Please make sure that there are no left overs of previously uninstalled security programs around. Not all uninstallers do a proper job. And left over applications, drivers or services can cause all sort of “interesting effects”.
Try using removal tools for those programs to remove them. Here is a list of removal tools for common av programs: ESET Knowledgebase .
erich , thnx for replying , as you can see in my signature I also use comodo programs manager , when uninstalling things , so there will be no leftovers…but the good news is : I just updated to the newest version of cis , and there are no more problems at all…just the finalizing of the virus database , that could be a lot quicker!!!
I have uninstalled the firewall due to one major issue, though others swayed my decision also.
Mainly, the fact that global rules are not, in fact, global. I wished to set global rules to give all applications unrestricted access to several computers on my LAN. I found out, however, that global rules will not work on their own; traffic may be cleared by them, but if they are not also cleared by a specific rule in the application filter, then it will continue to ask. This means that, for each and every application that I wish to allow access to the multiple select PCs on my LAN, I have to still create individual application rules (a pretty freaking long and arduous process at that). This seems to completely defy the entire point of having a global rules section. Even if Comodo created the global rules section with the intention to fulfil another purpose, the fact that the functionality to create truly global rules that do not rely on application filters does not exist, is enough for me to move on from this. It really does seem pretty basic functionality. Eset’s ESS allows simply creating rules without setting an application for it to be related to; thus instantly creating a global rule (unfortunately, one cannot use their firewall without also using the entire bulky suite - I do appreciate Comodo making their firewall a separate product). Many other firewalls allow the same. Quite simply, your global rules aren’t global.
I’d also suggest that the “source” and “destination” tabs for ports and IP be renamed to “Local” and “Remote”. Source & destination are, in relation to traffic direction, relative. For incoming traffic, source is remote and destination is local - vice versa for outgoing traffic. If local and remote are used, that relation is absolute and no longer changes when the direction of traffic flow does.
Hi McCovican, thanks for your feedback.
The Global Rules are in fact global. But the behavior of the Application Rules (if they prompt or not) depends on which Firewall Security Level has been selected. Anyway, here’s some more information if you’re interested: Global Rules, Application Rules & Firewall General Settings.
PS There is probably something that I forgot to mention with regards to allowing unfettered LAN access… CIS fully supports wildcards. So if you actually wanted to use Custom Policy Mode, then you could easily create an Application Rule for the application name * (ie. everything and anything, defined as File Group) that allows full LAN access and stops any Application Alerts for LAN traffic.
See, I started all of this by reading the documentation about global rules. It mentioned the order in which it was processed, which only implies order of priority for rules. Furthermore, what you have said there does not show me that global rules do act as global rules. The behaviour of application rules are not what are in question here - I have set custom mode, as I wish connections without any assigned rules to be questioned. However, if when a global rule is created and the firewall still questions the connection with a pop-up simply because it could not also find an application rule, then no matter how you spin it, that is not a global rule. It may not be application-specific, but it also is not a rule that is applied to all incoming connections that match it (global) if the application rule filters still need to be queried in order for the connection to pass.
To be honest, now that I know that you can use wildcard entries for application paths (something that was mentioned no-where in the relevant documentation pages!!), I’m not quite sure what the supposed global rules section is attempting to accomplish, as the same functionality can be achieved within the application rules section. As best I can tell from what you have said and the exceptionally limited documentation available on the subject, there is absolutely no point in ever creating an “allow” rule in the global rules section - if there isn’t a matching allow rule in the application rules section then it will ask, and if there is a matching allow rule in the application rules section then, well, you didn’t need the entry in the global rules section entry anyway, as the application rule on it’s own was sufficient. It appears that it only exists to set certain block conditions.
I’d be quite happy to see if I was wrong here, but unfortunately, the documentation doesn’t cover any of this. It doesn’t mention wild-cards, it doesn’t mention that the order of global/application filtering is not simply in the priority of the rules, but that a global rule also requires an application rule in order to be allowed. If what I have said above is also true, then it completely skims over that rather pertinent detail.
The fact is that the existing documentation isn’t even consistent with the process that the firewall actually performs. For an outgoing connection, application rules are first - if there is no rule it asks, if there is a rule, it is allowed. Global rules are second. If there is a global rule but no application rule, it still asks. If there is an application rule but no global rule, it allows the connection. However, the order for incoming rules, according to the documentation, is reversed and yet, the result is exactly the same as outgoing rules. Global rules are asked first. According to the order then, if there is no global rule, the connection attempt should result in a pop-up. However, if there is no global rule it just passes right on by to the application rules. If there is a global rule… it still passes straight on to the application rules and will query the connection attempt if there isn’t a relevant application rule.
