AV Tests

Let me see if I can fit it in this time. Lot's already...

 

Hi Aigle,

I was talking about these types of alerts, to me they are clear enough for users.But I am not sure that they are available when CIS is used with default settings.

When you use D+ in default mode it does not intercept all activities. As you can see in this test, CIS default did not score 100%.
http://translate.google.at/translat...malware.ru/antivirus_test_zero-day_protection

It is not fair to disable a feature of a product and then test it. If the product is not suitable for the test simply do not test it!

Likewise, if IE or firefox is used Norton download insight will pop up up a warning for all malware, does it mean that we should disable it when testing. I do not think so.

 

This suspiious behavior alert is part of Comodo,s AV engine heuristics but don,t forget that it gives rise to so many false positives that it can,t be labelled as Smart in any way.

BTW Defence Plus is part of FireWall/ Suite as HIPS just like the HIPS in OA and OutPost. They are never supposed to be part of Comodo AV.

I don,t think that Comdod AV is not suitable for test.

 

No whether you choose to install the AV or firewall alone, you will always get D+ installed. The suspicious behaviour alert is part of D+ not the AV. The AV heuristics alert is different.

A default install always includes D+, so it cannot be ignored for the test. If Comodo AV and D+ turned on is not suitable for the test, then it should not be tested.

We also have BO protection alert from D+ which cannot be ignored.

 

Would be more work but the test can be always done with an without D+, so no more discussions

 

Norton? you got to be kidding, that program is a hog. Many of my clients who had Norton had nothing but problems with it and it slowed the computer down to a crawl. Norton was great 10years ago- was rated the best AV out there but i would not get it even if it was given to me for free.

In fact i just got a computer from a client who installed Norton Internet Security 360 and when he rebooted the system, none of the icons on the desktop would open and the computer cpu was at 100%. I was able to get to control panel and uninstall the program and everything went back to normal. (this was in xp home). I installed AVG Free which i still like, and the computer hummed happily and all was well.



robin

 

Av-comparatives.org pro-active test nov 2009

1. avira: 74%
6. avast: 53%
9. symantec: 36%
Only three products doing worse than Norton at the proactive test.
I agree that Norton made big steps but these are mostly on-demand. Pro-active on new malware it is not doing that good, and that is the part where an av should excel in order for me to buy it.

 

Thanks for the decision.

 

Norton seems very good from reports here n there, rather the best AV ATM. Esp with its cloud part.

 

I'm not going to test it, "TheIgster" will do it, so he has to be agree.

 

(...) that program USED TO BE a hog.

Actually , it is now one of the fastest and faster/lighter than AVG
~ Removed Direct PDF Link as per AV-Comparatives Request ~
http://www.av-comparatives.org/comparativesreviews/performance-tests

They had (you mean years ago in 2006 may be?)

Don't forget to uninstall AVG periodically and clean your clients' computers because of the many viruses AVG misses on daily bases.

 

I still disagree- 3 clients ran norton antivirus 360 (less then 1 yr old)- 2 of them xp- one windows 7 and they all had nothing but problems



I disagree- those that are running (including myself) AVG have no viruses and i have used online scans to test just in case, those who ran Norton and i uninstalled and either put AVG, MSE or AVast caught viruses that Norton never found.

If i find AVG doesn't run on a particular machine I will put on MSE (I only like MSE for vista or windows 7- I find it doesn't play nice with xp), or i will put on Avast.

I have a few clients on Avira but it finds too many false positives.
I also have Superantispyware Pro on all my clients machines.

robin

 

D+ is an integral part of the CAV, if you don't test it with D+ then you aren't testing CAV. This is why I would like to see a test of suites. CIS is what I'm concerned about.

 

I know but ur suggestion atleast stopped the back n forth dicussion.

 

Norton 2007-up is far from being a resource hog. Considering the skill level of your clientele it's no wonder they have problems. AVG was plagued with issues in 2009, and I personally saw several of your posts on various forums ranting about them. As you know no AV is 100%, and to say that because someone had Norton they had infections doesn't mean a whole lot. In most cases the customer never renews their subscription so the definitions could be outdated. I've serviced dozens of pc's with AVG and Avast that were plaged with various malware. None of them are 100% on any given day.

 

Not one of us here could test CIS fairly, we can't recreate a the way a person may answer a D+ popup. They have a 50% chance of getting the alert wrong and a 50% chance of getting the alert right.

 

I think that if you have a minimal knowledge about computers and you read the info that Defense+ provides in the alert you will reply correctly to any alert.
If we add that is not the same when you open an executable file from and untrusted website that from softpedia or many others.

I mean that you can "feel" if the file could be safe or not just knowing where did you downloaded it

So we have:
knowledge about computers + Defense+ Info
Source of the file? know trusted? unknow?

It's not that hard

Since D+ sometimes is going to ask "should I open the file or not", The methodology could be allow to execute the malware and them block all the alerts about infections. So we will see the capacity of the HIPS for block the different methods of infection after allow the execution of the file

 

I know what you mean but you could let someone who's not as advanced a user as yourself to answer the popups while you test. That may sound a bit dumb or troublesome but I think it should either be tested at full strength or not at all. Also since V4 is "supposed" to be quieter, maybe there won't be as many questions to answer. Who knows.

 

Yeah, I think that is bang on. I don't think Comodo would be good to include in this test because it takes away from other just AV products and it certainly wouldn't be fair.

So Comodo users out there, is there a way to completely disable D+ and do you think it would be fair to JUST test the AV without it. If not, then I think we should leave Comodo out of these tests.

 

I feel we should not test Comodo unless we turn of D+ (If thats Possible)

 

Hi TheIgster ,

You should postpone the Comodo test to a later date. CIS v4 has just been released!

We have to play with it a bit to see whether D+ is now easier to use.

Thanks

 

It appears to be possible and simple to do. However, I personally do not think it makes much sense to test just the base anti virus portion of this product. Just like to me, it would not make sense to turn off network and Internet scanning modules if testing Avast! 5.

My thoughts are it may be more practical when testing a product to just use all the setup defaults (as in all the bells and whistles the product has to offer) and then just have at it. Crippling a product in an attempt to equally test just an anti virus portion of a suite when this is not what the software engineers had in mind does not make much sense to me.

BTW, a big "thank you" to TheIgster and others who are performing these tests. I find the info interesting and a joy to read.

 

Comodo V4 is ready:
https://www.wilderssecurity.com/showthread.php?t=266729
http://personalfirewall.comodo.com/release_notes.html
http://personalfirewall.comodo.com/free-download.html

 

So I am going to do some tests tonight. I have some time and am off work tomorrow so between tonight and tomorrow, I should be able to do a bunch of tests. I think for now, we will leave Comodo out of it.

Not sure which ones I will get to tonight, but I will try my best to test as many as possible.

 

TheIgster, you might consider 'The Clam', also known as Clam AntiVirus, now utilising Immunet and ClamAV's database.

See thread and download link.

Go the clam!