I was not really sure where to put this, but I wanted to give some feedback.
Recently I was under the attack of some malware called XP antispyware.
Comodo’s firewall was on custom policy and defense + was on the highest setting.
The operating system was windows XP.
Defense + detected the malware attempting to access various .exe’s and registry keys.
I told it to block the program each time.
Even though I told it to block the program’s many actions, the spyware installed itself anyway without my permission.
I am currently in the process of removing the spyware and I wanted to give this feedback in order to be helpful to the beneficial growth of comodo.
If more information is required let me know and I will try to provide the information.
It´s virtualizattion. In Comodo it is the Manual Sandbox. Go to “D+” - Computer security policy" - “always sandbox”. Put you browsers and other applications that go to the internet. It is an other layer of protection (stronger than the Automatic sandbox).
There is also an other product called “sandboxie”
Could not agree more. That is why comodo should improve the MS. I am sure that the AS in “Restricted” or above would stop this. But nothing is 100%. That is why is so important to have an other layer of protection, specially if it is from the same company to evade conflicts and slowdowns.
AS to “Blocked” and the MS in conjuction, if it is not 100% is 99,999999999999999999999%
There is no tray icon when windows automatic update is off.
On top of manual sandbox of CIS or Sandboxie or Geswall, if you allow me a small advice, use a backup and restore software. That will spare you the troubles and anxiety of desinfecting your PC. All you’ll need to do in case of infection is restore a previous clean image of your system.
Forgot about UAC, but I know people using XP who have enabled DEP.
I haven’t used XP since…whenever Vista was released…2007?
To the Original Poster…
You should consider enabling DEP…
it’s not a magic bullet but it can help.
And you might want to consider adding a second Administrator acct. and then
down-grade your present Administrator acct to ‘Limited’.
I’m assuming you are using an Administrator acct. http://www.mechbgon.com/build/Limited.html
Even having strong security may not help in many cases when the latest SP is not installed and all MS Security Patches are applied religiously. Well, patches by other vendors are important too , but since SP was mentioned…
According to the report provided above
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.5512
[i]SP3 is in place [/i] unless I'm missing something
At the same, time running IE [b]6[/b] would be a big(!) concern in any circumstances