They’re not equal for sure. avast does not have a HIPS.
Thief ???
No matter what is called a module, it is important to address any problems he has been connected. Tech, it’s very simple shove algorithmics, which will block all and call it … Heuristic, оr Behavor (entire CIS in principle - it’s behavioral analyzer)
“But, instead of using the “default deny” paradigm that Comodo is trying to advertise so much”
Who are they??? If they said, Сomodo fellows - have come up with a great concept and we will try to do better … I can understand it. Wait and see why I recall about them - I see what they charge and what they say.
All regards to you, Tech. Alex
ADD: It only Melih says how each module works. Ask anyone from any other developers… At this forum a lot, developers, journalists and others. Articles you read it … first thoughts were on this forum, and then resounded on the Internet.
HIPS and behavior blocker are 2 different things.
http://vx.netlux.org/
http://vx.netlux.org/lib/?index=Top&lang=en
i think av is needed to scan a system which is already infected and to clean it
Behavior blocker = Robust HIPS
Alex
Is it right to think that a typical HIPS (without automation) rely on user interaction and the behavior shield, on contrary, takes the decision? ???
Never thought of as a behavioral analyzer works? This is the same HIPS with certain rules.
Alex
Behavour blocker still relies on “rules” for detecting the “behaviour”. it will miss some behaviour and won’t detect.
Melih
Depends on how to make :D. Joke and that’s enough - it is necessary to remove the signatures problem 
Cap of coffe… forum… ■■■■ again Alex.
Digital signatures…
Seems and this solution soon gone…
regarding the link
at may be of special interest, also, is that this is how it's going to work even in the free version (which means that the core functionality of the sandbox will likely be moved to the free AV).it's good that some1 has " finally " listened to melih and started to implement some new features into the free protection which are essential in terms of protection ,nevertheless .. I would love to know 1 thing :) what if I ran a program that doesn't look suspicious to Avast's new behavior blocker ! ?
Does it mean that this program is safe ? is the new sandbox without any HIPS will be enough to ensure both , usability and protection ?
behavior blocker isn’t good generally why ? !, just imagine that I made a little calculator which performs keylogging activities ,however , the keylogging behavior doesn’t work instantly , instead , it waits till the user hits the exit button " which is supposed to end the program , however , it goes in the system tray and starts spying on your keyboard,keep in mind that the keylogging behavior didn’t start upon the execution ;).So , !! All of that will be inside the amazing avast’s sandbox , unless it caught the software in the first place ,which is unlikely , since the behavior is dependent on what you do with the program afterwards. So, There are three possibilities :
1- it will block such a behavior without taking a permission from the user ,which is bad because also some legitimate programs will do such a thing.
2- it will allow this action , which is awful if you asked me. ;D
3- it will ask the user whether he wants this program to do such stuff or not !!, and of course that’s the appropriate thing to do , if you want to ensure the security and the usability at the same time that’s why even the most silent HIPS will ask ya ,e.g. Defensewall etc.
Or it will block anything “unknown” like blue point security :-[
And all of the above was just a simple scenario that could happen ! ;), of course the data will be sent to a host afterwards , but I think you got the idea 
.
so , let’s wait and see how Avast! will be easily bypassed ;D < ■■■■ i’m sure about it .
You were absolutely correct. I scanned the keygen with Trend Micro & Kaspersky & both scans came back as clean.
Don’t be silly… or the program is a file or it is loaded in memory…
There is no “action afterwards”…
Are you serious?
Praise Melih if you want to (and there are probably other more appropriate threads than this one in which to do that) but I doubt even he could take seriously the scenario you propose. It presupposes a level of stupidity on the part of Windows and other AV developers that if it were true, would mean they would actually need to be hanging on his every word for direction and guidance.
Now back on-topic.
No. Antivirus is not necessary in a fully-virtual environment.
If you are capable of setting up and trouibleshooting Returnil or similar, or comfortable with the inherent limitations of Virtual Machine, etc, then by all means run “naked” and “free” in cyberland. If something gets in, a reboot will fix it.
The thing is that most people have AV on their PC because it’s easier to implement than the alternatives. Whether or not you like, Norton, McAfee, whatever, if it comes preinstalled and doesn’t do anything to annoy you, it is easier just to pay for it (or not pay and run with it out of date for years after the trial period, but that’s another story) than to change it for some other program or method.
I have commercial clients using PC Tools AV Free 7 & 8 (also lately ,non-profits using Panda Cloud Free).
Now I would be the first to admit that PC Tools AV, especially earlier versions, is not the most outstanding AV in the world, but some of them have had PC Tools Free since 2007. So far no infections and no other problems. A virtual environment or an AV with sandbox might well be more secure, but they would need a justifiable reason to add such “complication”.
I’m sure alot of you will change your mind when the next appearing versions of CIS are released.
Josh
G’day Syl,
I have the the latest Avast Free AV together with a Comodo Free Firewall please don’t get me wrong I still love comodo firewall I have nothing against comodo see my sig below.
What I have inside Avast that’s protecting me long with Comodo Free Firewall all together with D+, Sandbox and the Cloud without CAV set to Proactive Security Mode.
Avast has 7 Real time shields features are running in the free version all enable mode and along with extra features in the free version:
1. File System Shields - Real-time scanning of opened/executed files.
2. Mail Shields - Scans all incoming/outgoing e-mails for malware. For MS Outlook, a special plug-in is used. Other email clients are protected by a generic POP3/IMAP4/SMTP proxy. New in version 5, the proxy also supports scanning of SSL communication (gmail.com, sympatico.ca, ….)
