I’d like to see a 3rd option (along with Stateful and On-Access) where CIS would only scan files that are actually executed in memory and not every file it encounters on disk. I find the on-access scanner a bit slow and is grinding my HDD a lot. This would still scan files as usual but just before you actually execute them, bringing down the drag to near minimum.
I’ve also noticed that files get detected even if Antivirus component is set to Disabled, meaning it’s already doing that but i hate the fact that if i disable it, status turns into yellow and that is annoying me… any other option is grinding HDD rather badly and gets annoying quickly.
This detection comes from the cloud lookup. Before a file is executed it’s checked in the cloud to make sure that it’s safe or that it’s not malicious.
Well, i know it has memory scanner which came from some other application that got acquired by comodo and then merged inside CIS. Dont’ remember the name but i know it was incorporated.
I’d like it to just scan memory stuff (which is quick but still effective). Unless they will add some proper caching system for the antivirus very soon.
Ok, i’ll ask something else. Why is CIS scanning EVERYTHING, even though the files aren’t infectable? Considering there aren’t any settings to address this specifically i can only assume it just scans everything and that’s what it makes my system crawl when i open Steam client for example. It will scan all the game data which makes hundreds of terabytes of data. Now i know it doesn’t scan it all but enough to make even my high end system grind in agony through HDD.
Excluding every file type is just not possible manually and there isn’t any option to scan just infectable files (EXE, DLL, SCR, PIF, OCX etc). Why? It’s a bit primitive way to just scanning everything even if it’s just no way of getting infected and making an incredible drag on teh system because of it.
Ok, this is a bit strange. I’ve excluded entire C: hard drive using (C:*). What’s interesting here is the fact that this also excludes everything from memory scanning. I was expecting AV part to detect some stuff in memory (because memory isn’t the same as excluded HDD location). Yet i never got a single warning from AV even though i was executing older malware that Comodo knows for sure.
However if i disable real-time scanner by moving the slider from Stateful to Disabled (and removing the C: exlusion), AV is still scanning files in memory but then CIS is in yellow warnings all over and Security Center is showing warnings as well. It is however not scanning the HDD.
How come it is designed in such a way that excluded HDD locations also exclude memory scanning but disabling entire real-time scanner doesn’t?
Considering there aren’t any settings to address this specifically i can only assume it just scans everything and that’s what it makes my system crawl when i open Steam client for example. It will scan all the game data which makes hundreds of terabytes of data. Now i know it doesn’t scan it all but enough to make even my high end system grind in agony through HDD.
Real-Time/On Access scanning feature scans each and every file accessed and the system memory continuously when the computer is in use at the background
For now you can choose to exclude the Steam folder from the AV and make the complete folder a protected folder in D+.
Excluding every file type is just not possible manually and there isn't any option to scan just infectable files (EXE, DLL, SCR, PIF, OCX etc). Why? It's a bit primitive way to just scanning everything even if it's just no way of getting infected and making an incredible drag on teh system because of it.
For me at the moment it would mean a lot if i could make Comodo to perform just memory scanning, but if i exclude entire drive, it doesn’t scan memory either. Having “Memory Scan only” option next to Stateful and On-Access would be nice. This way it would scan stuff in memory when executed but not on the HDD when just browsing the folders. And since memory is way faster, no grinding as well.
Or if they don’t feel like re-designing that menu, some sort of workaround that would require minimal work do do it yet still give me that option in fairly short time.
All you have to do is to set “Do not scan files larger than (MB):” to value 0.
This way it’s not scanning files on HDD, but is apparently still scanning them in memory. Tested it in VMWare and was displaying “Quarantined” warnings with slightly bigger delay and mostly when i actually decided to run the malware. In some cases it detected malware even without execution. However Steam appears to be very quick because it didn’t freeze or anything and entire list of 150 games appeared instantly.
I’ll keep it this way until antivirus component gets more settings to control all this…