Comodo vs AVC

I can't believe anyone even pays attention to these AV testing companies.

They all contradict each other - one says 'Brand X' is the best, but another says 'Brand X' fails but 'Brand Z' is the winner - meanwhile, another says 'Brand Z' fails but 'Brand Y' rulz....it's all BS in my opinion.

But humans seem to love a good 'horse race' so they obsess on these AV tests and they end up paying for a 'user friendly' piece of crap, and then pay again when they are infected.

 

Simply put, simple logic says that the only AV's that are gonna be around in the future are cloud AV's because internet speed will keep getting faster and with the fact that CPU/MEM can be cut down by 80% by hosting your software off the users computer, its only a matter of time before all AV's are cloud AV's. If you want to have a safe bet without any tests you will want to keep up with technology and not reviews, and technology tells us that we should pick one of the cloud based products as they are the most logical for the future and even in their infancy right now they are doing better then all the normal AV's.

Simply put, get a cloud AV... any cloud AV as they are all pretty much going to be the same and have the same high detection rate.

Also C.O.M.O.D.O made a stupid mistake publishing the 89% and all the confidential emails as it shows that they are unprofessional and produce an inferior product. I also would not be surprised if we see C.O.M.O.D.O either die out because nobody wants those retarded amount of pop-ups and false positives! Or they will figure out something i have known for a year or two now and that is that every company will eventually have to switch to cloud based computing. This means a small simply UI that users cant screw up, full automation of detection and cleaning, advanced algorithms to clean legitimate files from attached malware and a low CPU/MEM footprint by hosting everything but the UI in the cloud and setting up something to protect the main networks so that they cant be shut down by malware thus keeping the cloud AV's of the future running all the time, not even that hard to do.

AV vendors: Simple, Hosted in the Cloud, Protect Network's and Network settings, Simple UI, Advanced Algorithms focusing on cleaning of attached malware, Hosts list's blockers instead of using URL filtering, "Its less bothersome to people" and simply focus on another algorithm to auto-isolate risky files that are likely to be malware, this means limiting what the file can do and an hourly re-scan in the cloud and automatic silent submission so a technician can check the file and class it as malware "Auto-delete" or a legitimate program where it would be removed automatically from its limited state, this also means you could generate a comprehensive white-list.

Stick to simple, light and effective guys.

 

And yeah, Comodo never fails. Sure. I've had two of my friends get infected with Comodo simply because it is hard for most users to answer popups for processes that you can't know if they're malware or safe -- and for both its AV had detected dozens of FPs while the rootkits in their machines were undetected.

About AV tests recommending different products, when you view various reports from AV-Test and AV-Comparatives, you can see a lot of the same in them -- products that perform well in one test usually perform well in the other test aswell. For example I find it hard to remember a protection test where Symantec wouldn't have got high results lately. This also means that (and I can say it from personal experience aswell) some of the commercial "piece of crap" AV software can really have high protection rates, and they're also user friendly at the same time.

About Melih's posts, in my opinion he once again doesn't really know what he's talking about; he's once again saying how AV tests are obsolete, while AV-Comparatives has the Whole Product Dynamic Test for testing protection aswell. To me it just sounds like they're trying to blacklist AV-C because their results haven't been that great.

 

And will you have to upload all your files to be scanned in the cloud...
The antivirus should be very very poor to take more time locally than to upload and scan remotely. The cloud could have the virus signatures, but after all, the engine will be faster locally.
Again, the cloud scanning myth...

Hourly uploads... I'm out

And when will they finish the whitelist? There is no comprehensive list... I think there are more clean files in the world than infected ones...

 

Yep. Not to mention it takes time to verify that something should be whitelisted.

The implication of a false positive is user inconvenience and a lack of trust in the programs abilities.

The implication of a false negative is an infection and a lack of trust in the programs abilities.

Just going by that it's easy to see that whitelisting can be very dangerous.

 

Just for the record...I'm actually a SandboxIE fanboy; Comodo is just there as a back up.

 

Not everybody in the world has fast broadband, or even broadband. Imagine what it's like for them, or would be, for their AV/AM etc trying to upload tons of data etc every day etc

Maybe some vendors only care about broadband users ?