Simply put, the order is ignored in favour of the fact that if there is no application rule, the firewall will always query the connection, regardless of order. Inversely, the firewall will never query a connection if there is a lack of appropriate global rule, regardless of the order in which the rules are checked. So firstly, the documentation fails to mention that the filter checking order mentioned in the global rules documentation section is not, in fact, simply a priority check, but a layered check. Then it fails to mention that the order is not actually entirely true and that application and global rules are not checked equally!
I appreciate that this wildcard functionality is there. What I don’t appreciate is the documentation not actually stating this fact, nor that the documentation doesn’t make clear the true functionality and order of global rules. Nothing on any relevant manual page mentioned anything about either of these crucial points.
I don’t ask that you change the documentation into a hand-holding baby-speak exercise, but adding crucial information about the way that your firewall acts would be quite helpful!
I didn’t intend to annoy you or argue with you here… that would be inappropriate. Sorry if I gave that impression, that was not my intent. I fully accept your feedback and the time you have taken to post it.
However, I will briefly say that you cannot dismiss the Firewall Security Level of Custom Policy Mode, or the Applications rules themselves, because an option you have set directly impacts the way the Application rules behave. With Custom Policy Mode you have specifically told CIS to prompt you for any application that doesn’t have an Application rule! And this, to me, seems to be fundamentally at odds with what you want. But, I guess it would best to explore these issues in another topic if that’s what you wanted.
I didn’t mean to give that impression either, so my apologies. I was simply frustrated.
With custom policy mode, as with many other firewalls, I would indeed expect to be prompted for a connection that does not have a rule. However, the way you have designed custom mode, as you said, only looks to Application Rules, and not global rules. That is the issue here - global rules are, essentially, useless in this mode. Whether or not it was specifically designed in such a way, I see this as a major flaw. It’s certainly not exactly made very clear in the documentation that an entire feature of your firewall is useless in this mode, especially given how much of a break from the status quo of firewall technology this is.
I appreciate that wildcards do essentially make this redundant, however, those are not mentioned anywhere in the relevant pages of the documentation. That is a pretty major issue - folk surely can’t be expected to work around this issue when you don’t tell them that it exists.
Edit: Just to clarify, the existence of wildcards suit my needs, so I no longer feel that I have to uninstall CIS - thank you for pointing that out to me. That was the functionality that I thought was missing. My only suggestions at this point would be to clarify the documentation on both issues that I have mentioned.
i uninstalled because it’s Malware. removing the end users rights to make security related decisions. MALWARE
continuing to scan when the user led to beive everything is disabled. SPYWARE
transmitting more information back to comodo servers than the user is warned about. SPYWARE
i could go on and on… but the product is a virus in itself.
Hi robbie73,
Spyware, Malware and Computer virus’s all have been designed to intentionally cause harm, to be disruptive or to intentionally hide itself on your Computer.
The above in no way describes Comodos intentions, so please refrain from posting in this manner.
The only ill intentions Comodo has is against Malware itself.
If you do have an issue with a Comodo program, please post for help for the particular product in an appropriate manner and location.
From Captainsticks.
I just recently installed CIS Pro version.I had been using the free version for over a year. I believe it is the best security suite available free or paid. I have NEVER had one security issue since using Comodo software. I also use Comodo System Cleaner,Comodo Programs Manager, and Comodo Dragon Browser. I have been very vocal of my support of Comodo products. All my friends and family have heard me extol the virtues of Comodo.
All this being said, I do have one area of disappointment though. The main reason I purchased the PRO version of CIS is to have access to Geek Buddy which I had been lead to believe, was included with the Pro version of CIS. But, I found that there is an additional fee for using this service. I am very disappointed. This is a tactic I would expect from someone like Norton or McAfee. I will continue to use CIS Pro because it is worth the price as well as it is a way I can help support the best security product on the planet. But I am disappointed. :-[
Mr Sticks. regardless of comodo’s purported intentions, the effects are akin the to the very definition of malware. if you don’t don’t like that, take it up with those who define such things. I have already documented why I removed the product in the feedback section of this forum. which apparently didn’t get appreciated either. if you won’t listen to end users, yet beg
" Why did you uninstall CIS? Please help us improve by telling us why." then i’m afraid you’re blinkered to you own popularity and not end users actual needs. of course you wont be able to see that, being so blinkered.
anyway, the very definition of malware is to remove the end users ability to make decisions about their computers security. that is MALWARE.
