Battle Comodo Sandbox or Avast sandbox?

[win7holic]

Comodo Sandbox or Avast sandbox?
which better..?
if combining Avast AV with comodo firewall..?
what you choose for sandbox..? avast sandbox or comodo sandbox..?

 

[moonshine]

Avast and Comodo conflicts for now, You're using Windows 7 so you can stick to Avast Free, I would choose Avast's Sandbox over Comodo because Comodo only restricts the file's access to several system folders and the registry,

 

[HeffeD]

I would choose Avast's Sandbox over Comodo because Comodo only restricts the file's access to several system folders and the registry,

It depends which sandbox you're talking about. The automatic sandbox works by access restriction, but the manual sandbox is full virtualization.

 

[win7holic]

I would choose Avast's Sandbox over Comodo because Comodo only restricts the file's access to several system folders and the registry,

It depends which sandbox you're talking about. The automatic sandbox works by access restriction, but the manual sandbox is full virtualization.

i mean.. i want use avast AV with comodo firewall.. which between that.. i just one sandbox.. from avast or comodo
so.. what you choose heffed? avast sandbox..?

 

[jamescv7]

Well in my opinion since Avast sandbox was new from the features I will go for comodo sandbox .

 

[LoftedAphid86]

I would choose Avast's Sandbox over Comodo because Comodo only restricts the file's access to several system folders and the registry,

It depends which sandbox you're talking about. The automatic sandbox works by access restriction, but the manual sandbox is full virtualization.

i mean.. i want use avast AV with comodo firewall.. which between that.. i just one sandbox.. from avast or comodo
so.. what you choose heffed? avast sandbox..?

Here are the things to think about:

• Avast's automatic sandbox depends on heuristics, Comodo's automatic sandbox isolates any unknown file.
• Avast's automatic sandbox is virtualisation based, Comodo's automatic sandbox is rule based.
• Both Comodo and Avast's manual sandboxes are virtualisation based.
• Comodo's manual sandbox is free, Avast's is not.

 

[win7holic]

I would choose Avast's Sandbox over Comodo because Comodo only restricts the file's access to several system folders and the registry,

It depends which sandbox you're talking about. The automatic sandbox works by access restriction, but the manual sandbox is full virtualization.

i mean.. i want use avast AV with comodo firewall.. which between that.. i just one sandbox.. from avast or comodo
so.. what you choose heffed? avast sandbox..?

Here are the things to think about:

• Avast's automatic sandbox depends on heuristics, Comodo's automatic sandbox isolates any unknown file.
• Avast's automatic sandbox is virtualisation based, Comodo's automatic sandbox is rule based.
• Both Comodo and Avast's manual sandboxes are virtualisation based.
• Comodo's manual sandbox is free, Avast's is not.

so..? that why you use comodo firewall with avast.. but you use avast with disable sandbox..? and use comodo sandbox..?

 

[LoftedAphid86]

so..? that why you use comodo firewall with avast.. but you use avast with disable sandbox..? and use comodo sandbox..?

I disabled Avast's automatic sandbox.

 

[win7holic]

so..? that why you use comodo firewall with avast.. but you use avast with disable sandbox..? and use comodo sandbox..?

I disabled Avast's automatic sandbox.

are you use.. default setting for comodo firewall?? and use high or medium heuristic on your avast config?

 

[LoftedAphid86]

so..? that why you use comodo firewall with avast.. but you use avast with disable sandbox..? and use comodo sandbox..?

I disabled Avast's automatic sandbox.

are you use.. default setting for comodo firewall?? and use high or medium heuristic on your avast config?

I set Comodo's sandbox to restricted, a lower setting allows ransomware to encrypt files.

 

[win7holic]

I set Comodo's sandbox to restricted, a lower setting allows ransomware to encrypt files.

lower setting allows ransomware to encrypt files.
what..?? allows?
maybe i'm misunderstand what you mean..



Edit: Reduced quoting.

 

[LoftedAphid86]

lower setting allows ransomware to encrypt files.
what..?? allows?
maybe i'm misunderstand what you mean..

An application under the 'restricted' setting cannot encrypt files.

