Comodo AV

Discussion in 'other anti-virus software' started by Smiggy, Aug 7, 2012.

Thread Status:
Not open for further replies.
  1. gdiloren

    gdiloren Registered Member

    Joined:
    Jul 3, 2007
    Posts:
    146
    My database is automatically updated every 45 minutes, but I admit the date "thing" in the summary screen isn't at all that "reliable" and should be "improved"!:)
     
  2. Sevens

    Sevens Guest

    I have a number of paid alternatives and I have to say that I trust none of them like I do the full package of CIS Premium. In fact I have a 2 year license of a well known competitor my wife brings up every so often. The whole package is hard to beat in protection or performance. If it is done I haven't found it or I would have bought it.
     
  3. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,853
    Again had false positive problems with it. I installed CIS on my Mom's computer. I ran a full-scan, which took over an hour. It detected 212 "rootkits". It said rootkit because they were hidden or something. It was some hidden compressed archive. I couldn't upload the files to virustotal because even with hidden and OS protected files checked I couldn't get to the folder in question, but MBAM and HMP have never found anything so I assume they were FPs.

    So I think I will keep the FW and Def+ on my brother's and Mom's computers, but what AVs work well with it?
     
  4. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,204
    Did you enabled Rootkit Scan option under settings which is disabled by default?

    That Rootkit Scan is an advanced Rootkit Scan & can give FP's therefore disabled by default. It is for expert users.
     
  5. gdiloren

    gdiloren Registered Member

    Joined:
    Jul 3, 2007
    Posts:
    146
    Don't get it. Using "rootkit scan" without any problem! What about detecting rootkits for realo_O
    I have cloud scanning checked also. It may help!
     
  6. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    The default setup that we use for our clients has Rootkit Scan enabled and I've never heard of any computer scanned having results like Brandon is getting.

    Brandon- Have you tried scanning that computer with something like GMER, Sophos AntiRootkit, etc? If not please do so and get back to us; and if you could give us a taste of the AV log from that scan it would be appreciated.

    One other thing about manual scanning (and this applies to whatever default AV you would use)- I've always found it kind of pointless to do manual scans with the same AV that you have active in realtime (basically that's like being checked out by a Physician, getting a diagnosis, and going back to the same person next week for a second opinion). Keep Comodo AV. Do your manual scans with MB or HMP.
     
  7. gdiloren

    gdiloren Registered Member

    Joined:
    Jul 3, 2007
    Posts:
    146
    I agree.;)
     
  8. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,853
    Those are some good points. I already removed it so the logs are gone.

    It is a Compaq laptop, so that may have something to do with it, if it was some OEM thing on it. I will do a scan with GMER etc. I can't remember the name; I think it started with $Ns or $Nt and then random digits. I can't remember what directory it was in, though it may have been Windows.
     
  9. gdiloren

    gdiloren Registered Member

    Joined:
    Jul 3, 2007
    Posts:
    146
    On another note, I'd like Comodo AV be tested for detection on AV comparative and other specialized sites that test detection together with AVIRA or AVAST or G-DATA.:)
     
  10. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,853
    Ok, I got the log for my Mom's computer. Most of the "rootkits" were hidden files:
     

    Attached Files:

    • Log.txt
      File size:
      6.7 KB
      Views:
      78
  11. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Those don't look like false positives, looks like you may have zeroaccess infection. I would run a scan with hitman pro just to make sure.
     
  12. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,853
    TDSSKiller and HMP found nothing.
     
  13. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Hmm strange. Maybe at one point you had been infected. Because those files look very similar to zeroaccess remnants I have encountered with machines that were infected with zeroaccess.
     
  14. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Last edited: Aug 12, 2012
  15. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,853
    That's very troubling to think of my Mom having that on her PC. I've never noticed any redirects or anything. Maybe it got put on there when she had a fake AV infection? Regardless, I ran TDSSKiller again with the additional options selected, and it found an unsigner file IDirectT or something close to that.

    I will run the Kaspersky Rescue CD to be safe.
     
