Mayday, Mayday. This is NOT a Joke: CIS Processes shutdown

Comodo Internet Security - CIS News / Announcements / Feedback - CIS
100
A terminated, dead, or killed process cannot restart, in my context not until reboot, when the same event that brought about its termination is still occurring i.e Hacker Process terminator. Therefore, I deduced that we do not have specific word in our human languages to describe what really happened; since OSS 2009 core process was not dead, terminated or killed.
Nor has CIS, going by your logic. You just had to start it once more, from the same Win session, since CIS doesn't have that ability to restart itself AFAIK. That doesn't mean its "core" was destroyed/terminated/obliterated whatever you want to call it...
Well I went to PCflank and tested my ports and not even for a second they were not stealth. I also used regtest from Ghost Security in order to see whether or not any modification could happen. Well regtest failed there was no registry key modification.
ACS.exe restarted itself after milliseconds, so no wonder...
101

You shouldn’t be so selective.

“if it’s lack of technical knowledge or specific understanding as to how Process Hacker and other Kernel mode drivers work…

102

AND I NEVER SAID THAT I WAS NOT PROTECTED JUST BECAUSE CIS WAS NOT ABLE TO RESTART ITSELF. AS MATTER OF FACT I SAID THAT CIS PROTECTED MY COMPUTER.

PEACE.

103

If it protected you then what is the problem? Your computer was secure. CIS did it’s job?

104

And how can it protect your PC if its main process is not running/restarted?
Disregarding my above Q, your PC was protected so may I ask what’s the problem?

P.S no need to yell… :confused:

105

I recall it was actually OmeletGuy who first pointed out the protection was active

Would be anybody surprised to find out that a kernel driver could be used to terminate any process?

Would anybody neglect what Process hacker developer (wj32) commented about a similar test and possibly come to believe that protection/defense against such approach would be something else than denying the driver installation/loading?

106

CIS’s job is to protect your computer, which it did. I don’t see why improvements are needed if it’s already doing the job.

107

I’m willing to verify that for myself, as no other sec apps do that (AFAIK)
As to latter, any app can be killed from kernel level

108

IT IS NEITHER. I’M SORRY TO DISAPPOINT YOU, AND I’M ALSO SORRY THAT YOU HAVE STUMBLED UPON ME WHEN YOU INSINUATED THAT I HAVE A LACK OF TECHNICAL KNOWLEDGE. I HAVE A LOT OF SAVOIR FAIRE IN A LOT OF SUBJECTS, INCLUDING TECHNICAL. I’M A FIRM BELIEVER OF EPISTEMOLOGY ESPECIALLY CARTESIAN EPISTEMOLOGY.

PEACE.

109

Even when all the facts were laid out it seems we couldn’t explain it any better to make it clearer. In multiple spots throughout this thread a question was answered and it seemed like you “chose” not to read it. Stating it was blah blah when it was totally valid. It’s frustrating when we’re trying to explain something to you.

I apologize for the comment I made with regards to your technical knowledge.

110

Your statement may be true. However, such a statement did not come true during the test that I performed. Process Hacker did not terminate OSS core process. Anyway by saying that I’m not implying that other security software could not have protected me.

Peace.

111

If your goal is to offend me I think you are doing a good job.

Peace. >:-D

112

I accept your apology.

Peace.

113

CIS included? If yes, why create this thread?
Regarding that, you didn’t answer

Disregarding my above Q, your PC was protected so may I ask what's the problem?
If it protected you then what is the problem? Your computer was secure. CIS did it's job?
114

Why did you post the results if you’re ignoring the responses? Your test was only the initial step. The second is the clarification offered by other members. Why even post the results if you’re not open to comments?

His statement is true so it should be taken into consideration, not ignored on the basis that it wasn’t reflected in 1 test. You have to take multiple sources into consideration when doing testing.

115

I created this thread because I would like Comodo to better protect its processes, that all.

Peace.

116

That is a false statement, as matter of fact I’m taking my time to answer most of them. I reserve the right to disagree. By disagreeing, does not mean that I’m ignoring divergent ideas from these posts.

Peace.

117

From such a method (kernel level kill) you posted, there is nothing to improve or protect better. Kernel level access= COMPLETE control. Period. :slight_smile:

By disagreeing, does not mean that I'm ignoring divergent ideas from these posts.
No, you're disagreeing with [b]facts...[/b]
118

Second

119

Thirded. :slight_smile: