- Apr 29, 2013
- 524
See Full Review at: http://msecurity.wix.com/malwaresecurity
Last edited:
Comodo Internet Security 7 (REVIEW)
- Thread starter Malware Security
- Start date
- Status
- Feb 23, 2014
- 3,317
Comodo is good enough for me.... with common sense you have a AIO (All in One) protection
- Jan 17, 2014
- 620
Nice review.Very well explained.. Comodo just need to improve the detection rate, but it seems they do not want it...
- Jan 3, 2014
- 618
I admire Comodo, a proactive defense, but as Felipe said their signatures need of improvement, and that is not really taken seriously, I'm not saying they are bad, but is lower at least in my view than expected, compared to Eset, Emsisoft 360is is well below that keeps me plenty of comodo, if it were not so I do not think 2 times to use. Congratulations on the Review, I agree with your considerations!
- Jan 17, 2013
- 410
CFW with any quality free AV will fit the bill for a great setup.
- Jun 22, 2013
- 632
It may not have the best detection rate but the fact is it does not allow malware to run on your system, it is as good a defense you can have at preventing malware from infecting your computer. If your AV has 99% detection rate but let's the 1% infect you I contend I would rather have 80% detection with nothing being able to actually run on the system. If you try to run a malicious program even if it wasn'initially detected Comodo will not let it run if it isn't a known trusted program, the rest is up to you.
- Jan 17, 2013
- 410
True. That's why I use the firewall and not the full suite. The Full suite is just the Firewall with AV. The firewall has all the protection just not the AV portion. That's why I normally recommend some other AV. Cruelsister normally would jump in and recommend Qihoo 360 so I'm going to do it first. Qihoo 360, BD free, Baidu or even Avast. Qihoo and CFW is a known great pairing. Qihoo has great detection and proactive defense. CFW has everything else to protect you. Can't ask for anything more, except maybe exploit protection, *cough* HMP alert *cough*.
Littlebits
Retired Staff
- May 3, 2011
- 3,893
Just a quit question with all of the protection features was CIS 7 able to block anything not already blocked by UAC?
If so I would like the sample please.
Enjoy!!
If so I would like the sample please.
Enjoy!!
- Jan 28, 2014
- 444
As far as I know, there is no malware that can bypass UAC till now, so UAC is more essential for me, basically UAC and CFW does the same thing, it can prevent malware if we use it with common sense. Although I agree they need to improve the detection rate, but it still a very good product, and thanks for the review, very well written
Littlebits
Retired Staff
- May 3, 2011
- 3,893
I'm sorry I was going to commit on the review and forgot on my previous post.
The review was written very good, I like the fact that you included images which makes it very helpful to understand. However I had to hunt to find the review.
It is here if anyone else has trouble finding it.
Excellent job!!
The review was written very good, I like the fact that you included images which makes it very helpful to understand. However I had to hunt to find the review.
It is here if anyone else has trouble finding it.
Excellent job!!
- Jan 17, 2014
- 620
hahahahah .. Now I've learned all the way, but the first time, it was a long hunt too! But I liked the site.I'm sorry I was going to commit on the review and forgot on my previous post.
The review was written very good, I like the fact that you included images which makes it very helpful to understand. However I had to hunt to find the review.
It is here if anyone else has trouble finding it.
Excellent job!!
- Feb 1, 2013
- 969
Is the difference between testing in vm with Windows security, that diffferent compared to testing in real system? I know its not the same but to which extent? has anyone tested in real system with samples from malwarehub having a proof?As far as I know, there is no malware that can bypass UAC till now, so UAC is more essential for me, basically UAC and CFW does the same thing, it can prevent malware if we use it with common sense. Although I agree they need to improve the detection rate, but it still a very good product, and thanks for the review, very well written
- Jan 17, 2013
- 410
I'll take a look around for one. I think that the biggest thing is that most folks don't change the UAC to the max. Either from inexperience or ignorance. Social engineering is one of the biggest ways that people get infected. Installing a new program that they got on the internet. They think it's fine since they got it from a "reputable" web site. They get the UAC prompt and say "of course I want to install it" After that it's all over. Having something like CIS would hopefully detect any secondary spawns or limit it's execution. I'm not saying that UAC can't be used to its fullest but I don't think that it's secure enough to rely solely on it.Just a quit question with all of the protection features was CIS 7 able to block anything not already blocked by UAC?
If so I would like the sample please.
Enjoy!!
- Apr 29, 2013
- 524
I'm sorry I was going to commit on the review and forgot on my previous post.
The review was written very good, I like the fact that you included images which makes it very helpful to understand. However I had to hunt to find the review.
It is here if anyone else has trouble finding it.
Excellent job!!
haha i did not know it was hard to find it. All you do is click "antivirus Reviews" and its on the right side of the page under "Recent reviewed antivirus's"
Littlebits
Retired Staff
- May 3, 2011
- 3,893
I can understand what you are saying but couldn't a user just as easy allow a newly downloaded file on CIS by either allowing it or disabling CIS to allow it to execute? For example you just downloaded this new exciting file and CIS blocks it, so you think this is a false alert since CIS has blocked harmless files before and you decide to allow it anyway.
Since most CIS users are supposedly advanced users, they should also know how to utilize UAC properly.
I have had novice customers that would disable their security software to allow a file that keep getting blocked or quarantined thinking it was a false alert because of previous harmless files were block in the past. Some social engineering infected sites will even instruct users on how to disable their security software for a successful infection. For example; "In order to run this program you must right click on your antivirus software icon in your taskbar and select exit or shutdown". I wonder how many users get fooled by this?
Thanks.
