so even if the scanner is not able to detect the danger, the defense+ will show you that it's easier to bypass a scanner than a HIPS, and with the sandox, you just have to set the unknown files as blocked and it will become very hard to be corrupted. that's interesting to see how a program is coded and wich dll it's uses, wich process it calls, if it creates files or modify the registry, that's how we can detect a malicious file by it's actions it will try to execute, malware activity is always easy to guess, trying to find a way to take control over the system. If you decide not to use the sandbox and do not chose to treath unrecognized files as blocked (impossible to run any file wich is not is the comodo trusted list or if you didn't add it as tusted file), so if you chose the Defense+ detection, you'll know everything about a program activity from the first operation to try to run on the system (if you allow it) to the last and then the program is loaded into the memory. There is also the famous Defense+ with the sandbox to complete a very high level of protection. There's a mode for people who don't like to control the all trafic on their machine and let the firewall decide to allow trusted applications. The firewall part in highest protection mode will let you create any rule you want. I use it for a very long time now on windows 7 64.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |