因为没有勾选 Comodo Firewall (CF) Enable Cloud Lookup
补充: 同时也没有勾选 Trust applications signed by trusted vendors &
Trust files installed by trusted installers
造成 nVidia 更新驱动程式失败(原因是更新程式入沙)
重新思考 CF 的设定策略
一开始 清空 trusted vendors 勾选云端查询
等所有常用程式跑过一遍后 再取消勾选
这样好处是
1)作业系统刚开始时由 Comodo 云端帮忙检查数位签章、增加 trusted vendors
2)取消云端查询 免得被加 WoSign、StartCom 或中国数位签章
而且 trusted vendors 清爽多了
记录目前我的设定 供以后重新安装参考
Comodo 版本 8.4.0.5165
General Settings > Configuration > COMODO - Proactive Security
Security Settings > Defense+ > HIPS
Enable enhanced protection mode (Requires a system restart)
64位元系统专用
Security Settings > Defense+ > Sandbox(预防勒索软件最重要的设定)
Sandbox Settings > 不勾选 Do not virtualize access to the specified
files/folders
Auto-Sandbox > 勾选 Enable Auto-Sandbox
> 将常用但未被 CF 信任如 PCMan 等程式设定 Ignore 规则
> 将默认 Action 是 Run Virtually 这条规则点进编辑
Options 中勾选 Set Restriction Level Untrusted
Security Settings > File Rating >
首先将 File List & Trusted Vendors 清空
再设定 File Rating Settings >
勾选 Enable Cloud Lookup (Recommended)
不勾选 Analyze unknown files in the cloud by uploading them for instant
analysis
不勾选 Do NOT show popup alerts
勾选 Trust applications signed by trusted vendors
勾选 Trust files installed by trusted installers
勾选 Detect potentially unwanted applications
把平常会使用的程式打开跑一轮 以下清单会增加
Security Settings > Defense+ > HIPS > HIPS Rules
Security Settings > Defense+ > Firewall > Application Rules
Security Settings > File Rating > File List
Security Settings > File Rating > Trusted Vendors
再来把 Security Settings > File Rating > File Rating Settings >
取消勾选 Enable Cloud Lookup (Recommended)
最后发现一个现象
7-zip 的 7zFM.exe 没有数位签章
在勾选云端查询的清况下 它被自动加到 File List 中 而且是 Trusted
非由使用者自行决定