I can kill another security process which has self defense (like Avira and Zone Alarm) with Comodo’s Active Process List. I also can kill their service process. I know this technology is useful for kill malware’s process and this is a good news.
But can i know why Comodo can kill their process easily without be influenced by their self defence?
Security tools operate at low system level, it might be possible to kill CIS the other way around also by using ‘kill’ tools in other security software.
Can any malware kill CIS process like other security tools do?
I think this may happen… ???
That’s not supposed to happen…
So far no user/tester has seen such thing happen. What the user does is another topic.
There are several methods to stop programs… Many of the so-called security suites do little to protect themselves. If they cannot protect themselves, how can they be trusted to protect your computer. This is why I use Comodo CIS. This may sound like a biased oppinion because I use Comodo but truely I use rely on several other security products. At first I thought it might have some biased reviews until I realized all the testing is done in the open. If a “Security” vendor does not keep up with ways malware can kill there products, then they deserve to be at the bottom of the list. But so that you can judge for yourself, I recommend reading up on the open source “Proactive Security Challenge” at http://www.matousec.com/projects/proactive-security-challenge/results.php. This should answer your question as to why Comodo can kill these products and whether or not they can do the same to Comodo.
Obviously, any malware that specifically targets Comodo CIS might be able to stop it… For instance if a user chose a week password or no password at all, allowed the malicious logic to run, and it was Comodo aware then yes it could wreak some havok.
I think Comodo can kill other Anti Virus process wthout be influnced by their self defense because of guard32.dll in %windir%\system32, right?