 

I know some people who are still on 56K. I'm using the double of that speed, right now.

The day users have to upload all their stuff to be safer... Heck, will it actually happen? Or, will they simply say - Screw this... I rather get the system infected... At least, I can still surf without sacrificing speed..

 

Yeah i remember 56K What a pain

Well you're rocking then

 

WOW, so much FUD about cloud AVs.

Some clarifications:

1. Cloud-scanning does NOT EQUAL to uploading files to the cloud.
2. White-listing from the cloud makes more sense than locally stored white-listing databases. Not only is it more comprehensive, it's also much faster to deploy. (Same thing applies to black-listing).
3. Cloud-scanning does NOT REQUIRE fast broadband access. In fact Panda CloudAV consumes LESS BANDWIDTH than a traditional AV which has to download MBs of signature updates every day or few days.

 

Thanks for the info pbust.

 

@ pbust

I presume you were ONLY talking about Panda CloudAV & not ALL other vendors cloud products ?

Have you ever used HMP as just one eg: ? I have, & i can tell you it DOES upload EVERY file to the cloud it's not aware of, which can be 100's of MB's You can try to stop it uploading each file, continually on a one by one basis, for the whole duration of the scan, but often Many can slip through in the meantime

Not only that, but i had Many FP's which i posted about, but Never got excluded from HMP's database, so kept wanting to be uploaded on Every scan. = Wasting my & their bandwith

I don't know if this is still the case, as my experiences were on several previous versions.

 

I don't consider HMP a cloud av per se. To me its a multi-engine on-demand scanner.

 

@ pbust

Understood I used it as an an example of a cloud based AV product i had bandwith wasting experiences with.

 

@ pbust ~ What pbust is saying is true and i was never implying that files would be uploaded in their entirety.

Also, I should point out i was talking about a "pure" cloud AV and a good one, not one that uploads everything! I do think that its getting to the stage people will start being offered broadband connections as the price of 56k or even free from whatever GOV you live under as eventually it will get to a point where it will simply be more cost effective to give broadband to people then to support old 56k connections. Its then at this point connection speeds will be fast enough to use "any" type of cloud scanning without even effecting the user in any way.

Its gonna be simple products that install and forget with simple UI's that will be the future of AV software.

or.... dare i say it, Microsoft may actually patch windows properly *Gasp!*

PS: I honestly don't get it, Its so easy "not" to get infected in this modern era. Simply install an antivirus, any antivirus and you would be lucky to run across (5) Trojans in a whole year, the only people at risk are ones downloading pirated software and looking at pornography of various sorts, seriously.

 

Only if the file is found to be suspicious by the Behavioural Scan.

 

And what is the real and technical solution for that?
Or you're scanning, or not. Problems are the FUD about the power of the "cloud"... The magic word for sales...

Sure. Whitelisting could be done, it's much faster at the cloud... but, is a comprehensive methodology? You'll have to have such an infinite whitelist or, what will happen, you'll need to "wait" until the file is whitelisted...

The virus signatures could be in the cloud, the problem is the scanning.
Only weak antivirus do not use incremental updates: few bytes each update.

 

So, they're not being scanned... Without the file, no scanning.

In fact, even on line scanners just download the engine/definitions and do not upload the files.
The cloud av will keep some "features" in the cloud: some definitions, some remote code execution/analysis... But when we're talking about scanning and protection (not only detection), sooner or later, you need to do it locally.

 

Correct!
HMP is a Second-Opinion Cloud-based Scanner...

 

Comodo vs. AV-C

Comodo vs. AV-C

Whom to believe after all?

I'm happy I'm Not using any Resident AV; just some on-Demand Tools...

 

Hmm finally we learn that Comodo has been tested by AV-C.

Good performance there, I expected it to be really bad.

So sad that Comodo and AV-C have not been able to resolve this conflict internally......

 

The point of whitelisting is not to stop all but the whitelist from running, it's to ensure that as many programs as possible are compatible. You don't need a whitelist of every application for whitelisting to work, not even close to that.

 

Number of false positives 513 - really good performance!

 

So I think.

 

No disrespect intended but I don't think you have a clue of what you're talking about.