Conventional security protection relies on analysing files to determine if they are on lists of known to be a valid file or are on a list of known threats. That is fine as far as it goes, but what about files that is not on either list? These unknown files may or may not be a threat, but inevitably some are. That is why conventional security inevitably fails.
Some antivirus provide a secure system area called a Sandbox where you can safely run a suspicious. Think about it like a criminal suspect who is held in jail while the police investigate a crime. Unfortunately, they rely on the user to make the decision to put the file in the sandbox. Most users are not able to make that call or make it correctly on a consistent basis.
Comodo Security Solutions various endpoint solutions include a unique architecture called default-deny Auto-Sandboxing. Unlike conventional security which allows access unless a threat is confirmed, Comodo Systems deny access to the system if it is an unknown file. The file may run in a sandbox where it can be further analysed, but can do no harm to your system or files.