AV-Comparatives Report: Kaspersky tops Best AntiVirus, Anti-Malware software list

Previous Article

Microsoft releases VideoLoops: A GIF creator tool with progressive dynamism

Next Article

Nokia Lumia 525 specs announced, comes with 1 GB of RAM


  1. What’s always interesting to me, with these reports, is that if they dare to include COMODO INTERNET SECURITY (CIS) in the study, CIS tends to score anywhere from somewhere in the lower to middle part of the upper half (to sometimes in the top five) as far as pure anti-malware protection (and especially Hosts Intrusion Protection (HIPS) is concerned…

    …but CIS’s firewall is consistently number 2, right behind Kaspersky’s firewall…

    …even though Kaspersky’s is paid/commercial, and CIS is freeware. CIS, then, is worth downloading and using, just for its firewall (turning-off all its other features) even if you prefer pretty much any other commercial or free anti-malware suite besides Kaspersky! I, personally, like the rest of CIS enough that it’s pretty much all I use, now… er… well… except for the additional freeware things I herein now list…

    …to create my own sort of pseudo-suite that, taken as a whole, will easily perform as well as or better than Kaspersky’s suite.

    Don’t get me wrong: Kaspersky has long been pretty much best-of-breed, across the board, whether compared with freeware or commercial products. Others have their strong points, but Kaspersky has, for a long time, been my recommendation to anyone willing to pay for a commercial product, and the annual subscriptions. No argument there, from me.

    However, if they insist on freeware, then, seriously, CIS has no rival. Granted, CIS is not as user-friendly as it could be; and until CIS is finally “trained” to all the apps on the machine, and so stops popping-up alerts wanting to be told if the app’s trusted or what, then it’s a bit of a pain in the rear, even for someone very technical who knows how to respond so such pop-ups (and so just imagine how confusing it can be for the non-technical). That’s CIS’s Achilles Heel, I’m sorry to admit. But once it’s “trained,” seriously, CIS is pretty much best-of-breed among freeware. It wasn’t at first, but its anti-malware has pretty much caught-up with everything else out there; its HIPS is second-to-none; and its firewall, again, is second only to the commercial Kaspersky.

    Then use “OpenDNS” as your DNS (instead of the DNS that your Internet Service Provider (ISP) provides), creating a free “Preimium” account thereon, and using the free “OpenDNS Updater” app in the Notification Area to ensure that OpenDNS will always tie your Windows machine to your aforementioned OpenDNS account, and will use its configuration settings, which configuration includes blocking access to bad things, and utilizing OpenDNS’s superior anti-phishing features. (Be sure to manually configure your copy of Windows to use OpenDNS’s nameservers at and; plus, you can even put your own logo and error messages on the search page that appears whenever an invalid URL is keyed-into the browser’s omnibox or “Address:” field!)

    Then add a free HOSTS file manager like “HostsMan,” which, in turn, auto-downloads and keeps up-to-date at least the anti-adware pre-configured free HOSTS files from such as “hpHOSTS (Ad and tracking servers only)” and “Peter Lowe’s Adware Servers” (plus maybe “MVPS Hosts,” although that one tends to have so much stuff in it that you’re constantly adding exceptions, so maybe that, plus the full” hpHOSTS” versions, should be avoided). (Be sure to configure “HostsMan” to show its icon in the Notification Area; and to automatically start with Windows; and to “Enable Hosts on Exit;” and to not import possible hijacks; and to replace IP with; to enable auto-update and not show a message when it does so; and — and this is important, or you’ll lose any customizations you make whenever there’s an auto-update — merge, don’t overwrite, the HOSTS file when auto-updated; but not to optimize the HOSTS file (else it’s harder to read and find stuff in the editor). A good HOSTS file, if properly maintained, will keep your browser from even accessing bad things… it’s almost better than any of the other items, here, believe it or not. Be sure to also activate HostsMan’s “HostsServer” and put its icon in the Notification Area; and configure it to start automatically with Windows and HostsMan; to display an “image” on blocked sites; to return the “200 – OK” error message on blocked sites; and to bind 127.0.01 to Port 80 (and make sure to start it before minimizing it to the Notification Area after configuration). Sometimes too many things are blocked, and so with time, as you learn that the HOSTS file is blocking something you actually need, you’ll be able to add things you don’t want blocked to HostsMan’s “Exclusions” list. Once it’s trained, though, and if you “merge” and don’t “overwrite” the HOSTS file when updated, your exclusions will be remembered and the net HOSTS file will be fined-tuned perfectly! Perhaps the biggest coolness is how the settings I’ve herein prescribed will cause most advertising on most web pages to simply disappear; and, even cooler yet, in most cases (as long as modern DIVs and CSS are used in the site’s code to create the areas where ads appear, and such areas are not old-fashioned fixed-size boxes in tables), the areas where ads would have appeared just collapse down into nothingness, and text just wraps in around it, as if it was never there! So cool!

