I’m using Comodo Firewall v5 along with Avast Free. During the testing of Cloud Scanner part in Sandboxie, i see there could be some improvement on how the malicious program (as identified by Cloud Scanner)
When a malicious smaple executed through Sandboxie, i see the sample itself is started in Comodo Sandbox and then user is presented with a cloud scanner alert to clean\disinfect\ignore. Please see the attached screenshot.
I want the malicious sample to be terminated automatically even before it is sandboxed as untrusted. And an informational dialog should be presented to the user saying "xxx has been quarantined…no action need to be taken.
In an effort to make Comodo having less input required from the user.
Unless I’m missunderstanding you this can be accomplished by going to Antivirus => Scanner Settings and under Real Time Scanning checking the box to “Automatically quarantine threats found during scanning”. The one problem is that you won’t get a popup for it when it’s quarantined.
To get popups for quarantined items you have to allow popups for everything in CIS.
+1
Cloud detections could be a huge source of false positives as the detection needs to be added fast (and further investigation is always necessary…).
So, then it would be the best to have it implemented as optional feature of Cloud scanner part.
More over if the detected file is a windows system, it should throw a pop-up instead of cleaning automatically.