Test Results

karthik1eee · August 28, 2011, 2:03pm

i downloaded some zero-day threats and conducted on demand scan,

Test Results are,

Comodo Internet Security: 57

Avast Free: 58

Emsisoft Anti-Malware: 61

Malwarebytes antimalware: 48

ad-adware: 48

superantispyware: 20

emsisoft detected 61(winner!)

clockwork · August 28, 2011, 3:43pm

how many files at all?

and like i said on another place, malwarebytes is aiming on specific range of threats. it can increase the field of detection while using it additional to a regular antivirus.

Baxan · August 28, 2011, 8:40pm

Did you try running some of the malware that CIS didn’t detect? Maybe the cloud scanner would have caught it. One scan doesn’t test all the protective features of CIS.

D_Bone · August 28, 2011, 11:05pm

Then why doesn’t Comodo incorporate the cloud scanner to real time scanning in the AV module?

wasgij6 · August 28, 2011, 11:24pm

it is in the real time scanning just not the on demand scanning. the OP says on demand scan. in the defense + log it will say “scanned online and found safe/malicious” thats the cloud scanning. the only way to do an on demand scan with the cloud is to add the files to unrecognized files and do a lookup

clockwork · August 28, 2011, 11:55pm

a cloud scan result could be too late, after executing a file.
simply say, apples were tested against apples here. all is good. but we need the total amount to have a picture. i mean, its called zero day.

dont run malware for testing antivirus data base and “cloud scanners” if you dont know how to 100%(!) protect your operation system installation while that. dont suggest this easily to people.

EDIT: i would like to know what each of the tested antivirus programs would have for a result if they had been supported with the results of malwarebytes.

wasgij6 · August 29, 2011, 12:40am

im not suggesting anything. im just telling them how the cloud scanning works. if someone wants to test it thats on them not anyone else

clockwork · August 29, 2011, 12:43am

i meant Baxan

Baxan · August 29, 2011, 2:15am

What do you mean by “dont suggest this easily to people”? What was I suggesting everyone should do?

Hungry_Man · August 29, 2011, 2:37am

Things we need to know:

How many samples total.
What those numbers even mean.

Are those numbers blocked infections or simply detected malicious files?

clockwork · August 29, 2011, 7:04am

i know what you wanted to say about comodo. but it could encourage someone to “running malware” without thinking about the consequences.

clockwork · August 29, 2011, 7:13am

at Hungry Man

it was just a scan-test-doing, and telling result numbers. no one needs to justify comodo. superantispyware could need support instead
if i think about it, maybe just 20 files have been spyware, so nothing to worry about SASW.
tests are pictures. on some pictures/photos you might have red eyes, on others not. thats all.

Baxan · August 29, 2011, 9:42am

I was only encouraging someone who is trying a product to be more thorough. For an everyday user who only wants something to protect their computers, it doesn’t make sense for them to be inviting malware into their systems.

I didn’t know it at the time, but I thought you were testing all features that can detect viruses while ignoring any prompts from defense+. I had to ask if you did indeed test other potential detectors in CIS such as the cloud scanner but now I think it’s okay that you were only looking at the on-demand scanning portion of CIS. Doing an all-out comparison of these products and all their features would become a difficult task and it could get difficult to find out which is the winner in the end.

karthik1eee · August 29, 2011, 2:22pm

total samples = 100
those numbers are their detections.

karthik1eee · August 29, 2011, 2:26pm

CIS failed the test leaving computer to threats. i ran trojan ransoms and CIS failed.

But when i changed the setting from partially limited to limited, CIS blocked all the ransom trojans…

one important problem is there in CIS, i found it while doing another protection test, i will make a new post for that.

karthik1eee · August 29, 2011, 2:27pm

total files = 100

siketa · August 29, 2011, 2:46pm

Failed like your PC got infected or cloud AV didn’t detect them?
Is malware active in memory after restart?

karthik1eee · August 29, 2011, 2:57pm

yes my pc infected, that trojan ransom covered my entire screen and i cant do anything.

cloud av didn’t detected. i posted new post about cis security problem. and malware not active after restart because,

i am using vmware free version and new to vmware, so in vmware i installed deepfreeze software so when machine restarts system comes to safe state. all changed files will be deleted. so what ever u change, remove, anything, when u restart, machine comes to safe state. this state is freezed by the deepfreeze.

if i did this in real pc without vmware and deepfreeze, malware will definitely active even u restart.

siketa · August 29, 2011, 6:27pm

Turn off DeepFreeze and repeat the test.
When malware covers the screen,just restart virtual machine.
Then let us know if malware is still active…

dave1234 · August 29, 2011, 10:32pm

Seems to me that malware is gradually finding a way past Cis unless its configured differently from default, ie untrusted and beyond…was always a matter of time.Anyway Comodo will fix it no doubt…malware will evolve…bypass again… Comodo will fix it… thats the way of things.

As secure as Cis solution has been it shows relying on even a suite such as Comodos is only part of the story, due to the risk of bypass, could mean running something else beside it such as a behavior blocker, or running everything via the likes of sandboxie. Thats just minimising the chances of then rare bypass, nothing will ever be 100%… except switching off the pc altogether!.

Regards
Dave1234.