 

[The Analogue Kid]

This was the first thread i started on this subject and in the end i went with Comodo as the sandbox and Avast switched off. Basically i took advice from folks on here.

 

[Valentin N]

Hey Win7

I would go for comodo's; comodo has dealt with the sandbox for some time now and lets not forget that it's something new for Avast to deal with, so it needs time to mature (when comodo lanched their first sandbox it didn't work as well as it does now). I also think that comodo uses the sandbox the right way (personal opinion) with unknown files.

Do you have WMware player? if you do I my best suggestion is that you try Comodo's sandbox and then avast's and after that it's your choice which you like best .

If you do chose to stick with Avast's then go to CIS tray icon and right click --> Configuration --> firewall Security.

Regards,
Valentin N

 

[bogdan]

lower setting allows ransomware to encrypt files.
what..?? allows?

The auto-sandbox in COMODO was introduced to lower the number of HIPS pop-ups and works by restricting the rights of executable files. The executable is not allowed to perform certain operations that can be harmful to the system. The Default level (Partially Limited) prevents modification of protected files/registry keys and the loading of drivers or the right to debug other applications. However some malware won't affect your system files but will encrypt your documents (for example in My Documents folder) and will demand a ransom to decrypt them (hence the name "ransom-ware"). It isn't a common way for malware to operate but it is possible and such malware is found in-the-wild.

A higher level (Restricted) will prevent this from happening.

The auto-sandbox affects all executables that are not known to COMODO (they are not digitally signed by a Trusted Vendor, they are not present inside the white-list, they are not known pieces of malware) so this means that some non-malicious executables can be auto-sandboxed as well. The Restricted level might prevent them from working properly. However, if you encounter this issue my advice is to make sure the file is not malicious by uploading it to VirusTotal, since COMODO's whitelist is pretty large at this point.
Check How to Tell if a File is Malicious guide by Chiron (on techsupportalert).

The auto-sandbox in avast uses file and registry virtualization. The executable is allowed to access a virtualized copy of your resources (actual files and registry keys should not be affected). But only some executables are auto-sandboxed (so malware might get through) and some non-malicious apps might not work well inside this sandboxed environment. The on-demand sandbox in COMODO works the same way (you can access it from Defense+ > Run a program in the Sandbox)

To sum it up:

• If you are comfortable interpreting HIPS pop-ups (advanced): Disable sandbox in COMODO use avast's sandbox. Instead of auto-sandboxing the file, COMODO will show HIPS pop-ups. You are responsible for how you interpret and answer them.
• If you don't like many HIPS pop-ups (recommended to most users): Disable sandbox in avast, set COMODO's sandbox to Restricted.
  • If you think the sandbox prevents a good application from running properly make sure the executable is not malicious by uploading it to Virus Total.
  • Only if you are absolutely sure the application is not malware, run it again and click "Do not sandbox again".

 

[HeffeD]

so.. what you choose heffed? avast sandbox..?

I have CIS's auto-sandbox enabled and set to restricted. But for full virtualization, I use Sandboxie. Comodo needs to make their manual sandbox more configurable for me to start using it. I know absolutely nothing about Avasts sandbox, so I can't comment on it.

 

[Ink]

I don't know how I missed this thread, but I much prefer Avast's Sandbox.

 

[win7holic]

thx to all
maybe.. i'll try first on my OLD machine.. for make sure i can or not handle lol
bcoz, sometime i'm confuse even i'm tester
bcoz this is my new machine ^^

 

[Valentin N]

if you have a multi core cpu (2 or more cores) and 4GB ram install WMware and try it there. Don't type any key when installing the OS and disable windows update so that Windows doesn't activate itself (in case you need to reinstall the OS on your real machine)

Regards,
Valentin N

 

[win7holic]

if you have a multi core cpu (2 or more cores) and 4GB ram install WMware and try it there. Don't type any key when installing the OS and disable windows update so that Windows doesn't activate itself (in case you need to reinstall the OS on your real machine)

Regards,
Valentin N

what you mean?
need to reinstall the OS on your real machine..?
hmm.. okay.. i dont want ask about like that again.. i'm use VM for test
thx for suggestion bro