Battle Comodo's Auto-containment vs any other free security software

[ichito]

Comodo firewall, which I use is unrivalled in Sanbox and HIPS. Only SpyShelter Firewall can be equaled to Comodo in HIPS. But it lacks a sandbox

But it has "restricted apps" module and features like files/folders restriction and files/folders protection

 

[oldschool]

The problem I had with Comodo products is except that they block many safe things, block all unknown programs. And because the virus signatures are very weak You must take decision if the file is safe or not.

This is why I find Comodo a little intimidating. I've used CF and CCAV. I like CCAV better, but still much more decision rests with the user than VoodooShield, in my experience.

So, I will choose between the Avast and Qihoo. Do you think it’s worth to prefer Qihoo over the Avast for its less performance impact? (Idk which is lighter though)

If these are now your two options, I would go with @stefanos suggestion of Avast + or SysHardener or VS.

But in the end, only you and your machine will know.

 

[stefanos]

Comodo FW + OSArmor is a very good combination. Combining Comodo with an a-v can be amazingly effective, for example with Avast or Qihoo. With Qihoo it makes for a very fluid system, but it's good in this way with Avast too. Another good combination is CFW + FortiClient with the comprehensive web filtering module in FC.

With HIPs, in safe mode they will kick in for any unrecognized file run outside of the container or for a file running inside the container which somehow is able to trigger the alert. HIPs does work, but OSArmor appears to me to be a better choice. With OSA, HIPs can be turned off. Perhaps trimming the HIPs settings some in Comodo would help with the barrage of alerts which can happen. For me, limiting HIPs to the protection of COMs interfaces and memory could be enough, considering the power in sandboxing and in OSArmor. Installing Comodo now on a system, so I may work with the HIPs monitoring settings some myself to see how well it performs.

The latest I have heard is that Comodo AV (CCAV) is still improving.

Agree. But all this Combo with Comodo need experience and some time to learn how it works.

 

[stefanos]

Comodo is not heavy, at least in my case. If it were heavy, I wouldn't use it because I don't have good equipment.

View attachment 209662

Is not heavy on ram. Delay the boot time, delay many the restart , and delay the aplications.

 

[stefanos]

Comodo FW + OSArmor is a very good combination. Combining Comodo with an a-v can be amazingly effective, for example with Avast or Qihoo. With Qihoo it makes for a very fluid system, but it's good in this way with Avast too. Another good combination is CFW + FortiClient with the comprehensive web filtering module in FC.

With HIPs, in safe mode they will kick in for any unrecognized file run outside of the container or for a file running inside the container which somehow is able to trigger the alert. HIPs does work, but OSArmor appears to me to be a better choice. With OSA, HIPs can be turned off. Perhaps trimming the HIPs settings some in Comodo would help with the barrage of alerts which can happen. For me, limiting HIPs to the protection of COMs interfaces and memory could be enough, considering the power in sandboxing and in OSArmor. Installing Comodo now on a system, so I may work with the HIPs monitoring settings some myself to see how well it performs.

The latest I have heard is that Comodo AV (CCAV) is still improving.

Comodo need to improuve the VirusScope.If do this after i think all we will use CCAV.

 

[Spawn]

Eagerly waiting to try Windows Sandbox in the next major build.

 

[shmu26]

Comodo need to improuve the VirusScope.If do this after i think all we will use CCAV.

Just turn viruscope off. That's not what you want from Comodo firewall. Use a good AV, and forget about viruscope.

 

[stefanos]

Just turn viruscope off. That's not what you want from Comodo firewall. Use a good AV, and forget about viruscope.

Thanks for your tip.. But i not use anymore Comodo products

 

[show-Zi]

I think that diversity of opinion will come out depending on what you want the sandbox to do. I think that the automatic sandbox of comodo is a cushion of unexpected software activation and infection process.

 

[shmu26]

I think that diversity of opinion will come out depending on what you want the sandbox to do. I think that the automatic sandbox of comodo is a cushion of unexpected software activation and infection process.

Right. The autosandbox feature is used by most people as a soft way of blocking suspicious files from running.
Some use the sandbox feature to test new and perhaps untrusted software. Others use it to run vulnerable apps in it, such as their browser.

 

[mellowtones242]

So Comodo's AV and VirusScope is still not good enough? When was the last time this was tested I've been interesting to see results from VirusScope?

