Battle Windows Defender vs Comodo Antivirus

[toto]

I am currently running Windows Defender and I think it fits my needs because I only use this laptop for streaming media, Microsoft Office work, social media browsing, nothing much....
I have Comodo on a copy of Windows 10 on a virtual box just to test it, and I find it to be very light on resources.
Do you guys think that Comodo can be lighter than Windows Defender
*I just need an antivirus to sit there in case something unexpected happens, like the Ccleaner thing
I need the lightest of the two according to your experience.

 

[Evjl's Rain]

WD is one of the heaviest AVs due to its intense HDD activity especially when opening a folder with many files

easily noticed when using an old CPU with slow HDD, like a laptop
if you have an SSD, you may not notice it easily

I monitor everything strictly so WD is never light for me

 

[Andy Ful]

Propaganda from Microsoft and a link from AV-Test Labs are hardly compelling evidence, against the huge amount of videos and articles that prove what I said,

• Windows Defender Review 2017 - Windows Central Forums
  
• Windows Defender Review: Better Than Nothing
  
• Microsoft Windows Defender Security Center

There's many more from multiple sources, of course my opinion is based on my own testing and not on others opinions!

You have the right to the personal opinion, which is not dominant among MalwareTips members (and believe me, some of them are experts in the field):
Did you experience slowdown issues in Windows 10?
Only 30% users from that poll, complained about Defender slowdowns in Windows 10. It shows that the slowdowns are real but not common.
Please do not offend forum members, everybody here can see the difference between the facts and propaganda.

Edit.
Some slowdowns has also nothing to do with your statement: "Windows Defender is among the most resource intensive nowadays".

 

[Andy Ful]

WD is one of the heaviest AVs due to its intense HDD activity especially when opening a folder with many files

easily noticed when using an old CPU with slow HDD, like a laptop
if you have an SSD, you may not notice it easily

I monitor everything strictly so WD is never light for me

This issue is really annoying on some computers, but also not common, and does not depend on the disk type. That was also discussed in the thread: Did you experience slowdown issues in Windows 10?
There is the known fact, that any AV can work differently on different computers. The only way is trying antivirus on the concrete computer.

 

[cruelsister]

Toto- if you will allow me to chime in about Comodo vs WD:

1). First off, WD is essentially an AV which will alert to known threats, whereas Comodo products have the sandbox which will save you from unknown malware. For instance, if I code malware (not that a Kind and Gentle person like myself would EVER consider doing such a thing), it will bypass WD as it will be a true Zero Day; however Comodo will essentially tell me to screw myself and contain the zero day thingy. So comparing Comodo to WD is not very fair as C gives a great deal more.

2). As far as the Comodo AV is concerned- either in Comodo Cloud AV, comodo Internet Security (with a Local scanner) or the Cloud Component of Comodo firewall- all of them really suck. And please note this is coming from a FanGirl (but sometimes you must call a Spade a Spade).

3). Now the choice between Comodo cloud and Comodo Firewall- Here I will the malware you mentioned- the CCleaner malware-
(Please note that Comodo STILL has no definition against it, at least against the strain I used in my last video):
a. Comodo Cloud will ALLOW the CCleaner malware to run AND the attempt to connect to the malware Server will be allowed (not good at all)
b. Comodo Firewall will sandbox the malicious CCleaner and the Outbound connections will be prevented (this using Cruel Comodo). An Optimal Result.

4). System Impact- Whenever I do private testing of products I may be interested in, I will try them out in a VM where I will bleed in different levels of resources. I can tell you for a total and complete Fact the CF uses way, way less resources than Comodo cloud AV. If you have a super-duper system this may not matter, but if you have a POS it most assuredly will.

5). The HIPS- I also totally despise HIPS alerts. In Cruel Comodo the HIPS are disabled. An example here would be the recent banking Trojan Retefe- If you would have (in comodo firewall) the HIPS active and the Sandbox disabled (Oh god, Why???), you would get multiple alerts, and if All are Blocked will result in a clean system. But this would need User decision. With the HIPS disabled and the Sandbox on, you will just have the malware contained without user intervention and you will be Golden as the initial dropped JScript would not even be able to run so causing the malware to shut down.

In short, use CF at my settings. I do.

 

[Andy Ful]

I can say the same. Comodo Firewall with @cruelsister settings is very light. I use it on one of my old computers without any slowdowns.

 

[Deleted member 178]

Between Comodo Av and Windows Defender, my vote goes to WD.

Comodo IS > Windows Defender > Comodo AV

 

[toto]

Toto- if you will allow me to chime in about Comodo vs WD:

1). First off, WD is essentially an AV which will alert to known threats, whereas Comodo products have the sandbox which will save you from unknown malware. For instance, if I code malware (not that a Kind and Gentle person like myself would EVER consider doing such a thing), it will bypass WD as it will be a true Zero Day; however Comodo will essentially tell me to screw myself and contain the zero day thingy. So comparing Comodo to WD is not very fair as C gives a great deal more.

2). As far as the Comodo AV is concerned- either in Comodo Cloud AV, comodo Internet Security (with a Local scanner) or the Cloud Component of Comodo firewall- all of them really suck. And please note this is coming from a FanGirl (but sometimes you must call a Spade a Spade).

3). Now the choice between Comodo cloud and Comodo Firewall- Here I will the malware you mentioned- the CCleaner malware-
(Please note that Comodo STILL has no definition against it, at least against the strain I used in my last video):
a. Comodo Cloud will ALLOW the CCleaner malware to run AND the attempt to connect to the malware Server will be allowed (not good at all)
b. Comodo Firewall will sandbox the malicious CCleaner and the Outbound connections will be prevented (this using Cruel Comodo). An Optimal Result.

