Version 5 didn’t display the red “At Risk” notification along with the “X” in the tray icon when a security component was disabled, and I think this notification is an improvement over the previous version as it becomes near-impossible to simply forget turning on your FW or AV if you disable them for an indefinite period of time.
However, with v5 I used Comodo Antivirus as a second-opinion, on-demand Antivirus, with no problems, while I used another one for on-access scan. With v6 this became very annoying because of this notification, so the choice is to simply live with it (nearly unbearable, the user is not at risk if there’s another AV running), to uninstall Comodo AV, or use it as on-access and disable/uninstall the other.
It is not just very annoying to have to live with this untrue “At Risk” message, it’s also an unsafe behavior from CIS. If the user has a different AV as real-time on-access scanner and has Comodo AV’s real-time scan disabled permanently to use it only as on-demand scanner, the security function of the “At Risk” message is totally lost. If the user disables the FW temporarily for example, the message will remain the same, that is, the notification in this case will be useless, and that removes the additional safety/convenience that the message is supposed to give.
My suggestion is to have an option of configuring CIS so that when you disable Comodo AV, the “At Risk” notification only appears if there is no other AV registered with Windows (problem: maybe this will not work for XP). Another, perhaps better option is to add a configurable setting to disable this notification for the AV (and to extend this configurability to other components as well). This way, users that want Comodo AV as an on-demand scanner will be able to use it with no problems and won’t have to choose to uninstall either Comodo AV or their other antivirus, meaning more people will be able to use Comodo AV and potential users won’t be lost.
Simply using CCE as a replacement for Comodo AV is not good because 1) you lose the context menu scan, and thus have to open CCE every time you want to do a single scan, not to mention browse through sometimes long directory addresses and deal with reboot scan prompts, and 2) you lose the ability to schedule scans.
This configurability should be added to all component as the best option. The state of the Behavior Blocker should definitely have a notification as well.