on some things where I feel your frustration is distorting the facts. It’s not to diminish your concerns but to keep a balance that is for all to be understood.
Unfortunately this is true for all security programs. No anti malware solution can keep up at any given point in time with the big amounts of malware getting produced. In case of an infection you will have to use other security programs. It’s not specifically for Comodo.
At the forums we suggest to up the security settings from CIS following Chiron’s recommendations as described in his article How to Install Comodo Firewall.
or it simply stopped working (they disables the AV) and won't work even after clean reinstalls), random installation problems even in fresh Windows installations, countless bugs that can hang your whole system, it repeatedly ask you the same questions over and over (like the inability to set some executable as safe, inability to exclude detection of certain files as possible malware if these files are in a removable drive, and so on),
and a generally intricate, slow and time wasting way of reporting bugs, that can only prevent people from doing so, without mentioning the unprofessional support that you get, like when you're asked to do a clean reinstall by using a third-party registry cleaner...This is an end user support forum. You are making a caricature of [url=https://forums.comodo.com/install-setup-configuration-help-cis/most-effective-way-to-reinstall-cis-to-avoidfix-problems-t58620.0.html]Most Effective Way to Reinstall CIS to Avoid/Fix Problems[/url].
There's plenty more, though, like the broken updater that often fails when you're updating from a previous major version, which is something that hasn't been fixed in YEARS.
Seriously, you need to think how much does it take to anyone to just uninstall your product and go elsewhere, compared to the efforts needed to report a bug, that needs you to read through pages and pages of forum posts, made by someone which isn't even a developer of Comodo and that obviously don't even know how Windows works, all in the intent of making you fix your own "problems" (which are really problems of CIS, as it's the only application out of the hundreds I have installed that don't work right), instead of finding out why CIS has problems with certain configurations and fixing it. Once my "problem" is fixed, you'll no longer have a chance of finding out why it wasn't working properly, and that's telling alot about a developer.The Comodo forums are like many other support forums for and by end users. The level of knowledge of users varies and is to be expected.
All of this frustration was there since a lot of time, but this new v8 is the icing and made me wanting to post about it. I went ahead and uninstalled v7 completely, then manually removing all the remaining traces of Comodo from filesystem and registry, just to find out the new version is as bad as v7, if not more. First my problem described here https://forums.comodo.com/bug-reports-cis/cmdagent-memory-leak-t105786.0.html is still presentThat report did not meet even the minimum of standards for a bug report.
(sorry but I'm not going to "clean my registry" just because you say so),Again making a caricature.
then I got a problem while installing it (on win7 x64), which needed me to do it all over again, eventually working but now it keeps showing me that "call a technician" window whenever it detects what it considers as malware, no matter if I tell it to not show me that again, and the topping is that I can't just install it on a client's pc that's running win 8.1 x64, and that's a new laptop, that just came out of the factory, it just returns me that error that's already been posted in this forum: "Fatal error during installation". All of that leads me to a question: do you really test your software or you just rush a release out to make it in time for the "december internet security suites release party"?I recently ran into error 1603 while trying to install CIS v8 on another person's pc. I have not witnessed the "call a technician" window pop up after it was set to no longer show
You've done a lot of good things with CIS, adding features that potentially can make it really rock, but the amount of problems and bugs that you get from installing to daily use is astounding. You have to understand that very small issues like that one I described (the call a technician window) makes you wonder "if they couldn't make this silly thing right, am I really sure everything else is good and I am really protected under ANY circumstance?". If it's so easy to make CIS go haywire, how can I trust its security? Why should I spend so much time trying to make it work in my clients computers if they get infected anyway, while I can just enable the default windows firewall and install another AV software in 5 minutes and get my money in less time and without headaches?
Can't you just add a "report a bug" menu item in CIS that automatically collects all the needed informations and sends everything at once to the developing staff?Qmarius answered this.
You may think this is just some hateful and angry post made by some hateful and angry person and well, you're right. I'm angry because I love Comodo and I love CIS, and I can't use it anymore. I'm angry because I need to uninstall it from my clients computers and install something else, when they hit problems with it. I'm angry because you could have the best Security Suite out there if only you wouldn't rush it to make it in time for each december release date. I hate you for driving away so many old time users with this attitude, because I've seen this happening alot in the past and the only answers they would get was from some fanboi defending Comodo at 100%, and/or just the usual "please go through countless hours of bug reporting so that you'll eventually give up and we won't have to fix anything"-path.Comodo QA is happy with how bugs are being reported.What I’m asking is to stop and realize that there are problems, and don’t deny them. Take your time and develop a better way to report bugs, which would only require the user minimal interaction and then fix those silly bugs, and make CIS the best one again.
You may not realize how many people are having problems with CIS right now, and that's just because they don't even care to report them. They just uninstall and forget. Don't take forum as a real statistical source because most users don't care to join it, and even more users don't even care to report any problem, because it's easier to just install something else. I'm having problems in so many different configurations and OS versions that I'm 100% sure it's not me, even more because in most cases I'm just using the default setup. But even if it was my fault, if it fails on the hands of a 25-years experienced coder and technician, how many problems would it give to a computer illiterate? If you need my help to help you identify problems and fix them just ask, but please give me some experienced person to talk with, as I don't have time to waste with basic stuff such as "did you update windows?", or "install ccleaner". No offense to anyone, but that's something that only people with no idea of system internals use. I used to be like that too when I started playing with Windows, but those times are long gone now.
