I do not get why so many handling’s must be done by a user.
We the end user:
When we install software we have to tell CIS it has to go to install mode, this should be recognized by CIS itself. Than after install and going back to an other safer mode the user gets a window that there are files waiting…? A bunch of files are presented no idea what they are or what we the user must do with it. So we click it away because Comodo CIS protects us right…
Now on the status page there appear files waiting for review… so we the user get a bit nervous because we do not know what to review, we see a bunch of unknown files. So we leave it and the number is climbing endless.
We try something not knowing the result of it, we randomly choose a button called check and it seems files are send to Comodo. Ok so that great thats done than, but no after sending the files are still there, Sh*t… A new window asks the same thing, should he send it to Comodo… well ok send it again. After some time all files are send and were done… NOT the files are still there and I have lost a lot of time and get scared of the program.
Tips
Now, why do we, the customer, need to do so much unnecessary things when they must be done anyhow. This whole process must be done in the background by CIS because we the customer really have no idea what CIS now presents us.
First, programs do not come with a “I’m installing software” notification. Second, if they did… how does Comodo know you want the software to install? For all it knows, you could be installing some form of malware. Comodo can protect you against known malware (although it is not and will never be 100%), but it cannot protect you from yourself. If you tell Comodo it’s safe, Comodo will treat it as such.
Exactly. And those files (until the user clears them) receive extra attention. If you’re not sure, leave them…
We, the customer, must take the time to try and understand what it being presented to us. Comodo has taken steps to help us decide what to do by implementing Threatcast. If you have an actual idea on how to improve upon that, or a way for Comodo to filter the good changes and the bad changes, we would love to hear it.
When we install a program we know were that program is installed. So all the files that are installed in that directory we can assume them as safe. Comodo could do this automatically.
Thanks for all the reactions, I will write mine on your comment that I sometimes find a contradiction.
On the above answer, and I am a stupid person by default.
If I’m installing software and there is a NEW kind of virus hidden in it, Comodo puts the files in the review box for me to decide? If I do the answer above then without knowing I let slip true a virus.
This behavior will not be found in other AV software because a install will be recognized. So I think this can be done because if a virus wants to install itself Comodo recognizes it for sure. We can assume a install can be stopped and thus also seen.
Exactly. And those files (until the user clears them) receive extra attention. If you're not sure, leave them...
We, the customer, must take the time to try and understand what it being presented to us. Comodo has taken steps to help us decide what to do by implementing Threatcast. If you have an actual idea on how to improve upon that, or a way for Comodo to filter the good changes and the bad changes, we would love to hear it.
They try as best they can…
I know they do and I appreciate it. Only to use this it has to be simpler without choices to make, people do not understand this technical stuff
Removing them from the list you are not saying that those files are safe.
When a file is marked as safe comodo learns all the actions performed by that file (I think)
And when not it is treated as a unknown file
If you dont want to review those file than change the Defense + mode to ‘Safe Mode’
Tell me… And, how exactly would the user know he/she was installing malware? If the user wants to install something, then he/she will choose installer/updater. Open way. So, it is really does not matter if Defense+ automatically chooses Installer/Updater.
Of course, I’m not suggestion for Defense+ to detect an installer, saved in a folder, and go like crazy. No.
Exactly. And those files (until the user clears them) receive extra attention. If you're not sure, leave them...
I never understood that option. It makes no sense. The Pending files list should cease to exist. First, I do not wish to send any files to COMODO. Secondly, I do not want them there, and I want to use Clean PC Mode.
Its a stupid feature.
We, the customer, must take the time to try and understand what it being presented to us. Comodo has taken steps to help us decide what to do by implementing Threatcast. If you have an actual idea on how to improve upon that, or a way for Comodo to filter the good changes and the bad changes, we would love to hear it.
There’s a fine line between how much time one can spend on something and what is present to us. ThreatCast is flawed - It demans Internet Connection, and it for the user to make a proper judgement, first, more user had to come across that same process. It is also needed - and most important - that those users made the right choice.
COMODO, and no one, can expect users to be always connected to the Internet, or always reconnect an alert appears. Or do they?
If you leave all your files in “my pending files” then clean PC mode becomes safe mode as safe items are automatically removed from “my pending files”. If you do nothing with “my pending files” then you have safe mode.
I like “my pending files” as I can see what I have installed but clearing out “my pending files” should be easier. There needs to be a multiple file select and it would be useful to be able to select all files associated with something you have just installed. I leave things in “my pending files” if I am unsure.
The virus can be detected because there is a signature for it, or it is acting in a such a way that the HIPS detects it as unsafe. Comodo would have to maintain a huge database of every program ever designed, and even then still wouldn’t know if you actually wanted it installed. I don’t know of any program that has this feature.
I wouldn’t expect the user to magically know it was malware, which is why Comodo added Threatcast to help them decide what action to take.
If you own a computer, you usually have an internet connection… otherwise there is little need for an AV. How would you download the installation package? How would you get the latest sigs?
Also, again talking about a rational person, if there is not enough information to make a decision… one would hold off making that decision until more information becomes available (e.g. block the application temporarily).
How do you expect Comodo to know what is and is not safe? Updates and new versions of programs are released everyday. It is an impossible task. Not to mention some users like to control what some programs can access.
TC may not be a perfect answer, but it is only meant to be used as a guide based on how others have decided. And yes, it is very reasonable to expect an Internet connection.
Ok said all that I need to know what happens with the captured files if we do not react on it. Do they stay there for eve groing, does Comodo send a list of save files that will automatically takes them out of that list to my safe files or what.
Egeman once said it automatically purges the list for file that do not exist. It may also do this for safe files. It will if you going into the list. If you add a file from the safe list it will not stay.
I don’t know how often the safe files list is updated.