Comodo detected the malware which is missed by kaspersky, avast etc.

[Guest]

[OmeletGuy]

virSCAN.ORG is using 3.10 already!  

[devenroy]

CIS is keeping up fine with its 5-6 days old database running at VT.. 

Hi, Monkey_Boy
Yes, it was updating properly (like up-to-date) before isnt it? now it seems stuck maybe as CIS will not support 3.9 virus signature update to 1538 as per notice in latest 3.10.xxxx.531 version release, which is as follows:-
Note: AV updates for CIS 3.9 users have been frozen at V1538. In order to avail further updates, users must switch to CIS 3.10.

virSCAN.ORG is using 3.10 already! 

Hi OmeletGuy,
Happy to see atleast virscan is at 3.10 

[devenroy]

Probable malware sent to virscan.org (22/38 antivirus detected it)
Comodo DETECTED it, but it was NOT DETECTED by,
MCAFEE, TRENDMICRO, CA(VET), FORTINET, NORMAN, QUICKHEAL, RISING, SUNBELT, ETC.
HAVE A LOOK,
http://www.virscan.org/report/e72428532a202c6766f64078c9ea4a25.html

Probable malware sent to virscan.org (35/38 detected it)
Comodo DETECTED it, but it was NOT DETECTED by,
MCAFEE, MKS_VIR, VIROBOT, HAVE A LOOK
http://www.virscan.org/report/411cbe6e5e79d6376c4961270d6017f8.html

Probable malware sent to virustotal.com (8/41 detected it)
Comodo MISSED it, but it was detected by few other antivirus. have a look,
http://www.virustotal.com/analisis/20c60bcf0f35d9b43ebbde42c776dc56389e1c17e461566be358de45fad2ed05-1247046417

File is being submitted to comodo through CIS>Miscelleneous> Submit suspicious files>
IF malware found in it, detection will be added.

All these results show us that no doubt comodo antivirus is improving in detection & can catch malwares which are missed by reputed antivirus such as kaspersky, antivir, avast, etc.
Still comodo antivirus can not detect 100% malwares (as no other antivirus company can although some of them can claim they can give you 100% protection 

Still CIS has Defense + which is next generation protection, Default Deny in defense+ is the way forward, So its like prevention (defense+) is better than cure (antivirus).

It also HIGHLIGHTS the fact that, Antivirus should not be the first line of defense, Defense + is (and default deny protection is the golden key) 

[bequick]

http://www.virustotal.com/analisis/f8807bf5276a0711b48a96443ea8766790294272b797a22a8e7b0ae71d2fe1dc-1247056818
and
http://www.virustotal.com/analisis/b663d06f9785433548aa8f823d75b2e121695eb5eedb1a94b4ef3a4849d31915-1247056881
and
http://www.virustotal.com/analisis/b663d06f9785433548aa8f823d75b2e121695eb5eedb1a94b4ef3a4849d31915-1247056881
I don't know what VT are doing, but i think they are scanning with comodo's heuritics disabled.

[devenroy]

hi bequick, thanks for posting
The malwares results you shown is it for the samples which is submitted by you? if yes then did comodo antivirus detect them with heruistic set at low?

[bequick]

http://www.virustotal.com/analisis/dc54fedd3b802d6e8c0b491db39991cf1c660eff53989a35860cfd1d7e481cfc-1246790245

http://www.virustotal.com/analisis/11eab8136f60974d8b78f5ce661bebdbbb6960546c4822a31dd018a2bd3a7562-1247014830 (it's crack-patch for winrar) I've tested it with sunbelt(av+antispy),Ikarus virus utilities and Kaspersky,but nothing really happened.

[devenroy]

Thanks bequick, nice to see you keeping this thread alive.

[Petit]

Personality I like Virscan more than Virustotal.
But virscan often high service load.

[devenroy]

Personality I like Virscan more than Virustotal.
But virscan often high service load.

Petit i also like virscan.org more than virustotal but it has high service load so i prefer virustotal too.
we are twins (who see the same) lol

[Petit]

Petit i also like virscan.org more than virustotal but it has high service load so i prefer virustotal too.
we are twins (who see the same) lol

But Virscan have a fewer antivirus engine. (No Pctools to Virscan.)
And different version to.

