automated quick scan of critical areas

Comodo Internet Security - CIS Added/Rejected Wishes - CIS
1

Hi, I’d like to suggest a feature, that D+ does from time to time - maybe even at every boot, scan critical areas and alerts the user if something has changed and gives him the possibility to restore the old settings.
I think about something like HijackThis does, but much more userfriendly, advanced and automated :slight_smile:

To be more explicit

  • do an automated scan of critical system areas (autostart, services, bhos, host file, network shares…) from time to time
  • compare this scan to an older snapshot of the critical areas
  • alert the user if something has changed (new, modified or deleted entries) and give him the possibility to set it back to the old state
  • alert on obviously misconfigured security settings, which should be changed (for example a network share which is accessible by everyone without a password - or - I’m not a fan of automated updates - but another example would be the automated windows update is disabled or can’t work because it’s set up wrong in any way)
  • alert on potentially security risks (the default settings for WinXP aren’t the best in every case - for example by default WinXP saves the LM-Hash of passwords for compatibility reasons with older systems. This is only needed if you want to connect from a machine using Windows ME or earlier (I think it was ME…). Newer systems don’t use this Hash anymore for authentication - but if it’s saved, your userpassword can be computed in minutes…)
2

This isn’t neccersary as defense+ prevents the whole problem to begin with.

In the future comodo will release “comodo timemachine” that if infected or system instability occurs comodo will revert your system and files back to tip-top shape.

3

I know, that Defense+ will prevent such things - the problem is always the user, who clicks on allow :slight_smile:

For example, I’m playing around with a lot of freeware programs (in my case on a virtual machine and with D+ in paranoid mode). Most applications bring really just the wanted applipaction or ask to install any toolbars, etc…
But there are some, which install also adware, spyware or just more or less useless ■■■■ without asking you. And if you execute the installer as “installer/updater” in “installation mode” (and I’m convinced, a lot of people would do so) you wouldn’t notice anything during the installation.
Look at Adobe Reader - a useful application from a trusted company. But I simply don’t need the quick starter application, which is placed in my autorun (the useless ■■■■ from above :wink: ). It wastes my resources, any additional running process is also an additional risk (ok, in this case minimal and Defense+ will warn me again, if something is wrong)
But it would be comfortable if CIS would tell me from time to time automatically what has changed on my system. At the moment, either I’ve to check all the autoruns/bhos… coming to my mind manually from time to time or I may not use any predefined policy, which allows the application to access the registry completely (which is no fun at all with some installers…)