when you see the results of a scan with comodo, you have 3 things you can do with the malware that was found. clean, disinfect or quarantine.
right now comod deletes file when the user hits “clean”. to use the term “clean” is very misleading, not user friendly and poses a security risk of an average user deleting an important file that windows needs to boot but may be infected. average users will click “clean” almost always because they want their computer clean. well to clean a computer doesn’t always mean to delete bad things off your computer. sometimes to clean properly, you need to quarantine or disinfect. if the user deletes a file that is needed for windows to boot by clicking clean, the user isn’t going to be happy and may not use CIS again. so “clean” needs to be changed to “delete” instead as it is the most accurate term to use based on the action that “clean” performs. the average user is not going to go to the help file to find out what “clean” does.
also “clean/dlete” shouldn’t be the action that is most easily seen even if you switch from the term clean to delete. why because most users will hit clean/ delete because most users don’t know that they can delete a legit file by accident though if you use the term delete instead of clean, that will better bring caution to the users that do know that they can delete a legit file by accident rather then if the term clean is used because the users that do know that they can delete legit files may not think by clicking clean that it will delete the file. they would more than likely think it would disinfect but then be confused if they discovered the option “disinfect”.
the most prominent and discoverable action should be quarantine and not clean/delete. disinfect shouldn’t be either because the secondary action taken if CIS can’t disinfect the file is to delete it. unless CIS can only disinfect legit files and succeeds in disinfecting them 100% of the time then the secondary action should be delete and could then maybe be the most discoverable action. but if CIS can’t disinfect legit files 100% of the time then the secondary action should be quarantine. also the user should be able to configure secondary actions. the default should be quarantine if that fails disinfect if that fails submit to comodo if that fails do nothing
deleting files should be left to advanced users and should be the least discoverable option but not buried and so hard to find either.
also comodo should in some way say to the user"if you don’t know what to do with these detections then quarantining is the best action." at least this way the file can be restored if it needs to be and disinfected if it needs to be.
if comodo can give good accurate suggestions then put a recommended action next to all detections so the user can click the recommended action to perform it and also give the user something to click that says perform all recommended actions but if comodo can’t do this without giving a bad suggestion that may do more harm then good then comodo shouldn’t do this and should just push quarantining instead.
CIS should boot before windows to check if a file that windows needs to boot has been quarantined because it’s infected. if it finds this then it should try and disinfect it or delete it and redownload the file and put it where the original one was so that windows can boot.
CIS should also boot before windows in case a a full on piece of malware is preventing windows from booting. if this happens then comodo should give the user the option of quarantining the file. also if CIS detects that an unknown file is preventing windows from booting then it should just auto quarantine and submit the file to comodo labs.
these ideas are not bullet proof but i think you can see what i’m going for here. tweak the ideas and give me feed back. i’m just brain storming here