    Then use the freeware version of “Spyware Blaster” to twice-monthly manually “innoculate” the registry against malware that is known to attack IE, Chrome and/or Firefox. (Don’t use any other of Spyware Blaster’s settings/features.

    Then use the freeware version of “SuperAntiSpyware,” and the freeware version of “Malware Bytes” to perform manual whole-system scans (do on one night of the weekend, and the other the other night, while you sleep, so you won’t have to sit around and wait for them). (Be sure to always update their databases immediately before using them.) SuperAntiSpyware can even be configured to put its icon in the Notification Area and though the freeware version won’t provide realtime monitoring, it will at least guard against (and notifiy you of attempts to, and block) malware that tries to change your default browser’s default homepage; and it also contains a wealth of cool tools to fix the common things that malware does to computers if it happens to get through and infect it… I just *LOVE* SuperAntiSpyware… even only the freeware version. And Malware Bytes is superior at detecting “Zero Day” malware… that is, malware that’s so new that no one’s anti-malware databases include it yet. I would never operate a Windows machine without those two apps on it, and using them to do a weekly whole-system manual scan using each.

    Then use the freeware “Adblock Plus” extension in either Chrome or Firefox; using, at minimum, the “EasyList” adware list in it (which list can also be manually installed into IE in the “Tracking Protection” part of its “Manage Addons” area). (EasyList also makes a “Malware Domains” and “EasyPrivacy” list that’s probably worth downloading to Adblock Plus, too; but use the regular “EasyList” at the very least. Also uncheck “Allow some non-intrusive advertising”.) Adblock Plus’s “whitelist” feature is what you’d use to unblock advertising on sites like HULU that refuse to let you see videos unless you allow ads; and that’s all documented on the Adblock Plus website.

    Then use the freeware version of McAfee Site Advisor (just go to the Site Advisor website and to its “Download” page to read all about precisely what it does and how it does it, then find the freeware version download button at the very, very bottom of said page). It will keep you from visiting dangerous sites; and unlike the only-seemingly-competing “Web of Trust” (WOT) (which is crowd-sourced, and so is nothing but a worthless popularity contest), Site Advisor decides what sites (and its pages) are safe based on its servers, armed with all the more than three decades of McAfee wisdom, crawling the entire Internet and literally virus-scanning the sites it finds, and then rating them; which is why it’s able to put little green, yellow or red globes (green for “safe to visit”, yellow for “visit with caution,” and red for “stay away”) next to Google (and other search engine) search results; and also even links on Facebook and other social networking sites. Site Advisor is best-of-breed; and if you actually refuse to visit any sites it flags as “red,” and visit with caution any it flags as “yellow” (and it’ll pop-up an interrupting web page to warn you), then that, alone, will almost protect you, even without everything else listed here.

    Then use the freeware both “Ghostery” and Abine’s “DO-NOT-TRACK-ME”, extensions in Chrome and/or Firefox; or browser helper objects (BHOs) in IE (or, if not available as BHOs in IE, then download and install their lists in the “Tracking Protection” part of IE’s “Manage Addons” area). Both of them, by default, will block too much… for example, they’ll even block Disqus and Facebook commenting systems; and the servers that allow videos to run on many CBS News local station websites and stuff like that. But it’s really easy to see, when you’re on a given page, what’s being blocked, and then either unblock what you need whever on that page only, or, better yet, to just unblock it globally. It takes a little while to figure it all out, but once it’s fine-tuned, it’s maggnificent!

