I do not understand why Comodo has set the defualt AV configuration. The config described here is more quiet and stronger.
-
Install CIS without the FW, in proactive mode, after installation
-
Go to my protected files
-
Create a new group called (Old important files and maps (or something simular, I use the Dutch version)
-
Move these these files to the OLD group
a) %windir%\servicing*
b) %windir%\SoftwareDistribution*
c) %windir%\system*
d) %windir%\system32* -
Add the C:\WINDOWS\system32\drivers\etc* to the Important files/folders group
-
Apply
-
Next add predefined groups to my protected files and foders until it lists
a) Startup flolders
b) Important Files and Folders
c) Windows Management
d) third party protocol drivers
e) Windows update applications
f) Windows system applications -
Apply
Next go to D+, go to Advanced tasks and go to Current computer security rules (first upper left option on
the advanced tab).
Scroll to ALL applications and dubbelclick the rule, select use adapted security rules, click access rights and click “Run/start executables”( = first option). Add the Group "All executables"to the allowed applications to start and Apply changed settings.
Next go the d+,Advanced settings and Defense+ settings,
- select clean PC modus of the general tab and apply
- click the advanced tab and make sure only these items are selected
a) close/shut down processes of the first group
b) protect registry keys and files of the second group
c) select all protections for direct access.
Should look like this
a)
[attachment deleted by admin]