spywar's config
- Thread starter spywar
- Start date
- Feb 1, 2013
- 970
Zurchiboy said:
Thanks for your time!! Comodo says these but I cannot clearly get what they exactly do:
•Enable scanning optimizations – On selecting this option, the antivirus will employ various optimization techniques like running the scan in the background *(what are the others?)* in order to reduce consumption of system resources and speed-up the scanning process (Default = Enabled)
•Run cache builder when computer is idle - CIS runs the Antivirus Cache Builder *(what type of cache is this? permanent or only with current database, until the next reboot etc)* when the computer is idle, to boost the real-time scanning. If you do not want the Cache Builder to run, deselect this option (Default = Enabled).
- Feb 1, 2013
- 970
I just tested Avast in Windows 8 and CIS in Windows 7 using the leak/hips test app from Comodo (http://personalfirewall.comodo.com/cltinfo.html). Windows firewall is off in both installations. Maybe there is some difference because of the different Windows versions.
I left Avast firewall settings as default and behaviour blocker to ask instead of autodecide. You can check CIS related configuration settings in the screenshots attached. When running the application at first, CIS asks to run it isolated. The test described was done with unlimited access for CIS so as to be fair as Avast did not autosandbox anything.
[attachment=4234]
[attachment=4235]
During the test avast behaviour shield showed one warning concerning access to system/drivers (deny option). CIS prompted about clt.exe trying to connect to the internet (clt.exe) (blocked only).
The first screenshot is about Avast and the second about CIS. As you can see the Windows 8 setup shows better results.
[attachment=4236]
[attachment=4237]
I know I must have done the test in the same WIndows setup but I didn't want to do changes at the moment.
I left Avast firewall settings as default and behaviour blocker to ask instead of autodecide. You can check CIS related configuration settings in the screenshots attached. When running the application at first, CIS asks to run it isolated. The test described was done with unlimited access for CIS so as to be fair as Avast did not autosandbox anything.
[attachment=4234]
[attachment=4235]
During the test avast behaviour shield showed one warning concerning access to system/drivers (deny option). CIS prompted about clt.exe trying to connect to the internet (clt.exe) (blocked only).
The first screenshot is about Avast and the second about CIS. As you can see the Windows 8 setup shows better results.
[attachment=4236]
[attachment=4237]
I know I must have done the test in the same WIndows setup but I didn't want to do changes at the moment.
Attachments
Please be aware that the CLT is not designed for applications that utilize a sandbox. Sandboxing will give erroneous results during the tests.
And yes, the caching system of the AV is persistent. Once a file has been scanned, it will only be scanned again if the file has changed in some way.
And yes, the caching system of the AV is persistent. Once a file has been scanned, it will only be scanned again if the file has changed in some way.
- Feb 1, 2013
- 970
Update: I did the tests in another PC with Win8, avast 8 free and Windows firewall enabled. The score was 190 so it's not Windows 8 that gave the boost, it was the Avast firewall.
I also did the test in my Win7 installation using KIS 2013 (removed CIS). At default the score was 200. clt.exe was in low restricted group so I after the first test I moved it to high restricted to see the score. In this case the score was 300!
I stop it here so not to post irrelevant things in spywar's thread xD
I also did the test in my Win7 installation using KIS 2013 (removed CIS). At default the score was 200. clt.exe was in low restricted group so I after the first test I moved it to high restricted to see the score. In this case the score was 300!
I stop it here so not to post irrelevant things in spywar's thread xD
To HeffeD : When can we expect the real BB just like Mamutu ? Has egemen talked about that since July 2012 ?
Currently CAMAS is a cloud based Behavior Blocker, I'd prefer something local and if local is not able to detect suspicious behavior then it submits to valkyrie which will make a detailed analysis of the PE.
Currently CAMAS is a cloud based Behavior Blocker, I'd prefer something local and if local is not able to detect suspicious behavior then it submits to valkyrie which will make a detailed analysis of the PE.
House_maniac
Level 1
- Sep 21, 2011
- 426
CIS 6.1 with all default settings (just have changed full scan, I checked cloud scanning and heuristic).
House_maniac
Level 1
- Sep 21, 2011
- 426
ok great i'm using default setting too with virtualized sandbox and enhanced protection ticked on! you changed heuristic to high or low?spywar said:
Just enabled heuristic under the settings of full scan so it's still on "low".House_maniac said:
I thought you switched to comodo after doing a big test on avast and seeing the test machine get heavily infected.
Hi, yes In fact I did a mistake, I have a dedicated test machine where I installed Avast 8 to test it 
On the same machine I had EAM 7 for testing. Of course on MAIN machine it's CIS installed.
On the same machine I had EAM 7 for testing. Of course on MAIN machine it's CIS installed.spywar said:Hi, yes In fact I did a mistake, I have a dedicated test machine where I installed Avast 8 to test it
Thanks for the clarification
For a second I though Avast had implemented some of their new technology.What features of avast do you have installed, and what are non-critical in your opinion? Especially when it comes to your malware testing.
Similar threads
