What comodo needs to improve on in my opinion?

[Andrew999]

I am not using Comodo anymore until version 9 anyway because of all the bugs. The signatures probably wont improve but never mind but I think it has some compatibility problems with some other antivirus programs such as xvirus, Crystal Security and Baidu antivirus I know for sure because when I disabled comodo it worked properly.The main reason I like Comodo is the sandbox and the firewall. Tell me what you think I am probably going to use eset at the moment.

 

[hjlbx]

I am not using Comodo anymore until version 9 anyway because of all the bugs. The signatures probably wont improve but never mind but I think it has some compatibility problems with some other antivirus programs such as xvirus, Crystal Security and Baidu antivirus I know for sure because when I disabled comodo it worked properly.The main reason I like Comodo is the sandbox and the firewall. Tell me what you think I am probably going to use eset at the moment.

Comodo is not as buggy as it once was. Some bugs are not bugs at all, but instead intended behavior by design.

I see a lot of typical users interpret unexpected behavior as bugs... and that's Comodo's fault, not the user's fault. There are quite a few things about CIS that, unless the user knows about them, they will be apt to think CIS is malfunctioning or is just an odd, user-unfriendly soft.

Comodo's HIPS alerts are poorly designed; the typical user does not know that the rule created from within the alert applies to the first object and not the second. Time and again, a novice user will grant Trusted Installer rights to Windows Explorer... a stupendous security hole !

Comodo's firewall alerts are not as user friendly as they could be to create custom rules; Allow rules have to be further refined through the main GUI later.

Web protections are not a substantial part of the Comodo default-deny protection model; this is always a primary gripe with some users.

There is not enough infos available so that users can learn to use CIS properly; the User's Manual, while much better than most, lacks most of the finer points regarding settings dependencies, what behaviors to expect, known issues, etc.

Geek Buddy support is terribly hit-or-miss dependent entirely upon the experience and knowledge of the tech; expect completely incorrect or partially correct infos...

Comodo misses one big opportunity - and that is a "Lock-Down" configuration - e.g. block camera\microphone, block all Unrecognized installers, block interpreters, etc - with complete rules and settings in the list of configs; I suppose it is up to the user to figure it all out and customize CIS, but a Lock-Down CIS config sure would be a home run for both Comodo and its dedicated users...

Lock-Down mode is possible in CIS... it requires some work. To be perfectly honest, an AppGuard\NoVirusThanks Exe Radar Pro level Lock-Down mode can be duplicated in CIS as I've done it numerous times. It is just that it is somewhat of a pain in the arse...

The Comodo forum Moderators can be quite autocratic at times.

I have tried CIS on every one of my laptop systems - from the low-end AMD to a top-of-the-line i7 powerhouse with SSD. In every case CIS significantly slows down system boot times and can be power-hungry. So in its current iteration, CIS is best suited to desktop systems that are not rebooted frequently.

Sounds absolutely terrible doesn't it ? Sad part is, most everything above "generally" applies to virtually every other AV vendor !

One thing that really applies to Comodo specifically = while it can be used successfully by a novice, in reality CIS is not optimally suited to the typical home user. That's unfortunate...

 

[Deleted member 2913]

CIS will be there with all the modules.

Now Comodo Cloud AV is coming...
Do you think they should have made this a pure AV i.e no autosandbox, etc... but full online/cloud databases, smart offline databases/cache like Panda cloud & Bd free, local/cloud heur/ViruScope/BB, local/cloud whitelists (option to disable), web protection & Valkyrie?
Valkyrie works amazing. Its little slow. They should make it work faster & include in the AV like Avast deepscreen i.e for unknown files Valyrie alert will appear & analyze the files & give verdict (option to auto/manual analyze i.e check/analyze with Valkyrie on the alert).

What you say?

 

[Andrew999]

CIS will be there with all the modules.

Now Comodo Cloud AV is coming...
Do you think they should have made this a pure AV i.e no autosandbox, etc... but signs, heur, ViruScope/BB, local/cloud whitelists (option to disable) & Valkyrie?
Valkyrie works amazing. Its little slow. They should make it work faster & include in the AV like Avast deepscreen i.e for unknown files Valyrie alert will appear & analyze the files & give verdict (option to auto/manual analyze i.e check/analyze with Valkyrie on the alert).

What you say?

maybe but a lot of people like Comodo because of the Sandbox and all the settings.

 

[Andrew999]

I have actually decided to give Comodo another chance its just something I like about it I installed ZoneAlarm free and I didn't like the UI but I like Comodo's UI and it is much lighter on system resources. I just hope version 9 will be coming out soon does anyone have any idea when it might be coming out?

 

[hjlbx]

CIS will be there with all the modules.

Now Comodo Cloud AV is coming...
Do you think they should have made this a pure AV i.e no autosandbox, etc... but signs, heur, ViruScope/BB, local/cloud whitelists (option to disable) & Valkyrie?
Valkyrie works amazing. Its little slow. They should make it work faster & include in the AV like Avast deepscreen i.e for unknown files Valyrie alert will appear & analyze the files & give verdict (option to auto/manual analyze i.e check/analyze with Valkyrie on the alert).

