Battle Comodo's Auto-containment vs any other free security software

Compare list
CCAV 2019
Avast Free 2019
Comodo Antivirus 2019
Other 2019

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
342
I'd like to just give the avast (free) as an example here. Avast has a behaviour blocker and also its antivirus module is relatively stronger to comodo's. But, there will be times where both of them can't succeed to find the malware. At this time, theoryically, a sandbox can isolate the virus without interfering the program itself. I don't know if there is significant performance loss at this point, though. Even if we press the "Run unlimited", we have a strong HIPS module, doesn't we?
I have never seen the HIPS module in action at the malware tests on youtube, so I can't say a definite thing, though.

I think either there is a problem with Comodo which I don't know yet, or it's just underrated.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,701
The problem I had with Comodo products is except that they block many safe things, block all unknown programs. And because the virus signatures are very weak You must take decision if the file is safe or not.

This is why I find Comodo a little intimidating. I've used CF and CCAV. I like CCAV better, but still much more decision rests with the user than VoodooShield, in my experience.


So, I will choose between the Avast and Qihoo. Do you think it’s worth to prefer Qihoo over the Avast for its less performance impact? (Idk which is lighter though)

If these are now your two options, I would go with @stefanos suggestion of Avast + or SysHardener or VS.

But in the end, only you and your machine will know. (y)
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Comodo FW + OSArmor is a very good combination. Combining Comodo with an a-v can be amazingly effective, for example with Avast or Qihoo. With Qihoo it makes for a very fluid system, but it's good in this way with Avast too. Another good combination is CFW + FortiClient with the comprehensive web filtering module in FC.

With HIPs, in safe mode they will kick in for any unrecognized file run outside of the container or for a file running inside the container which somehow is able to trigger the alert. HIPs does work, but OSArmor appears to me to be a better choice. With OSA, HIPs can be turned off. Perhaps trimming the HIPs settings some in Comodo would help with the barrage of alerts which can happen. For me, limiting HIPs to the protection of COMs interfaces and memory could be enough, considering the power in sandboxing and in OSArmor. Installing Comodo now on a system, so I may work with the HIPs monitoring settings some myself to see how well it performs.

The latest I have heard is that Comodo AV (CCAV) is still improving.
Agree. But all this Combo with Comodo need experience and some time to learn how it works.
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Comodo FW + OSArmor is a very good combination. Combining Comodo with an a-v can be amazingly effective, for example with Avast or Qihoo. With Qihoo it makes for a very fluid system, but it's good in this way with Avast too. Another good combination is CFW + FortiClient with the comprehensive web filtering module in FC.

With HIPs, in safe mode they will kick in for any unrecognized file run outside of the container or for a file running inside the container which somehow is able to trigger the alert. HIPs does work, but OSArmor appears to me to be a better choice. With OSA, HIPs can be turned off. Perhaps trimming the HIPs settings some in Comodo would help with the barrage of alerts which can happen. For me, limiting HIPs to the protection of COMs interfaces and memory could be enough, considering the power in sandboxing and in OSArmor. Installing Comodo now on a system, so I may work with the HIPs monitoring settings some myself to see how well it performs.

The latest I have heard is that Comodo AV (CCAV) is still improving.
Comodo need to improuve the VirusScope.If do this after i think all we will use CCAV.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
I think that diversity of opinion will come out depending on what you want the sandbox to do. I think that the automatic sandbox of comodo is a cushion of unexpected software activation and infection process.
Right. The autosandbox feature is used by most people as a soft way of blocking suspicious files from running.
Some use the sandbox feature to test new and perhaps untrusted software. Others use it to run vulnerable apps in it, such as their browser.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,701
So Comodo's AV and VirusScope is still not good enough? When was the last time this was tested I've been interesting to see results from VirusScope?

@shmu26 was talking about CF and not enabling Viruscope. CCAV has auto-containment and viruscope, no FW. Just the same, some user skill is required to run this. But one can also see many happy users of it on their forum.
 
Last edited:

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
342
A few inconsistencies on the Avast made me think that I should go with an another product. It's settings changes by its own, like the hardened mode. I can't enable the hardened mode. It disables itself a few minutes later when I enable it again.

Q360 is just too weak. Not just because the signatures, but I don't know if I should trust this software to protect me from some of the exploit based malware attacks. It would be better if there are more benchmarks for this product.

Kaspersky Free is heavy on the harddisk.

I guess I will end up either with a comodo FW or Forticlient with tweaked settings + OSArmor. I'm bored with Comodo, so I will try FC + NVTOSA.

How is its performance impact on the system btw?
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
A few inconsistencies on the Avast made me think that I should go with an another product. It's settings changes by its own, like the hardened mode. I can't enable the hardened mode. It disables itself a few minutes later when I enable it again.

Q360 is just too weak. Not just because the signatures, but I don't know if I should trust this software to protect me from some of the exploit based malware attacks. It would be better if there are more benchmarks for this product.

Kaspersky Free is heavy on the harddisk.

I guess I will end up either with a comodo FW or Forticlient with tweaked settings + OSArmor. I'm bored with Comodo, so I will try FC + NVTOSA.

How is its performance impact on the system btw?
Comodo Firewall is significantly lighter on the system than Comodo Cloud AV is. It is coded better. CFW is the product they work the hardest on, it's their flagship product.

As @oldschool already said, both have the autocontainment feature. I have not tested autocontainment in the most recent versions of CCAV, but when I did, I found that it was much more buggy than the corresponding feature in CFW. Like I said, CFW is coded better.

Comodo's ability to detect malware by signature and behavior is famously poor. That's why I said to forget about Virusscope. You can use it if you want, it won't hurt, but I just don't rely on those Comodo features.

Comodo makes good HIPS, autocontainment, firewall, and application sandboxing. And it is amazingly light on the system. That's a lot for free!!

It is famous for bugs, but if you are lucky and they don't affect you, it's a great product. On my wife's laptop I have CFW and Hard_Configurator. I added the latter because CFW is a little weak on lol bin protection. It's main strength is against file-based malware.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
With Comodo, people do not like the popups this software gets, it's very user dependent on the forefront. So it's not favourable to many people. I am considering running Comodo IS Free as my next setup after Webroot sub has run out.

Fairly light on the system as well. When looking at some of the videos when the uploader has looked through Task manager, most of the processes running do not exceed 9-10MB (excluding scanning or removal).

~LDogg
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
With Comodo, people do not like the popups this software gets, it's very user dependent on the forefront.
Quite true. It's good for very basic users, who never install new software without help, and experienced users who can handle the questions posed to them by the prompts. For the folks in the middle, Comodo can be challenging, at least at CS settings. If you install CIS at default settings, I think it probably is a lot easier for novice users.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Quite true. It's good for very basic users, who never install new software without help, and experienced users who can handle the questions posed to them by the prompts. For the folks in the middle, Comodo can be challenging, at least at CS settings. If you install CIS at default settings, I think it probably is a lot easier for novice users.
I think a lot of average users prefer install and forget AVs so there's not much they have to themselves. Where as the more advanced computer users prefer popups, so they know what to block based off their own knowledge of processes and executionable variants. So my reply is much like yours in a away as well.

~LDogg
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
I have an old Dinosaur computer with 3 gb of RAM and the consumption with VPN activated is very low in CPU and RAM, that is to say that Comodo Firewal does not consume me anything.

209994
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top