It seems that these two files aren’t FP detection by COMODO CIS. And I feel that they might be malware, because 20 AV programs detect them as malware from VirusTotal.
Hmm, we might be talking about different files then. I have no problems now with the latest Comodo database 1164.
This is what I would recommend you to do:
- Download MBAM and perform full system scan
- Download SAS and perform full system scan
- Download Avira (install with guard disabled) and perform full system scan
I use those 3 programs as my on-demand scanners about once a week. In my opinion and in my experience, they have a very low false positive rate and the total cumulative detection rate is probably over 99.9%. Good luck.
EDIT: by the way, those 3 programs are completely free!
i also noticed same, Also While taking into consideration resource usage CIS is much better than avira, Fp will be reduced as many quarantined files are submitted to comodo by many users, with 3.9 version antivirus became more strong.
I now have CIS 3.9 only to protect my system, i got that much trust on it, & there is always Defense + (the guardian angel :a0) for prevention. :-TU
Actually, I’m also having the same problem here when scanning with Avira on-demand and having CAV real-time. It’s a false positive for sure though. Virustotal shows 1/40 (Comodo is the only one that detects it as malware). I’ll submit the file for Comodo to fix.
http://www.virustotal.com/analisis/db796b4e800814ede78c44804ecee58c
Please see above scanning result.
29/40 scanning result from Virustotal from what I have. Have send to COMODO for further analysis.
SilentMusic7
Why don’t you use both. I myself am using both CIS 3.9 and Avira free 9 with ZoneAlarm ForceField with no conflict nor slowdown. If you like such a combo use it if you don’t, use CIS 3.9 only with parental control turn on and suppression of pop-ups for D+, and Antivirus. I still like to get pop-ups from my firewall ;D.
When CIS detection is up to par with Avira I do intend to uninstall Avira and live with CIS only.
Peace. :a0
Because he has no ram space over ?
Xan
Roger that. Over 
Thanks to all for their feedback. I will install CIS 3.9 in a couple of days on my new PC after finishing Windows performance and security tweaks. Once I am happy with the setup, I will duplicate it on the older PC with 288MB RAM. I am leaning toward using CIS’ AVS for on-access/real-time scanning (installing the complete CIS) and Avira for on-demand scanning. I plan to use Parental Control in CIS to block pop-ups and protect my inexperienced user.
False positives (FPs) are highly undesirable with this configuration. Better to have Defense+ as a safety net. If I understand correctly, the FPs are almost always due to heuristics. Avira gives the option of disabling heuristics. Does CIS offer this?
You can switch it of. When using heuristics keep it set to low. That will the false positives in check.
Hi Guys. it seems Avira are on the bandwagon in that they have what they call a Proactive behavior blocker in Beta right now.
They no doubt realise the inadequacy of their present “guard” which in tests was the most effective of the “traditional” Avs in stopping unknown malware at 71%.
Avira obviously want to fill the 29% gap that their present app leaves.
However this i feel may increase the size of the app and possibly the ram uasge?.
Comodo have D+ which being a Hips light as a feather and already blocks every god dam Malware i have ever come across, but are, i think considering a behavoir blocker in V4 as they and “some” Comodo Members feel that may help usability rather than help security. I am one of the “some” in that less experienced users may feel it will help them better in identifying malware.
Regards
Dave1234.
yup, I recommend low, with heuristics at low I have yet to get one FP but they have gotten a few infected files, so they work.
Thats very interesting to see, thanks for link.
To be honest, Avira Free (which has exactly the same engine as the paid version) is a much better antivirus than Comodo’s.
After having some trouble with Comodo Antivirus, Sandboxie and IE 8, I have discovered that I should have been running Avira as my real-time Antivirus all along. Currently, it is a much superior Antivirus in every aspect for me. I had previously thought that Comodo Antivirus was lighter than Avira, but now that I’ve had a longer time to test each AV out, I feel that Avira’s antivirus is marginally lighter than Comodo’s overall.
This works out very well for me, and I guess it turns out to be a blessing in disguise that I had those issues with Comodo Antivirus, Sandboxie and IE 8. I am now using Comodo Firewall with Defense+ (Antivirus not installed) together with Avira Free real-time. I would also do an on-demand full system scan now and then with Avira. I have never had a false positive with Avira (Heuristics on highest) so far (with the exception of a minor one), while I have had at least 10 false positives with Comodo’s AV. I have submitted all of these false positives and I hope Comodo continue to work hard to develop their AV component.
I think Comodo will be hard pressed surpassing or even equalling the quality and effectiveness of Avira’s Antivirus. Good luck!
Avira’s detection is better of course and always top notch. But keep in mind that CIS has HIPS code named “D+”. Something has to get by D+ also. So where CAV lacks in detection it gains in D+.
Yes, and that’s why I’m using Avira together with D+. Amazing combination really! Probably the best AV in combination with probably the best classical HIPS. And all for free!
So…I prefer the new AVG version,if i have to be honest.And I have license for AVG Internet security,but…don’t use it,cause really like comodo much more and trust it.
p.s.Your security depends on the man behind the keyboard in first place
Sure thing mate. AVG is heavy for me, and its detection rates are pretty average. I am very happy with Comodo Firewall, Defense+ and Avira. Add Sandboxie to that, and it’s pretty much 100% protection.
I think that Avira, Avast, and others are now finally realising that prevention is better than detection. They are introducing behavoir blockers to compliment the guards they traditionally use. Cis will follow with a behavior blocker i think in version 4, but wonder why Avra and Avast in particular are following A squared in not using a Hips?. Do forum members think this is a usability thing or Do the members think that the vendors themselves think that Behavior blocking is better at prevention?. My own opinion is that if Cis intro a behavior blocker and run it alongside D+ then that will be a much more effective combo than the traditional signature based guards that can miss zero day threats and the behavior blocker. My confidence in this case will go down the route of Cis due to more complete protection.
I fully agree with previous posts that there have been some recent spurts of Fps from Cavs, more than i would be comfortable with, if i had got them.I do feel that that will change though when Cima comes out in V4 ( we hope), and Cavs Fps drop to an acceptable level in comparison to others.I dont think its possible to eradicate Fps completely due to changing apps and new software being developed, but think Comodo is heading in the right direction in dealing with Fps as quickly as is humanly possible.
Just my few pennies worth!.
Regards
Dave1234.
Is anybody seeing FPs with CIS’ AVS real-time scanner? If so, with what heuristics setting?
I have the full CIS and free Avira installed on a new PC. I have Avira’s real-time scanner disabled (even blocked autorun of avgnt.exe) so that it is only used for on-demand. I really want to make sure I configure CIS to avoid FPs before enabling Parental Control (auto deny).