Comodo antivirus declaring war on opensource?


It also wanted to quarantine the GPL3.0.txt

I love those generic malware@ strains it tries to scare you with as well.

"This file matched 20 bytes from a known malware sample, so we are going to flag it, and if you didn’t have the options configured as you do, we would have deleted the file… "

Well, the GPL has been described as a viral license.

Which it is, but that’s not necessarily harmful, and it doesn’t make the GPL malware, per se. ;)

Comodo people must have added detection patterns for malware that includes open source modules with GPL license strings compiled in, which might explain the false positive. That, or Comodo is contemplating product suicide. I hope it’s the former.

When I had to remove Comodo from my comp I was pretty sure it was malware itself.

I assume this is coming from the heuristic scanning. I disable that option in pretty much any virus scanner (and I use Comodo myself), because the odds of actually getting a 0-day never-before-seen virus seems… unlikely. Unless you are really trying to, but even then…

I do find it unfortunate that their uninstall process is so poor, because I do actually like their stuff otherwise.

Main reason I use Comodo for is the HIPS + Firewall.

It seems most of the other competing products these days have even shittier user interfaces than Comodo - And Comodo is quite bad when you have a huge list of processes with custom settings.

But at least you can generate “Process Templates” that you can quickly apply to new applications in terms of which file&registry&network accesses they should be granted or not.

Avast are sending me emails regularly telling me “We want you back” with one of the features toted as a “simplified user interface” - which was one of the reasons I stopped using them in the first place. “Internet Explorer Wants to Use Internet, YES/NO” seemed to be the level of detail from what I recall.

Comodo is outright untrustworthy after recent LetsEncrypt trademark nastiness.

Their firewall still outranks almost all others though, paid or otherwise. I’ve not read that their certificate hijinks have tainted their firewall/av side of the house.

Wow, so I guess it wasn’t the heuristic stuff that made Comodo flip its lid. Just had it spew all the GPL3 and java timezone files as infected. Still happy with the firewall, but might be time to move on from the virus scanner bit.

b-b-but glasswire is purdier! haha fine fine.

Indeed it is, but also pricier. Locking ‘ask to connect’ in the $50 version is a no-go for me.

Yea, have most of the AV stuff disabled. Only use it for HIPS + Firewall, and it has so far outclassed all the others I’ve tried over the years (Avast, Kaspersky, Agnitum?, )

So I’m sticking with it.

Also disabled the ‘Auto-Trust these vendors’, but I got a LOT of popups after that due to software not being trusted. If I just spent a few minutes making a template config, I could apply that to all apps that ask for the ‘usual stuff’ (Certificate Store, TCP/IP, SVCHOST, some devices etc…) and I wouldn’t have to click 20+ times for some new apps :)

Oh well… Next time!