What you say?

I think the next generation of security softs will include emulation via a Cuckoo sandbox or equivalent. That is essentially what Valkyrie is... a Cuckoo sandbox. An unknown sample is uploaded and then various forms of static and dynamic analysis are performed to derive a malicious index score.

@BuketB, or one of the other Comodo staff, hinted that Valkyrie, Comodo Automated Malware Analysis, and other databases would be all integrated into CIS. Of course, there were no further details or technical infos... so one has to adopt a wait-and-see posture.

Comodo actually already is cloud-based for file ratings, but they're late to the game in terms of a signature-less local AV (cloud-based AV). It's overdue, but if, and when, it will be released is always a dodgy affair.

I wouldn't use Comodo if it was purely a cloud-based AV. If I wanted that I'd just use Avira Free as it is a time-tested, proven design; the one thing about Avira is that you can count on their signatures. Comodo is building their own signature database - my hunch is that Melih hopes that it will rival VirusTotal.

 

[hjlbx]

I have actually decided to give Comodo another chance its just something I like about it I installed ZoneAlarm free and I didn't like the UI but I like Comodo's UI and it is much lighter on system resources. I just hope version 9 will be coming out soon does anyone have any idea when it might be coming out?

I wouldn't count on it for at least another month or two... and I wouldn't be surprised if it takes longer.

Version 9 amounts to a moderately complex build for the developers... so it's going to take some more time.

Watch, I'll eat my words... they'll release the beta Monday... LOL.

 

[Online_Sword]

Comodo's HIPS alerts are poorly designed; the typical user does not know that the rule created from within the alert applies to the first object and not the second. Time and again, a novice user will grant Trusted Installer rights to Windows Explorer... a stupendous security hole !

Hi, hjlbx, maybe you can write a guide on how to correctly answer the HIPS alerts of Comodo.

 

[hjlbx]

Hi, hjlbx, maybe you can write a guide on how to correctly answer the HIPS alerts of Comodo.

Yes, I think it needs to be done... when I get motivated to do it.

 

[Ink]

Comodo needs to create a "Lite version" of their free Premium suite.

Comodo Lite Installer:

Comodo Antivirus
Comodo Firewall​

No Comodo Dragon, IceDragon or Chromodo.
No GeekBuddy
No Yandex Toolbar
No Comodo SecureDNS
No AdTrustMedia

 

[Deleted member 178]

So long time i didnt used CIS, what features are exclusively dependent of the AV ?

 

[hjlbx]

So long time i didnt used CIS, what features are exclusively dependent of the AV ?

Melih states the reason an AV is included is primarily to improve usability = with an AV there is no need to waste time having CIS sandbox known malicious files.

Is that what you mean @Umbra ?

 

[Deleted member 2913]

I think standalone autosandbox only available would be good & will be your standalone proactive security.
In that case I would be happy running it with Win FW & Defender.

 

[Deleted member 178]

Melih states the reason an AV is included is primarily to improve usability = with an AV there is no need to waste time having CIS sandbox known malicious files.

Is that what you mean @Umbra ?

Yes thanks, so if i just use the FW , i dont lack features like file rating or others?

Seems the AV is the main culprit for boot and responsiveness slowdown

 

[Deleted member 2913]

Yes thanks, so if i just use the FW , i dont lack features like file rating or others?

Seems the AV is the main culprit for boot and responsiveness slowdown

Yes, only local AV will not be there.
Yes CIS does affects system boot & response a little. Compared to CIS, CFW is lighter & you have AV too i.e Cloud part/Cloud AV.

I think Cloud part in CIS is not a pure cloud AV i.e doesn't blocks file execution/running of files for cloud verdict. I think its simply an online/cloud connection for online/cloud databases.

 

[Deleted member 178]

What i need is a sandbox able to virtualize any exe running from various selected folders.

I need CFW/CIS to replicate some of Sbie features. And if the cloud AV can flag a malware virtualized in the Sandbox, it better for me.

 

[Deleted member 2913]

And I think with CFW file/folder AV exclusion will not be there. And detection alert will give you an option to add to trusted files. Guess you can manually add files/folders to trusted files too. And guess trusted files will act as an exclusion for Cloud AV.

 

[Deleted member 178]

I dont want exclusions, just be able to do like the "Forced Folders" feature of Sandboxie.

 

[Deleted member 2913]

I dont want exclusions, just be able to do like the "Forced Folders" feature of Sandboxie.

HJLBX can give you correct info on this.

 

[Deleted member 2913]

And I guess backup/synchronization is affected by CIS ADS feature.

FreeFileSync faq mention-
Why are some files still different after synchronization?
Certain anti virus products, for example Comodo v8, write hidden alternate data streams to newly created files. Unfortunately this has the side effect of also setting the file modification time to the current time. Since this happens after FreeFileSync has copied the files, the next comparison will detect this modification just like any other external change.
To resolve this problem file a bug report on the anti virus software's support web site or use a different anti virus software that does not modify files.