Battle Comodo's Auto-containment vs any other free security software

Compare list
CCAV 2019
Avast Free 2019
Comodo Antivirus 2019
Other 2019

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
341
I'd like to just give the avast (free) as an example here. Avast has a behaviour blocker and also its antivirus module is relatively stronger to comodo's. But, there will be times where both of them can't succeed to find the malware. At this time, theoryically, a sandbox can isolate the virus without interfering the program itself. I don't know if there is significant performance loss at this point, though. Even if we press the "Run unlimited", we have a strong HIPS module, doesn't we?
I have never seen the HIPS module in action at the malware tests on youtube, so I can't say a definite thing, though.

I think either there is a problem with Comodo which I don't know yet, or it's just underrated.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Comodo's sandboxing will always surpass default-allow AVs in terms of protection, simply because AVs allow unknown software to run unrestricted on a system and rely on inconsistent behavioural analysis to determine whether that software is malicious or not.

I don’t understand why qihoo fails so much on tests despite it has a sandbox.
Because Qihoo's sandbox isn't automatic; you have to manually run files inside it.

I couldn’t decide between comodo, avast and 360 TS.
Try all three and use whichever you like the most.
 
Last edited:

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Can we replace the comodo here with an another antivirus that have sandbox?

For example 360 TS/TSE...

I don’t understand why qihoo fails so much on tests despite it has a sandbox.

I couldn’t decide between comodo, avast and 360 TS.
360TS it does not have automatic sanbox. You have to put the file in the sanbox
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
Comodo's sandboxing will always surpass default-allow AVs in terms of protection, simply because AVs allow unknown software to run unrestricted on a system and rely on inconsistent behavioural analysis to determine whether that software is malicious or not.


Because Qihoo's sandbox isn't automatic; you have to manually run files inside it.
same post :)
 
L

Local Host

Comodo's sandboxing will always surpass default-allow AVs in terms of protection, simply because AVs allow software to run unrestricted on a system and then rely on inconsistent behavioural analysis to determine whether that piece of software is malicious or not.


Because Qihoo's sandbox isn't automatic; you have to manually run files inside it.
Considering Anti-Virus like Kaspersky include rollback in the behaviour blocker is irrelevant, Comodo lacks the effectiness to tell a malicious file from a legit file, running every suspicious file in a sandbox brings the question OP has (performance concerns, not to mention compatibility lots of software doesn't work correctly in a sanbox).

Kaspersky already has a Sandbox in their Enterprise Cloud Products, which includes behaviour blocker and KNS, which obviously is way more effective than Comodo.

For home users there's no need to go overboard, the malware home users run into to tends to be weeks/months and in most cases years old and are easily detected through signatures and cloud, worst case scenario will get caught in the behaviour blocker.

I'll go even further, and if you're like me you won't run into malware at all, so AVs tend to be purely cosmetic.
 
Last edited:

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
The problem I had with Comodo products is except that they block many safe things, block all unknown programs. And because the virus signatures are very weak You must take decision if the file is safe or not.
If Comodo's signatures aren't good, that's why I don't use them.
Comodo is not for everyone, you have to have a degree of experience in knowing what you install, but you always have VirusTotalUploader2, to consult.:giggle:
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Considering Anti-Virus like Kaspersky include rollback in the behaviour blocker is irrelevant, Comodo lacks the effectiness to tell a malicious file from a legit file, running every suspicious file in a sandbox brings the question OP has (performance concerns, not to mention compatibility lots of software doesn't work correctly in a sanbox).
I'd argue that's more an issue with Comodo's usability, which admittedly isn't particularly friendly for the average user.
If a user can't adopt a mindset of not pulling every file out of the sandbox when they're unsure of the file's nature then they surely shouldn't be using a Comodo product in the first place.

So, I will choose between the Avast and Qihoo. Do you think it’s worth to prefer Qihoo over the Avast for its less performance impact? (Idk which is lighter though)
Try them both. Take note of things you like/dislike about each product, compare the two and use whichever you find more appealing.
 
Last edited:

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
If Comodo's signatures aren't good, that's why I don't use them.
Comodo is not for everyone, you have to have a degree of experience in knowing what you install, but you always have VirusTotalUploader2, to consult.:giggle:
Agree but why i will use Comodo IS one very heavy program and will not use 360TS one very light antivirus with help from Virus total and voodooshield??
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
So, I will choose between the Avast and Qihoo. Do you think it’s worth to prefer Qihoo over the Avast for its less performance impact? (Idk which is lighter though)
Avast alone if you are not happy clicker or with syshardener if you are happy clicker is light with very good protection. 360TS is very light but because i know and i test this two antivirus many years 360TS only combo with voodooshield and you are light and super secure. The rest is your choise. ;)
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
Agree but why i will use Comodo IS one very heavy program and will not use 360TS one very light antivirus with help from Virus total and voodooshield??
Comodo is not heavy, at least in my case. If it were heavy, I wouldn't use it because I don't have good equipment.

209662
 
Last edited:

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Comodo FW + OSArmor is a very good combination. Combining Comodo with an a-v can be amazingly effective, for example with Avast or Qihoo. With Qihoo it makes for a very fluid system, but it's good in this way with Avast too. Another good combination is CFW + FortiClient with the comprehensive web filtering module in FC.

With HIPs, in safe mode they will kick in for any unrecognized file run outside of the container or for a file running inside the container which somehow is able to trigger the alert. HIPs does work, but OSArmor appears to me to be a better choice. With OSA, HIPs can be turned off. Perhaps trimming the HIPs settings some in Comodo would help with the barrage of alerts which can happen. For me, limiting HIPs to the protection of COMs interfaces and memory could be enough, considering the power in sandboxing and in OSArmor. Installing Comodo now on a system, so I may work with the HIPs monitoring settings some myself to see how well it performs.

The latest I have heard is that Comodo AV (CCAV) is still improving.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top