New Real Time Test from Malware Research Group

Hi Guys

Malware Research Group has a new real time test a.k.a dynamic test. Comodo failed because D+ was turned off. Anyway the winners are A-squared and Avira. It is a real darn shame that D+ was turned off :’(. What do you think guys?


That I knew this already :).

They simply tested the AV only, but I talked to the guy who did the testing and he told me that Comodo with Defense+ enabled passes this test. So there is no need to worry.


I laughed a little at the quote of :

Additional information: COMODO Internet Security didn't have Defense+ enabled as it wouldn't be fair to other programs.

Other than that, I still have faith in Comodo’s AV as it still grows daily and has promised growth in protection from the upcoming release of V 4.0. This emphasizes to me that security must be layered and diverse. Has anyone else tried out Prevx?

D+: The unfair Advantage against malware :wink:


If you are going to test a product, you have to test it as it would be configured in actual use. you just cant disable a feature ‘just because’ even if the supplier include an option to do so. This is not representing what an end user would expect the product to do or how it would perform if they installed it.

If they were testing prodicts with or without certain features, they should only include those products in the test and not ‘cripple’ a prodcut just to make it ‘fit’.

Either test as it would be installed or dont include it in the test. These results are skewed at best.


This test is BS, we all know the comodo would lay a smack down to the rest if tested properly. Turning it off because it’s not fair is crap. What happens when avira gets behavior analysis in the next version, will they turn it off to be fair? I bet they will not.

Well said Languy99!. You are right in my opinion, as lots of avs are shifting from the traditional realtime guards and replacing them with behavior/proactive solutions. Avast 5 will be one with Avira and Nortons cloud based solution.Anyway i know D+ is the only way, and if it had of been tested we all know what the result would have been. I would place my absolute trust in D+ against any other behavior/proactive solution anytime, as in many tests i have done it has never failed once to alert .


Oh, and i would like to see this test done with a level playng field. I mean by this statement that if Comodo had the family signatures in place which i know Avira A squared and others have. I could say, gives them an unfair advantage but i dont see Comodo spitting dummys out !.

Perhaps then we will see the power of Comodo with its near 6 million sigs reduced which will, i am convinced would have changed the result, dramatically.


Can anyone clarify for me if the AV portion of CIS has Defence+ installed or is it bundled under the Firewall portion?

LOL, well said ;D

bundled with the FW

Maybe then someone can clarify for me but it seems that this series was testing the AV components rather than the full blown suites; KAV being tested instead of KIS for example. If Defense + is under the Firewall portion I can see them justifying turning it off during testing. Does this reflect COMODO’s strength in any way? Not one bit, but then again we all agree layered security is what is needed now a days and MRG was simply testing the AV layer of CIS.


It does seem a bit counter productive however to say something like “… As we believe that prevention is the most important part of the battle with malware,” but disable the main component of CIS that is all about prevention. I might just have to swallow my words.

that may be tru but KAV, avira and all of them have heuristics/behavior analysis bundled with the AV portion. So if comodo bundled D+ with the AV they would have tested with D+ on, I don’t think so. They don’t want to make paid products look bad and make free products look better then paid ones, simple as that.

Prevention is better than Cure.
This maybe Comodo opinion from the internet security.

Besides this one test, can you explain that opinion?

Help file:

Install COMODO Antivirus - Selecting this option installs Comodo Antivirus and Defense+ components. De-select this option, if you already have a third party Virus protection activated in your computer system.

Install COMODO Firewall - Selecting this option installs Comodo Firewall and Defense+ components. De-select this option, if you already have a third party Firewall protection activated in your computer system.

I never read that part as I always installed the whole. Mea culpa.

That being the case it should definitely have been included in the test and invalidates the result.

It seems they concentrated only on the scanner components…but if so, why is this different than an on-demand test?
Anyway they have repeated the test with defense+ turned on and cis bloked all the samples successfully.
here is the link

Oui Petit, Il vaut vraiment mieux prevenir que guerir. Well said.

Peace, Paix.

Malware Research group does not make sense. Why test a product and say at first that product xyz failed and then retest the same product with all its features enabled and say then, oops had feature abc was enabled product xyz would have passed the test. And they know pretty well, if they are a professional organization, that only products that passed would be part of the official tally i.e Unclassified real Test #1.

Probably they will relate Comodo’s name to the footprint in fine print and say: you know Comodo has passed as well.