Battle Comodo's Auto-containment vs any other free security software

Compare list
CCAV 2019
Avast Free 2019
Comodo Antivirus 2019
Other 2019

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
341
I'd like to just give the avast (free) as an example here. Avast has a behaviour blocker and also its antivirus module is relatively stronger to comodo's. But, there will be times where both of them can't succeed to find the malware. At this time, theoryically, a sandbox can isolate the virus without interfering the program itself. I don't know if there is significant performance loss at this point, though. Even if we press the "Run unlimited", we have a strong HIPS module, doesn't we?
I have never seen the HIPS module in action at the malware tests on youtube, so I can't say a definite thing, though.

I think either there is a problem with Comodo which I don't know yet, or it's just underrated.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I had made a test with CAV (not CCAV), and I found its detection is very fast. But I didn’t like the detection ratio though.

Malwares are were from the thezoo/ytswf github page. I had scanned 175 executable files and the results were like that:

Qihoo 360: 100
With Bitdefender/Avira sig. : 105-106
Webroot: 120
Comodo: 80-90

I don’t remember the exact number though.
Comodo's model for their protection isn't built on detection ratio, their focus is on sandboxing/containment. As can seen when you run malware most of the unknown .exe (et al) are sandboxed straight away and later blocked, Comodo IS Free is a very solid and light piece of software, covering many layers.

~LDogg
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
I had made a test with CAV (not CCAV), and I found its detection is very fast. But I didn’t like the detection ratio though.

Malwares are were from the thezoo/ytswf github page. I had scanned 175 executable files and the results were like that:

Qihoo 360: 100
With Bitdefender/Avira sig. : 105-106
Webroot: 120
Comodo: 80-90
Win Defender: 50-60

I don’t remember the exact number though.
Qihoo with Avira and Bitdefender have very good detection rate. But you must wait the firts time 24 hours to give you the latest signatures
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
As @Nagisa said, the AV component is weak. It is one of the weakest you can find, actually.
Indeed, but this is why Comodo incorporated sandbox, Virusscope et al for other aspects, their detection ratio will always be poor, they're more known for sandboxing application than AV signatures.

Here's one video which highlights the best attributes for Comodo IS:

~LDogg
 

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
341
Qihoo with Avira and Bitdefender have very good detection rate. But you must wait the firts time 24 hours to give you the latest signatures


I thought that installing the AV engines and then updating the signatures would be enough. The signatures were 1 or 2 day old but this is normal as far as I know. I will be wait for a day after I installed the qihoo for testing.


I think the results are bit weird. I would expect better for them overall. I will test again in a day or two. Also I will try to run all the malwares while only the HIPS enabled. I was already knew that this product takes most of its power from its other components. no need to critisizing ;)
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
I thought that installing the AV engines and then updating the signatures would be enough. The signatures were 1 or 2 day old but this is normal as far as I know. I will be wait for a day after I installed the qihoo for testing.


I think the results are bit weird. I would expect better for them overall. I will test again in a day or two. Also I will try to run all the malwares while only the HIPS enabled. I was already knew that this product takes most of its power from its other components. no need to critisizing ;)
Only weekend Bitdefender signatures delayed one day. Use the two engines only with custom scan.
210393
 

17410742

Level 4
Verified
Well-known
Apr 27, 2018
172
As @Nagisa said, the AV component is weak. It is one of the weakest you can find, actually.
are we judging protection on signatures? - its 2019 not 2009. :ROFLMAO:

AV detection rates based on signatures are the weakest & most redundant form of protection in any security software.

Signatures have not been the primary source of detection since CyberHawk & Prevx.

Now with automatic sandboxes, HIPS & behaviour monitors > I wouldn't even care if my security had 'zero signatures'
 

mellowtones242

Level 2
Verified
Aug 11, 2018
95
are we judging protection on signatures? - its 2019 not 2009. :ROFLMAO:

AV detection rates based on signatures are the weakest & most redundant form of protection in any security software.

Signatures have not been the primary source of detection since CyberHawk & Prevx.

Now with automatic sandboxes, HIPS & behaviour monitors > I wouldn't even care if my security had 'zero signatures'

This is what I'm saying, we need not waste time worrying about signatures.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I understand some may find the CCAV to be weak, but in various tests I've seen on YouTube, forums, articles etc, I've seen detection rates at 97.6% when scanning, the ones that missed were sandboxed then blocked by Virusscope or other component. I'll agree Comodo may, not have the best signature, but this is one subject which is not the focal point for any Comodo product, it's more prevention than detection.

~LDogg
 

mellowtones242

Level 2
Verified
Aug 11, 2018
95
I understand some may find the CCAV to be weak, but in various tests I've seen on YouTube, forums, articles etc, I've seen detection rates at 97.6% when scanning, the ones that missed were sandboxed then blocked by Virusscope or other component. I'll agree Comodo may, not have the best signature, but this is one subject which is not the focal point for any Comodo product, it's more prevention than detection.

~LDogg

Exactly and if you were not able to prevent which is a very very slim chance of happening restore from a backup which I am sure everyone is exercising a good backup strategy.
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Exactly and if you were not able to prevent which is a very very slim chance of happening restore from a backup which I am sure everyone is exercising a good backup strategy.
You find some users who get very tin foily about protection they'll go to the ends of the earth to go fully overkill with their configuration.

~LDogg
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
are we judging protection on signatures? - its 2019 not 2009. :ROFLMAO:

AV detection rates based on signatures are the weakest & most redundant form of protection in any security software.

Signatures have not been the primary source of detection since CyberHawk & Prevx.

Now with automatic sandboxes, HIPS & behaviour monitors > I wouldn't even care if my security had 'zero signatures'
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top