Comodo needs an antispyware solution. They have BOClean but all that does is just sit there and protect us; it doesn’t scan our computer for them. I go around pages hunting for the Zlob, Vundo, and Virtumonde familes (they aren’t that hard to find) and have them run by Comodo Internet Security’s CAVS3. Windows Defender, surprisingly, is the one that pops up first and the only program that even pops up at all when confronted with a Zlob. Could Comodo get a superior antispyware solution? Yes. Could Comodo make virus signitures released more quickly compared to Trend Micro and others that are updated multiple times a day, some as often as very few minutes just to keep up with trojans and rogues. Could Comodo make a statement that free programs can be better than the one’s you get at BestBuy? YES YES YES, but only if Comodo get’s off it’s ■■■■ and says, “I’m gonna show the computer world what I can bring to the table and to the head of the malware makers!”
^ how to submit suspecious files\false positives.
CAVS3 is antieverything. If you send those samples in then your helping
As for update times, Melih wants every couple of hours. Actually, the updates are more than trend micro already.
Trend Mico updates once every 24 hours
i’m sorry, I said the wrong company. Symantec and the Norton family of products get updates faster. http://www.symantec.com/norton/antivirus Rapid-pulse updates they calll it, new ones immediately with 5 to 15 minutes. Oh, if CAVS3 is really antieverything, why can’t it scan the registry for virus and spyware based entires?? All antispyware applications scan through the registry and AVG is the only antivirus application I’m aware that does scan for virus-related registry infections because it’s both antivirus and antispyware together. Comodo needs to add registry scanning to the list of capabilities their CAVS needs to be able to do. It’s not already there because there’s 1. No option to select/deselect the registry in being scanned and 2. I ran a full scan and nothing with HKLM or those other registry prefixes came up in the process it was scanning. Either CAVS doesn’t have registry scanning or it’s hidden.
Ahh well there has been speculation on norton(by the way norton is owned by symantec) updates… That is probably best for another thread though.
Some people believe them to be “Reserved updates” and In my opinion, I believe it. Seriously - How can you examine, create a signature and test in 5-15 mins? a qoute from Kevin was to make a good signature can take anywhere from 20mins +
Perhaps someone with more experience can answer your question about registry
I don’t see it as much of a question, I see it as more of “I don’t see it!” If I don’t see my AV scanning registry, how deep will you think it’s gonna go? Not very, that’s how far, because viruses aren’t just files cause they mess with things too. I had Downloader.Dluca.E on my computer twice. Once because Norton killed all the infected files and then once again cause I didn’t know the registry keys were involved. Second time, it killed my AOL and Norton becuase it was trying to submit information on my Norton license file and AOL’s stuff. I no longer have Norton or AOL anymore since both were memory hogs. The point is that AV’s need to scan the registry, not just files in order to find all that they can and get it all killed the first time.
And yes, I did know Symantec owned the Norton line, but I refered to them being “Symantec and the Norton family of products” i.e. Symantec Antivirus. A ‘the’ should have been put in place to make things more clear. Either way, Symantec may not have the firewall power, because of the firewall challenge, but I personally believe they currently have a much more powerful AV than CAVS even though their’s does not scan the registry as far as I’m aware.
Thx for the feedback HarmonicShadow. CAV does handle everything, and from features to detections will improve over time.
Harmonicshadow and I continued the conversation over msn.
If you have CIS installed on your system and also install Comodo Registry Cleaner (CRC), when you run CRC it will flag malware related registry entries to be removed, as it will use the sig DB of the AV from CIS (I’m almost positive this is correct, but would like confirmation from Comodo staff).
This is part of Comodo’s integrated design philosophy, where one Comodo application can take advantage of components from another Comodo application.
Thats great. I just hope that Comodo will also make possible for CRC to flag such registry entries by it self by downloading a registry based malware database, so that people who use CRC but not CIS still have that feature.