  16. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,853
    3 hours later, no threats found at all by KRD.

    However, after rebooting, the computer was so slow and mostly unresponsive. Resource monitor showed numerous COMODO agent processes consuming resources. Uninstalling COMODO solved the slowdowns.

    Think I'm going to use Avast! and Online Armor Free on it

    About the TDSS, not sure what was up with that. Everything has come up clean but if you think those files were from it I trust you.
     
  17. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183

    Most likely just remnants left over for when the machine was infected with rogue av. The logs also show that comodo removed those files successfully. So it should be good now.
     
  18. Sher

    Sher Registered Member

    Joined:
    Oct 19, 2005
    Posts:
    366
    Location:
    Pakistan
    I have a question for Comodo users:

    I already have Comodo Firewall installed on my system. I want to change Roboscan with Comodo. Do I just need to install the Anti-virus now, as I already have the firewall?
     
  19. Jim1cor13

    Jim1cor13 Registered Member

    Joined:
    Aug 4, 2012
    Posts:
    473
    Location:
    US
    Hi Sher :)

    I am not a Roboscan user, but from what I understand others have mentioned about this, is that Roboscan, by default, has its firewall disabled. In this case, you would simply install Roboscan leaving the firewall disabled and maintain using Comodo. Of course, option 2 would be to uninstall Comodo, then install Roboscan and enable its firewall.

    Someone using Roboscan may have a more complete answer. Personally, I think Comodo Firewall is a better choice overall, but that must be your decision. I think Roboscan firewall is fairly basic, although functional, and I would think Comodo offers much more in the way of firewall strength.

    Just my thoughts from what has been stated. :)
     
  20. Romagnolo1973

    Romagnolo1973 Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    565
    Location:
    Italy - Ravenna
    I have a thread in an Italian forum about CIS and some users have this combo with no issue but you need a trick making exclusions
    Roboscan have FW disabled by default and this help not having issue
    But you need to make the exclusions: first Roboscan excluded in CIS Defense+ (or Roboscan DLL wil be blocked and no more context scan) and than make CIS excluded in Roboscan
     
  21. Sher

    Sher Registered Member

    Joined:
    Oct 19, 2005
    Posts:
    366
    Location:
    Pakistan
    Extremely impressed by Comodo Internet Security so far. Almost impossible to get infected with my current setup.

    My system feels much lighter now as compared to Kaspersky previously.

    And the best part is that it doesn't cost a penny.

    I'm definitely a keeper here.
     
  22. Jim1cor13

    Jim1cor13 Registered Member

    Joined:
    Aug 4, 2012
    Posts:
    473
    Location:
    US
    Hi Sher :)

    Glad it is working for you. I apologize for my response earlier today, as I realized just now I had misread your question. Glad you got setup and things are running well with CIS. :)
     
  23. gdiloren

    gdiloren Registered Member

    Joined:
    Jul 3, 2007
    Posts:
    146
    +1. I'm a keeper here an awaiting to install next Microsoft Updates as it was where I was having problems with CIS last year/Somehow, I don't know!:)
     
  24. Sher

    Sher Registered Member

    Joined:
    Oct 19, 2005
    Posts:
    366
    Location:
    Pakistan
    I'm having problems with windows updates. An update called KB2647753 gets installed and is then being showed up again in download updates list.

    What to do?

    h^^p://img127.imagevenue.com/img.php?image=969994324_Clipboard01_122_172lo.jpg

    Update 1: Even, after disabling Comodo/Kingsoft, the update keeps coming back...

    Final update: The problem was related to the update(KB2647753) itself. It installs manually(automatically not working). No issues with Comodo w.r.t. updates.
     
    Last edited: Aug 14, 2012
  25. gdiloren

    gdiloren Registered Member

    Joined:
    Jul 3, 2007
    Posts:
    146
    Fantastic! Wonderful. Thank You Comodo. The incompatibility between Microsoft Update and CIS is solved. This morning the Microsoft Updates all installed like a charm with Chiron's MAX. Security configuration ON. Happy user. Thanks Comodo! Cheers!:) ;)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.