To feed personal and private information to a central server without consent is SPYWARE
To purport to stop scanning and then continue to scan and then use the bandwidth to send information to a central data collation server is both SPYWARE and MALWARE.
Don’t like it… or don’t agree… those are two different matters. i care nothing for the former. like comodo cared less about my rights. if you don’t agree you should have a looky at wireshark logs and your own cpu usage. If you ask people why they uninstalled… you will get answers you don’t like. telling people off for feedback is counter productive.
Hi Robbie73,
Just to add my thoughts on the definition of Malware/Spyware/Virus, they all are regarded to have some form of Malicious intent with a small amount of exceptions.
Please note. I am an end user like yourself nothing more.
I was not telling you off, I was just pointing out to say Comodo is intentionally trying to cause harm to end users is IMO incorrect and unfair.
Feedback is welcomed and appreciated, but to call Comodo a virus is incorrect in my opinion.
We do care and as Mouse posted here we do want to help if you have issues.
Kind regards.
At robbie73.
The installer of CIS clearly gives the user the opportunity:
to enable"Cloud Based Behaviour Analysis" of unrecognised programs by submitting them to COMODO with respect to the privacy policy
In short: you were informed and given the choice upon installation to enable or disable the cloud look up.
You are starting to tread on thin ice now.
The program is set to limit the running programs, if modules of comodo is not running at startup. comodo should be booting before everyone else and start to monitor the program even if the gui is not running at startup!
Because standart settings “block all unknown requests if the application is closed” is not a normal setting for working every day.
Comodo boots with the Kernel. Long before the GUI is loaded.
allright so why i uninstalled CIS ???
answer — 1 st UI well lets say CIS have best protection in the word. agree … but UI too many feature are missing from that topic , first the tray icon . well it show trafic info which is good but it won’t shows crunnet states of comodo , which is kindda weird . well i switch to avast which have all missing feature which i wanted from comodo lol… 2nd and it big one CIS latterly stoped my system restore , yeh it does when ever i want to restore my sytem to an earlier time it keep busy for an hour and it end up with a err msg. and it only happen with CIS not with other AV products . and BSOD big one it happen on my system first time due to comodo why well it found some poorly written code in system and guess what it’s of comodo . highly disappointed. \
and here a bug which cuzed BSOD .
https://lh6.googleusercontent.com/-YzEGT5rROmg/TzQX_k3XYAI/AAAAAAAAOwk/hh4kbolBzKw/s590/updater.jpg
but i am still a big fan of comodo , languy99 and Melih, well thats good to see that boss of an AV company take care of their customer. respect for you man !
and last thing i miss from comodo is that its not beautiful like other av apps , yeh you guys gonna say that beautiful ? why ? well lats say i am using windows 7 and soon 8 .so on that beautiful OS i won’t want to use umm an AV which looks like ,sorry to say that but windows XP .
well now i have only one hope with CIS 6 .
until i am an avast user !!
isn’t that beautiful and i expect that type of beauty from CIS 6, hope so .
VERRRRYYYY SLOW Virus Database Update. For CIS Premium (latest). uTorrent is off and this is a brand new laptop. Windows 64 bit
Just about the time I would click “No” (or something) every time the “isolate/run program in the sandbox” prompt appears, the other taller box with the “approve”/“disapprove” buttons would SUDDENLY appear which means I often make a mistake and click “disapprove” for a program that I want to “approve” because originally I wanted to click “no” for “run program in sandbox” prompt. Poor design, guys. 
CIS was bloating my PC performance therefore it was slowing down my PC so was the scanning process.
I’m now using Iolo System Mechanic Professional which has Iolo System Shield Anti-Virus/Anti-Spyware & Windows Firewall w/ Advanced Security
COMODO, please improve CIS by making it not slow down PC performance.
Go here https://forums.comodo.com/general-discussion-off-topic-anything-and-everything/comodo-please-forgive-me-t82112.0.html;msg587380#new to see some pictures of the software I’m using.
I reinstalled CIS because it would greatly delay the installation/updating of programs it didn’t recognize. The install process ran significantly longer than it should have. It took so much time to do these things that it appeared as though the program had froze. After waiting for these long delays to end, CIS would come up with a defense+ or firewall alert so I knew this was comodo’s fault.
Another problem I was having was that the popups telling me a file has been observed as unrecognized or a program was sandboxed could not be re-enabled after I checked the “Hide these alerts” checkbox.