When CIS firewall enabled, it must disable Windows defender firewall to avoid conflicts.
The scan exclusions applies to all scans (real-time, manual and scheduled) while it should have options to enable exclusions separately for each scan profile.
Comodo should imitate from Avast internet security because of its usability and features.
Where does Comodo fail against Ransomware to warrant this “Ransomware Shield”?
A lot of people fall for hype of other providers who have to create a different technique to “detect” malware and they package these as if they are a different product or feature.
With Comodo its simple, an Unknown is the enemy and will be contained. You can call it Ransomware, worm, rootkit, virus or whatever you want…the fact doesn’t change…its an “Unknown executable”.
Time to see beyond marketing fluff the Antivirus industry has been feeding you!
Linux boot time environment for scan and disaster rescue. Like, if malware is allowed by accident, a boot time scan has no exclusions and should pick it up and delete/quarantine it.
Windows OS damaged system files repair/restore from Cloud. From XP to 10. If windows system file is damaged, boot time environment would restore windows damaged file.
Sandbox to have log windows for sandboxed exe. For example:
unknown.exe is dropping file downloader.js to C:\Windows\Temp
downloader.js requests access to the internet
downloader.js is downloading payload.exe
payload.exe is executing with administrator privileges, not signed, usual malware location
payload.exe checks for virtual/sandbox environment
payload.exe wants access to documents, images
payload.exe wants to delete/overwrite/replace documents, images
payload.exe wants access to wallpaper/screen/fullscreen privileges
payload.exe wants to create readme.txt at every folder
Sometimes malware is written so good that at first glance nothing is suspicious.
Above example should give [toggable advanced feature] an overview of what is going on.
If above is not clear, check out Cuckoo Sandbox, or Buster Sandbox[ie] Analyzer.
Comodo rescue disk allows you to scan your PC outside of Windows and in a Linux environment.
Windows system restore can be added as protected but simply having your windows CD or backup disk can replace these files
Any unknown files are automatically contained so wouldn’t be allowed to access other programs and firewall prevents internet access for Unknown files. Cloud behaviour analysis would detect most of this suspicious so your already covered for all of these because of autocontainment. Most viruses try and appear and behave like safe files.
If you have evidence or video example of vulnerability, please share.
Sure, but sometimes CD’s and DVD’s are not always available and sometimes when someone works at sea, finding that something becomes challenging.
Sure, but a solution without requiring a cd/dvd would be ideal. Look at Bitdefender or Avast. Both have boot time scan.
Protecting sys files wouldn’t interfere with Windows Update? And what if the system is already damaged before installing CIS?
Sure, but unless activating D+ HIPS, I wouldn’t know what happens behind the scenes. And, if I want to run a particular program because I like what it does, I wouldn’t know if it wants to do something extra until it’s too late, until I grant it access outside of Sandbox. So, the history log of some kind [I think Geswall had a scrolling log of actions] is something that would make vetting unknown files faster than cloud analysis or Comodo team.
CCE has boot time scanning and can be installed either as a standalone or running clean endpoint task. You shouldn’t be installing CIS on an already infected or damaged system. And finally had everyone who request these features actually took the time to either read the help or used the product would know that CIS does have a process activity monitor in virusscope. All you have to do is run an application in containment then view the active process list task, then right-click on the contained process and click show activities.
What I meant by boot scanning is not restarting windows, loading windows and continuing scanning, but pre-Windows environment, usually Linux. CCE boot DVD comes as exact thing, it loads before windows. The one installed with CIS, loads Windows and continues scanning. I am not saying CCE is not super effective, just that this could be improved upon.
Which is not always successful. Hence cloud files restoration in pre-boot environment.
And what if the system is already damaged before installing CIS?
You need to clean the system first. You can use CCE or various other scanners for just that purpose. Running them in Safe Mode would be another option. You can also run CIS with Block all unknown requests when the application is not running enabled.
What product delivers cloud file restoration of Windows system files? When Windows is compromised you can always run sfc /scannow from a Windows installation medium (DVD or USB).
I would just like to also point out, Windows Firewall may be further required to be left turned on in cases that require Authentication via the Windows Firewall. The Xbox App for example requires this to work correctly with group chat.
Furthermore I have had no obvious signs of conflict leaving both turned on.