Battle Comodo's Auto-containment vs any other free security software

Compare list
CCAV 2019
Avast Free 2019
Comodo Antivirus 2019
Other 2019
N

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
342
I'd like to just give the avast (free) as an example here. Avast has a behaviour blocker and also its antivirus module is relatively stronger to comodo's. But, there will be times where both of them can't succeed to find the malware. At this time, theoryically, a sandbox can isolate the virus without interfering the program itself. I don't know if there is significant performance loss at this point, though. Even if we press the "Run unlimited", we have a strong HIPS module, doesn't we?
I have never seen the HIPS module in action at the malware tests on youtube, so I can't say a definite thing, though.

I think either there is a problem with Comodo which I don't know yet, or it's just underrated.
 
  • Like
Reactions: RXZ6Q, Nevi, show-Zi and 4 others
Sort by date Sort by votes
LDogg

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Nagisa said:
I had made a test with CAV (not CCAV), and I found its detection is very fast. But I didn’t like the detection ratio though.

Malwares are were from the thezoo/ytswf github page. I had scanned 175 executable files and the results were like that:

Qihoo 360: 100
With Bitdefender/Avira sig. : 105-106
Webroot: 120
Comodo: 80-90

I don’t remember the exact number though.
Click to expand...
Comodo's model for their protection isn't built on detection ratio, their focus is on sandboxing/containment. As can seen when you run malware most of the unknown .exe (et al) are sandboxed straight away and later blocked, Comodo IS Free is a very solid and light piece of software, covering many layers.

~LDogg
 
  • Like
Reactions: show-Zi, Behold Eck, oldschool and 2 others
Upvote 0 Downvote
stefanos

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Nagisa said:
I had made a test with CAV (not CCAV), and I found its detection is very fast. But I didn’t like the detection ratio though.

Malwares are were from the thezoo/ytswf github page. I had scanned 175 executable files and the results were like that:

Qihoo 360: 100
With Bitdefender/Avira sig. : 105-106
Webroot: 120
Comodo: 80-90
Win Defender: 50-60

I don’t remember the exact number though.
Click to expand...
Qihoo with Avira and Bitdefender have very good detection rate. But you must wait the firts time 24 hours to give you the latest signatures
 
  • Like
Reactions: show-Zi, Weebarra, oldschool and 2 others
Upvote 0 Downvote
LDogg

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
shmu26 said:
As @Nagisa said, the AV component is weak. It is one of the weakest you can find, actually.
Click to expand...
Indeed, but this is why Comodo incorporated sandbox, Virusscope et al for other aspects, their detection ratio will always be poor, they're more known for sandboxing application than AV signatures.

Here's one video which highlights the best attributes for Comodo IS:

~LDogg
 
  • Like
Reactions: show-Zi, Weebarra, harlan4096 and 2 others
Upvote 0 Downvote
N

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
342
stefanos said:
Qihoo with Avira and Bitdefender have very good detection rate. But you must wait the firts time 24 hours to give you the latest signatures
Click to expand...


I thought that installing the AV engines and then updating the signatures would be enough. The signatures were 1 or 2 day old but this is normal as far as I know. I will be wait for a day after I installed the qihoo for testing.


I think the results are bit weird. I would expect better for them overall. I will test again in a day or two. Also I will try to run all the malwares while only the HIPS enabled. I was already knew that this product takes most of its power from its other components. no need to critisizing ;)
 
  • Like
Reactions: show-Zi, Weebarra, oldschool and 1 other person
Upvote 0 Downvote
stefanos

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Nagisa said:
I thought that installing the AV engines and then updating the signatures would be enough. The signatures were 1 or 2 day old but this is normal as far as I know. I will be wait for a day after I installed the qihoo for testing.


