Comodo Firewall does not prevent virus autorun.

I did tests.

Comodo Firewall Free allows virus autorun of removable devices are executed.

I’m sure Comodo would love to hear the details of your tests.

CF should block the execution of unknown programs autorun and does not.

Again, details please…

Create two files with notepad: autorun.inf and test.exe

autorun.inf content:


test.exe content:


Record two files on a CD.

Run the CD in the drive.

Give permission in CF and record.

Create two files with notepad: autorun.inf and test2.exe

autorun.inf content:


test2.exe content:


Record two files on a CD.

Run the CD in the drive and see that CF will not ask anything.

I did a test with SpyCar and even paranoid mode CF failed.

CF allowed SpyCar to be executed and loaded into memory.

A virus loaded into memory can get attempting to install in the system.

The exe file you “created” in Notepad is NOT an actual EXE and CIS (and just about everything else 88)) is smart enough to recognise this. It will not have a PE header (or any other header that would indicate executable code).

Comodo’s firewalls have passed Spycar since CFP V3.14.

If your CIS is configured correctly, you will receive AV and D+ alerts.

Ewen :slight_smile:

I will not insist.

Yourself to do the tests and verify.

I’ll wait for a new version to install and test again.


I did.

My reply was not “off the top of my head” or based on past history. I went to the Spycar site, accepted the legal mumbo-jumbo and ran each of the tests against the currently installed instance of CIS on my test system.

Each and every test produced an alert, which I blocked, producing a fail for each and every test.

Ewen :slight_smile:

The window of each test SpyCar opened on the screen?

If opened, the CF failed because SpyCar its run.

He said he blocked them from the alerts. In other words, no, it didn’t run.

Edit: Just for fun, I decided to give SpyCar a try. I used the default Safe Mode and Internet Security configuration. Like Panic, I blocked from the alerts and SpyCar was completely denied.

I even ran Tow Truck just to make sure. You can see the results for yourself.

[attachment deleted by admin]

Not in my tests. I got an alert before any windows were opened or any dialogues displayed.

If opened, the CF failed because SpyCar its run.

See above. I really think you have misconfigured CIS or you accidentally allowed the objects to run.

Ewen :slight_smile:

I believe so as well, because in my edited post above, I ran the SpyCar tests using the default settings for CIS and SpyCar didn’t get a chance to do anything.

yes, try to reinstall cis, and do NOT test with an exe created with notepad (they are not appications)
instead use and .bat or .cmd for the autorun