- Apr 29, 2013
- 524
I can understand what you are saying but couldn't a user just as easy allow a newly downloaded file on CIS by either allowing it or disabling CIS to allow it to execute? For example you just downloaded this new exciting file and CIS blocks it, so you think this is a false alert since CIS has blocked harmless files before and you decide to allow it anyway.
Since most CIS users are supposedly advanced users, they should also know how to utilize UAC properly.
I have had novice customers that would disable their security software to allow a file that keep getting blocked or quarantined thinking it was a false alert because of previous harmless files were block in the past. Some social engineering infected sites will even instruct users on how to disable their security software for a successful infection. For example; "In order to run this program you must right click on your antivirus software icon in your taskbar and select exit or shutdown". I wonder how many users get fooled by this?
Thanks.
I do agree with you on that!!!
So many websites told me to disable my antivirus, I actually started laughing.
- Feb 7, 2014
- 1,540
- Dec 4, 2013
- 2,800
S.O.B.sDirty tricks
(Sneakily Overt Barbarians!)Btw, as Windows XP drifts further out to sea
(with neither UAC nor security updates to patch the leaks..) does anyone recommend replacing the steadfast Private Firewall guarding my system with Comodo's Firewall as a "poor man's UAC life raft?Malware Security, thank you for sharing your review (..& Littlebits for your shortcut to find it). I was particularly impressed by Comodo's ability in preventing malware infiltration!
Last edited:
- Apr 13, 2013
- 3,144
Wasn't aware of this thread, but now that I am, a test. Specifically UAC plus Windows Defender and Windows Firewall versus CF with ONLY the sandbox (at Full V) active.
First off I went looking for a malware pack on the Virus Exchange forum that didn't have a tremendous amount of samples (since I would potentially run them all), didn't have any Winlocks (so there wouldn't be an immediate system freeze), didn't have any PUPs (because I don't care about PUPs), and had a 100% detection rate by Malwarebytes. I was able to find a pack that met these criteria here:
http://malwaretips.com/threads/2014-03-22-52.24377/#post-175930
The above pack contained 52 samples of various confirmed trojans including Zeus and Zbot samples (Oh Boy!!!).
Test 1- A fresh Windows 7 machine was prepared. UAC was then set to maximum (Always Notify), Windows Defender was noted to be active and fully updated; Windows Firewall was active. The system was rebooted and UAC was verified operational by opening Malwarebyes (you get an alert for this application).
I then ran the files; although the system was quite sluggish toward the end I was able to run all. I did get two Windows Firewall alerts (that it blocked Taskhost), and a total of three discrete UAC alerts and another which gave multiple alerts (as the malware sample kept banging away). So a total of 4 alerts. I once again started a few programs (MB and Killswitch) in order to confirm that UAC was indeed still active (it was).
On reboot the system was totally infected (both Zeus and Zbot got through).
Test 2- A fresh Windows 7 system was prepared. UAC, WD, and Windows Firewall were disabled. Comodo Firewall 7 was installed and the following changes were made- the firewall was disabled. HIPS was disabled, the Cloud lookup functionality was disabled; Sandbox was set at Full V.
Please note that whenever a file is shunted off into the sandbox a BB alert pops up. As I have never seen the need for this alert I disabled it, so no alerts from here when the files were run.
And on file run I was again able to get through all the samples. I did receive 2 alerts that a file requests unlimited access to the computer, with the Default action of sandboxing. That was it for alerts. After all the files were run I rebooted, thus flushing the sandbox. The system was analyzed.
No System Changes on reboot.
I will refrain from any comments, and hope the test method was clear enough to any that may want to reproduce these results.
First off I went looking for a malware pack on the Virus Exchange forum that didn't have a tremendous amount of samples (since I would potentially run them all), didn't have any Winlocks (so there wouldn't be an immediate system freeze), didn't have any PUPs (because I don't care about PUPs), and had a 100% detection rate by Malwarebytes. I was able to find a pack that met these criteria here:
http://malwaretips.com/threads/2014-03-22-52.24377/#post-175930
The above pack contained 52 samples of various confirmed trojans including Zeus and Zbot samples (Oh Boy!!!).
Test 1- A fresh Windows 7 machine was prepared. UAC was then set to maximum (Always Notify), Windows Defender was noted to be active and fully updated; Windows Firewall was active. The system was rebooted and UAC was verified operational by opening Malwarebyes (you get an alert for this application).
I then ran the files; although the system was quite sluggish toward the end I was able to run all. I did get two Windows Firewall alerts (that it blocked Taskhost), and a total of three discrete UAC alerts and another which gave multiple alerts (as the malware sample kept banging away). So a total of 4 alerts. I once again started a few programs (MB and Killswitch) in order to confirm that UAC was indeed still active (it was).
On reboot the system was totally infected (both Zeus and Zbot got through).
Test 2- A fresh Windows 7 system was prepared. UAC, WD, and Windows Firewall were disabled. Comodo Firewall 7 was installed and the following changes were made- the firewall was disabled. HIPS was disabled, the Cloud lookup functionality was disabled; Sandbox was set at Full V.
Please note that whenever a file is shunted off into the sandbox a BB alert pops up. As I have never seen the need for this alert I disabled it, so no alerts from here when the files were run.
And on file run I was again able to get through all the samples. I did receive 2 alerts that a file requests unlimited access to the computer, with the Default action of sandboxing. That was it for alerts. After all the files were run I rebooted, thus flushing the sandbox. The system was analyzed.
No System Changes on reboot.
I will refrain from any comments, and hope the test method was clear enough to any that may want to reproduce these results.
- Status
Similar threads
