App Review Comodo Cloud Antivirus- A First Look

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
I do the similar test i got similar results.
After test I scan a PC with HitmanPro and it find 2 thing but in the Comodo virtual disk/sandbox - not a big deal.

So far not bad. ;)
 
  • Like
Reactions: Kuttz and XhenEd
I like the simplicity.. GUI, options, features, etc.. Easy to use, navigate, understand, etc... Hope they keep it like this.. simple, easy & clutter free.

I only dont understand Comodo obsession with "Secured" with big square box.. in this case half the GUI. Hope they remove it. It makes the good GUI look ugly. They should show "Secured" in a better & compact way. GUI & Popups could be little smaller.

Its a very first beta.. improvements, enhancements, etc... will be there with next beta, etc...
 
  • Like
Reactions: XhenEd
It's all good until CCA auto-sandboxes an "Unknown" critical, safe\legitimate system file or driver and boinks your system.

Easy enough fix you say - just change file rating from Unknown to Trusted ? It doesn't always work... at least that has been my experience, especially with Unknown drivers - for example AMD system drivers.

From what I understand, CIS and CCA are using the same, identical Safe List database.

However, Comodo's file rating system (Safe List) is still a major problem since many core Windows OS files have yet to be added and rated as Safe. Some are absent because they never get submitted. Others are digitally unsigned (contrary to popular belief, Microsoft does not digitally sign all of its files).

With every Windows update, many - many files are auto-trusted by CIS because msiexec.exe is a Trusted Installer. Therefore, none of those files every get submitted to Comodo; only Unrecognized (= Untrusted\Unknown) files are submitted upon execution . Furthermore, it is suspected that Comodo does not have any agreements with Microsoft or other OEM vendors to gain access to files, drivers, updates, etc - and have them white-listed so as to not block them on user systems.

This is a long-standing, ongoing issue with the way Comodo's Safe List database operates.
 
  • Like
Reactions: Handsome Recluse, Nightwalker, Online_Sword and 1 other person
hjlbx said:
It's all good until CCA auto-sandboxes an "Unknown" critical, safe\legitimate system file or driver and boinks your system.

Easy enough fix you say - just change file rating from Unknown to Trusted ? It doesn't always work... at least that has been my experience, especially with Unknown drivers - for example AMD system drivers.

From what I understand, CIS and CCA are using the same, identical Safe List database.

However, Comodo's file rating system (Safe List) is still a major problem since many core Windows OS files have yet to be added and rated as Safe. Some are absent because they never get submitted. Others are digitally unsigned (contrary to popular belief, Microsoft does not digitally sign all of its files).

With every Windows update, many - many files are auto-trusted by CIS because msiexec.exe is a Trusted Installer. Therefore, none of those files every get submitted to Comodo; only Unrecognized (= Untrusted\Unknown) files are submitted upon execution . Furthermore, it is suspected that Comodo does not have any agreements with Microsoft or other OEM vendors to gain access to files, drivers, updates, etc - and have them white-listed so as to not block them on user systems.

This is a long-standing, ongoing issue with the way Comodo's Safe List database operates.
Click to expand...
Exactly why I stopped using CIS. Always at least one system file or driver it will not play well with on my system no matter how I exclude it.
 
  • Like
Reactions: Handsome Recluse, Kent and Nightwalker
I can obviously only speak from personal experience (extending over quite a few years) as well as feedback from those installing CF on my advice, but I haven't yet seen a system trashed due to a system file and/or driver issue. Perhaps it's just luck (or perhaps not).

But regarding CCAV, please note that although I presented the video I certainly do not recommend the product.
 
  • Like
Reactions: Handsome Recluse, Kuttz and Solarlynx
I agree. Sometimes Comodo is worse than a virus. Definitely they should do something with their white list process. I mean some legitimate files are put in the sandbox and stay there for eternity unless the user manually puts them in trusted files list.
 
I wanted to do a little review, but no longer need xD


Can you post a screenshot of the quarantine?
I think comodo don't quarantine "script virus" i think comodo quarantine "script interpreter"
 
I too never experienced Comodo autosandbox system files. I have always used default config & settings i.e Internet Security config with default settings.
Rating scan mostly is 100%.. sometimes 1-2 unrecognized but not system files.
Overall my experience have always been positive.
 
And AMD doesn't need any help from a security product to put out a bad driver package.
 
It has nothing to do with config. It has everything to do with the way Comodo collects and rates OS files and OEM drivers.

Case in point, CCA with default settings:

Capture.PNG


This sort of thing has been reported with regards to CIS on Comodo forum for a long time. The issue has been in the tracker for at least the past few years... so it is no surprise to me to see it occurring with CCA.
 
The number one main improvement that should happen is their Cloud, as a starting point all system files from Microsoft Corp are been well analysed and trusted. Take an example where Kaspersky, Norton, Panda and others as established very well hence issues are minimal.

Autosandbox is fine but again the improvement goes to cloud as their reference.
 
Yro said:
well, ccav is looking good.

what I dont understand, yet, is this: is that possible to "remove" a unknow or a malware file from the ccav gui? I just see the quarentene and allow options... ?

And one more thing: I have the feeling that ccav is something like an sandbox but with some more options on it, like valkyrie. so, this will be a great tool to be used with windows 10 firewall and windows 10 defender.
Click to expand...
Refresh/Reset sandbox is going to be there in the next betas.

Standalone Sandbox that is going to be released in december would be good too with Win FW & Def. Its going to be manual & autosandbox.

Currently I dont see local whitelist in GUI. Its needed for offline usability otherwise unnecessary autosandbox of programs.
 
  • Like
Reactions: Av Gurus
cruelsister said:
I can obviously only speak from personal experience (extending over quite a few years) as well as feedback from those installing CF on my advice, but I haven't yet seen a system trashed due to a system file and/or driver issue. Perhaps it's just luck (or perhaps not).

But regarding CCAV, please note that although I presented the video I certainly do not recommend the product.
Click to expand...
So CCAV isn't worth trying?
 
Overkill- Not really, at least not at this time. Although it is a great deal more interesting then I thought at first glance, this build is quite sluggish and would become an annoyance to you very quickly.

But remember that it is just a first build with more efficient coding to follow. When that happens (quick as a bunny) it may actually have a place for the Home user who does not want to screw around at all with the settings of CF; and that CCAV is unshackled from the HIPS module may be a good thing.

Protection-wise, I'm not a fan of their AV (but again I'm not a fan of any AV), but did find the data-stealer protection to be quite cool. It also stops the new Cryptowall 4.0 with ease.
 
  • Like
Reactions: Handsome Recluse and Overkill

You may also like...