3. Web Shields - Scans all visited web pages and checks all files, pages and java scripts downloaded from the internet. Thanks to the Intelligent Stream Scan feature, the Web shield doesn’t slow down your web browsing.
4. P2P Shields - Checks files downloaded using P2P programs. - ABC, Ares, Azureus, BearShare, Bit Torrent, BitComet, BitLord, BitPump, CZDC++, Direct Connect, eDonkey, eMule, iDC++, iMesh, Kazaa, Kceasy, LimeWire, Morpheus, Opera’s DC++, Overnet, Qtrax, Shareaza, SoulSeek, StrongDC++, uTorrent, Vuze, WinMX, Winny2, Zultrax.
5. IM Shields - Checks files downloaded while using instant messaging or “chat” programs. - AIM (AOL Instant Messenger), Gadu-Gadu, gaim/Pidgin, Google Talk, ICQ, IM2 Messenger, Infium, Miranda, mIRC, MSN/Windows Messenger, Odigo, PalTalk Messenger, Psi Jabber Client, QIP, QQ, SIM, Skype, Tlen, Trillian, WengoPhone, XFire, Yahoo! Messenger.
6. Network Shields - Provides protection against network-based viruses. The module has two main components: a URL blocker, designed to block malicious URLs (as defined by the Virus Lab), and a lightweight intrusion-detection system.
Updates.
7. Behavior Shields - Monitors activity on your computer using a number of sensors (file system, registry and network based) and reports/blocks any suspicious behavior.
Behavioral Honeypots - avast! sensors identify and monitor suspicious file activity on selected computers, automatically submitting files to the Virus Lab for additional analysis.
Real time anti-rootkit protection - Unique “on access” technology checks all kernel-mode drivers that the operating system is loading for signs of rootkit behavior. This enables even unknown rootkits to be detected and stopped before they can do any damage.
avast! Community IQ - Most samples we process come from sensors deployed throughout the avast! community in the Behavior shield and anti-rootkit modules. This is a unique source of data made possible only thanks to our huge user base. Most of the collected samples are analysed by a number of automated processes and only a small fraction of the samples need to be processed manually by our virus analysts.
Code emulator - When a suspicious executable is encountered (during both on-demand and on-access scanning), avast! is able to emulate the program’s code in an isolated environment. The code emulator is used for two purposes. First, it is used for generic unpacking. Secondly, it is used in the heuristics engine. Technically, this is done using dynamic translation, a method much faster than traditional emulation techniques.
Heuristics engine - Starting with version 5.0, avast! features a new heuristics engine designed to proactively detect malware undetectable with normal definitions. The heuristics engine is able to cover both binary (executable) and script malware.
Potentially unwanted programs detection - New in version 5.0, avast! now detects potentially unwanted programs, such as remote admin tools and commercial key loggers. Custom rules can be set for dealing with these types of programs.
Boot-time scanner - Allows you to scan your computer for infections before the operating system has started and before a virus can be activated (32-bit operating systems only) and (Boot-time scanner will support 64-bit operating systems soon the next release).
Wake-up for scan - Microsoft Windows is woken from sleep or hibernation mode, performs a scheduled scan, then returns back to sleep mode.
Fast application of updates - New format for the virus definition file speeds up application of updates into avast! 5.0 and reduces demand on CPU/memory, resulting in uninterrupted computer use. New format for the virus definition file means faster updates and reduces demand on CPU/memory, resulting in uninterrupted computer use.
Silent/Gaming Mode - Automatically detects full-screen applications and disables pop-ups and other on-screen notifications without degrading security.
Multi-threaded scanning optimization - Avast! runs faster on new multi-core CPUs. A new avast! feature allows the splitting of large individual files between cores, accelerating the scanning process.
Green computing - Reduced demands on the disk drive result in lower energy consumption.
Thanks for this post SpeedyPC.
CFW + Avast was my previous setup with CFW 3. I skipped CIS 4 because CFW 3 failed to update. Now I’m using CIS 5, and I’m planning to update CIS on my parents’ (old) computer.
I don’t understand how useful are Mail Shield, P2P shield, IM Shield. Once the malware hit the drive, the File System Shield will detect it, so what’s the point?
And funny stuff, there’s one software unchecked in the P2P shield settings, and that’s the one I use… uTorrent ^^;
Now it would be interesting to see which AV is lighter. My parents use my old P4, and Avast 4.8 was pretty slow. I don’t know yet about Avast 5.0. MSE has some leaks. Nod32 3.0 was faster, but I didn’t try 4.0. I’ll try CAV next.
I don’t get it. What is it with COMODO that makes you want people who are satisfied with other products to change their mind? I remember seeing a post by Melih somewhere here asking for help or suggestions on how to educate people as to why they needed to change to COMODO product. Why?
There are of course “enthusiasts” for every product but I can’t think of any other vendor support forum where people exhibit this kind of prime-directive need to convert people. By all means please post examples of any you know because I may lead a comparatively sheltered life. ;D
A friend runs UNIX on his MAC. He loves it, but he doesn’t try to convince me that I should do the same just because he does it.
COMODO might be, or at least one day become, the best PC protection money can’t buy. If I then choose not to use it, will I get a visit from the ‘thought police’?
I’m ordering the bumper stickers,
“Currently not using COMODO and not certifiably insane!”
[at]pc-pete: don’t take it too seriously.
Josh was teasing about Dacs, which he can’t talk about yet
And I like that
Hope we’ll see what the fuss is all about soon