I think the results are bit weird. I would expect better for them overall. I will test again in a day or two. Also I will try to run all the malwares while only the HIPS enabled. I was already knew that this product takes most of its power from its other components. no need to critisizing ;)
Click to expand...
Only weekend Bitdefender signatures delayed one day. Use the two engines only with custom scan.
210393
 
  • Like
Reactions: show-Zi, Weebarra, bribon77 and 1 other person
Upvote 0 Downvote
17410742

17410742

Level 4
Well-known
Apr 27, 2018
172
shmu26 said:
As @Nagisa said, the AV component is weak. It is one of the weakest you can find, actually.
Click to expand...
are we judging protection on signatures? - its 2019 not 2009. :ROFLMAO:

AV detection rates based on signatures are the weakest & most redundant form of protection in any security software.

Signatures have not been the primary source of detection since CyberHawk & Prevx.

Now with automatic sandboxes, HIPS & behaviour monitors > I wouldn't even care if my security had 'zero signatures'
 
  • Like
Reactions: show-Zi, bribon77, oldschool and 2 others
Upvote 0 Downvote
mellowtones242

mellowtones242

Level 2
Verified
Aug 11, 2018
95
17410742 said:
are we judging protection on signatures? - its 2019 not 2009. :ROFLMAO:

AV detection rates based on signatures are the weakest & most redundant form of protection in any security software.

Signatures have not been the primary source of detection since CyberHawk & Prevx.

Now with automatic sandboxes, HIPS & behaviour monitors > I wouldn't even care if my security had 'zero signatures'
Click to expand...

This is what I'm saying, we need not waste time worrying about signatures.
 
  • Like
Reactions: show-Zi, bribon77, Behold Eck and 2 others
Upvote 0 Downvote
LDogg

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I understand some may find the CCAV to be weak, but in various tests I've seen on YouTube, forums, articles etc, I've seen detection rates at 97.6% when scanning, the ones that missed were sandboxed then blocked by Virusscope or other component. I'll agree Comodo may, not have the best signature, but this is one subject which is not the focal point for any Comodo product, it's more prevention than detection.

~LDogg
 
  • Like
Reactions: show-Zi, bribon77, oldschool and 1 other person
Upvote 0 Downvote
mellowtones242

mellowtones242

Level 2
Verified
Aug 11, 2018
95
LDogg said:
I understand some may find the CCAV to be weak, but in various tests I've seen on YouTube, forums, articles etc, I've seen detection rates at 97.6% when scanning, the ones that missed were sandboxed then blocked by Virusscope or other component. I'll agree Comodo may, not have the best signature, but this is one subject which is not the focal point for any Comodo product, it's more prevention than detection.

~LDogg
Click to expand...

Exactly and if you were not able to prevent which is a very very slim chance of happening restore from a backup which I am sure everyone is exercising a good backup strategy.
 
  • Like
Reactions: show-Zi, bribon77 and oldschool
Upvote 0 Downvote
LDogg

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
mellowtones242 said:
Exactly and if you were not able to prevent which is a very very slim chance of happening restore from a backup which I am sure everyone is exercising a good backup strategy.
Click to expand...
You find some users who get very tin foily about protection they'll go to the ends of the earth to go fully overkill with their configuration.

~LDogg
 
  • Like
Reactions: Behold Eck, Nagisa, show-Zi and 3 others
Upvote 0 Downvote
stefanos

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
17410742 said:
are we judging protection on signatures? - its 2019 not 2009. :ROFLMAO:

AV detection rates based on signatures are the weakest & most redundant form of protection in any security software.

Signatures have not been the primary source of detection since CyberHawk & Prevx.

Now with automatic sandboxes, HIPS & behaviour monitors > I wouldn't even care if my security had 'zero signatures'
Click to expand...
 
  • Like
Reactions: Behold Eck, show-Zi, Weebarra and 2 others
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Shadowra
    • Like
    • +Reputation
    • Applause
  • Locked
App Review COMODO Internet Security 2025 Premium
Replies
117
Views
13,251
Video Reviews - Security and Privacy
Victor M
Victor M
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
967
ChromeOS & Linux
Victor M
Victor M
Andy Ful
    • Like
    • Thanks
    • Applause
What Behavior Blocker is, and what it is not.
Replies
19
Views
3,476
General Security Discussions
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top