Quick - n - Dirty Malware Test

I just did a quick malware test to see how comodo is standing compared to some of it’s competition. (I am not sure they are all malware so no one should get 100% detection), also all of the software was updated prior to running the tests so they all had the newest definitions.

Total samples 11,415

Comodo 92.31%

Avira 84.52%

Dr.Web CureIt 51.75%

Malwarebytes 20.66%

Superantispyware 14.51%

Windows Defender 2.5%

  • I ran the avira test twice and got the same result (also all avira setting were set to maximum). I am not saying it’s anything scientific I did here but I just used my malware samples to do some testing so please take it for what it is.

do you submit your samples to both Comodo and Avira?


as often as I can but to submit to avira is a pain in the butt, I have to upload to a sharing site and e-mail them. I usually submit less often to avira than I should but they don’t make it easy either. I guess you could consider them fairly equal if you take that into account.

Not much to comment really. A very biased test. Good effort though!

languy99. Thanks for sharing the results of your personal test with malware samples & i m happy to see comodo detection rate is higher than avira.
I see your test as valid personal test and its not biased either, bcoz you didnt pick specific malware sample files for test, all softwares were up-to-date before scanning and avira you saying setting of avira was set to maximum, still it scored less than comodo thats good to see. well done comodo.
As a personal test you did what you can do to make it best, as i see.
Languy99 i see you sending many samples to comodo antivirus lab on regular basis, Thanks alot for it.
:a0 :-TU

Comodo probably detected more false positives than actual malware in its 92.31% haha.

Possible ssj100, but still comodo detection in test is good isnt it?

I can slap a bunch of random numbers too :a0

If it was that bad don’t you think the https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected-b154.0/ part of the forum would be severely flooded with FPs? ??? ???

@languy99 was this a sample set containing files you had already submitted to comodo yourself (prior to testing?). Or did you just collect them without sending and then scanned? =)

Comodo detection of 92.31% could include false positives, and a lot of them. Therefore Comodo might actually only detect 1% of malware only (depending on how many files are genuine malware).

It’s quite flooded haha. But I was just trying to make a point. I’d like to see Comodo take part in the next AV-comparatives. They test over 1 million samples…not just 11 thousand haha!

I would like to see CIS in AV-comparatives as well…

Huh, ??? Hehe, i m happy to see you atleast have faith that comodo might detect 1% of malware. >:-D

So if you submitted more of those samples to comodo before testing… that isn’t fair :frowning:
I’m surprised Mbam got 20% of those? Would have thought less because it’s more specificly aimed at certain malware…

If that is what you think, let me see you do your own test with over 10K malware.

No FP, in the same test, with the same malware 4 weeks ago comodo got around 60% detection.

Most of the files are really old malware mixed in with some new malware (with in the last month), so in reality avira should have easily beat comodo. There were no zero day maleware either and also I did a test with heuristics on high for comodo and it only found 2 more malware, so what it found is purely signature based.

Somehow I knew this quick little test of mine would bring out the haters. I guess it was bound to happen. The only thing I can say is, if you don’t like my results grab your own sample pool and test yourself until then just take it for what it is.

KUDOS to you languy, you made the above statement and explained the situation but still get bombed with negative comments…


You did not answerer my question… Did you or did you not send “some/all” of the samples scanned to comodo or MBAM or “any” vendor participating prior to testing?

If so I believe you as a malware researcher should have full understanding that stuff like that WILL have a big impact on the results and give a unfair advantage/scoring in your test.

Do I seriously have to explain why? 88) ???

Am I a hater for questioning your sample set?.. =/ Its a very important factor if you used samples you have sent already or if you used samples that you have not sent… =)

when I originally got the samples I sent all of the undetected ones to only three places, comodo, avira and malwarebytes. I did not send them to Dr. Web or SAS or microsoft, I just used them as a comparison.

Interesting… So what you shown here is that Comodo has been better at adding the samples sent to them than the other vendors (Avira and MBAM)? :slight_smile: :-TU

Right. Like I said, I did this same test about 4 weeks ago, avira was at about 80% and comodo was at roughly 60%. They have both advanced except one advanced a ton more.