You have the luck to have an active forum with lots of good and experienced people that WANTS to help you, and not just fanbois and illiterates like it happens for other companies. Make use of all this man-power in the right way, and you'll become the best. And the odious attitude of "XYZ product is worse than CIS anyway, so it's all fine" isn't helping, either. Just because CIS isn't the worst under some conditions or for some specific feature, it doesn't mean it can't get better than it is, or that it doesn't need to improve. The first thing I want in ANY product is stability and reliability, and that should become your strong point in my opinion. Most people don't have the will power or the time to fix problems, even if it's just silly and small ones, and any bug can drive a user away, so that should always be #1 priority for me.This is an end user supported forum. However the bug report section is quite up to the standards.I hope you take all of this in the right way, as a constructive criticism. I wouldn’t be that angry if I didn’t care about your product.
Either way, I don’t care if you’ll hate me as long as you’ll work hard and make CIS good once again. Please show me that I didn’t waste the faith that I’ve put in you in all these years, and show me that you care about your product at least as much as I do.
So everything is perfect and nothing can be improved?
Guess that answers his questions.
Unfortunatelly, there is some reluctance to admit problems here at Comodo. Everything is great, the program is perfect and bullet-proof.
The biggest issue that prevents me to install Comodo on customers and friends’ computers is that when Comodo finds an unknown file, it is not able to determine if it is a good or a bad file. I mean it’s okay to sandbox it to prevent any damages to the system, but then, after some time, Comodo should automatically determine whether the file is good and so let it run or whether it is a malware and so keep blocking it. Instead, this unknown file stays forever in limbo until somebody doesn’t have the time and the will to upload it on this forum and ask developers to insert it in the trust file-vendors list. And don’t tell me about viruscope because it detects nothing.
Not considering that, often the same file, after being whitelisted, later is again sandboxed for some mysterious reason. One example is the software “free hide folder” (Free Hide Folder: a free security software to hide folders.) I don’t remember how many times it has changed its status on my pc: unknown, safe, unknown, safe and so on.
I find this unacceptable, especially for non experienced users who don’t know how to distinguish a bad from a good file.
ok ok ok… i see a lot of kids complaining about cis and blah blah blah… what about say goodbye and stop winning about kids stuffs?
sorry comodo fellars but im too old to be that silver instead gold…
Kids? ??? I’m sure I’m older than you. Your post just confirms me what I said about the general attitude in the forum. As soon as someone raises a question about Comodo, he just gets personal attacks. Not a good way to help Comodo getting better.
I am sorry you did not raise a issue, you wrote a blog post.
Sorry Forums are not blogs, if you have problems please post in the relevant help boards and all the members will do their best to help you if they can.
Dennis
I don’t have a specific issue. I’ve just explained my point of view about Comodo’s limitations regarding the way it manages unknown files. My post intended to be a suggestion on how to improve CIS.
If for you this is enough to get insulted by another user, okay, I will take note.
I’ve just installed it today from 7.0 and I have to say I really like it.
I uninstalled 7.0 with Revo and it worked nicely
So that I was able to Install 8.0.0.4337 without any problem
This time on the install I chose the DNS and it installed nicely with 8.0.0.4337
When I went into TCP/IPv4 I notice a new a New DNS IP as in 156.154.70.22 and 156.154.71.22
So I looked it up and it belonged to Neustar Ultra DNS So I thought that was great ****Edit The Same DNS IP Address is Comodo Secure DNS as well ****
That Comodo Signed up with them 
anyway that is all I have to say. CIS 8.0.0.4337 Rocks!
Regards
Nigel
I think Dennis2 was mixing you up with krensauce.
Moderators are not employed by Comodo nor are we spokes persons of Comodo. We’re end users like everybody else.
I responded to parts where Krensauce was making caricatures, exaggerating or misrepresenting the facts. There was a lot of hot air in his ‘blog post’. That’s what I was pulling him up about. Nothing more, nothing less. Please notice I did not respond to parts where I though he had a point.
The biggest issue that prevents me to install Comodo on customers and friends' computers is that when Comodo finds an unknown file, it is not able to determine if it is a good or a bad file. I mean it's okay to sandbox it to prevent any damages to the system, but then, after some time, Comodo should automatically determine whether the file is good and so let it run or whether it is a malware and so keep blocking it. Instead, this unknown file stays forever in limbo until somebody doesn't have the time and the will to upload it on this forum and ask developers to insert it in the trust file-vendors list.
And don't tell me about viruscope because it detects nothing.Viruscope is very new and not very powerful. Comodo should have waited with releasing it until it was developed further.
Not considering that, often the same file, after being whitelisted, later is again sandboxed for some mysterious reason. One example is the software "free hide folder" (http://www.cleanersoft.com/hidefolder/free_hide_folder.htm) I don't remember how many times it has changed its status on my pc: unknown, safe, unknown, safe and so on. I find this unacceptable, especially for non experienced users who don't know how to distinguish a bad from a good file.May be the program gets updated regularly and the vendor is not on the Trusted Vendor List. Then the executable needs to be white listed each time it gets updated.
As Eric has pointed out I did mix the two of you up.
I do apologise for doing that, sorry I should have double checked who Eric replied to.
Dennis
Okay, nevermind.
I’ve used CIS since v2.x and I have to agree that it has become more user unfriendly with every release. Comodo doesn’t seem to realize that the vast majority of users want security software that they can just install and forget. Most CIS reviews have negative comments about the number of popups even those that recognize its superior protection. When you consider that most popups are incomprehensible to ordinary users, questionable default protection settings, problems with AV signature updates, problems caused by sandboxing some software, problems with updates to new releases, no officially supported cleanup-after-uninstall tool, tedious procedures to report bugs and false positives, unnecessarily large downloads, and many other issues documented in this forum it is not surprising that many people have given up on CIS and installed something easier to use.
My challenge to Comodo is to make future releases of CIS user-friendly by making all features requiring expert knowledge transparent by default. It’s OK to allow the geeks to play around with the settings if they want to, but ordinary users should be able to get great protection without understanding anything about how it works.