Belongs to Gaijin/ War Thunder, and its behavior is the very example of unwanted: launches on startup, bypasses my deactivating it in msconfig, automatically downloads updates for War Thunder, accesses hard drives.
It can be “deactivated” by unchecking a setting in the related War Thunder launcher, but this is not good enough for me. Especially since this lowers my trust in Comodo and it sends my mind racing towards what other rules I’ve set that aren’t doing anything.
I see that the program is listed as ‘trusted’ in the Comodo HIPS list, so obviously Comodo was paid for this program to be ignored completely by HIPS despite the users’ commands.
If you let this type of malicious behavior app have free reign then that does not make a good upgrade case. Or maybe you have an alternate explanation to as to why this happens?
I will make it clear to you, @mrbirger, Comodo is NOT paid by any developer to pass its software!
You come on here with the wrong attitude and unfounded accusations again, you will be post banned for a period yet to be determined.
Now, as you stated, CIS has the developer as Trusted. This gives the program free reign to run as desired.
If there is an issue with something running even though the program’s settings say otherwise, maybe you need to contact the program’s developer to resolve such issues. I take it this is a game? (I haven’t looked up the file you are running to say otherwise.)
Alternatively, you could add a block rule to FW or HIPS specific to the module you wish to not run.
HIPS must be enabled when you added the application to the blocked files section of HIPS protected objects. Also you can create an auto-sandbox rule to block the application which also goes into effect when the sandbox is enabled.
Unfounded —> Comodo states right on its website in plain text that developers can get ‘certification’ with Comodo. I don’t know Comodo’s definition of such a process, but usually this infers payment. Such as with Microsoft’s driver signing pyramid scheme and the like. Would be happy to be proved wrong of course.
The point is, it’s irrelevant to me what Comodo trusts and not, I use HIPS in paranoid mode because I decide what runs on my computer or not, and specifically adding a program to my fully blocked rule should get it fully blocked whether Comodo as a company trusts the developer or not. That’s my issue here, in this case the user input is being overridden by software rather than the other way around, which is antithetical to the program’s whole point.