Is Comodo now included?

I don’t think so… And it’s a version 5.12…

Well is too soon to draw an conclusion, we will see the next test result, maybe then we will see the 6 vers in result :stuck_out_tongue: I’m curious to see what rating would get (maximum) :a0


Interesting how Comodo gets such a low score, though all of these are made with default settings right? Because if they would have used my settings they would need many new “Protection” levels if F-Secure got full pot on that one, or the average for the other suits would just drop down a lot I guess.

This test is doubtful to me.

Yes, they test with defaults.


Zeroday protection - I wonder how they interpret autosandbox results.

False Positives - CIS has FPs but this have been improved & improved a lot in CIS 6. In usability info they mention for FPs they use programs like adobe flash, java, vlc & similar programs. I never got FPs on these programs or similar programs. And most of like these softwares are in TVL & cloud whitelist.

In usability info they mention for warnings they consider distraction, user requirement, etc as warnings & for blocked they mentions programs partially or not completely installed they consider as blocked.

For CIS they mentioned warnings was 0 & blocked was 5. They used 35 programs for both so I guess same programs were used to test warnings & blocked. Now with CIS defaults how is it possible that warnings were 0 & blocked were 5. I guess blocked were those autosandboxed which didn’t run or installed completely, fair enough but that means autosandboxed popups were there so how warnings can be 0 (as per their definition of warnings & blocked for the tests)

In the protection procedure its mentioned -

“If access to the website or e-mail is blocked or the protection program displays a message, this is documented. The point at which access is blocked or the technique used to do so does not play a role in this stage of the procedure:
Access to the URL is blocked.
The exploit on the website is identified and blocked.
Download of malicious components is blocked.
Use of malicious components is blocked.”

Does this means if URL Blocker of a product blocked the malicious links its counted as the product protected from the malware?

If yes, then products with URL blocker have a plus point in this test.

Though This doesnt change my opinion on these Testing Organizations.Comodo isnt that bad at all and there is little of no info of how these test-beds and the test rules/enviroment are created.Neither they have any proof of the things they tested.

Bottom Line,If you guys have no proof to show me that this was really tested,I would take this as a gospel of money and God.

CIS is a great App…the question is “Why Should I Trust These Tests?”

You shouldn’t.

That’s a matter of personal Opinion…But A Test is a Test whatever you say about it and they did it according to real world scenario and I feel even in real world I feel if a AV blocks a URL and doesnt detect the Binary then the real user will never care as far as he is protected :slight_smile:

I thought CIS is the best :slight_smile: … even if they used default settings, how can this bad result happen with default deny and autosandbox?

[attachment deleted by admin]

I get the feeling that for them when they say protection they really mean detection. :stuck_out_tongue:

we have AV-Test certification. Thats the good news.

There are few things we could improve on and improving we will.

So at long last, you guys wanted to see AV-Test certification, we give you AV-Test certification.


+1. It’s not protection… It’s detection.

We would like to see the AV-TEST certification with the results we ALL know CIS is capable of reaching. Not the poor one it got, compared with other AV-TEST certified products. :frowning:

Maybe worth reading - Protection

They might press run unlimited when BB pops up, possibly.


Sunshine is an innovative tool that can be used to analyse malware. It enables potentially malicious data to be executed in a controlled manner on a non-infected system and analyses the system changes caused by these data. The data can be run on both physical and virtual hardware. Sunshine monitors the following areas: The file system (created, modified and deleted files), The registry (created, modified and deleted keys and values), Processes and their modules, System areas in the memory, Incoming and outgoing network traffic.

The analysed malware is then classified and categorised for further processing based on the system changes observed.

If so, they shouldn’t, instead should press sandbox as they test default settings & sandbox is the default answer.

And the main point is, when you test malware you will get Unlimited Rights popups more.
In real world scenario this is not the case.

Perhaps Sunshine classifies even those actions of malware sandboxed as partially limited (which are able to run) as bypasses as it sees that it is able to create files, run processes, access the internet, …