I feel the same way. I’ve been reading here for a long time. Despite my positive experiences so far and the assurances from experienced users/moderators here that Comodo provides secure protection, I’m becoming increasingly insecure when, for example, conducting banking transactions using Comodo Secure Shopping. Up to this point, however, I haven’t encountered any security issues. It’s a good or excellent software. I’ve been using Comodo almost since its inception. No intrusions so far. I’ve already mentioned this, but the uncertainty always arises.
2 Likes
Yesterday, secure shopping locked my PC again due to remote access. I don’t know which program enabled this. I was supposed to close the program that enabled this, but I don’t know which one. I hadn’t allowed access in the system settings.
It couldn’t have been Adobe this time. When I opened an Adobe image editing program (I have blocked), Comodo also locked my PC.
Comodo has closed the barrier again.
Configuration: Custom Policy
I think Comodo is reporting that another computer is accessing my PC. So it doesn’t have to be an installed program.
1 Like
I don’t have the knowledge to draw any conclusions from this, nor do I know that this only applies to Comodo under very specific conditions/settings. But it’s certainly worrying how secure one can still be when handling sensitive (personal) data, and whether the protection is really still in place. Hackers are getting better and better.
The following in the link
These 5 CVEs can be seen in the link:
Of these five CVEs, four of them were exploited in the wild as zero-day vulnerabilities. While it’s unknown if Salt Typhoon exploited any of these flaws as zero-days, the level of sophistication from the group does suggest it has the technical ability to develop and exploit zero-day flaws in its attacks.
Sicherheitsupdates: Löchriger Schutz von Trend Micro gefährdet PCs
12.06.2025, 14:29 Uhr
Security
](heise security: Alerts,Newsticker,Hintergrund und Events | heise online)
bytranslated:
Security updates: Trend Micro’s flawed protection puts PCs at risk
1 Like
Dear prodex, if you remember not so long ago (Comodo
Bypassing PoC in Auto-Sandbox CIS ) so there was a serious danger there, and Xcitium and COMODO confirmed it and fixed it. And here both Xcitium and COMODO are silent.,
So the cruel sister is right after all ( жестокая сестра
1
Ребята, пожалуйста, поймите, что эти уязвимости представляют собой так называемую двухэтапную атаку, при которой злоумышленнику сначала нужно получить root-доступ через другую уязвимость, прежде чем он сможет использовать систему в своих целях.
Эти уязвимости CVE НЕ являются эксплойтами типа «запустите этот файл и подвергнитесь риску» (кроме того, Comodo предупредит о любых предыдущих запросах на повышение привилегий, тем самым предотвратив выполнение шага 1).
if a vulnerability or exploit exist and widely known
should be patched no matter what.
if it’s exploitable by lan or wan or internet it’s a security hole
even if it can be avoided by like enabling
anti-arp spoofing
which isn’t enabled by default
you have to put in my mind that a lot of users won’t visit the forums or keep up with latest news or have a good tech expertise .
it’s called comodo firewall for a reason.
why i’m saying this
because i’m a comodo user for years
and i want the best for comodo
best hopes for comodo
2 Likes
So far, I haven’t had any problems with malware. But will it stay that way? What if malware penetrates through the back door, undetected by security programs? The ingenuity of cybercriminals should not be underestimated.
Here’s something that really got me thinking:
After much reading and comparison, I’m now seriously considering switching, despite the still excellent firewall from CIS. It’s also repeatedly mentioned in tests and comparisons, while all other components are repeatedly described as error-prone, outdated, and inferior to others in comparison.
Above all, a screenshot in secure shopping is supposedly possible for spyware. This is a component I use extensively when it comes to sensitive data. That’s a serious security threat.
Not everything can be done in the virtual realm; some programs or websites don’t work there.
This is a very difficult step for me after so much time together and so far together – and always reliably.
But times change, burglars are becoming ever smarter and bolder. A house that has been made more secure needs changes, renovations, and renovations.
It’s almost like a divorce. 
ATP test: defending against attacks by ransomware and info stealers
defending against attacks
But is the software capable of doing so?
10 scenarios in a live battle to fend off ransomware and data stealers
Comodo Antivirus Review 2025: Is It Any Good?
Comodo’s additional features are almost uniformly terrible. (look link)
All that said, I did like Comodo’s firewall, which provides excellent protection and numerous advanced customization options. The virtual desktop is also a decent feature — it allows you to create a secure environment in which to safely run suspicious applications. But so many competitors, including Webroot, also have features similar to this.
2 Likes
Which firewall are you switching to ?
In the German magazine CHIP, 1,823 users gave comodo 4 stars out of 5, ranking No. 14 at Top 100 Antivirus Downloads der Woche - CHIP.
Bitdefender (Nr.5) received 3.5 stars from 518 users - Comodo (German) loaded 111 times , Bitdefender loaded 135 times, Malwarebytes loaded 1,289 times (No. 3) - in the week the article appeared (above you can click week-month-total - Woche-Monats-Total) .