    This killer combination/pseudo-suite of completely freeware tools, starting with CIS, and running right down to and through “Ghostery” and “DO-NOT-TRACK-ME”, will, trust me, not only protect your computer from pretty much anything and everything that could possibly get through and harm it (as long as you’re not doing stupid stuff and visiting hacker/cracker and porn and phishing sites and stuff; and as long as you properly answer and/or respond to the admittedly sometimes-difficult-to-understand CIS pop-ups during the period that CIS is being “trained” to the computer), but it will do so every bit as well as not-free, commercial suites like Kaspersky. Every bit.

    I’m serious. I’ve been using this killer combo/pseudo-suite for years, saving myself tons of money on both initial anti-malware software costs, and also their ongoing annual subscription renewal fees…

    …and nothing — and I mean *NOTHING* — bad has gotten through. Of course, there’s also a hardware firewall built-in to my router, and that makes a difference, too; but lots of people have that. Most DSL and cable modem broaddband providers now include pretty decent routers with four-port cabled switches in them, and with WI-FI capability; and most of those, these days, include some kind of rudimentary hardware firewall built right in. Plus, if they use NAT for local-area-network (LAN) IP address configuration, that, alone, can function as something of a pseudo almost-firewall. Between that and the firewall built-in to CIS (which CIS firewall fires-up so early in the Windows boot-up sequence that it, alone, can pretty much protect a Windows machine even if it’s under continuous attack through the DSL or cable modem and router/switch during said boot-up sequence… it’s THAT good!).

    Couple CIS’s (or Kaspersky’s which is admittedly a little better than CIS’s, but it’s not free like CIS’s) firewall with the even only rudimentary one built-in to virtually any modern ISP-provided cable or DSL router (or even an aftermarket one bought at your local computer store), and, trust me, ain’t nuttin’ gettin’ through! Even if all you have is a cable or DSL modem, directly connected to your Windows computer running CIS’s firewall, trust me, ain’t nuttin’ gettin’ through during boot-up or at any other time. Again, CIS’s firewall is *THAT* good!

    Anyway, that’s my killer combination/pseudo-suite. And boy-oh-boy does it ever work!

    I’ve had people suggest that I should add things like TrendMicro’s “RUBotted,” for example, to protect against botnets; but, trust me, stuff like that — including even rootkits — is already protected against just in what I’ve herein suggested. Adding more realtime protection to the Notification tray just slows things down (although, that said, paying for an annual SuperAntiSpyware subscription to get the “Pro” version so you can get auto-updates, realtime protection and scheduled scanning, could be worth it; and it doesn’t use any more memory or processor cycles than having SuperAntiSpyware’s free version’s icon in the Notification area to protect against browser home page hijacks; so THAT commercial one I actually DO recommend, but it is absolutely NOT necessary).

    TrendMicro also makes “BrowserGuard,” a direct competitor to McAfee’s “Site Advisor” (and some ignorantly think also WOT), but Site Advisor is infinitely superior. Stick with Site Advisor.

    One thing that’s not included in anything I’ve herein written is any kind of email encryption if you’re using an email client (like Windows Live Mail, or Mozilla Thunderbird, etc.) on your Windows machine. Comodo makes a free email certificate as a first step, and TrendMicro makes a free email encryptor which is quite good for such things…

    …or, possibly better yet, if you use web-based email (like Yahoo!, GMAIL, etc.), then just configure your browser so that it always uses SSL encryption (https://) and all communications between your browser and such as GMAIL is encrypted automatically. That’s what I do. I gave-up on Windows Live Mail (or Outlook Express, before it) a long time ago. One finds onself out in the world without one’s computer, and needing to use a web-based email interface on someone else’s machine, anyway, so why not just do everything in the GMAIL web interface, I’ve come to realize… or Outlook’s… or Yahoo’s… whatever. That said, if you use a USB flash drive on your keyring, with all your apps on it, like I’ve started doing, then using something like Windows Live Mail again could start to make sense…