Note : GData on Virscan used Kaspersky and Avast engine but Gdata on Virustotal used Bitdefender and Avast engine 

[devenroy]

Good morning all,
I downloaded new probable malware samples & sent it to virscan.org and here are the results.

(32/37 antivirus found malware in it Comodo detected malware but it was NOT DETECTED by CLAMWIN, QUICKHEAL,VIRUSBUSTER, ETC.)
http://www.virscan.org/report/82258a11f8741927595e214f23667515.html

2nd Probable malware sample submitted to virscan.org and here are the results,
(25/37 antivirus found malware in it Comodo MISSED to detect malware in it, but it was detected by other antivirus)
http://www.virscan.org/report/559071315ce7ab00a40a251385530372.html


3rd sample of probable malware submitted to virustotal.com
(37/41 antivirus found malware in it comodo MISSED to detect malware in it)
http://www.virustotal.com/analisis/180eeee2374456095583870aa56fc8534bf166c6583b91ba63ec1b0fa22a5576-1261437725

4th sample submitted to virscan.org
(31/37 antivirus found malware in it Comodo Detected it but it was NOT DETECT by, F-SECURE, FORTINET, GDATA, KASPERSKY, ETC.
http://www.virscan.org/report/1e69f8bd3875ca708bdca4c3590ded5b.html

The probable malware sample which comodo missed to detect is submitted to comodo for further analysis.

Here we see comodo is no doubt improving in its detection, but like any other antivirus it also can miss detecting malwares, So Antivirus should NOT be first line of Defense, Defense+ is the first line of defense, and default deny policy is the way forward.

[ssj100]

Hi devonroy, good to see you again.

Just wondering how you're finding the false positive rates with Comodo these days?

[devenroy]

Hi devonroy, good to see you again.

Just wondering how you're finding the false positive rates with Comodo these days?

Hi ssj100, Good to see your comments, As i see False Positives Rates  with comodo in my view is decreasing day by day, but still at times it shows false positive here and there, but we can submit the False positive to comodo & make it better.

[ailef]

KAV is good AV, i see engines are 5 and 7.
i use the last one 2010 9.0.0.736, very good, and what is really sure, it's that this AV is not some crazy scanner detecting on my machine hundreds virus that are all false positive.
I hate those scanners that find in a real exe installer some trojan, sometimes even signed installers are detected as malwares.
so at the end of the crazy scanner, my pc is full of virus, but i know it's wrong.
KAV starts and detects zero malwares. what is the good result.
i don't use the comodo AV actually, still use the FW and the D+,
i like using one scanner and comodo to check the network and executables group with D+(without dlls or i get mad), this is my favorite duet for trying to keep my machine clean.
how's the comodo AV ? not too many falsepos ? is the scanner working as great as comodo FW&D+ ?
cause those 2 apps are really a very good result, and took back again the first place, in case competitors thought the comodo leading was over. but this first rank would not change without the scanner ?
I didnt try it for long now, does it work as fine as KAV 2010 ?
false positive are not so many like some scanners detecting lsass.exe as a suspicious file or winrar the new encrypting driver protocol for botnuts_the_iya.win32 ?

[devenroy]

Hi ailef,
I tried using Avast, Rising antivirus, Kaspersky, etc. tried many of them, but i like comodo antivirus bcoz its fast in scan compared to other antivirus, its detection rate is good sometimes it even detects malwares which is missed by avast, kaspersky, etc. as you can also see here in this thread i submitted probable malware samples to virustotal.com or virscan.org.

In comparison to KAV2010, Comodo antivirus is considerably improving, considering FP exists  in KAV but they are lesser than CAV.
People are submitting FP to comodo, so FP is reducing Alot, i didnt see comodo detecting FP in my 500 GB hdd.

Comodo antivirus now having few FP than it used to have before, so i suggest you give it a try, and see how it works for you.
Comodo Antivirus scan is very fast, Reliable & improving each day.

[Tags:]