PC MAG: Comodo Antivirus 5.0 Review

I did the same with my friend, 'call me if you have any question about anything'
I didn't get any calls, I thought it was going fine for several months. I checked out his pc 2 weeks ago and it was v3 terribly out of date. I checked through his Defense+ rules, nothing strange. I took his pc home for the weekend and ran Asqaured\MBAM\Avast, There were 2 active rootkits and about 8-10 exe's and several registry\other items.

I installed a simple system (probably not quite as effective..because it doesn't involve a HIPS) however, because of the simplicity it actually protects him more...

CIS is not for the average user...

 

Agreed!

 

I too agree comodo is good in blocking the malware but they really need to work on their whitelisting coz many good programs(lesser known over internet) are unnecessarily being sandboxed and also have endless defense+ alerts which may make user feel that the good file is a possible threat. I tried testing with some lesser known programs and I really had a hard time installing them. People here do debate on malware blocking and cleaning capability of comodo rather than its lack of whitelisting features. Even languy has made several test regarding comodo VS ..... which didn't prove anything. Just give languy a mix of some good less popular programs and some bad programs and you will see his so called EXPERIENCE with popups

 

Isn't this the objective of Sandbox(aka Drop Rights in Comodo)?

If yes, this is a ridiculous conclusion.

 

Well, the fact is, Sandbox does prevent certain legit apps from working. I've tried installing Opera nightly build 10.70 and installation stopped with error somewhere in the middle. It's a legit app, but failed to work because of it.

 

The Sandbox of Comodo could not work very well, but that is another problem...

If we have less rights is obvious that a lot of legit application could not be installed because the access to some areas are blocked.

 

-Can you, please, offer some Evidence on this?

Statements/Accusations, like the above, should be supported by Evidence.
In a different case, these Statements/Accusations cannot be taken seriously.
(I don't want to use another characterization...)

BTW, I am Not a Comodo supporter, as I don't use software FWs!

 

Yeah no doubt you are right. Before I didn't even use any sort of protection other than Firefox with Noscript plugin. Never got infected. But if it's light on the system an free I said why not. I tried it out on a test machine and it really does keep you well protected. But like others have said and I agree, it's not for someone with limited computer knowledge.

Also to the user who says that it blocks everything good or bad, yup comodo goes by default deny. Which is why its important they update their whitelist. Seems to be growing with the users inputting programs needed to be added in a forum thread of theirs as well as cloud whitelist. I haven't experienced any issues with programs I have being updated then in the process no longer whitelisted due to the update of the program therefore getting sandboxed like another user mentioned. Might be the way those programs updated their software, I haven't really looked into it.

 

I also tried with lesser known programs just to see how it reacts. The little window in the bottom right pops up saying automatically sandboxed but there's an option to not isolate again, I clicked that and restarted the program and didn't get sandboxed again and the program ran fine.

 

Agree.

 

I too tried and it ran fine too but I am asking whether how to differentiate between a good program and a bad program depending upon some of the D+ popups. I mean languy provides test of comodo with various links and whenever a D+ pop ups is seen he readily hits a "Block" button telling users that this should not normally pop up unless its a malware which I completely disagree and then keeps boasting about the possible output.

 

Anybody else realize that Norton claimed CIS or any other free product wasnt as good as a paid product and here CIS beat Norton hands down?

 

Are you sure? Here are the facts: 1) Norton automatically makes decisions for its users, no confusing pop-ups; 2) Norton has the least of false positives; 3) Norton has better cleaning abilities; and 4) No legitimate software were block from installing by Norton.

Come on man are you kidding me, CIS beat Norton hands down? In that sense please re-read the article especially the cleaning abilities of CIS. There were a lot of rootkits and other malware that CIS detected but could not clean. I'm not trying to bring an A vs B reply here. I'm simply stating the facts with regard to the PCMag article. That is all.

Thanks.

 

Yeah, a software always is better to make decisions instead me.
From my point of view NIS/KIS/whatever paid *IS are perfect for brainless peoples with money and CIS is perfect for moneyless peoples with brain.

Agree.

Agree, but CIS wasn't meant to clean just to prevent.

Agree again, CIS (sometimes) has some "minor" grips with his sandbox.

Again, CIS is not for cleaning, it never was designed for that. They'll add cleaning capabilities but sometime in future.

Bottom line CIS is not perfect but for some peoples who knows how a computer works is a top free security solution among paid ones.

 

I agree. Speaking very generally 15 months ago (and therefore not about CIS 5, avast! 5 Free, AVG Free 2011 or even PC Tools Antivirus Free 8 ), Symantec's David Hall went over the top in spruiking their product.
Are you sure you haven't fallen into the same trap here?

Two "wrongs" don't make a "right"!

 

It's not that simple with advanced users.

For example, I'd rather pay with money than use multiple hours for messing with Comodo's settings so it'll allow my apps to work. I've yet to see anything get past KIS' HIPS and Sandbox, and it has much less pop-ups than Comodo (a much larger whitelist and no auto-sandbox breaking everything. Also there are ways to get KIS/NIS etc. for free).

One thing I really hated with CFW was that when writing my own programs, every time I recompiled and launched my application I got a pop-up. With KIS I get a message stating that the application has been placed in a restricted group, but the restrictions don't break the program as it doesn't need many rights.

 

+1 CIS arguably provides slightly better protection, but it is not usable by to a large majority of PC users. Norton provides great protection, while still being easy to run.

 

If people have to decide what to allow and disallow, why run AV at all? The whole point of having AV software is to tell you what is safe and what isn't. Otherwise you may as well run "naked".

 

I don't run AV at home. I don't need it. I'm perfect fine with router firewall and D+ with Sandbox.
And I guess that you mix up CIS AV module with HIPS module.

 

AV & HIPS both serve the same purpose, to protect the PC from malware.

 

Here's the malware removal scores (draw your own conclusions):

 

According to languy99's usability test, CIS should be fine for the average users

-http://www.youtube.com/watch?feature=player_profilepage&v=Dj3KgcIhtdg-

 

Agree, but they work different. AV are based on signatures/cloud/heuristics/whatever and HIPS are based on files execution behavior.
So for a day 0 malware which is missed by signatures/cloud/heuristics/whatever because is unknown but caught by executable behavior who will win? Automatic software decision which will let pass the 0 day unknown malware or HIPS which let me judge what that 0 day unknown malware is doing/opening?

InfinityAz CIS is not meant to clean infections. Just to prevent them. And for that is damn good.

 

That is because they don't install. With returnil home (with the AV) they were problably as happy. Please take this bet. You mentioned machines: install returnil on one and Comodo on the other.

Cheers