4). System Impact- Whenever I do private testing of products I may be interested in, I will try them out in a VM where I will bleed in different levels of resources. I can tell you for a total and complete Fact the CF uses way, way less resources than Comodo cloud AV. If you have a super-duper system this may not matter, but if you have a POS it most assuredly will.

5). The HIPS- I also totally despise HIPS alerts. In Cruel Comodo the HIPS are disabled. An example here would be the recent banking Trojan Retefe- If you would have (in comodo firewall) the HIPS active and the Sandbox disabled (Oh god, Why???), you would get multiple alerts, and if All are Blocked will result in a clean system. But this would need User decision. With the HIPS disabled and the Sandbox on, you will just have the malware contained without user intervention and you will be Golden as the initial dropped JScript would not even be able to run so causing the malware to shut down.

In short, use CF at my settings. I do.

Thank you very much for the input, it is always nice to get your opinion in a comparison. I will try to do as you said, set up CF according to your instructions and disable WD and if it works for me as it does for you than I will keep it that way.

 

[Windows Defender Shill]

If you're on this site Windows Defender is adequate!

But don't be like me and convince yourself it's also good enough for normies, you'll end up spending hours on a Friday night removing malware.

 

[shmu26]

If the main concern is that the AV should run light, just try it out and see. Every system reacts differently to AVs.

 

[cruelsister]

Toto- You are quite welcome! But about WD- there really is no need to disable it when you are also running Comodo Firewall; actually if you have Win10 it is too much of a pain to bother doing this. As CF and WD will look for different things there really is no point where one will interfere with the other, so they are quite happy together (isn't that so sweet!).

 

[toto]

Toto- You are quite welcome! But about WD- there really is no need to disable it when you are also running Comodo Firewall; actually if you have Win10 it is too much of a pain to bother doing this. As CF and WD will look for different things there really is no point where one will interfere with the other, so they are quite happy together (isn't that so sweet!).

Yeah, it sounds like a love story :X3:
But I was looking for a solution that is light on the resources so I don't think I will leave WD using resources when it isn't necessary. Not that it found any threats for the last 2 months anyway.

 

[Andy Ful]

I am currently running Windows Defender and I think it fits my needs because I only use this laptop for streaming media, Microsoft Office work, social media browsing, nothing much....
...

You have the simple choice between two options: lightness / compatibility:

1. Choose CF with @ruelsister settings for lightness.
2. Choose Defender + system hardening for compatibility.

 

[JakeXPMan]

Yeah, it sounds like a love story :X3:
But I was looking for a solution that is light on the resources so I don't think I will leave WD using resources when it isn't necessary. Not that it found any threats for the last 2 months anyway.

Windows Defender is a bit heavy at times, yeah. Comodo firewall works pretty well with AV's, IF you wanted a powerful scanner to check the computer, I suggest...

Avira free + Comodo Firewall ?
Kapersky free + CF ?

I tried these and they all seemed very light and worked well. AVG the new one seems lighter now, and is a partner with Avast...

There's AVG , Avast and Bitdefender free versions which provide nice signatures and a bit more as well.

 

[Handsome Recluse]

consider

 

[Raka Daku]

comodo antivirus does not have sandbox + poorer than poor signatures => never touch it
comodo internet security, CCAV, firewal have the sandbox

All the installation choices have Auto-Sandbox, including Comodo Anti-Virus.

 

[Raka Daku]

3). Now the choice between Comodo cloud and Comodo Firewall- Here I will the malware you mentioned- the CCleaner malware-
(Please note that Comodo STILL has no definition against it, at least against the strain I used in my last video):
a. Comodo Cloud will ALLOW the CCleaner malware to run AND the attempt to connect to the malware Server will be allowed (not good at all)
b. Comodo Firewall will sandbox the malicious CCleaner and the Outbound connections will be prevented (this using Cruel Comodo). An Optimal Result.

Why Comodo Cloud will ALLOW the CCleaner malware & Comodo Firewall will SANDBOX?
CCleaner's digital signature was intact & Piriform is in Comodo Trusted Vendors, right?
So, won't both allow CCleaner & Connections?

And, you can block sandboxed program's outgoing/incoming connections in CCAV settings.

 

[TheMalwareMaster]

a. Comodo Cloud will ALLOW the CCleaner malware to run AND the attempt to connect to the malware Server will be allowed (not good at all)
b. Comodo Firewall will sandbox the malicious CCleaner and the Outbound connections will be prevented (this using Cruel Comodo). An Optimal Result.

I saw that in a test, is there a reason why in COMODO Cloud it's allowed and in the firewall it will be contained?

 

[Raka Daku]

I saw that in a test, is there a reason why in COMODO Cloud it's allowed and in the firewall it will be contained?

Can you point me to the test?

 

[TheMalwareMaster]

Can you point me to the test?

Here is the test. In the first part, the sample is statically detected by COMODO IS local signatures (minute 4.24). In the second part, it's missed by COMODO Cloud AV (minute 12).

I tested by myself with COMODO Firewall at Cruelsister settings (it has not signature component) with HIPS on and few tweaks and the sample will be contained

 

[Raka Daku]

Here is the test. In the first part, the sample is statically detected by COMODO IS local signatures (minute 4.24). In the second part, it's missed by COMODO Cloud AV (minute 12).

I tested by myself with COMODO Firewall at Cruelsister settings (it has not signature component) with HIPS on and few tweaks and the sample will be contained

In the video..
Comodo IS signs detected CCleaner malware (Auto-Sandbox was not tested).
Comodo Cloud didn't detected CCleaner malware (Sample was executed & didn't run Sandboxed).

cruelsister mentioned Comodo Cloud will ALLOW but Comodo Firewall at her settings will SANDBOX.
Did you tested cruelsister's settings (no HIPS ON or extra tweaks)?