 

[oldschool]

So Comodo's AV and VirusScope is still not good enough? When was the last time this was tested I've been interesting to see results from VirusScope?

@shmu26 was talking about CF and not enabling Viruscope. CCAV has auto-containment and viruscope, no FW. Just the same, some user skill is required to run this. But one can also see many happy users of it on their forum.

 

[Nagisa]

A few inconsistencies on the Avast made me think that I should go with an another product. It's settings changes by its own, like the hardened mode. I can't enable the hardened mode. It disables itself a few minutes later when I enable it again.

Q360 is just too weak. Not just because the signatures, but I don't know if I should trust this software to protect me from some of the exploit based malware attacks. It would be better if there are more benchmarks for this product.

Kaspersky Free is heavy on the harddisk.

I guess I will end up either with a comodo FW or Forticlient with tweaked settings + OSArmor. I'm bored with Comodo, so I will try FC + NVTOSA.

How is its performance impact on the system btw?

 

[oldschool]

CCAV tweaked is recommended by @BoraMurdar & @amico81.

See here from @amico81 :

"If you try CCAV, then take a look at this thread. there you will see the tweaks/settings for a light and powerful av-solution."

Video - Bora tests Comodo Cloud Antivirus

 

[shmu26]

A few inconsistencies on the Avast made me think that I should go with an another product. It's settings changes by its own, like the hardened mode. I can't enable the hardened mode. It disables itself a few minutes later when I enable it again.

Q360 is just too weak. Not just because the signatures, but I don't know if I should trust this software to protect me from some of the exploit based malware attacks. It would be better if there are more benchmarks for this product.

Kaspersky Free is heavy on the harddisk.

I guess I will end up either with a comodo FW or Forticlient with tweaked settings + OSArmor. I'm bored with Comodo, so I will try FC + NVTOSA.

How is its performance impact on the system btw?

Comodo Firewall is significantly lighter on the system than Comodo Cloud AV is. It is coded better. CFW is the product they work the hardest on, it's their flagship product.

As @oldschool already said, both have the autocontainment feature. I have not tested autocontainment in the most recent versions of CCAV, but when I did, I found that it was much more buggy than the corresponding feature in CFW. Like I said, CFW is coded better.

Comodo's ability to detect malware by signature and behavior is famously poor. That's why I said to forget about Virusscope. You can use it if you want, it won't hurt, but I just don't rely on those Comodo features.

Comodo makes good HIPS, autocontainment, firewall, and application sandboxing. And it is amazingly light on the system. That's a lot for free!!

It is famous for bugs, but if you are lucky and they don't affect you, it's a great product. On my wife's laptop I have CFW and Hard_Configurator. I added the latter because CFW is a little weak on lol bin protection. It's main strength is against file-based malware.

 

[LDogg]

With Comodo, people do not like the popups this software gets, it's very user dependent on the forefront. So it's not favourable to many people. I am considering running Comodo IS Free as my next setup after Webroot sub has run out.

Fairly light on the system as well. When looking at some of the videos when the uploader has looked through Task manager, most of the processes running do not exceed 9-10MB (excluding scanning or removal).

~LDogg

 

[shmu26]

With Comodo, people do not like the popups this software gets, it's very user dependent on the forefront.

Quite true. It's good for very basic users, who never install new software without help, and experienced users who can handle the questions posed to them by the prompts. For the folks in the middle, Comodo can be challenging, at least at CS settings. If you install CIS at default settings, I think it probably is a lot easier for novice users.

 

[LDogg]

Quite true. It's good for very basic users, who never install new software without help, and experienced users who can handle the questions posed to them by the prompts. For the folks in the middle, Comodo can be challenging, at least at CS settings. If you install CIS at default settings, I think it probably is a lot easier for novice users.

I think a lot of average users prefer install and forget AVs so there's not much they have to themselves. Where as the more advanced computer users prefer popups, so they know what to block based off their own knowledge of processes and executionable variants. So my reply is much like yours in a away as well.

~LDogg

 

[bribon77]

I have an old Dinosaur computer with 3 gb of RAM and the consumption with VPN activated is very low in CPU and RAM, that is to say that Comodo Firewal does not consume me anything.

 

[bribon77]

It is famous for bugs, but if you are lucky and they don't affect you, it's a great product.

The truth is that I feel lucky with Comodo, everyone says it has mistakes and I do not doubt, but it does not affect me for years.