Comodo is not doing so good lately. gpcode issues, and now crippled updates?

[aweir14150]

There have been too many serious problems lately. First, regardless of what anybody proclaims, Comodo fails at protecting users from the gpcode sufficiently, relying on either manually sanboxing it after adding certain directories to Protected Files and Folders, or by relying on the AV engine which required a signature which means that users had to be infected first.

Second, the latest update does not fix the gpcode issue instead creates even more problems.

The update cripples the internet connections when the ARP cache protection is enabled. Inexcusable...isn't this software tested before it's released?

I hope things get better, I am a long time user of Comodo and I don't want to see Comodo slip up any more and get a bad reputation. I'm sure none of us do.  

[captainsticks]

The update cripples the internet connections when the ARP cache protection is enabled. Inexcusable...isn't this software tested before it's released?

I hope things get better, I am a long time user of Comodo and I don't want to see Comodo slip up any more and get a bad reputation. I'm sure none of us do.  

Hi Aweir. I do agree CIS isn't without some recent problems, and I certainly would dislike seeing Comodo get a bad reputation from some imperfections. Remembering nothing in this world is perfect, that is why their is always room to improve. Programs can never be tested in all scenarios or on all systems as each and everyone is different. While it is sad to see this update fail in quite a number of situations, I think it is still a credit to Comodo to pick up on this on the day of release and suspend the update until the bugs are resolved. To Aweir I am sure your support is greatly appreciated, and I hope these problems won't stop you using CIS. All the best to you Aweir and good luck to Comodo for your planned bug fix release Monday, I hope all goes to plan. 

[kagun]

Well.... McAfee crashed thousands of computers after update that deleted critical OS files....
Kaspersky hosted malware on it's web site for 2 hours....
Also this
http://www.computerworld.com/s/article/9002974/CA_antivirus_mistakenly_flags_Windows_component?taxonomyId=17&intsrc=kc_top&taxonomyName=security
And this
http://texyt.com/Norton+Anti-virus+disables+thousands+of+PCs+in+China+00089
And this
http://www.theregister.co.uk/2007/07/09/kaspersky_rising_tech_av_bunfight/

I did not notice Comodo causing any damage to users....
Latest update did have a connectivity glitch, but there is a workaround and a patch is underway...
No need to cause alarm/distress... As for gpcode.... Chances are an ordinary user would have very small chances of catching it... They don't go to malwaredomainlist or malc0de or malwarebytes forum..... that often... 

[Citizen K]

Gpcode and this bug are two vastly different phenomenons.

The problem with the ARP protection is unfortunate but can be worked around. One could argue it should not have slipped through QA cracks. As a silver lining I see that egemen is vigilant as always around new releases to pick up bugs and providing an update in timely fashion; usually in less than a week after release.

Regarding Gpcode. Comodo is working on a new layer of prevention that will protect user data in general to protect from Gpcode and alikes. In the mean time there is enough detection around to keep the users of Comodo safe from harm  by Gpcode:

Sure. If whitelisted, there wont be a problem. Howevver we have all the whitelist + cloud and yet there are popups causing the users simply shutdown or uinstall the protection. In this case, less is more.

Hack is a hack. Not a solution. Putting such a hack into 30 million computers for just a few detectable trojans which are already easily detected already is not preferable. Why? Because it will detect more white files then bad files. Guaranteed.

Btw, it is already detected by the cloud based behavior analysis. So for example, if a user does not use an AV and does not use Sandbox, still, cloud based analysis will alert the user about the trojan.

So there are many ways that a default user is being protcted now hence no need for hacks. The problem is protecting the data of the user. And this requires a more sophisticated method of prevention which is what we are doing now.

The upcoming solution is not specificaly designed for this threat however it prevents much more important data attacks as well as this one.

[MJR1]

After installing 5.4 on my windows 7 64 bit computer with nothing other than Comodo being new it crash my system in a few hours. I've since gone back to 5.3 with no problems of any kind.

[Citizen K]

After installing 5.4 on my windows 7 64 bit computer with nothing other than Comodo being new it crash my system in a few hours. I've since gone back to 5.3 with no problems of any kind.

Please consider filing  a bug report in the Bug Reports - CIS board following the format as described in FORMAT & GUIDE - just COPY/PASTE it! and attach the dump file to your report. That will help Comodo greatly.

[MJR1]

The crash happen yesterday and my system gets rid of dump files when I restart my computer so I am sorry I can't send any useful report now but try to keep an eye out for others having this problem.

[Citizen K]

Sometimes a crash is limited to small group of systems and people may not report it here.

If you could set your computer to make a minidump upon crashing then you could use that as the foundation for your bug report.

[MJR1]

How would I go about setting my windows 7 to have a mini dumb file not very much into this area of the operating system

[Citizen K]

Follow this tutorial to get to the Start up and Recovery options dialogue box and then set Windows to "Write an event to the system log" and "Small memory dump (128 MB). See attached image for reference.

[attachment deleted by admin]

[djm22]

I Disagree I know every company has bugs I bet if I researched it I could not find a company that has had some bugs that is a company making this type of software and I do not know a company that has a quicker turn around time then Comodo when they do have a bug which ALL Companies are going to have plain and simple I know companies that have many more bugs then Comodo has like Norton, McAfee too name just a couple off the top of my head So with taking All of this in to consideration I think they do very well!

[Maxxwire]

There have been too many serious problems lately.

I agree! Have you seen the 1,000's and 1,000's of complaints concerning the recent Win 7 SP1 update? Besides the seemingly endless number of people who simply couldn't install it there were even more complaints from those who manage to succeed! I have been waiting on a resolution to the Win 7 SP1 'USB Bug' that prevents correct USB driver installation since Feburary 23rd and hopefully MS will include KB2529073 in the next round of Windows updates, if not I will continue to wait and see if my computer ever gets SP1 installed without creating enough problems to make it not worthwhile to install.

By comparison I think Comodo is doing fairly well at least they care enough about their end users to develop and get a fix out for the 'ARP bug' in just a few days. Thanks Comodo!

~Maxx~

[alexo2003]

There is another issue which is not resolved even in this new version of CIS: the problem of no control the files by their hash. The file is only checked by the path and its name, not its hash as well. So if a malware is able to replace a trusted file that malware can do anything, no reaction of CIS. It is obvious idea to control hash of files, but how many version of CIS should we wait for it?

[Tech]

by relying on the AV engine which required a signature which means that users had to be infected first.

I can't follow your mind. Why should anybody get infected for the antivirus to do its job?

Inexcusable...isn't this software tested before it's released?

Hmmm... Can you name even one software that does not have any problem in its history?
Software have a developing life. It's never prepared...

[HeffeD]

There is another issue which is not resolved even in this new version of CIS: the problem of no control the files by their hash. The file is only checked by the path and its name, not its hash as well. So if a malware is able to replace a trusted file that malware can do anything, no reaction of CIS. It is obvious idea to control hash of files, but how many version of CIS should we wait for it?

CIS recognizes files by their file hash. This is why file types that change constantly are perpetually unrecognized. Because each time they run, CIS sees them as a new file.