The problem is not monitored Contact malware , the problem is the engine Comodo a weak
For example: I can encrypt server Rat use a very simple encryption program and can not detect Comodo the server, I can not encryption server Rat on avira,eset
Because they need to have experience in programming, and also manipulated by Hex program to change the values, any hacker junior always find a challenge to encrypt server Rat on avira,eset
Because those programs have the protection of a powerful heuristics
Comodo also does not have a large white list, most programs are not digitally signed unknown, how to know if this is the application that is trying to connect to the Internet is malicious and how trust I will work with this software, Comodo needs to develop a white list and also Viruscope
Did you try the program Trend Micro Software He has the engine is very, very weak, but when you run the samples undiscovered You see that detects most of the samples by the advanced behavior blocker
In the video, even if Comodo block access to files, will be able to find many gaps
Even Sandbox limited partly also suffers from many gaps
The best way to address this malware Rat is Virtual Desktops and advanced behavior blocker"viruscope"
pleese see this video