Difference between Cloud scan & lookup in Comodo

Status
Not open for further replies.
S

sinu

Thread author
full system scan done in which i selected the cloud scan option and the comodo could not detect a malware sample which is caught by doing lookup in file rating as a malware .
is both cloud scan and lookup are different?
why is this difference? and why lookup is not implemented in full scan and context menu scan which can improve comodo's detection rate.
 
H

hjlbx

Thread author
As far as I can tell Comodo databases are not always synchronized:

Antivirus signatures (on your machine) - Cloud - File Lookup do not always agree.

This is on-going issue; users have complained, but Comodo is slow in implementing improvements.

Frustrating...
 
  • Like
Reactions: Rolo and Kent
Rolo

Rolo

Level 18
Verified
Jun 14, 2015
857
After testing the cloud lookup and scan, I can't recommend it. Enabling it bypasses the strengths of Comodo's firewall/auto-sandbox ability with a mediocre-at-best AV. At that point, you might as well just use a more effective scan-based AV solution.

Edit: I can't recommend it for a hardened configuration; otherwise, see my post below
 
Last edited:
M

Malware1

Level 76
Sep 28, 2011
6,545
Cloud scan - do you mean file upload? it uploads unknown files
Lookup - only checks files known in Comodo's DB.
 
H

hjlbx

Thread author
Rolo said:
After testing the cloud lookup and scan, I can't recommend it. Enabling it bypasses the strengths of Comodo's firewall/auto-sandbox ability with a mediocre-at-best AV. At that point, you might as well just use a more effective scan-based AV solution.
Click to expand...

Comodo Cloud is nothing but a file rating database - from what I understand. It serves to allow, disallow or sandbox files. It does supplement Comodo's AV in the case where a file has been determined to be malicious by Comodo, but Comodo has not created an AV signature for it yet.

Disabling Comodo Cloud will also mean that some Trusted files newly introduced to your system will be treated as Unrecognized - and sandboxed. To me that is needless, but essentially harmless to the system - the only negative, if one can really call it that, are the alerts generated.
 
Rolo

Rolo

Level 18
Verified
Jun 14, 2015
857
Right. Not having it enabled is a pain. We pretty much have to decide between hardened and micromanage every detail or accept some measure of vulnerability, albeit a pretty small one. We "can't have it both ways", 100% secure and hassle-free.

I've decided to use Comodo as a great upgrade to Windows Firewall and HIPS. I have cloud scan enabled for initial screening--if Comodo thinks it's malicious, it's a safe bet that it is--and for alert mitigation, NOT for the AV function. I opted for Qihoo 360 for file scanning, behaviour blocking.
 
Status
Not open for further replies.

Similar threads

eroniko
    • +Reputation
    • Like
Serious Discussion Looking for Help with YARA Rules for My Open-Source Antimalware Scanner
Replies
4
Views
417
General Security Discussions
eroniko
eroniko
ErzCrz
    • Like
New Update Comodo Internet Security 2024 v12.3.2.8124 BETA (Feb 2024)
Replies
16
Views
2,685
Comodo
Nikola Milanovic
Nikola Milanovic
P
    • HaHa
    • Like
    • Love
Comodo CIS Bug fix policy
Replies
502
Views
21,102
Comodo
Behold Eck
Behold Eck

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top