Software to Compare
CCAV 2019
Avast Free 2019
Comodo Antivirus 2019
Other 2019

shmu26

Level 85
Verified
Trusted
Content Creator
Does it make sense to focus on AV detection? It seems as if a lot of endpoint protections are now focusing on sandboxing, behavior and AI.
are we judging protection on signatures? - its 2019 not 2009.
Correct, AV is more than static sig-based detection. And sig-based detection itself is more than a simple list of hash values. Nowadays, it is very complex. This is exactly why you want an AV that does the job right, not Comodo AV.

If you have no need for an AV, then don't install CIS. Use Comodo Firewall. But a good AV is an important safety net. It is recommended as part of your security config. That's why you should use the AV of your choice + Comodo Firewall.
 

oldschool

Level 57
Verified
My opinion is if you use Comodo you must have sure one good second opinion scaner for unknown files. If you have not problem with the high cpu, delays on applications and the false positives, the rest is very secure protection. And the best against ransomware.
[/QUOdTE]

Read the recent posts of Fabian from Emsisoft. They are very enlightening.


I know there are many happy Comodo users. I simply don't find their products very user-friendly. Lots of other good AVs are, and if you harden the OS or use something like VS you complete the package.

Re: Fabian's posts - They certainly are enlightening. Implicit in his thread is the usability factor of an AV, even though he may not emphasize it, or even say it. That's a big factor for me, and probably many ordinary users.
 
Last edited:

Local Host

Level 23
Verified
I can hardly call the default-deny nature of Comodo any secure, you lack the tools and effectiness to tell if the file is malicious to begin with.

So you guys are going to run all the Software in a sandbox? Is no different from running Windows Defender with strict rules.

Which brings @shmu26 comment, you need a proper AV to detect and triage the legit files, instead of running everything in a sandbox. Plus this is 2019 indeed, the browsers already run in a container, putting them in a sandbox is useless.
 

LDogg

Level 33
Verified
I'm using CCAV with the tweaks from @BoraMurdar.

CCAV + Syshardener is my combo. It's unbeatable light and blows away other light av's like Panda or Eset. (y)
Changed my mind again about CIS Free. think I'll make my own personal judgment for my own machine regarding this AV. If any problems arise, I can make sure I skip the product in the future. Sometimes the only way to gain experience is by conducting things yourself and getting knowledge about the experience you faced, then you can take the pros and cons.

~LDogg
 

shmu26

Level 85
Verified
Trusted
Content Creator
I can hardly call the default-deny nature of Comodo any secure, you lack the tools and effectiness to tell if the file is malicious to begin with.
This is true, but if you run it at CS settings, it is pretty secure. At her settings, a malicious file running in sandbox can't hurt you.
But if you use CCAV, and rely on the autocontainment, you risk losing personal data. The malicious file running in the sandbox could call home and exfiltrate what it finds on your system. But it won't be able to make any significant changes to your system.

If CCAV blocks internet connection for contained files, then what I said is not true. But I don't think it does.
 

LDogg

Level 33
Verified
I believe within the settings of CCAV you have options to stop inbound/outbound connections of sandboxed applications as indicated here:

210411


Please excuse the fussiness of the image. I believe this would stop or at least mitigate personal data loss. @shmu26

~LDogg
 
Last edited:

mellowtones242

Level 2
Verified
I can hardly call the default-deny nature of Comodo any secure, you lack the tools and effectiness to tell if the file is malicious to begin with.

So you guys are going to run all the Software in a sandbox? Is no different from running Windows Defender with strict rules.

Which brings @shmu26 comment, you need a proper AV to detect and triage the legit files, instead of running everything in a sandbox. Plus this is 2019 indeed, the browsers already run in a container, putting them in a sandbox is useless.

You’re saying Comodo lack the tools and effectiness to tell if the file is malicious to begin with?
 

bribon77

Level 34
Verified
This is true, but if you run it at CS settings, it is pretty secure. At her settings, a malicious file running in sandbox can't hurt you.
Okay, it would be like an Anti exe, or similar to H_C. What happens is that you have to know if it is good or bad because it denies everything, it would be like an Anti exe, or similar to H_C. VT can help in that or some second opinion scanner
 
Last edited:

shmu26

Level 85
Verified
Trusted
Content Creator
I believe within the settings of CCAV you have options to stop inbound/outbound connections of sandboxed applications as indicated here:

View attachment 210411

Please excuse the fussiness of the image. I believe this would stop or at least mitigate personal data. @shmu26

~LDogg
Thanks. I haven't looked at CCAV in a while. If you can block outbound connections, that's an important tweak. Users should do it.
 

LDogg

Level 33
Verified
Thanks. I haven't looked at CCAV in a while. If you can block outbound connections, that's an important tweak. Users should do it.
No worries. I agree, users should definitely block outbound connection. (off subject, but on topic with outbound connections) It's why I'm using MWFC, functioning the same way, but it does give more informed information about the app that's blocked.

~LDogg
 

LDogg

Level 33
Verified
Light and effective? Windows Defender configured via H_C. I don't see the needs for third party av's anymore.
You may not see the need, I can see how you came to that conclusion, but many other users like to explore, use, test, uninstall/install AV products, it's a massive playground for gathering knowledge, experience or just to play test some software. :p

~LDogg
 

shmu26

Level 85
Verified
Trusted
Content Creator
The one that opts for a Denial by default is not a person to remove and put programs, he knows what he has and if he wants to try it he does it in Shadow Defender or in a virtual machine.:giggle:
Maybe that's why Comodo appeals to many people. It has such a long list of trusted vendors, you can install most known software without a problem. And at worst, it will be autocontained. It is sort of like default/deny with a soft cushion.
 
Top