Help & simple GUI text mistakes (Previous topic - now locked)

Please post here

  • all help text errors or omissions or broken links
  • any simple errors to fixed (ie non variable) GUI text

By simple GUI text errors we mean ones where it is clear that it is the text that is wrong, not the behaviour of CIS.

From Chris1808, reposted by Mouse

Just recently downloaded CIS 5 (off-line installer) & performed a clean install from 4, I don’t think there was a version update message about version 5 from 4

Take a look at the attached jpeg file showing one of the installer screens from version 5. I think the Download to text should be re-labelled as Extract to as it currently implies the installer is going to download the necessary files to the specified folder - effectively turning it into the web installer version.

Originally posted by Wxman:


The link ‘Trust Applications that are digitally signed by Trusted Software Vendors’ is incorrect.

It should go to:

Sandbox - Other notes
•If a user defines an application for sandboxing, this causes any applications (safe or installer) to also be executed inside the sandbox.

You find that setting in ‘sandbox config’ (not general config as implied by the on-line help). The incorrect general config in and of itself is incorrect BTW, as that would be ‘Preferences’ in the ‘More’ tab).

After auto-updading my Firewall 4 to version 5 I got troubles with interface.
Most of the interface texts are disappears ― look the attached screenshots.

It’s impossible to set anything, thanks God almost all settings was saved from ver4. I say almost because after update the Trusted Files list become empty. Restoring configuration from backup-file didn’t help. That wasn’t easy to fill it back with such interface…

If I restart CFP.exe than it helps for a few minute ― texts are good for a while, but than it becomes the same - disappeared. Sometimes its different texts, I mean some texts disappear, some are seen. Each time I restart CFP.exe and a few minutes pass different text disappears: sometimes all, sometimes part of them. (But they stay the same until restart: that are seen – stays seen, that aren’t – stays not, until restart)
Also, I’ve seen some error-messages from CFP.exe, talking about “language problems”. I’ve seen it only two times during two first runs after update and didn’t screenshoted.

Pls tell me where can I download version 4 untill You fixed ver 5.

[attachment deleted by admin]

i had a long list of sandboxed programs and i was through them and clicking the check boxes to remove them and found that when click the check box on the lowest point of the screen it moves the list up as if i click the up arrow instead of checking the box.

CIS version
5.0.163652.1142 (AV DB 6311)
Where the text is. (In the case of help text a link is very useful):
a) Defense+ settings|execution control
b) Its help page Comodo Help
What the text actually says, or links to:
Detect shellcode injection (i.e. buffer overflow protection)
What the text should say, or link to:
Detect buffer overflow (such as shellcode injection)
The text and the help page talk primarily in terms of a shellcode injection, and thus implies that the option only protects from shellcode injections - however it protects from other types of buffer overrun so the main emphasis should be on buffer overrun protection rather than one specific type of buffer overrun. This is especially important as this is where a 3rd party developer is likely to look for information about what their program is doing wrong, and if it refers to something they don’t do then they will assume it not a problem in their code.

CIS 5.0.162636.1135. In the more section. Help " Do you want to learn more about your Internet security? You can use this section to view the help file."
My thoughts are maybe the word “online” could have been added to the end after the word file. Kind regards.

Small GUI Bug :

When a program with large file name like Superantispyware.exe connects to internet, in the summary page, under firewall, the ‘traffic’ part (i.e. Superantispyware.exe) overlaps the ‘firewall has blocked ___ intrusions so far’.

In simpler terms the word ‘superantispyware.exe’ starts from ‘so far’.

XP 32 bit SP3 - (96 DPI) 800x600 resolution monitor (this could be the reason, though).

The devs says this is intentional.

EDIT: For details look into this message and further till the end of the thread.

1. The CIS documentation consistently and incorrectly explains how you should answer CIS alerts. In particular, when a safe program is about to execute an unrecognized program, the documentation says that:

For non-certified, unknown, applications, you will receive an alert whenever that application attempts to run. Should you choose, you can add [i]that new application[/i] to the safe list by choosing 'Treat this application as a Trusted Application' at the alert.

or at another place

If an executable is unknown to the Defense+ safe list then.....Of course, you could choose the 'Treat this as a Trusted Application' option at the alert...

This is not only misleading, but in fact it is completely incorrect. The alerts never ask you how to treat the newly executed (unrecognized) program, they always ask you how to treat the operation the parent application is going to do. For instance, when a safe application executes an unrecognized program, and you choose “Treat this application as”, you’re setting the policy for the safe parent application, not for the unrecognized program being executed! All alerts are for the application on the left hand side, never for the application on the right hand side!

In my opinion this is a critical failure in the CIS documentation, because understanding the alerts and policy is substantial for the users. To me it took a rather long time before I realized that I’d been mislead by the documentation, and how the alerts actually work. The documentation should not be corrected by simply deleting the incorrect sentences, but rather by properly explaining the issues.

2. Moreover, I found nowhere in the documentation, which policy is applied to the newly executed unrecognized programs. Is it “ask for everything”? For instance, when a new unrecognized program tries to execute another (even safe?) program, when it tries to install global hooks, when it tries to access protected COM interfaces etc. - will CIS ask or block? And what about the Protection Settings of the program?

Of course, unrecognized programs are scanned for malware, sandboxed etc., as described here, but the documentation does not explain anywhere how CIS treats the unrecognized file when it is at last allowed to run.

Again, this information is critical for understanding how CIS behaves, but the CIS documentation fails to explain it. EDIT: A table with rows corresponding to individual Access Rights and Protection Settings from application policy would help.

3. At last, the way how CIS processes newly executed programs, is explained under sandboxing, while it is important even when the sandbox is turned off. This section should be moved to a more appropriate place, where it will be more easily found.


4. The documentation should emphasize that the settings at various places need be enabled in order sandboxing (for instance) works. I.e. that it doesn’t suffice to enable the sandbox, but it is also necessary to enable Image Execution Control and to choose a particular option in “Treat unrecognized files as”.

Quote from help file." Comodo defined trusted software vendors - These are the vendors that Comodo, in it’s capacity as a Trusted CA, has independently validated as a legitimate company. Comodo certified vendors are hard coded into CIS and cannot be removed by the user."

This is incorrect because you can remove them. This may have been the case in an older version. Also the help file could tell us if deleted ones will return during next program update, which I think they probably will. Thanks.
We have give it some mention here;msg466902#msg466902

You can’t actually remove anything but the GUI:
Some experiments (replacing XP genuine shutdown.exe by another one with the same name, testing the Defense+ behaviour of autoruns or diskview under accounts with different privileges, and as reported in this same forum…) clearly show that Microsoft/Sysinternals are trusted (i.e. hardcoded) even if the trusted vendors list is empty.

Als Fehlalarm melden ikann bei einigen der gewählten Bedrohungen nicht durchgeführt werden.

Click picture to enlarge

CIS version

Where the text is. (In the case of help text a link is very useful):
CIS Versions 5.9/5.10- Features available with different editions of CIS| Internet Security

What the text actually says, or links to:
CIS Pro 2001 with GeekBuddy - 1 Year Free Trial

What the text should say, or link to:

CIS Pro 2011 with GeekBuddy - 1 Year Free Trial

There are two different ways of “restart” word spelling: “restart” and “re-start”.

CIS version
5.8, German localization (“Deutsch - by community”)

Where the text is:
Virus scanner window

What the text actually says:

What the text should say: