- Aug 30, 2012
- 6,598
Due to the small number of samples used in these tests, you should take results with a grain of salt. We encourage you to compare these results with others and take informed decisions on what security products to use.
MalwareTips - Comodo Report - November 2016
- Thread starter BoraMurdar
- Start date
- Status
As long as the sandbox works, unbeatable
HIPS are very difficult to show off. As for signature detection, better choose anything else next to it, for example Qihoo
Thank you @BoraMurdar for sharing
I've just installed the BD free AV (in place of WD) and waiting for CFW v10 to be releasedAs long as the sandbox works, unbeatable
HIPS are very difficult to show off. As for signature detection, better choose anything else next to it, for example Qihoo
Thank you @BoraMurdar for sharing
BoraMurdar, Thank You for the report & your time to do & share this.
Der.Reisende, I like your tests...You give excellent test details...Thank You for the tests, hard work & your time.
Der.Reisende, I like your tests...You give excellent test details...Thank You for the tests, hard work & your time.
- Dec 29, 2014
- 1,716
Comodo is living up to its reputation in this test. CIS should make users seeing this feel great confidence.
Excellent presentation and breakdown of the data and of test program settings. Anyone can read and understand the results. As Yash Khan says, outstanding work and thanks.
Excellent presentation and breakdown of the data and of test program settings. Anyone can read and understand the results. As Yash Khan says, outstanding work and thanks.
To bad it isn't right configured, then it would have been 100%
But thats not bad with default settings.
But thats not bad with default settings.
- Jul 3, 2015
- 8,153
what might have caused the one infection? Because it was not in proactive config?
- Sep 22, 2014
- 1,767
Comodo is always good and put everything in sandbox (this is good if you test malware files but...) because of that I suggest that we make a False Positive test also...but others say no.
The auto-sandbox didn't work on that sample. However both me and another member retested, and the sample was sandboxed fine (just before and after accepting UAC). No idea what went wrong.
Thank you both @Yash Khan and @AtlBo for your kind words, I hope I yam keep the standard
I switched to testing Dr. Web just because I was so tempted and couldn't find much on it. And as @Av Gurus said, it's hard to get infected with the sandbox working
CIS was also incredibly light on my system.
As for false positives, as long as the software is in the endless list of trusted vendors, you'll hardly see one. I had only one when a non-trusted game tried to access the Steam client to run (I bought it via Steam). Both were then autosandboxed.
- Jul 3, 2015
- 8,153
thanks for explanations, and thanks for the dedicated testing.
if HIPS had been enabled, what do you think would have happened?
alternatively, if COMODO had been in proactive config, do you think that would have made a difference?
- Nov 5, 2013
- 478
@Der.Reisende Thank you very much for the awesome informations! Just a question, have you made any changes to the Auto-Sandbox which may not be stated in the PDF? Did you just make it "on" and left all the subvariants as they were, or changed it to "Restricted" or something?
Thanks and glad to see Comodo doing great!
Thanks and glad to see Comodo doing great!
Thank youGreat job
You're welcome
I have tried HIPS for a very short time (~3 packs), messages did not appear very often. However, it seems as many malicious actions get blocked silently in the background, which makes it hard to track them down. With auto-sandbox, you can watch the samples rolling out their actions, as long as they don't detect the virtual environment, making them autoterminate.
You're welcome@Der.Reisende Thank you very much for the awesome informations! Just a question, have you made any changes to the Auto-Sandbox which may not be stated in the PDF? Did you just make it "on" and left all the subvariants as they were, or changed it to "Restricted" or something?
Thanks and glad to see Comodo doing great!
I only turned the "auto-sandbox" exclusion for shared folders and the download folder off, as some ransomware scripts managed to hit other script files within the samples folder regardless sandboxing, however anything else was safe. As this was kinda annoying, I asked for help in the Comodo forum and was suggested to do exactly that.
Here's the bug report:
Malware vs Comodo Containtment ! - News / Announcements / Feedback - CIS
I did not alter the setting for auto-sandboxing, e.g. to "restricted", which should lead to anything crashing on run not being trusted and auto-sandboxed.
Yes, Comodo sandbox is easy to use but incredible powerful
And their firewall is pretty talkative, perfect if you want to observe services calling out As for installation, you have the option to "custom" install, I unticked the box to "show less alerts".
Everybody thank you for reading and showing so much interest
- Status
Similar threads
