Running Antivirus thinking you will be safe......Madness!!!

Do you really think you will be safe if you run an antivirus program?

If you do, then you are MAD, MAD, MAD!!! :slight_smile:


Then which is safer between Comodo Internet Security V4 (no-optout install-time config) and Comodo Firewall V4 with Proactive configuration (user chosen install-time optin) ?

Depending on the threat model…both are safe enough… but you can always go deeper in protection if you are to manually configure it. Of course there is a fine line between highest security and usability where the ROI stops paying off.

However, you do raise an important issue and does deserve its own topic (it will also keep this thread on topic).

thank you


Thanks for the reply.

It was not my intention to raise an issue but rather having a chance to acknowledge the rationale behind the two packaging approaches I mentioned.

np :slight_smile:

We want to give the flexibility to our expert users, while still enabling our novice users with high security. Hence the configurability.


yes (I hope I’m not understating it)

The question is what Melih meant with his declaration, knowing he is the editor of a security suite including antivirus, firewall, hips (and now sandbox).

That whatever antivirus is enough? Or that he is aware that Comodo’s one is said from reviews to be not that good?

That an antivirus+firewall+hips+sandbox is enough?

Well, maybe still not: everyone says that the best internet security is between the ears of the user, but Comodo or anyone else doesn’t provide, free or paid, brains, does it?

And even assuming, it is a very subjective matter, that one has not “brains”, but at least a secured internet behavior, shall he be sure not to be infected some day or another by some rogue or rootkit?

The question not of antivirus itself, it of course fails because it generally monitors, if ever it does, what HAS already been downloaded and installed, but of “total security” remains to be answered, particularly if people want to rely on a “ready to use” package asking them no interaction, whereas these same people’s hardware and software configurations and usages can be very different.

In this regard, Mister the C.E.O., i shall at the day speaking continue to use CIS V3 in customized mode so i am asked of whatever the firewall and defense propose, in order for me, and even if i can mistake myself, to be the only one to decide, and never rely on whatever antivirus altough i actually have one installed (not yours) for merely cosmetic purposes.

I think Melih meant that an AV was not enough security. Zero day threats are a huge problem that a traditional AV CANNOT conquer.

I can only assume Melih was implying that a HIPS is now a necessary addition to your security. Of course making good decisions is paramount to safety, but a HIPS also assists in that area.

I do like this point. It is for this reason that an AV will always be a necessary layer of protection. I don’t believe that there will ever be a security perfect enough to always protect a user from himself, but the idea is to limit the chances of infection.

Also, I’m not sure I understand what you mean that you are using an AV for merely cosmetic purposes.

An AV doesn’t protect you against anything but some aspects of the user’s behavior, for at least 2 reasons:

-a “new” virus, if not detected by heuristic characteristics, has the time to spread 10 times around the world before any editor has the time to upload a patch.

-it does not either protect you against malicious website scripting (active x, javascript…) and more generally against “deliberate clicking” (rogues, rootkits…).

So, yes, it should protect you against mail attachments and double extensions, but this does only assume that some people dumb enough to be infected by mail attachments still exist.

p2p, warez and porn is another story, but that is another story: when you play poker, you must sometimes be ready to lose…

I never run whatever without a firewall, but i stayed many years without any AV and only got infected twice in more then ten years (because, at that time, i liked to play, altough not very often, with warez download).

I installed an AV because everyone tells it should be done so, and the last one (avira) only because i was puzzled by some comment in this same forum telling it should not work with CIS (it actually does).

But i still don’t believe, if proper and simple behavior and security measures are applied (mail, windows services, disabling scripting, not using warez, porn, p2p, im, be careful when and where clicking…) that virus (excepting, again, rogues and rootkits toward which they are totally unefficient) are a sufficient threat to deserve an AV to be installed.

In theory, “novice” user should force him|her -self to study subject X, subject Y, learn how to use software firewall (w outbound protection), behaviour blocker, hips etc. AND implement decent security on his/her system.
OR technician who install OS should setup decent security on machine AND after that educate customer how to use his/her perfectly safe system.

In real life people who install/configure systems for customers use AVs ONLY because ONLY AVs provide “zero-touch” operation once they are set up.

