App Review Comodo Cloud AV - Autosandbox only - petya bypassed

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
@shmu26. I don't. Sort of unusual story behind the pic. I created this program using Excel to create an index to measure professional golfers success rates. This was purely for fun. So this is my thinker. He appears in the most important section where the most thinking is required:

Fedora Capped Thinker.jpg


He reads and studies previous golf scores and helps me determine who might win this week. :) Youre a thinker shmu26, so Im sure you can understand and no surprise you wear this type of thinking man's hat I suppose :D
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
Melih has openly stated on the forum that if anyone finds a malware that smashes a COMODO product to simply submit the file to him directly.

No bug report needed, but I would include any CCAV video links.
Sure i can pm him the info i was not aware of this. Will let you know how it goes. Thanks.

EDIT: Pmed him. I believe he will say the product is meant to work with all modules together and if all enabled it's stopped(signature and crap like that)
 
5

509322

We will see. WIll post his reply here if he replies.

I will give you the reply right now: "Thanks"

You won't get any explanation as to what happened, why it happened, or details of what was fixed. That's why I made the earlier reference to "speculation" and "no-reply."

To be honest, I probably wouldn't release any details to user-land either - or would make them general\vague enough so as not to give anyone any ideas.
 
R

Rodney74

Spawm- CCAV is totally inferior to the other Comodo products. With it, they are just pandering to the masses who are hung up on the antiquated "Anti-Virus" method of protection. CF is much more elegant and will provide superior protection.

Just my opinion, but I am always correct...


That's what I like, a woman with an opinion, and it's right....No denial here.
 
5

509322

I had correspondence with Melih about CCAV early on.

CCAV with auto-sandboxing was created as Melih's answer to Sandboxie.

Because of system-wide auto-sandboxing, file reputation lookup (cloud AV) was implemented - so as not to auto-sandbox your entire system.

He could have chosen to make a setting "Do no auto-sandbox critical system files [C:\Windows]," but he never did like this option. It's obvious that he chose to port what he could from existing COMODO file lookup infrastructure.

The whole AV \cloud part of CCAV\CIS is to prevent auto-sandboxing of known safe files, the auto-blocking of known bad files, and auto-sandboxing of only unknown\untrusted files. That's the theory anyway. In practice, there are too many safe files that are unknown to COMODO - like AMD graphics drivers. That sort of stuff gets auto-sandboxed and is a real annoyance - even though the workaround is easy for those that know how to use the product.
 
Last edited by a moderator:
R

Rodney74

I had correspondence with Melih about CCAV early on.

CCAV with auto-sandboxing was created as Melih's answer to Sandboxie.

Because of system-wide auto-sandboxing, file reputation lookup (cloud AV) was implemented - so as not to auto-sandbox your entire system.

He could have chosen to make a setting "Do no auto-sandbox critical system files [C:\Windows]," but he never did like this option. It's obvious that he chose to port what he could from existing COMODO file lookup infrastructure.

The whole AV \cloud part of CCAV\CIS is to prevent auto-sandboxing of known safe files, the auto-blocking of known bad files, and auto-sandboxing of only unknown\untrusted files. That's the theory anyway. In practice, there are too many safe files that are unknown to COMODO - like AMD graphics drivers. That sort of stuff gets auto-sandboxed and is a real annoyance - even though the workaround is easy for those that know how to use the product.


SO It's similar to PC Matic ?
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
@shmu26. I don't. Sort of unusual story behind the pic. I created this program using Excel to create an index to measure professional golfers success rates. This was purely for fun. So this is my thinker. He appears in the most important section where the most thinking is required:

View attachment 133787

He reads and studies previous golf scores and helps me determine who might win this week. :) Youre a thinker shmu26, so Im sure you can understand and no surprise you wear this type of thinking man's hat I suppose :D
so that's my thinking hat, then. I didn't even know!
 
  • Like
Reactions: AtlBo and SHvFl

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I will give you the reply right now: "Thanks"

You won't get any explanation as to what happened, why it happened, or details of what was fixed. That's why I made the earlier reference to "speculation" and "no-reply."

To be honest, I probably wouldn't release any details to user-land either - or would make them general\vague enough so as not to give anyone any ideas.
I understand where this is coming from, but the problem is that the users don't understand how COMODO works, so they don't get intended behavior.

from COMODO devotees I usually get cryptic answers that leave me scratching my head. And there is a reason for this. No one actually knows how it works.
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
I don't know if anyone has brought this up before, but there is a great deal of difference in how CCAV and CF/CIS is coded with respect to efficiency.

As some may know about VM's , a person can dictate how much recourses are utilized by the virtual environment. Whenever I test a new product I will vary the amount of resources used by the VM, going from Real Fast PC down to Really Crappy POS PC. With CF (and CIS to a similar but slightly lesser extent), it is as Light as a Feather and Quick as a Bunny across the board; with CCAV the lower settings make the product onerous to use, and at the lowest setting simply intolerable.

I infer from this that (and I may be totally incorrect) there has to be two separate development teams, on for the CF/CIS products and another for CCAV. So just as the elegance of the coding varies, so can the efficiency of the Sandbox (plus, as everyone knows that Comodo's AV leaves a great deal to be desired, Why Oh Why would anyone use something that highlights it?).
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I don't know if anyone has brought this up before, but there is a great deal of difference in how CCAV and CF/CIS is coded with respect to efficiency.

As some may know about VM's , a person can dictate how much recourses are utilized by the virtual environment. Whenever I test a new product I will vary the amount of resources used by the VM, going from Real Fast PC down to Really Crappy POS PC. With CF (and CIS to a similar but slightly lesser extent), it is as Light as a Feather and Quick as a Bunny across the board; with CCAV the lower settings make the product onerous to use, and at the lowest setting simply intolerable.

I infer from this that (and I may be totally incorrect) there has to be two separate development teams, on for the CF/CIS products and another for CCAV. So just as the elegance of the coding varies, so can the efficiency of the Sandbox (plus, as everyone knows that Comodo's AV leaves a great deal to be desired, Why Oh Why would anyone use something that highlights it?).
thanks for sharing that. very interesting and very important, too.
I think it was @Evjl's Rain who mentioned high CPU when running CCAV. Maybe that's related?
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
That's because they are speaking to you in Latin.

You should reply in Aramaic. :D

Because of where you are from, and the fact that you are smart, you will have no trouble decrypting the multi-layered nuances contained in these two short sentences.
indeed, latin and aramaic have been at odds for a long time...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top