Comodo Internet Security 5 Bypassed by MRG


Not even a single alert

Hi Lordraiden.First things first. There was a post yesterday i think from one of the devs saying that the script issue allowing a bypass would be fixed in the next version.However this bypass is well known to Comodo and forum members here and elswhere, and you would have thought as they are concerned about making every Cis user more secure, then they would have dealt with the bypass as soon as possible. i would have thought it the right opportunity to do it now with the beta.

Saying that there may have been a technical issue perhaps delaying the fix until the next Version.

Just my few pence worth.


Thanks for the update, sorry but I didnt see the other post with the devs answer could you give me a link please?

I don’t care about their test result.

More than technical and very doubt methodology it ethical about forcing to put some apps to test

I like short Avira member Nicolae statement - very descriptive:

Who cares?;msg419890#msg419890

We are aware of script commandline issue. Dont worry. The fix is going to be included with the next update.


I captured interesting picture from that video ( see picture attached)

[attachment deleted by admin]

That means that they are stealing certificates? is this legal?

Who’s stealing what?
What’s legal?
What are you talking about?

he is referring to the mrg.

The screen-shot does NOT prove that the file’s digitally signed. I tried it with different files (some signed and some not) on my pc. A digitally signed file can only be discerned from the right-click, select properties menu.

Though it is a curious fact why their ‘financial stealer simulator’ shows NVIDIA as company and file description. But since a Comodo developer’s acknowledged the issue, i guess its legit.

Im not saying they are stealing certificate, that would be major law violation, im just pointing at curiosity that they are possibly using/altering 3rd party proprietary app. for their test application (which is also violation of law), you and other who are interested can see that popup at almost all other (blurry) videos which they created for their ‘financial stealer simulator’ tests

Comodo developer’s acknowledged the issue with scripts vulnerability and not for ‘financial stealer simulator’ which I guess (MRG claim) is not a script issue:;msg420079#msg420079

what they are using for their test is I guess an altered *.msi file which is permitted to do anything without any popup from CIS and this is also known vulnerability in CIS

Hi Chris.

Any comment on this pic posted by Salmonella?

[attachment deleted by admin]

Well since there’s been a complete breakdown of communication between yourselves and Comodo that’d be the best solution.However IMO the whole business is rather unseemly and I’m not sure what benefit to either party this whole matter brings.

In regards to this independent third party,I presume that all necessary precautions will be taken to prevent this POC leaking into the wild?

@MRG and Comodo

What are the conditions for Comodo and MRG to start their collaboration again and get this issue sorted out?

  1. MRG has to act responsibly and comply with NIAC disclosure guidelines
  2. stop trying to blackmail with their biased Comodo videos and PR, and PoCs that they are scared of revealing :wink:
  3. learn how to test products properly without modifying testing methodologies.

the above are the minimums that we would require, until then MRG can NOT be taken seriously.


Then what brings you here then?

I have the same question.

Oh come on guys.

The whole problem started with the test which MRG made about Comodo in which MRG claimed that Comodo failed while Comodo claimed that MRG changed methodology.(Both parties have supplied their evidence)

This arose because testing HIPS always involves a degree of subjectivity as it is the end user that must make the decision.

I think you that you should both move on and get the issue sorted out so that end users can benefit!

Does Comodo not want to improve its product to provide better protection to its users?

Does MRG not want to be considered as a professional testing organisarion?

Then guys I think it’s time for the team work to begin!

It’s time for official talks to take place behind the scene now.


PS: I’m done with this.

Whoever took the screen-shot is the real deal. Real smart if you ask me. Dude, do you trade forex (or any financial products) by any chance? you’d do pretty good… serious.

ANY proprietary app, made by me or someone else … should under no circumstance be labeled by a copyrighted term, name, trademark etc. In this case Nvidia is a trademark of Nvidia Corporation. This whole test’s suspect because of this. We all now about MSI and scripts, but if its a .exe … that would be something.

Also, yeah its labelled and not signed. Signing is very very impossible, if it weren’t - all virii would have been signed “Microsoft Corporation”.

ChrisMRG you have to explain the screenshot. Why does it say “Description: Nvidia Uninstaller UtilityCorporation and Company:Nvidia Corporation”.

Also … we have NO-WAY of knowing if you did this…

  1. run a script.
  2. start the video.
  3. show’s comodo’s status as good to go.
  4. run this Financial Stealer, which is nothing but a Nvidia Corp Utility or something on CIS’s safe list.
  5. do your thing.
  6. pop-up the website with the details.
  7. stop the video.
  8. disable the script.

A creative mind could come up with mindless possibilities of the above, and I am speculating here. And if you aren’t going to do business with CIS while Melhi’s there…wtf…and whose third party? wilderssecurity? grin

ps. for fun, anyone done a whois on wilders???