CyberLock seems very good to me. For example, in sleep mode, a blue LED always lights up (the “pretty” Microsoft image on the screen consumes power. CyberLock apparently prevents this. Despite sleep mode, the red LED sometimes flickers constantly).
I think Comodo + CyberLock make a good pair, and I’ll stick with them.
Edit:
has changed: Comodo German No. 11
1 Like
Hello. Dear Xylentantivirus, New_Style_xd, prodex and cruel sister. I have a question for you, in connection with : MasterMan
20d " if there is a vulnerability or exploit and it is widely known about them
, then they need to be fixed, no matter what.
if they can be used on a local network, a wide area network or the Internet, then this is a security breach." Is it possible to
COMODO add (Dr.Web Katana) “Kills Active Threats And New Attacks” - (Non-signature antivirus for preventive protection against the latest active threats, targeted attacks and penetration attempts, including through zero-day vulnerabilities)
1 Like
@nik.luckin Hi, I agree with you. I also want these vulnerabilities and many others to be fixed, but the discussion in the forum threads is that this threat is low-level, requires privileges, and so on.
In the end, the ROOM remains unpatched, unfortunately, and this is what happens.
1 Like
Hello dear prodex. I decided to use with COMODO - OSArmor 2.0.5
(Developer: NoVirusThanks (Italy)) " The OSArmor tool analyzes parent processes and blocks potentially dangerous actions: for example, launching cmd.exe or powershell.exe initiated by MS Word; deleting shadow copies of files using vssadmin.exe managed by the cryptographer; running processes with double file extensions (invoice.pdf.exe ); malicious processes distributed using USB devices, etc. OSArmor is characterized by its compact size, It requires no configuration and runs in the background.
OSArmor applies intelligent blocking rules to prevent malicious processes from operating. This tool can block threats that are not detected by the installed antivirus solution. Add an additional layer of protection to your system to prevent infection with malware and ransomware Trojans.
The program already comes with over 250 policies to enhance system security. The user does not need to configure anything else, however, for experienced users it is possible to write their own blocking rules."
The main features of OSArmor
Basic exploit protection is the analysis of parent and child processes and blocking of exploit payloads.
Application Monitoring - constant monitoring of Adobe PDF Reader, MS Office, OpenOffice, browsers and other applications.
Command Line Lock - The program blocks string command line parameters that are commonly used by malware.
File Download Lock - The program blocks command line string parameters that are used to download deleted files.
Filtering of system processes - blocking wscript.exe , mshta.exe and other processes, if they show signs of malicious behavior.
Blocking Schtasks.exe - blocking the process execution Schtasks.exe , which is often used by malware.
PowerShell rules - block execution of encoded or incorrect commands via PowerShell.
Blocking RegisterXLL() - preventing Application calls.Excel RegisterXLL() using the command line.
MS Office Application Protection - preventing malicious processes from running in WINWORD.EXE or EXCEL.EXE .
Blocking USB threats is blocking the execution of processes specified in the autorun.inf files on USB drives.
Shadow Copy Protection - blocking attempts to delete shadow copies of files by system processes (vssadmin.exe and others).
Blocking .COM or .PIF - blocking the execution of processes with outdated file extensions .COM or .PIF.
Blocking Bcedit.exe - preventing the process from changing critical system zones Bcedit.exe .
Blocking Bitsadmin.exe - preventing the process from downloading files Bitsadmin.exe .
Svchost.exe and Explorer.exe - blocking suspicious behavior related to system processes Svchost.exe and Explorer.exe .
Blocking remote scripts - preventing processes from downloading and executing remote scripts Regsvr32.exe or Mshta.exe .
Hello. Dear cruel Sister and EricCryptid, I have a question for you. I have blocked outgoing messages in the COMODO firewall( EXPLORER.EXE .) It seems to me that EXPLORER.EXE Nothing to do on the Internet, what’s your opinion?
It’s normal on the whole being Microsoft Telemetry, You can do a Google search for the IP Addresses but no harm in it being blocked. If it only happens shortly after a reboot, it’ll be CFW blocking connections for some apps until it’s fully loaded and I’ve experienced this for searchhost and MSEdgeWebview etc but nothing to be concerned about unless it’s been contained or showing a AV or VirusScope detection.
Not currently using it on my production machine. If you want to share the log entries, that may assist with what’s happening.
Dear EricCryptid, thank you for your reply.
Nik- Remember that explorer.exe can be viewed as the guts of Windows (actually the GUI and shell) and would need to connect out to the Network for things like Time Sync, various types of notifications (like the news/weather thingy on Win11) and a bunch of other things.
Any blocking of explorer.exe MUST be done on a case by case basis (and NOT a blanket block) depending on where it is attempting to connect out to, which is not realistic unless there is a prior reason to monitor.
m
2 Likes
Hello. Dear cruel sister, thank you so much for your explanation. I hadn’t thought of that.
1 Like