    …speaking of which, here’s a helpful-hint-o’-th’-day regarding emal and spam filtering: For a long time, the premier, best-of-breed email spam filtering software system for installation on email servers was made by “Postini.” So good was it that Google inquired of Postini what it would cost to install on their vast number of GMAIL servers; and it ended-up being cheaper for Google to just purchase the whole Postini company… which it did. Ever since, Google’s GMAIL spam filtering has been using the superior Postini software; and it’s even MORE potent because GMAIL’s Postini spam filters are constantly being “trained” by all of GMAIL’s now-nearly-half-billion users making things as spam every single second of every single day. Once GMAIL’s spam filters are tweaked by any given user for his/her own purposes (which only takes about a month, initially; and then should be reviewed monthly… in either case, by simply reviewing the contents of the spam folder and unmarking-as-spam anything that shouldn’t be there; and then reviewing what’s in the inbox and marking as spam anything that should be there… about monthly), they’re dead-on accurate… more so than any other email system on the planet. GMAIL’s anti-spam filter is best-of-breed… by a longshot.

    And so, regardless whether you just use GMAIL as your normal web-based email interface, or you use a desktop email client like Windows Live Mail or Mozilla Thunderbird, as long as all your incoming email passes through a GMAIL account, it gets spam filtered like no other! In fact, even other web-based email systems like Yahoo and Outlook can use GMAIL’s spam filtering by simply somehow having all email pass through it… in other words, land in a GMAIL inbox, even if such as Outlook or Yahoo (or a desktop client like Windows Live Mail or Mozilla Thunderbird) turns around and pulls it right back out again via POP3. Of course, having those other email either systems or clients communicate with GMAIL using IMAP will allow it all to just stay in the GMAIL system, yet you can use your preferred Outlook, or Yahoo, or Windows Live Mail, or Mozilla Thunderbird, or whatever interface you prefer instead of GMAIL’s. I’m not going to go into how to set it all up in this posting, but I’ll happily explain it in another one if anyone wants the details; though, that said, they’re out there in forum and blog and article postings if you just Google for ’em. Anyone reading this just let me know if you’d like details.

    Speaking of browsers, and encrypting their communications, using a browser that’s exceptionally secure, instead of Chrome, such as SR Ware’s “Iron” browser, or Comodo’s “Dragon” browser can help protect you against all manner of the things that Google does, in Chrome, to violate your privacy. Along the way, such browsers use all manner of little tricks to keep all browser traffic secure, and even to protect it — at least a little — from “just generally” bad things. Comodo Dragon’s good at the “just generally” bad things part; and not bad at blocking Google’s privacy violations normally found in Chrome. But SR Ware’s “Iron” browser is king of the hill when it comes to keeping Google from tracking what you do. It’s a Chromium-based browser, exactly like Chrome, and is by far the closest to being a dead-ringer copy of Chrome. It’s also kept more up-to-date than Comodo Dragon; and only Iron comes as both an installable and portable version. Portable versions of Chrome which haven’t been made that way using the only pseudo-portable “Portable Apps” method are hard, indeed, to find (though, that said, if memory serves, Comodo Dragon can be installed so it’s portable… at least I think). I like Comodo, and am CIS’s biggest fan, but I’ve always kinda’ disliked Comodo Dragon, if for no other reason than that it just isn’t kept as up-to-date as the “Iron” browser (which Iron browser tends to be only a few days to no more than a few weeks behind whatever is the latest Chrome version; Comodo Dragon can be MANY whole version numbers behind at any given moment).

    Firefox users who want Comodo Dragon’s features, but in a Firefox-based browser, will like Comodo Ice Dragon… but it, too, is often many Firefox whole version numbers behind actual Firefox. I can’t remember if Comodo Ice Dragon can be portable, either, though.

