Advice Request Compatibility between Comodo Cloud Antivirus and other anti-malware?

[Ink]

Questions about using Comodo Cloud Antivirus with other anti-malware software running in real-time.

• Is there any overlap between Comodo Cloud Antivirus, Kaspersky Anti-Ransomware and Zemana AntiLogger Premium?
• Would there be any incompatibilities between them?
• Would Zemana AntiLogger Premium be overkill for CCAV and Kaspersky Anti-Ransomware?

 

[Av Gurus]

I think better combo would be Comodo Firewall + KAR.

 

[Ink]

I think better combo would be Comodo Firewall + KAR.

Not looking for an alternative combination, asking about CCA. I have no interest in CFW, since I stopped using it years ago (v3.1x).

 

[rosendalek]

yeah, it would work fine, just make sure to set an exception for Zemana and kar in ccav, or comodo clouds sandbox may sandbox them (I have found it to be a little too over protective)

 

[Ink]

CCA contains Application Whitelisting, wouldn't this prevent Zemana and Kaspersky from being isolated by Comodo?

 

[Av Gurus]

Not looking for an alternative combination, asking about CCA. I have no interest in CFW, since I stopped using it years ago (v3.1x).

With CCA you get antivirus (not good) and Sandbox, with CF you get firewall, sandbox & HIPS (you don't have to use it).
KAR cover your cloud antivirus protection which is far more better then Comodo Cloud AV.

You use what is better for you, that is just my thinking.

 

[rosendalek]

KAR cover your cloud antivirus protection which is far more better then Comodo Cloud AV.

KAR only detects specific threats, ransomware and screen lockers. nothing else

 

[Av Gurus]

KAR only detects specific threats, ransomware and screen lockers. nothing else

Are you sure?

 

[XhenEd]

KAR only detects specific threats, ransomware and screen lockers. nothing else

As per Cruelsister's tests of it, KAR doesn't only protect against ransomware, but it seems to protect against malware in general.
But of course, it's still in beta. Maybe in the course of its development, it will be specifically against ransomware.

As for the OP, if I had to choose, I would test them all together. I think they complement each other. Zemana AntiLogger has multi-engine to detect malware also. Of course, in my opinion, running all of them would really seem to be overkill.

 

[Deleted member 2913]

You are an expert user, I would suggest CCAV only & set Sandbox option to "Ask for Untrusted".

 

[cruelsister]

Spawn- Do you have any Outbound firewall Protection in this setup? The reason I ask is that CCAV will allow sandboxed applications to connect to the Internet, and will also allow some keyloggers to record keystrokes. As long as you have something to block either the acquisition or transmission of data you are fine- so if you have an Outbound alert firewall this would block the transmission; if not, then Zemana Anti-K would be good to block the acquisition.

As to KAR, as long as your machine is good enough not to be sluggish there isn't any intrinsic incompatibility. It might actually be a good thing as I've found that the CCAV sandbox will on rare occasions allow JScript coded malware to create a registry entry for persistence. This is no real issue as on startup the malware will be isolated, but it's not as elegant as the CF sandbox set at Restricted (I know you don't want CF, but just had to point this out). Adding KAR would block this from happening, and the sandbox will isolate stuff KAR misses, so the combination does make sense.

Hope this helped.

M

 

[Deleted member 2913]

CCAV sandbox will on rare occasions allow JScript coded malware to create a registry entry for persistence. This is no real issue as on startup the malware will be isolated, but it's not as elegant as the CF sandbox set at Restricted (I know you don't want CF, but just had to point this out).

What about CF sandbox set to default?
Result will be same as CCAV?

 

[cruelsister]

No- the CCAV sandbox is set a touch above the default CF sandbox level. Better than CF at Partially Limited, but less than CF at Restricted (and certainly less than CF at Untrusted!).

 

[Deleted member 2913]

No- the CCAV sandbox is set a touch above the default CF sandbox level. Better than CF at Partially Limited, but less than CF at Restricted (and certainly less than CF at Untrusted!).

