Seriously, Comodo, its time you catch up!

Dharshu · December 8, 2019, 1:02pm

Hi blackkatt,

Thank you for Reporting.We will check this issue.
Kindly check your inbox for PM and share us the log and other details for further investigations.

Thanks in advance!

Regards,
PD

blackkatt · December 8, 2019, 8:18pm

I’ve sent the details. Note that I’m not using the custom config I did when I first began this thread. That config was deleted (without warning) when I updated to latest Comodo firewall. I had some version saved ofc but thought I would start clean sense you guys added some new to the default config.

Currently I’m using the default with some small changes. Don’t feel like investing so much time anymore.

Sometime ago it was possible to find the predefined config files (xml) and by editing them directly it was possible to bulk add files to “File rating/File Groups” I’ve looked everywhere, cannot find these xml files. And adding 20+ entries one by one is not very fun.

Dharshu · December 11, 2019, 1:00pm

Hello blackkatt,

Thank you for your co-operation.
I have forwarded your log to our developers and they are working in it.

Regards,
PD

Dharshu · December 27, 2019, 3:39pm

Hello blackkatt,

In your log it shows that you have changed the settings several times, maybe it blocks the dragon_updater.exe in alert accidentally.
So could you please join in the remote session with our Developers for further investigations.

Please let us know your opinion.Thanks in advance!

Best Regards,
PD

blackkatt · December 30, 2019, 7:48pm

Hi sry for the late reply. Stupid Microsoft flagged the notification mail as junk…

Not sure what you mean by “you have changed the settings several times” All I know is that a bunch of perfectly safe stuff was blocked using the default config.
Is not possible to investigate this anymore I don’t think. However I just saw that lots of things was blocked yesterday and I know for a fact that I was playing Forza Horizon 4 at that time. These you see here on the screenshot are perfectly safe apps/programs. There’s no reason whatsoever to block these, so why is Comodo doing it?

prodex · December 31, 2019, 3:50am

It’s a mystery to me, too, and I don’t know what cis wants to protect us from or is protecting us from.

AdwCleaner for example is blocked by all 3 components: Firewall, Hips and Containment, but still I can use it as well as other blocked programs.

I don’t suppose that you are not a bit familiar with Comodo. I set programs I can trust to trustworthy, set it to “allow” in Firewall and HIPS (if enabled),’ outgoing only’ or something like that. Yes, one has much to do with comodo. ;D 8)

Otherwise, did you have a look if windows blocks the software if you can’t run it? If you do not do a clean installation of a new Windows version (I didn’t do that), this can happenIf you don’t do a clean installation, it can happen that you don’t have access to the program or windows does this and you are surprised that as a registered user you have no access, only the administrator and the system. But this has nothing to do with comodo. I’m just saying that in case a program won’t start, but I think you know such problems.

blackkatt · December 31, 2019, 7:58am

prodex post:26:

It’s a mystery to me, too, and I don’t know what cis wants to protect us from or is protecting us from.

AdwCleaner for example is blocked by all 3 components: Firewall, Hips and Containment, but still I can use it as well as other blocked programs.

I don’t suppose that you are not a bit familiar with Comodo. I set programs I can trust to trustworthy, set it to “allow” in Firewall and HIPS (if enabled),’ outgoing only’ or something like that. Yes, one has much to do with comodo. ;D 8)

Otherwise, did you have a look if windows blocks the software if you can’t run it? If you do not do a clean installation of a new Windows version (I didn’t do that), this can happenIf you don’t do a clean installation, it can happen that you don’t have access to the program or windows does this and you are surprised that as a registered user you have no access, only the administrator and the system. But this has nothing to do with comodo. I’m just saying that in case a program won’t start, but I think you know such problems.

Good morning,

This happens on a clean install of Windows.

“I don’t suppose that you are not a bit familiar with Comodo. I set programs I can trust to trustworthy, set it to “allow” in Firewall and HIPS (if enabled),’ outgoing only’ or something like that. Yes, one has much to do with comodo.”

There are two problems here.

If you unblock an app from the Blocked Applications/Unblock Applications it will create a rule in this case for the firewall. Allow ALL incoming/outgoing communications. A rules like that doesn’t feel safe at all.
The same rules will be created for ALL unblocked applications which is stupid, simple as that.

The apps on the screenshot already have Allow outgoing communications rules. They are all included in “Windows System Apps Group” so these blocks has to be Incoming connections.

Are you starting to see what I mean with this thread? “Seriously, Comodo, its time you catch up!” Predefined rules should be created for safe Windows components for OUTGOING and INCOMING traffic. Else Safe Mode won’t work as it should. Also there’s nothing called MetroApps anymore. It was renamed WindowsApps many years ago. COMODO really needs an overhaul. It has to be updated.

As for if I can still use the apps. I’m quite sure I can BUT, I don’t want to manually have to clean the “blocked application” every now and again.

Citizen_K · December 31, 2019, 9:27pm

The Blocked Applications function is flawed by design. It is not thought through properly and should in my view be immediately removed from CIS. It causes needless confusion and provides ‘sloppy’ or no solutions. It is best not to use it.

prodex · January 1, 2020, 6:34pm

How can I not use it? There simply delete all blocked files? Is it possible to deactivate it permanently?

Citizen_K · January 2, 2020, 1:24am

You cannot deactivate it permanently but you can remove the log entries in Blocked Files window. But CIS of course keep on producing those log entries in Blocked Files. You will simply have to ignore it exists. It’s what I do.

prodex · January 2, 2020, 4:52am

Thanks for your answer.

I’m too lazy at the moment to try the procedure now, but I’ll do it once.

If a program is blocked, the blocking part of cis is mentioned, e.g. Firewall. What if you
allow the program all incoming and outgoing requests? In the ‘File List’ mark it as trustworthy. You save it permanently in COMODO - Firewall Security (e.g.) and export it as your own configuration. Should work, I think. So you use COMODO - F.S. modified as you need it. Maybe you just have to (if it should) delete all locked applications and it’s done quickly.

Dharshu · January 3, 2020, 8:23am

Hello blackkatt,

Thank you for your response.Please let us know your opinion regarding Remote Session with our developers for further investigations.

Kind Regards,
PD

blackkatt · January 7, 2020, 9:13pm

Thanks Dharshu, very kind of you. I however think it would lead nowhere. Please update CIS instead so that it is up2date with how Windows 10 works.

Because even if these

C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Users\bci\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Windows\System32\smartscreen.exe C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe

aren’t really blocked or even if they are temporarily. THEY should NOT appear in “Blocked Application/Unblock Application” every now and then. If that’s by design CHANGE IT! it’s confusing. It’s stupid. It takes time to verify an clear the list.

I tried many times now to convey my message about CIS needing an overhaul. There are System Services that needs to communicate both In & Out. These should BY DEFAULT have this access. NO user input should be required whatsoever Because then its not “Safe Mode” its “Unsafe Mode” and you guys have to rename it