Comodo Cloud Antivirus

Product name
Comodo Cloud Antivirus Version 1.1.387596.183
Pros
  • Best 0-day protection
    Auto-Sandbox unknown files
    Auto-Malware Analysis (Valkyrie + Viruscope)
CONS
Very bad signature detection
Cloud Connection Issues
Crashes from mass malware execution (or scriptors)
Computer freezes when you execute some files.
BOTTOM LINE
When it comes to protection, it's the best product you can get, signature detection is not that good, some performance issues. In the end, it's a good product and recommended for beginners (install and forget).

With a little work, CCAV will be a very good alternative for the users that don't like CIS or it's a little hard to use.
Protection
Outstanding
Usability
5 / 5
User Interface
5 / 5
CPU/RAM/Storage
Low Usage
Janl1992l

Janl1992l

Level 14
Verified
Well-known
Feb 14, 2016
648
"In the end, it's a good product and recommended for beginners (install and forget). " Thats not true. U will have heavy issuses if something get autosandboxed and u dont know what todo. and with comodo, u have so much that get sandboxed and dosnt work right or dont even start right than. a beginner just dont know what todo than. comodo products are not for beginners.
 
  • Like
Reactions: Der.Reisende, Logethica, Sr. Normal 2.0 and 4 others
Kate_L

Kate_L

in memoriam
Thread author
Verified
Top Poster
Well-known
Jun 21, 2014
1,044
There are some apps that will get sandboxed. If that happens, just click on the Don't Sandbox it again and it's fixed.

8.PNG
 
  • Like
Reactions: Der.Reisende, Logethica, Sr. Normal 2.0 and 4 others
D

Deleted member 2913

Janl1992l said:
"In the end, it's a good product and recommended for beginners (install and forget). " Thats not true. U will have heavy issuses if something get autosandboxed and u dont know what todo. and with comodo, u have so much that get sandboxed and dosnt work right or dont even start right than. a beginner just dont know what todo than. comodo products are not for beginners.
Click to expand...
Exactly
 
  • Like
Reactions: Logethica and Solarlynx
1qay1qay

1qay1qay

Level 1
Verified
Apr 17, 2016
36
please forgot about signature-based detection .... hot stuff like Crypto / Ransomware is designed to elude detection of ALL stages of every Anti-Virus product. It is tested to guarantee entrance is undetectable! Every sample is unique and polymorphic, so signature detection is completely worthless. A delay in execution evades all sandbox technology. The ONLY action left for A/V is Behavioral Heuristics! That's it, NADA, there nothing else for A/V to do, except for URL blocking.

So i agree, that this Comodo CCAV can relly be the best AV software on market IF they are really implementing DD policy (default deny for all unknown to Valkayire) - so only full sandboxing ( no testing and later releasing out) OR totaly blocking all unknown - and even in this case there will (already is, as @cruelsister shows) be malware with qualiy digital signature .... but to obtain such a digital sig will be more expensive, so for some time this will be last of oure problem .... all gov based malware (for target attack) is already undetectable for any program ....

If they can integrate some simple FW this can be worth looking into ... but for now CFW @cruelsister edition will do ;)
 
  • Like
Reactions: Der.Reisende, Logethica, askmark and 3 others
L

Lucent Warrior

I will have to test this product again, as the last time i did "which was repeatedly" this product did not have bad signature detection, it had 0 signature protection. Several sample packs in a few days, and not once did the Av detect any of the samples. Only when executed did the product become alive, or i should say, the autosandbox spoke up, and while doing a great job stopping the samples, did not do that great of a job determining a legit application from a malicious one. Even while utilizing the right click context option of telling the product to trust the application, i had seen some sandboxed. As far as calling it the "best you can get" for protecting systems, im pretty sure i would not venture down that road, or the road leading to advising this product for Novices, that require true set and forget security. The first time one of those novices see a legit application sandboxed, no matter how easy it seems to me or you to fix, it will not be for those that still have no idea how to scan their system with a product or run a manual update.

As for the Cons in your list, with the exception of the bad/0 signatures, some of those issues could have been from the testing environment, such as Vmware/Virtualbox. I have only seen a couple that depending on certain variables/environments their cloud connections suffered connection issues, and ultimately lead to product freezes ect. If the company is not seeing these issues on live systems, they will not correct them.

