Comodo Antispyware


I would like to know if Comodo Antispyware will feature Real-Time protection.


What do you mean by that?



For example in an antispyware product such as Spyware Doctor it features real time guard providers such as Cookie Guards and an Immunizer. The cookie guard deletes Spyware Cookies, and the Immunizer blocks threats from getting in. These are just two of the many providers.

There is Sandboxing, if thats what you are talking about, the CPF will also have this ability and many more…


Hey Melih,

How about a user-invoked sandpit? This could be used if a user has an unknown infection, they could invoke the sandpit, which could kill user-nominated processes and monitor its reinstallation, its source process or service, port access attemtps etc. for the purpose of logging and reporting. This theory could be extended to the AV as well.

What think?
ewen :slight_smile:

and into a firewall :wink:

Ewen, you are a true Comodo thinker :wink: We are on the same page :slight_smile:


Hey Melih,

How about making the sandpit application independant? Sort of like a layer that can be called by any of the Comodo security apps. This would keep the individual apps size and complexity down and allow a single sandpit model to be refined.

what think?
ewen :slight_smile:

Possible, that is sort of how we are doing it, as a module that each application can turn on, on demand. So great idea :wink:


Does Comodo have a more accurate time frame of when Comodo Antispyware will be released (can’t wait :D)

Well, in order to keep things optimized and fast, we might build the antispwyare feature into AV itself. We don’t have an exact timescale, but soon.


I think that’s the right approach. Only for historical reasons have these two types of anti-malware developed as separate applications.

That may cause the antivirus app to become bloated, I was hoping for a seperate app.

Well, nowadays, if should have both AV and spyware. So, using two different vendors for AV and Antispyware means, each file will be scanned twice by two different engine, you will have two on access scanners etc etc… Even though spyware is different (technically), if you put both into one, then the only extra time will be spent will be checking for extra signatures, and you will have all the gains from having a single, on access, scanner etc etc. My logic is, malware is a malware, whether its a virus, spyware, adaware, trojan etc, we should have just one application that detects all malware. I think traditionally companies have created different products so that they can sell more products for the new threats, but our intention is to secure people’s pcs most efficiently and by best technical solution.

I hope this clarifies why I think its best to detect all malware with one app.


In its broadest sense, both viruses and spyware share common traits

  1. they are installed without user agreement
  2. they perform actions without user intervention
  3. they perform actions for the benefit or detriment of others
  4. they take steps to ensure they are “alive”
  5. they can propogate themselves
  6. they can affect the normal operation of a users PC
  7. they are bastards

As Melhi pointed out, the only real impact into integrating the two apps together is an increase in the signature base and the addition of new attack vectors that would need to be checked.

Besides, it should be possible to tell the aggregated application that you want to check for all, viruses alone or spyware alone.

By aggregating the apps, we reduce the memory resident load, enhance usability through a common interface and allow Comodo to focus development on a single app.

what do you think?
ewen :slight_smile:

But a separate antivirus and antispyware will consume more resources than one program doing both jobs. So a separate app will actually increase resource wastage, except for those who choose to run only one of them. But most people will probably want to run both.

One app would make it easier for Comodo and their end users. It surely would be better to do an antispyware and antivirus scan at the same time instead of seperatley.

I think that it would be good though to have a choice in the app as to whether users want to just check for spyware or viruses etc to give control and flexibility to the end user.


Ok, pls to put this in AV wishlist.


Ok done.


Sounds cool. Will it be closer to Sandboxie, Bufferzone , Defensewall or GESwall?

very good question :slight_smile:

we don’t envisage it be a sandbox kind of HIPS but more like SSM but has some other innovation (patent pending) built in. We might bring in Sandboxing at a later stage if needed. Also, we are concentrating building the biggest white list and now has over 130,000 executables verified. So this will help with the noise level of the hips.