Hi all,
Is Comodo’s AV good enough yet for me to get rid of Avira? I already use the FW and would love to the AV.
Yes, that’s my opinion. However, unlike Avira, CAV lacks heuristics right now. But guess what, the next version is expected to come VERY soon (they said at the end of 2008), and it will have heuristics. I think it’ll be in beta at first though.
Go for it! (CLY)
LA
I agree with LA, CAVS3 is quite effective when I’ve tested it against threats in a VM.
I used to have Avira with my previous CFP3 installation but uninstalled it when I installed CIS on it’s original release day some months back. I haven’t had a single problem with CIS and since the AV section has been continuously updated since then I think I can safely say that the Comodo Av is as good as any of the others and I personally can’t wait for the new Heuristics update to make my PC even safer. Since installing CIS my sign in time is almost immediate and the waiting time which many complained about in CFP has been fixed on my PC anyway.
As far as detection rate goes, Avira is superior.
You may or may not be correct but where is your basis for the above quoted statement?.
Obviously no one really knows, but my guess is as good as anyone else’s. I would like to know what the claims about the, apparently, vastly improved detection rate is based on, because I don’t see it (yet). Don’t forget Avira has been around for a long time and it is know for having a high detection rate. It is bound to be better.
I have used Antivir\Avira for 6 or 7 years. Only a few months ago I switched to CIS. Since that time I have provided many malware samples to Comodo. “Stuff” that’s out there, in the wild. But I won’t elaborate, just read my entries here. There are many links to sites like Jotti, Virscan, etc. That will give you some indication of how good and up-to-date a scanner is:
https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/malwares_not_detected-t28680.0.html
You can also check the analyses of recent malware in this blog:
http://novirusthanks.org/blog/
It has to be said, CIS detects almost nothing of the new garbage they test there.
There are many links to sites like Jotti, Virscan, etc. That will give you some indication of how good and up-to-date a scanner is: https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/malwares_not_detected-t28680.0.htmlNo offence, but what a laugher. Those are the newest malware we (the users) send up to Comodo ^_^ ;D ^_^ and oh yeah, the scanner integrated in the online submission things is the old scanner from V2. It's totally outdated...
You can also check the analyses of recent malware in this blog: http://novirusthanks.org/blog/Yeah, recent samples 88)
Xan
Oh pardon me, CIS is unable to detect old samples. Even better. Thank you for that clarification. :BNC
So, samples embedded in webpages are not recent in your expert opinion?
Thanks to a donator Comodo got many (and I mean many) old samples. In the end, they will be updated also. But let me ask you a question : Do you want to be protected against the latest and most risky malware or against malware that are totally not common anymore ?
So, samples embedded in webpages are not recent in your expert opinion?drop the expert please, ok, it doesn't mean that if the sites are still online that the malware samples are up to date. And if the so "recent" samples are indeed undetected, then please let them read [url=https://forums.comodo.com/melihs_corner_ceo_talkdiscussionsblog/service_to_human_race_or_fame_seeking_selfishness-t27113.0.html]this[/url]
Xan
I want to be protected against anything that is out there, whether you think it is old and\or irrelevant or not.
I still have 81 undetected samples, gathered from a variety of websites over the past weeks, sitting here undetected by CIS (which is a dismal performance, by my book). By your definition these are “old”, which makes not being able to detect them even worse.
Some of the “old” stuff I submitted or re-submitted today, as a kind of information for Gismo999:
http://www.virustotal.com/analisis/15ccdc81299c2c8114dd0bd80507e438
http://www.virustotal.com/analisis/73b1acfcdbd545c9cc6b3091ff44d635
http://www.virustotal.com/analisis/f1b26d7ab7e0937324eac6360ab4d715
http://www.virustotal.com/analisis/75afb078044bb4089d98785837cb1c1d
http://www.virustotal.com/analisis/d9a6ec56a8e5ad6cfd8c2632b9aa0bd3
http://www.virustotal.com/reanalisis.html?713e8e72bd965f0213c395d9e47c20dd
http://www.virustotal.com/reanalisis.html?085cce9276dd54cda0d7b7931ebbaa98
Look at this. It must be really old:
http://www.virustotal.com/analisis/28b3f4a2a713dadbd06eb46dd48902ba
One thing is for sure, by the time these samples are added to the CIS database they definitely will be old.
Well, I’m not Comodo staff, so I don’t know what happened to those samples. But can I ask you how you submitted them ?
- through CIS
- by pm’ing Melih
Xan
Then I have some bad news for you. The rate at which new malware gets made exceeds the capability of what AV makers can fight. The situation is that across the board AV programs detection rates are lower than last year.
It is time to step into prevention by HIPS.
Then I can guess the opposite. (:TNG)
But I prefer knowing, and I don’t know the # of signatures in CAV versus Avira. Soon enough I expect some kind of extended signature information (e.g. names and # of signatures in current database) to be included in the CIS/CAV GUI.
I’ll refrain from claiming things but I guess that Avira is better than today’s CAV. However, I prefer taking Defense+ into account as well, and then I think CIS is a better choice than Avira + some firewall. And however again, pretty soon I expect CAV to seriously catch up with Avira and the others. 
LA
Hi all,
I love Comodo products…but…for right now I am only interested in the FW(which is Great) and the AV (which is still new), I think I will wait a while longer before I use the AV, Then later on I will check into other products.
Thanks to all that replied (B)
Reply from Avira:
The file ‘TubePlayer.ver.6.exe’ has been determined to be ‘MALWARE’.Our analysts named the threat TR/Dldr.CodecPack.bfw.The term “TR/” denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.01.01.42.
What’s your point O’Grady? Ofcourse an AV would add malware to thes blacklist, Not just Avira.
I’m certainly no expert on malware and such but it seems to me that the anti-virus/anti-malware vendors could put together a captive corporation to share the signatures of malware. Perhaps a single entity from which the signatures could be downloaded for updates by the various AV programs (mirrored by the vendors). This could be approached in the same manner that insurance companies share actuarial data and related standards in the USA. Vendors could then compete on software functionality such as HISP or boclean and usability thus getting away from the “my list is bigger than your list” machismo this topic seems to have gotten into.
Hey Mikey, Comodo is invovled with some vendors and do share samples.
That’s cool. Do you have names?