CIS detected the threats which Vipre,Avast,Security Essentials and Panda Fails

phani_kumar · August 1, 2010, 9:10pm

Hey Guys,

I’m a Nedry person who has passion in anti malware products testing. I’m always a comodo firewall fan and i had very bad experience with comodo av so i always choose comodo firewall with maximum defense+ settings for leak protection. Recently i installed CIS 4.1 its interface and low performance impact on resources are awesome. And this time i thought to install antivirus because of improved core detection in comodo av and sandbox feature in firewall. Firstly, i like to watch movies but most movies links directs toward mega video only but it has a problem it will stop playing after 72 minutes, only premium subscribers do get the benefit so i found to over ride that limit and got one open source software/addon forfirefox that is “cacaoweb” it will bypass the megavideo limit. (my initial combination is avast+comodo) avast didn’t detect that addon or file as malicious but comodo firewall did and gave its malware sign so i upload that file to virus total shockingly only 6 av scanners reported cacaoweb as malicious.

So i got curious to test that file and some other malicious files so avast failed to detect all and i installed panda cloud although it identified few but not all and its same with Microsoft security essentials. Furthermore, i installed pcflank leaktest suite both panda and security essentials detected it as a virus however, avast failed to detect it.

Finally, Comodo av is much more improved compared to its previous versions good work comodo and i may wish all the best for your future endeavors.

Chocky · August 12, 2010, 8:21pm

Well, I’ve found some suspicious file almost a week ago, tested it with virustotal (4 found it malicious), then I’ve submitted this file to the Comodo, today I’ve retested it with virustotal, now 6 antiviruses detect it, but CIS still doesn’t :-TD. I’m sure this file is malware, becouse it is distributed via obviously physhing site.
I wonder, how long it will take to add troian’s signature to the bases?

jay2007tech · August 13, 2010, 4:43pm

but CIS still doesn't

did you check for updates since then?

Comodo av is much more improved compared to its previous versions good work comodo and i may wish all the best for your future endeavors.

For being fairly new, it's pretty damm good

languy99 · August 13, 2010, 5:05pm

just a fiy for you all, comodo is receiving hundreds of thousands if not millions of files per day that are unknown. They are working as fast as possible to identify all of them. But I can tell you they are working at getting the systems to work faster and faster to get more files analyzed per day. We should see a marked improvement in response time soon.

devenroy · August 13, 2010, 6:45pm

Thanks for that info Languy, that will make it faster to deal with new malwares, hoping to see that implemented very soon.

DiSP · August 13, 2010, 7:21pm

I think the only thing that we will see is comodo trying to create an infrastructure that cannot support. but we will see. I wish the best luck to the developers.

languy99 · August 13, 2010, 7:25pm

all I can tell you is that you are wrong. Sorry that I can’t go into more detail but they are working on some things.

DiSP · August 13, 2010, 7:28pm

I understand and like I said before I wish the best luck to the comodo developers.

Chocky · August 20, 2010, 7:35am

OK, here is a story. August 6 I’ve tryed to find russian instruction manual for my cofee machine. Google gave link to the site http://bytinstruc.ru/cohodilo.html which looks like big manuals storage.
I’ve typed machine name and it found instruction. But downloaded file was executable. So, I’ve became curious, I’ve typed in search box some abracadabra characters and it found manual for this too. Files was byte-equal regardless of name. I’ve checked file with comodo on-demand scan and then with virustotal scanner and submitted via comodo interface.
Here is virustotal scan results
http://www.virustotal.com/file-scan/report.html?id=9fc8d24ad9b0f3b47e57a3abafc832aab413d1a35d644b370d31e7467651199b-1281086183
http://www.virustotal.com/file-scan/report.html?id=9fc8d24ad9b0f3b47e57a3abafc832aab413d1a35d644b370d31e7467651199b-1282286616
14 days diferrence.
By the way, checked now http://bytinstruc.ru/ and its main mirror http://instrukciya.info/ now returning differrent file, which still mimics rar archieve, but no antivirus detect this new file.

JamesFrance · August 20, 2010, 8:38am

Nothing on WOT

elvispark · August 26, 2010, 3:53pm

yeah , comodo av is improving day by day

i see good results in test

even my friend testd 5000 malware samples (not a pro test though ) and found comodo detection n rate about 98% i guess which is impressive

Stelian · August 26, 2010, 5:03pm

When will be CAV tested by AV-Comparatives? Any ideea?..

darthfirefox · August 26, 2010, 5:05pm

I have been wondering the same.

Any AV can have a off day. I have downloaded malware that Comodo and Avst missed but Avira killed beautifully.

DiSP · August 26, 2010, 5:38pm

From what melih and other said in this rounds test which is August (This month)