    I’m using SR Ware’s “Iron Portable” browser exclusively, now… and I love it, and I’ve never looked back. It’s so nearly-identical to Chrome that pretty much anything Chrome can do (or extension or app it can use), so can Iron. Using a user agent switcher extension, you can make Iron’s user agent identical to Chrome’s so that no website can tell the difference; and starting in January of 2014, when Google makes it so that users may not install extensions and/or apps into Chrome which do not come from the Google Chrome Webstore, Chrome-alike/chromium-based browsers like Iron (or possible Comodo Dragon) will be the only ones that will still allow installation of .CRX (Chrome extension) files by means of dragging them from whatever folder on the Windows machine they’re in, onto the Chromium-browser’s “Extensions” page, as Chrome now allows, but won’t starting in January 2014.

    [sigh] Oy! That’s all I can think of to write, for now. And it’s enough, in any case!

    Hope that helps!

    Gregg L. DesElms
    Napa, California USA
    gregg at greggdeselms dot com

    Veritas nihil veretur nisi abscondi.
    Veritas nimium altercando amittitur.

  2. Thanks for sharing your recipe for the best security suite. I agree with most of the things you have pinpointed.

    One thing I would like to point out is AV-Comparitives only tests the vendors which sign-up (and pay) for its service. In my opinion, whatever days I used Norton, I didn’t find it very effective. On the other hand, even the free edition of AVG is pretty rock solid. I have been using and experimenting with these services for like 12 years now, and I still find AVG to be among, if not THE best. So these tests, although, seem very noble, I don’t think they are so perfect. The result of the said test depends on the malware samples which were taken, and how many vendors actually participated. And it is not just about your protection from the malware, anymore. Recently we learnt that many security firms whitelist the surveillance tools from NSA. Hence there are just way too many things to go through before you declare one Anti-Virus to be better than the other.

    Just one thing, because I am part of this field, I won’t recommend you to use Adsense or any other ad-blocking services. I get that people find adverts annoying, and to whom are we kidding, there are so many vicious advertisements floating around too, but you have to think why adverts were there at first place. Most of the websites you visit, are sourcing all their income from those advertisements only. When you block them, it leaves a big dent in the monthly remuneration.

  3. MANISH KUMAR SINGH WROTE: One thing I would like to point out is AV-Comparitives only tests the vendors which sign-up (and pay) for its service.

    MY RESPONSE: Yes, I know; and in the version of what I wrote here that’s on my Facebook page, I included that I don’t like that about AV Comparatives; that it would be better if the tester sneaked-up on the AV companies and reviewed their products whether or not they wanted them reviewed. That would certainly make the tests more credible.

    MANISH KUMAR SINGH WROTE: Recently we learnt that many security firms whitelist the surveillance tools from NSA.

    MY RESPONSE: Actually, they’ve been doing that pretty much forever. AV tools made outside the USA are not so quick to do it, though. Still, it’s a long-standing vexing problem. I know that Comodo does not do this… never has.

    MANISH KUMAR SINGH WROTE: I won’t recommend you to use Adsense or any other ad-blocking services. I get that people find adverts annoying, and to whom are we kidding, there are so many vicious advertisements floating around too, but you have to think why adverts were there at first place. Most of the websites you visit, are sourcing all their income from those advertisements only. When you block them, it leaves a big dent in the monthly remuneration.

    MY RESPONSE: Understood. And agreed. And my bad for not making myself more clear in my earlier writing. I should have expanded more on the part where I wrote about using the whitelisting feature of Adblock Plus to allow, for example, Hulu’s ads so that its actual video content could be used. The whitelisting should also be used to allow ads on certain sites that we want to support. It just has to be done on a site-by-site basis. I, for example, allow ads in this site, Ghacks, Addictive Tips, and an actually kinda’ long list, now, of other sites that I wish to support in my small way. Everyone should do that. My biggest (though not only admittedly) reason for suggesting adblockers is precisely what you wrote: that there are “vicious advertisements floating around, too;” and when one allows ads to be seen on a site, McAfee’s Site Advisor can help to flag any that might be dangerous.

    Gregg L. DesElms
    Napa, California USA
    gregg at greggdeselms dot com

    Veritas nihil veretur nisi abscondi.
    Veritas nimium altercando amittitur.

  4. Yeah, only the security firms which sign-up and pay for the service get their products tested.

Leave a Reply

Your email address will not be published. Required fields are marked *

4 + 5 =

Share via
Copy link