“In theory, practice and theory are the same thing. In practice, however …” (c) panic (Ewen)

Problem is not “Current AV industry deceives users” in terms “system would be safe if you will use OUR Antivirus”. They (users) would have found out related “unmasking” facts if they would have made an effort. People may not bother on this case because:

  • AV company/industry (“professionals”) is trustwothy and all it tells is the Truth;
  • why bother because of nothing when one has much more severe problems in real life;
  • “malware is not a serious threat”

Maybe here is how slogan “i’m safe because i use AV” lives and blossom.

The use of an AV product has the potential to do harm in two ways.

  1. The naive user has a false sense of security or invincibility because they assume the AV product will protect them against all threats and thus the user doesn’t need to be particularly careful about what they do.
  2. The AV product itself harms the system because a FP results in quarantining critical system files (this happened to some people over the past weekend).

So is an AV useless? No, it is a component of “a layered approach”. CIS wouldn’t include an AV component if it didn’t provide some benefit.

Hi. I am new, in this community. Can someone help me how to put on a topic, on the message board.

I have a message for the developers of comodo.

I would be happy, if you could let comodo update its virusdatabase automatically, like Avarsti antivirus does.
And it would be great, if you enter an option, in schedule scans, so it could be managed to scan, every two weeks, and also the option to scan every month instead. AVG antivirus has this option.

I wish you all. Oh happy day!


  • The virusdatabase IS automatically updated.
  • Double-click Comodo’s systray icon → AntiVirus → Scheduled Scans. This wasn’t hard, was it? 88)

Nope, but I can run GesWall and will be completely sure that my PC is clean.

Ok! Thank you, for your answer MagusBR.

But still, the Comodo only has the option, setting a schedulled scan weekly.
I would prefer a scan once a month. (Monthly)

Best regards Peter

Hi Guys,

Hi bequick,

the “Nope” may apply to the Melih’s term “MAD”. That is a bit harsh (I think)

Neither mad, nor crazy, no insane … but just a tiny little bit more safe than “completely unsafe” - that’s all

I disagreed with Melih on many points including current v4 implementations, but I may agree with him here (except the “mad”-terminology :slight_smile: ).

AVs, basically any AV – are losers in this war – we are not safe with them.

…but I disagree with your statement, bequick that you are “ completely sure” that your PC is clean running GesWall… or actually anything else.

I am not going into unneeded debate here, that there is no such security that can provide us with 100% security/protection

Only the computer that was never connected to Internet / LAN and that is switched off – is safe

As soon as you switch it on; have connection enabled (wired or wireless); WOL is on / or… “bluetooth” is near you :slight_smile: ; etc… you “have a chance”

No need to be paranoid, but there is no such thing as “completely sure”

Finally, the topic was about AV & GesWall is not that in any case… meaning… I am not sure why it was mentioned here

My regards

p.s. a side note addressed to Melih - you’r absolutely right! that there is basically no protection when one is using AV … that’s old stuff;
we cannot rely on it completely …
So, once again (and as many users here already pointed out) why would you spend time & resources; your talented developers’ brains-power for developing AV in the 1st place ???,
… when you could improve and make existing Firewall more powerful.
Few of my friends are still using the latest 2.4, doing “crazy stuff” and still are protected excellently

Syberlynx, i think the point of developing an AV is important as it is necessary to protect users who do not have internet connection. From what? From viruses which propogate through removabale drives.
It is also important to cure an infection. Then again if everyone uses a rightly configured firewall then the chance of these users getting infected is minimal.
Take the example of my school. They dont care to install a firewall in computers of the computer lab neither they let us install something which is good. Thus there are many students who do not have internet and must depend on internet connection in the lab. Thus they become infected.

Hi arjunpa ,
I am not arguing with you … unfortunately AV is still important,

… but I was supporting Melih’s note that it is not an answer at all for providing security/protection nowadays.

In this case AV is much less or rather practically ineffective. You have to update it… with no connection … you sure can bring signatures (or portable AV/anti-malware) on removable media … pain in the neck and not all AVs are supporting that
Then, you will be definitely late already in any case for zero-day/hour

… and then if AutoRuns are not disabled Globally through the system(s) & environments, which you are describing… what we are talking about anyway, speaking about removable media and its dangers?

But most importantly I was just surprised by mentioning GesWall here because that doesn’t fit here as far as I understand… That’s mainly it.


I didnt think of that in the first place because i used to copy updates from my computer to my friend’s pcs. So i am sorry.!!!

By the way Everything is cool syberlynx.
Everyone is tensed up regarding security.

AV is for Usability
AV is for Marketing purposes. its cheaper to develop a top notch AV then educate 1.2B users about Prevention being a better solution.