[merged]Comodo vs. Avast vs. Avira vs. 10 000 malware(On-demand scan test)

[khanyash]

i guess, the cloud had the time to make an online examination until the first long scan was finished.
BUT we cant know how short single examples of them needed to be detected. we only know that they were detected with the second run.
unluckily it wasnt able to detect all virus activities inside the uploaded data while "simulating" it online.

if its the case that the online lookup caused the better result from second running of the scan, then the scanner without enabled cloud feature would maybe had not gotten the good end result by itself.


i want to give an example, why one can not say easily "default deny helps allways against weak antivirus".

imagine this test would be virus data which is hidden in a program of choice. the user scans it with his antivirus, it says ok. maybe he uses a cloud, and would trust the "Ok" much more. then he launches the program. at first it runs in the automatic sandbox. but it doesnt work out in there. as this is a program of choice, and the antivirus said "ok", he starts the program outside the sandbox. defense+ is asking questions. to let the program run (which was said "clean", and which is choice), one has to answer these questions.
how could a "default deny" help against a weak antivirus detection in this case?


default deny is very usefull against automatic starter things. but for any situations where the users intentions signalize "i want to start that", an antivirus will stay very important for a normal user. the antivirus should not be "third line of defense", because it is not allways the case.

 

Very Good Point. I Totally Agree.

[Valentin N]

I  don't agree there. As I have seen AV won't do much of protecting you if it doesn't have the signature for the malware. Which is surely also the reason why comodo has AV as a third line of defense and not as second or first.

Regards,
            Valentin

[clockwork]

valentin,

when your antivirus doesnt have the signature, you will get INFECTED when you execute the program of your choice outside of a sandbox (because of compatibillity for example).
no matter if you have lines of direct "default deny" before that. YOU want to execute it.
in this scenario, the antivirus is your ONLY line of defense.

thats why the antivirus should be taken SERIOUSLY because it COULD protect you then.

[khanyash]

valentin,

when your antivirus doesnt have the signature, you will get INFECTED when you execute the program of your choice.
no matter if you have many lines of "default deny" before that. YOU want to execute it.
in this scenario, the antivirus is your ONLY line of defense.

thats why the antivirus should be taken SERIOUSLY because it COULD protect you then.

Again I Totally Agree. Very Good Point.

[salaficall]

valentin,

when your antivirus doesnt have the signature, you will get INFECTED when you execute the program of your choice.
no matter if you have many lines of "default deny" before that. YOU want to execute it.
in this scenario, the antivirus is your ONLY line of defense.

thats why the antivirus should be taken SERIOUSLY because it COULD protect you then.

I totally agree , if the user wants to run the program and the antivirus scan said it's ok he will run it outside the sandbox to let it work properly , and when the d + alerts comes out saying that "this might be dangerous but if it's one of your everyday programs allow it!" , the average user will definitely allow that.

so we can't just ignore the av improvements because it's very important to the average users.

can't wait to find out about DACS !

[Valentin N]

Hey there clock

How will AV as first line of defense protect you better? there is a reason why comodo has made a option where every unknown application get's automatically sandboxed.  

I am aware that even with HIPS you can get infected... if the user necessary want to run the malware application.

Not everything hangs on the security suit. If the user is, sorry, stupid, then it's his fault and not the security suit's fault.

Merry Christmas on you clock and salaficall

Regards,
            Valentin N

[clockwork]

valentin,

one doesnt have to be stupid to get infected. he might just download a "mediaplayer.exe". and this mediaplayer doesnt work in the sandbox (just an EXAMPLE).

we were speaking about scenarios where the antivirus would be first line. we were not speaking about a dogma to define antivirus as a first line!

but an antivirus can not allways hide its MISTAKES behind a defense+ feature.

[Valentin N]

I get what your saying.

[acafacaa]

People are saying Comodo AV is not that good,it has poot detection ratio.
Here is my test:Comodo vs.Avast vs. Avira,10 000 malware samples,couple mounths old:

PART 1 : http://www.youtube.com/watch?v=YRreh8G4bLw

PART 2 : http://www.youtube.com/watch?v=vbtdeIFcTfc&feature=related

EnJoY 

[Watasha]

I enjoyed that, you have a new subscriber.

[acafacaa]

Tnx 

[savit]

Subscribed your video, thanks good luck to you~

[pykko]

Where is that malware collected from?
In today's 10.000.000+ malwares, a test on 10.000 doesn't really tell a lot.

[acafacaa]

Where is that malware collected from?
In today's 10.000.000+ malwares, a test on 10.000 doesn't really tell a lot.

Where did you see 10 000 000 malware test?
My test was not like a tests with 1 000 000 malware,but that's pretty much it.Results would not be very much different with 1 000 000 malware.

[Melih]

see...end user's tests are most important tests! Afterall, you experience it all yourself.

and thats just detection....which has nothing to do with our "protection" capability. (just like you can't measure the speed of an airplane with a speedometer from a car...you can't measure the "protection" capability of CIS with "detection" tests).

So good test for checking "detection" capability...but this is not "protection" for Comodo..but it is "protection" in the main, for other AVs.  So not only has CAV done better at "protecting" the "Detection" way....it also has other layers of protection like "default deny with automatic sandboxing"....

thank you.

Melih