All I really would need is the firewall component of any version updated to work with TAP drivers. If I can just put together some weird old version with modern inspect(?) driver, that would like just work. I notice 8124 still ships with drivers for XP-8.1 extracting the installer.
From what I see the malware file only sits on the hard disk, There are no auto start entries neither is it running in memory. So it is not an active malware and not a danger.
You can have hundreds of malware sitting on your hard drive without a problem as long you donât execute them of course.
With AV signatures there is always a time period where a virus will go undetected. We are likely witnessing just that.
How does it apply to TAP drivers now? I assume it would be something in the inf, but comparing between the older version Iâm running on main to latest 8124 I see nothing. There are some minor differences in naming, but I see nothing that would make it apply to TAP drivers. I tried manually doing have disk for a TAP driver, but nothing shows. How does this work?
You want to install a TAP driver manually? I donât know how to do that. It gets installed with Proton VPN. CIS will pick up the TAP driver and will filter its traffic.
Conversely, with up-to-date virus signatures, there might not be hundreds of viruses lying around on the disk
I donât understand why Comodo doesnât take advantage of its pro-active technology to increase its antivirus base as and when it discovers harmful behavior (which it blocks and isolates) on the various machines where itâs installed?
It has everything you need for the best antivirus base on the market.
If one day thereâs a breakdown of any kind, all these viruses could be activated. Whatâs more, if someone leaves Comodo for another brand, or lends their download disk, or scans with another antivirus (cloud, for example) the reaction is very bad: it gives the impression that the product is no good. Itâs not enough to be technically sound, you also have to be commercially viable.
Itâs also important to win over a large number of customers. Because this argument alone can give the impression that in a while the antivirus base will be useless, and that itâs good to have hundreds of viruses slipping through Comodo CIS detection⌠(If you keep repeating this over and over again, youâll kill the product commercially!)
You are missing the point in the hypothetical. A malware file just sitting on disk is just that.
If you had been paying attention watching videos by malware testers like cruelsister you would have noticed they have tens if not more malware files sitting on their disks without infection. It is mind boggling you missed that and it shows how strongly you are fear driven.
Letâs clean up the language here. Proactive security does not depend on signatures. It relies on techniques like HIPS and sandboxes to mitigate potentially malicious executables.
With detection based solutions there is always a window period where a malware is not detected and executing it will infect the system where a proactive approach would most likely contain the threat.
I assume you refer to OpenEDR when you use the word proactive but that is improper use of the phrase proactive. It may help to make the window period shorter but it still is signature based with a window period of vulnerability as described.
We use the phrase Proactive Security for non signature based solutions (typically using HIPS and sandbox often in combination with white listing) and the phrase detection based security for solutions that rely on signatures of known malwares.
Please use the definitions properly. Improper use of language easily causes confusion.
Saying this & that is easy but in practical world you donât know what kind of damage a malware or any threat can cause silently to your system or system files or data so itâs always better to have any malwares getting detected and removed via realtime protection feature only, thatâs the only area Comodo really needs a huge amount of improvement still but hope they are going to make significant improvements in the final stable release of the product.
Well said exactly Comodo needs to work together with them to improve the antivirus engine & itâs realtime threat detections & removal capabilities to a much much better extent in the final stable release version.
Hello Sir, I am a very long Comodo user and fan, what I am saying is based on experience not just today but observation since a long time thatâs that.
While the unknown file is contained VirusScope will do the static and behavioral analysis of the file and the report is sent to Valkyrie Static and Dynamic Analysis
Melih, youâre very nice and we owe you a lot. A lot, in fact. So, thank you very much. I really do.
The problem I see is that Comodo is losing customers as a result.
Thereâs a kind of technical ostracism at Comodo. Repeating over and over that you donât need a good antivirus base wonât give you a good antivirus base.
You may think like an avangardist engineer at the cutting edge of tech, and thatâs true, but I have to convince you that your customers think like henhouse keepers. They donât want foxes around their hens!
Even if you say theyâll never get in.
One day, a hacker will find a flaw in your system, or Silverlightâs, or whatever, and the hundreds of viruses left on the disk on purpose will wake up.
Bad guys are better off in jail, and computer viruses in quarantine.