I have a dual boot configuration with Windows XP and Windows 7 in different drives, and have CIS installed in both.
The problem is everytime I click on a full system scan, it detects a large number of files from the Comodo Quarantine Folder of the other OS.
If I started a full scan from XP which is in C Drive, it detects a lot of infections from D:\Program files\Comodo\Comodo Internet Security\Quarantine and when I click clean it quarantines all those files (I selected quarantine before cleaning in Antivirus settings) in to C:\Program Files\Comodo\Comodo Internet Security\Quarantine. When I log on to Windows 7 in D drive and run a full scan it again detects the same files from C drive Quarantine and shows in the scan list.
It is a recurring never ending loop, until I deselect quarantine in my scan options.
All this seems ridiculous,
Does comodo not encrypt or scrumble or do something with infected files, when it keeps them in quarantine folder?
How is it that it keeps those samples “as it is” in just another folder when we select to quarantine.
I know this isn’t the answer to your question (which I’m working on ;D), but I would advise leaving the Exclusion for Comodo Internet Security in place.
You can get around this by adding exclusion rules.
Open the CIS main window click on the antivirus tab, then Scanner Settings, and finally the Exclusions tab. Click Add>Browse Files and paste in the following:
?:\Program Files\Comodo\Comodo Internet Security\Quarantine\*
Once you’ve pasted it in click Apply, then click Yes when prompted.
Now log into the other OS and repeat the same steps. When both are done you can now scan from either OS without detecting the quarantine folder from the other one.
These directions assume your CIS installations are in the default locations; if they aren’t you’ll need to adjust the path appropriately.
The Quarantine folder cannot be accessed by the users when they are running the OS in which they are stored. Hence Jacob’s question.
Recently I traded a few pm’s with the head developer. This is what he said about securing the quarantine folder:
Quarantine folder is only blocked from user access. It is not like a super secure storage for no app to access. The reason is, the users might accidentally mess with the malware etc.
It will stop users with a lack of determination. It won’t stop determined users as you noticed; willingly accessing quarantine folder from another OS in a multi boot system sounds like being an experienced user in the first place. Why would you want the security program to tell you what you already know? ???
“Comodo is not the nanny of programs and not users”, has always been the argument of Comodo devs.
We expect Security Software to protect us even from user mistakes, at least warn the user that he is doing something wrong.
I have seen the same kind of arguments in Comodo Self-Defense issue too (users can delete most of the files from CIS folder and make it not work).Such an attitude is a serious blocking factor for Comodo’s progress in many cases.
Would you expect always me to be sitting before my computer? in such a case I do not need a security product at all, I would opt for a limited user account and use sandboxie and simple run as administrator(I agree I am an experienced user).
But then, I should not allow anybody else to sit on my system, even my mom, dad and son too.
Since they will not be able to use my system for their regular work…(Most of the apps and games, even today, won’t run for limited user ac. unless they are elevated).
Incorporating a strong quarantine and strong self-defense are not that difficult in my opinion, again at the end whether the devs are willing to do that or not is the issue.
I would always vote for this policy
Basic user–Give him-- Maximum Security+Minimum User Interaction
Advanced user --Give him the configuration choice so that he can set it the way he prefers it to be.