Managing threats in Comodo - option lack & annoyance!

The newer version of Comodo is rather annoying. so irrationally set up that it hurts.

You can’t exclude or entrust a file from the scanning window. When Comodo automatically encounters a ‘threat’ via the real-time scanning, there are no longer options to do so. You can only choose to quarantine it or ignore it for the time being o_O. Why’d you change it that way?

The ONLY way I can make a falsely detected threat become a trusted or excluded file, is by MANUALLY locating the file where it is, BEFORE it recognizes the file (again. I even had to reboot), right click and choose ‘Scan with comodo’, then there’s a panel for submitting to Comodo as false alert and entrust the file.

Because I can’t select and perform the ‘submit as false alert’ or ‘add to trusted files’ withn my event log OR from my quarantine menu! (or maybe I can, there’s a submit button, but when I click it, it just says ‘failed to open file’ because the program itself has made the file unable to handle).
The above described way was the only way I could make Comodo shut up and let me install my game. This is insanely annoying.

http://dl.dropbox.com/u/202208/Comodo%20window%2C%20MOD.png

A screen cap. The needed options accessible from the manual scan results.

I feel your pain… I hope they fix it in ver 6…

Umm… When CIS AV finds a “threat” you’re presented with alert window (unless “do not show antivirus alerts” is checked in antivirus settings) where you can clean (usually quarantining it) or ignore it once (which doesn’t really work), ignore and add to AV exclusions or Ignore and add to trusted. Just click the small “down” arrow to the right of the ignore button.

I don’t think the OP’s problem is that he is not aware of these options, rather that post an on-access detection alert, they are not apparent in the “newer version”, presumably 5.10.

I should make a new thread, or perhaps find one that pertains to mu question, but my annoyance is that there’s no way currently to switch off manually created rule - for example: explorer.exe on 127.0.0.1:80 in order to test (something, whatever), but instead it has to be deleted and then later re-created. Mad stress. :slight_smile:

It’s been a while. I was without my beloved stationary for a little over 5 months.

Thanks there. I hope I contributed to make the developers aware of it.

Exactly!! I was presenting the lack of options (excluding a file & report false threat) by on-access/real time detection.