Comodo Antivirus

Discussion in 'other anti-virus software' started by TheIgster, Jun 24, 2010.

Thread Status:
Not open for further replies.
  1. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    report it to developers, just in case it will be fixed
     
  2. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    I don't need it either.
    I was using CIS4 (along with their AV) before that, I asked for it because of TrustConnect (which I found out later it's free as well but link to download it may be hard to find)

    btw back 2 d topic, I found CAV to be very good, good detection rate, no FP's (in my case anyway) and what I liked the most ... great options to choose from when malware is found, I haven't seen that in other AV's.
     
  3. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    719
    Location:
    Canada
    yeah. it's not a huge deal, but it does bug me a bit. Oh well, at least it can be minimized to the corner.
     
  4. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    I can't really speak about its detection rate, but I did find the number of FPs to be unacceptably high.
    More than even a2 and this with the heuristics left on the default setting (Low).
    Perhaps you'll have better luck.
     
  5. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    Please clocks do not let me twist in the wind :D tell me the name of the other programme that has not failed beside CIS. I could venture to guess it's Outpost Security Suite.

    Thanks.
     
    Last edited: Jun 24, 2010
  6. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    I was thinking the same, but my guess is Online Armor ++ :D
     
  7. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787

    HAHA Sorry. CIS, Norton AV(don't need the suite), and Prevx I have not been able to infect. Prevx I have only tested twice, so that one is still up for debate, but the other two I have test 4-5 times (prob about 20 links each time). I have tested about 15 programs in total so far.

    Regarding Prevx, I would only recommend the paid version. The free one stops nothing.
     
  8. ace55

    ace55 Registered Member

    Joined:
    Mar 29, 2010
    Posts:
    91
    Norton because of Sonar, I presume?
     
  9. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Yep If you download the latest Comodo firewall it has proactive defense and Sandbox. You just need to enable it and tick auto sandbox unsigned software. I use this on my daughters computer with Panda Cloud and it works great.

    On my Desk top I am just using the full Comodo internet security suite.

    Cheers

    Jlo
     
  10. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Hmm, I am going to try CIS again very soon. I haven't used their AV for a long time..
     
  11. Clench Tightly

    Clench Tightly Registered Member

    Joined:
    Apr 2, 2008
    Posts:
    34
    I'm currenty using CIS 4.1 (FW, D+ and AV) and have had no problems at all with it. Zero FPs (but that could just be my software base), zero infections, light resource usage and very unobtrusive.

    I recently installed this on my mother in laws PC (after making sure it was 100% clean) and set the parental controls to surpress all alerts. Now,she doesn't get alerts, doesn't get interrupted and doesn't get 15-20 new toolbars a day.;) She loves it so much she doesn't even think about it anymore - it's the perfect security solution for her.

    Overall, I'm very happy with it - zero infections and zero problems.

    CT :)
     
  12. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    CIS is due to be included in the next round of AV-C testing so that should be an indicator of it's progression.
     
  13. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    Yes, Sonar appears to be a big part of their protection. BTW, my tests were done using NAV 2011 beta. I don't know for sure, but I suspect 2010 performs similarly.
     
  14. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,175
    today i had the 3 firs fps but no big deal
     
  15. taleblou

    taleblou Registered Member

    Joined:
    Jan 9, 2010
    Posts:
    1,349
    Hi:

    I have the cis complete on some of my family pc and all including the comodo antivirus part is set to the maximum setting (highest detection and file size scanning of upto 1024MB (limit) and onaccess detection) in the setting and have tested it against many malwares (from malwaredomainlist) and nothing made it passed its detection and has gotten everything with no false positive or too much popups. The complete suit works excellent on my xp systems. I always set everything to the highest and most effective setting.

    P.S. the only way I check and know nothing passed the comodo detection is afterward scans with hitman pro, malwarebyte and superantispyware, emsis and all show zero malwares.
     
  16. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
  17. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    719
    Location:
    Canada
    OK, So Ive been doing some testing tonight and I have to say, for the most part, Comodo has done very well. Now, with that being said, one file in particular has seemed to have broken through Comodo's sandbox. How is this possible?

    I follow the link, it downloads and runs a file. Comodo pops up and says it will run the file in the sandbox, I say OK. Well, the file is on the hard drive. It is found by Malwarebytes and it is running in memory!!!

    I go to My Pending Files, see it there and choose Delete as the action. Comodo shows as if it is deleting the file. The file though is not deleted from the folder it is loaded in nor is the memory process removed.

    Unless I'm missing something, this sandbox thing is not working as good as some think it is. The file is winvnrsn.exe and is a trojan.

    Thoughts folks?
     
  18. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    I believe when you choose delete from that menu its deleting it off the list of programs not from the actual HD.
     
  19. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    719
    Location:
    Canada
    OK, that's fine, but if something is running in the "sandbox" should it exist on the HD and be running in memory? :eek:
     
  20. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    From my experience with the sandbox there is no chance of recovery to the HD. Everything Ive downloaded, isolated, or ran within the sandbox was totally wiped without a trace after closing the program.
     
  21. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    719
    Location:
    Canada
    But I didn't open the program. It was a link to a piece of malware (specifically a trojan). How am I supposed to "close" it?

    From the Comodo help file:

    The delete option did NOT delete the file from the system. It still was where it had downloaded and installed and it was still running in memory.
     
  22. Comodo Sandbox: Automatic virtualization is still not enabled by default. So meaning sandboxed exectuables can still drop files. However, they can not modify (infect) registry keys or files and this is where Defense+ restricts those sandboxed applications.

    New files are allowed to be CREATED but can NOT modify an existing files. CIS is keeping your PC clean. For unknown applications (sandboxed) - Defense+ automatically blocks file system and registry access to critical keys/files.

    So, sandboxed applications:

    1 - Can not modify any protected registry key
    2 - Can not modify any protected file i.e. infect files
    3 - Can not do any operations that require administrative privileges

    If you find the malware in memory as you mentioned, and in hard drive, yes it's possible off course, but the malware is not active to cause any infection what so ever. Rebooting will delete the malware from memory. :)

    This is how the Sandbox works in CIS, due to auto virtualization not being enabled by default - which is due to incompatibility concerns of other software since it's a automatic sandbox.

    Cheers and hope this clarifies.
     
  23. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    719
    Location:
    Canada
    I thought the whole point of the sandbox was to keep the bad guys out of memory and off the hard drive? So if I reboot, it will be removed from memory, but what about the actual malware file? Why did it not delete when I selected Delete from My Pending Files?

    Can you clarify what you mean by auto virtualization not being enabled by default?
     
  24. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Igster,

    have a look at the settings of the sandbox part

    Regards Kees
     
  25. TheIgster

    TheIgster Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    719
    Location:
    Canada
    You want to be a bit more specific Kees?

    Attached is what the sandbox portion is set to. By default. I didn't touch it.
     

    Attached Files:

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.