Como o Firewall tem prioridade sobre outros aplicativos quando o PC inicializa pela primeira vez?
I'm using Comodo Firewall and I see that the Spotify app is loading before Comodo loads; well it seems like that since the Spotify panel appears before the Comodo one.
Os aplicativos que você vê carregando são os componentes GUI do Spotify e do Comodo.
Esses componentes da GUI são carregados durante o logon. Neste ponto, as partes de proteção do Comodo já estão carregadas, então o sistema é seguro.
-
As partes de proteção do Comodo (
cmdagent.exe
e do driver de filtro de pacotes Inspectinspect.sys
) são carregadas muito cedo no processo de inicialização (antes do início do explorador). -
Inspecione as execuções no nível mais baixo (nível do kernel).
The processes that protect are actually Comodo Internet Security Helper Service (cmdagent.exe) and the Inspect packet filter driver (which runs under Comodo Internet Security Helper Service).
They start very early in the boot process. Cis.exe is the client program; it is the program that provides the UI and instructs cmdagent.exe how to behave. Cistray.exe provides the tray icon, widget and starts cis.exe.
Protection is provided regardless whether cistray.exe and cis.exe are running.
Fonte Por que o cis.exe é iniciado como um serviço?
CIS uses WFP in conjunction with inspect.sys packet filter driver. Inspect runs at the lowest level (kernel level) where WFP runs at higher levels.
Origem O CIS está usando a Plataforma de Filtragem do Windows (WFP) ou o quê?
E se houver um aplicativo desonesto que tenha acesso à Internet antes do firewall? Como você pode evitar isso?
Um Firewall não impedirá a instalação de aplicativos desonestos. Você precisa de outra camada de segurança para fazer isso, por exemplo, um programa antivírus.
Existem também programas que monitoram as mudanças do sistema. eu uso WinPatrol que tem os seguintes alertas:
New Start-up Programs
Spyware and Malware need to start in order to run. Protect your startup programs.
New Browser Add-ons
Don’t let unwanted add-ons invade your privacy, commandeer or slow down your Internet browsing.
New Browser Toolbars
Unwanted toolbars slow your browser down and have the potential invade your privacy.
Newly installed Windows Services
A Windows Service has total permission to EVERYTHING on your computer. You NEED to know when one is installed and why!
Creation of Scheduled Tasks
Scheduled tasks are a way spyware and malware will schedule one of their minions to run. Don’t let them use your task scheduler against you.
Changes in File Type Associations
Malware will typically change file type associations to get you to run their program. In addition, this helps to prevent file hi-jacking of file type associations by impolite programs.
Newly Active-X components
You need to know what is installed on your computer.
Changes to your home page
Don’t let programs get away with changing your homepage without your permission.
Changes to your default Internet search provider
Junkware, malware and unscrupulous entities love to change your search provider so they can control the results.
Changes to your hosts file
This protects you for malware redirecting to you their site rather than the real site.
Changes to Auto Updates Settings
Malware loves to disable auto updates, stop them in their tracks!
Changes to UAC Settings
Don’t let programs change your UAC Settings without your knowledge.
Changes to Hidden Files
Get alerted if any new hidden files are added or changed.
Fonte WinPatrol
Aviso de isenção
Eu não sou afiliado com WinPatrol de qualquer forma, eu sou apenas um usuário final do software.