Does "Untrusted" in CF blocks Unknown?
If Yes, isn't "Run only safe" option in CCAV the same as "Untrusted" in CF?

 

[cruelsister]

At the Untrusted level malware will either error out immediately (if they need to drop a payload daughter this would be prevented) or else run for a few seconds in vain before dying as their mechanism of action is blocked. It's actually not fair to the poor malware and almost (but not quite) makes me guilty using it.

 

[Ink]

Spawn- Do you have any Outbound firewall Protection in this setup? The reason I ask is that CCAV will allow sandboxed applications to connect to the Internet, and will also allow some keyloggers to record keystrokes. As long as you have something to block either the acquisition or transmission of data you are fine- so if you have an Outbound alert firewall this would block the transmission; if not, then Zemana Anti-K would be good to block the acquisition.

As to KAR, as long as your machine is good enough not to be sluggish there isn't any intrinsic incompatibility. It might actually be a good thing as I've found that the CCAV sandbox will on rare occasions allow JScript coded malware to create a registry entry for persistence. This is no real issue as on startup the malware will be isolated, but it's not as elegant as the CF sandbox set at Restricted (I know you don't want CF, but just had to point this out). Adding KAR would block this from happening, and the sandbox will isolate stuff KAR misses, so the combination does make sense.

Hope this helped.

M

Thanks for the information regarding Comodo and Keyloggers.

Not currently, only Windows Firewall. Assuming I am lucky not to get any malware on my system, would CCAV + KAR be reasonable, or would you recommend ZAL as well?

How does CCAV fair to CFW for safe web users?

Reason I prefer to not use CFW as the extra components that are disabled by default, but combining all would feel bloated, in my opinion. Hence why I have picked CCAV due to it's simplistic and minimal approach. Reminds me of GeSWall.

Sidenotes:
- I only use my Windows PC a few times a week, everything else is handled by Android M.
- Intel Core i7-4700HQ @ 2.40 GHz should be sufficient to run all of the above.
- Windows Defender is currently disabled with O&O ShutUp10

 

[Deleted member 2913]

Spawn,

I find CCAV good And if you want to use CCAV, I would suggest sandbox option "Alert for Untrusted".

Alert for Untrusted - Unknown will not be autosandboxed & you will get an alert for unknown.
This also takes care of data theft/malicious keyloggers i.e as mentioned you will get an alert for unknown & unknown will only run sandbox/out of sandbox if you allow sandbox/out of sandbox on the alert. And in CCAV sandbox automatically clears on program exit/close.

So in a way, data theft/malicious keyloggers will kinda not be a prob for you as you are an expert user & can take action on the alert i.e unknown into your system or sandbox or block depends on your action taken on alerts.

The only prob could be if malware is whitelisted in Comodo whitelist or any bug allowing bypass.

Still outbound protection would be good, just in case, right? But additional AV, ransomware, etc... no need IMO But if you think need 1 can add a good compatible 1.

By the way, as per Comodo forum, FW is going to be added in CCAV But dont know when?
But CCAV frequent release & Comodo surprise/shocking release behavior without beta, you never know...you may get it in any next near releases without prior announcement.

 

[cruelsister]

S- I'm sort of a sandbox purist and I find the CCAV box not as elegant as the one in CF. Personally I would rather run CF with everything shut off except the Sandbox in Restricted, but that's just me (personally I think you will like it- and remember on it's best day the Comodo AV is wretched).

To answer the Zemana question, needing the extra anti-keylogger protection is theoretically needed, but with your use probably not of value. KAR and CCAV do co-exist nicely, so that would be OK. The only issue may be what K does with KAR after the beta period expires next month.

M

 

[Tony Cole]

Cruelsister on Kasperksy IS 2017 how do I (if possible) enable outbound firewall notifications?

 

[shmu26]

with CCAV, can you run browser in persistent sandbox, like you can with CFW?