Personal opinion, comodo should have just made the standalone sandbox as they had stated they were going to do before this product was released to view, as the AV component is worthless in my eyes.
 
  • Like
Reactions: Der.Reisende, Logethica, askmark and 4 others
Davidov

Davidov

Level 10
Verified
Well-known
Sep 9, 2012
470
  • Like
Reactions: Der.Reisende, Logethica, Solarlynx and 3 others
D

Deleted member 2913

2 of the protection mechanism they mention for CCAV are Viruscope & Valkyrie.

Dont know about Viruscope effectiveness as never saw it reacting against malware in any tests.

And Valkyrie, I hope you guys know in the current CCAV samples are uploaded to Valkyrie but verdict is not returned i.e currently CCAV only uploads samples to Valkyrie & thats it. So Valkyrie in current CCAV is just an upload tool.
 
  • Like
Reactions: Der.Reisende, Logethica, Solarlynx and 1 other person
H

hjlbx

It all depends upon how COMODO goes about fixing things. Their track record for fixing things is terrible in terms of the time it takes. If COMODO treats CCAV like CIS, then it will turn out to be a bitter disappointment for a lot of users.

CCAV might just be another one of COMODO's "flash-in-the-pan" products that gets released, is maintained for a year or two, and then abandoned...
 
  • Like
Reactions: Der.Reisende, Logethica, askmark and 5 others
DardiM

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
But what about their Cloud ? (not to mention the Cloud Connection Issues)
A lot of tools that I've tested (even free tools) seems to have a better cloud detection than CCAV (Should they rename it ? :rolleyes: )

And what about samples with malware + safe files ? A lot of FP ?
This thread made me want to test CCAV :confused:
 
Last edited:
  • Like
Reactions: Der.Reisende, Logethica, askmark and 3 others
H

hjlbx

DardiM said:
But what about their Cloud ? (not to mention the Cloud Connection Issues)
A lot of tools that I've tested (even free tools) seems to have a better cloud detection than CCAV (Should they rename it ? :rolleyes: )

And what about samples with malware + safe files ? A lot of FP ?
This thread made me want to test CCAV :confused:
Click to expand...

COMODO's cloud is notoriously screwed-up... meaning that a significant number of files that are a legitimate part of XP, 7, 8\8.1 and 10 are NOT in the safe file database. Plus, a lot of OEM software - especially drivers - are NOT in the safe file database.

COMODO doesn't update the safe file database after each OS release or after each Windows update. It never has done this.

It makes no sense... because COMODO products will block some Microsoft Windows processes and\or OEM drivers. That means trouble - sometimes critical trouble.

COMODO's cloud is only meant to supplement COMODO's AV scan engine database. At least that is the way it was designed for CIS -- and I do not think that concept has changed.

Relying upon COMODO's cloud as a full, stand-alone AV detection system, is using it in a way that COMODO never intended from the start. The cloud's detection rate will only be marginally (a few %) better than the COMODO scan engine database. So somewhere in the mid-80 % or slightly better.

The real reason why COMODO includes any malicious file detection is from the standpoint of usability. Which means that the user doesn't have to contend with known malicious files being sandboxed every time they are executed. In other words, to reduce the number of alerts and needlessly sandboxing known malicious files. The scan engine is not there to protect your system from COMODO's (Melih's) point of view - it is there for convenience. The sandbox is what protects your system.

COMODO relies upon their sandboxing -- and that will never change.

As far as COMODO insiders are concerned, complaints about the COMODO AV detection fall on deaf ears -- because it isn't a part of COMODO's protection model.
 
Last edited by a moderator:
  • Like
Reactions: Der.Reisende, Logethica, askmark and 7 others
You must log in or register to reply here.

Similar threads

Tiamati
    • Like
  • Poll
Serious Discussion WD and Free Antivirus programs are bad, says this PC Gamer article. Do you agree?
Replies
13
Views
1,112
General Security Discussions
Ink
Ink
NB InfoTech
App Review PC Matic Home Review | PC Matic Home Security Antivirus vs Ransomware | 2024
Replies
1
Views
149
Video Reviews - Security and Privacy
Bot
Bot
Brownie2019
    • Like
On Sale! Vipre Antivirus Plus $15.99/year
Replies
8
Views
511
Discounts and Deals
BigWrench
BigWrench

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top