I’ve decided to keep comodo for the moment; I can see it is trying to do fire-walling slightly differently from other software firewalls, and its approach is intriguing and refreshing, although I’m still as confused as hell.
Some random questions:
http://www.default.co.il/anti-virus-or-anti-malware-test-file
Avira stopped me from even downloading these test files.
I let them through, and without running them I did a scan with defense+. It missed them.
Is that intentional? Or perhaps defence+ is much more a heuristic tool?
2a)
In ‘pending files’, whenever I lookup a file I get ‘error’. Does this mean it wasn’t recognised, or
does it mean the lookup failed?
2b)
When I submit pending files, they are ‘checked’ ok, whatever that means, but then fail to upload.
In pending files, I get quite a few files like:
c:$recycle.bin\S-1-5-21-575867484-5894585854-10000$RXUVNY.exe
What are they? What do I do with them?
In ‘cleanPC’ mode, when I have 100 pending files, I quickly check that they’re all to do with programs that I trust, and click ‘remove’. But I still don’t understand what happens to them:
- Are they marked as ‘trusted’, or are they untrusted until they’re used again and cause a popup?
- If trusted, are they given a ‘profile’ like the other programs (listed in the computer security policy)?
I have the following programs which, during their normal function, create folders and files:
Avira
Power Archiver
FTP client
video convertor
download manager
etc
How do I stop getting popups each time a program wants to create a temp folder and put something in it? Should I be setting these program profiles as ‘trusted’?
After installing trusted software in cleanPC mode, is it acceptable to:
go to safe mode → apply → go back to clean PC mod → apply
The point being to incorporate the new software as a ‘safe’ program, so that its behaviour can be learned automatically without popups?
Thanks.