http://remove-malware.com/anti-malware-reviews/avast-prevention-test-videos/

thats why is not good idea to depend on signuture base antimalwares cause can fail anytime;D proactive is the way to go:thumb:
note:it is 2 videos,get some popcorn and watch some action movie

Avast is going downhill ... :ouch:

-{ Quote: "Avast is going downhill ... :ouch:" }-

Lol.it's Just a test.Interesting as always as it shows reallife situations..Btw why doesn't Matt use task manager,or Process Explorer to see what's running?
And avast block 4 out of 5 i belive which is not bad for an av without a heuristic module

-{ Quote: "Lol.it's Just a test.Interesting as always as it shows reallife situations..Btw why doesn't Matt use task manager,or Process Explorer to see what's running?
And avast block 4 out of 5 i belive which is not bad for an av without a heuristic module" }-but the one avast missed made a disaster:thumbd:plus it was a simple test but matt used real malware

-{ Quote: "but the one avast missed made a disaster:thumbd:plus it was a simple test but matt used real malware" }-
True.But All the av's that will face similar conditions will do that at one point,even if some will catch all threats during one review.I hope we won't be talking about what 'happy clicker' one must be to surf with IE and choose run to something named"codec .exe" :-)I'm saying that i don't think Avast deserves such a negative title as it caught 4out of 5 and it alerted about email spam from the one it missed.

-{ Quote: "True.But All the av's that will face similar conditions will do that at one point,even if some will catch all threats during one review.I hope we won't be talking about what 'happy clicker' one must be to surf with IE and choose run to something named"codec .exe" :-)I'm saying that i don't think Avast deserves such a negative title as it caught 4out of 5 and it alerted about email spam from the one it missed." }-maybe for you or other people in this forum but outside this forum there are people and believe me on this one click on any thing just to get rid of a pop up or what ever is in their way,now couple of my friends who call me for pc infections are not geeks and guez what they have for security?norton avast or mcaffe;D
note:if i have any negative reaction on my pc and get infected for sure it will deserve this negative title

-{ Quote: "http://remove-malware.com/

thats why is not good idea to depend on signuture base antimalwares cause can fail anytime;D proactive is the way to go:thumb:
note:it is 2 videos,get some popcorn and watch some action movie" }-

Thanks for the thread man! ;)

-{ Quote: "Thanks for the thread man! ;)" }-
your welcome:thumb:

-{ Quote: "maybe for you or other people in this forum but outside this forum there are people and believe me on this one click on any thing just to get rid of a pop up or what ever is in their way,now couple of my friends who call me for pc infections are not geeks and guez what they have for security?norton avast or mcaffe;D
note:if i have any negative reaction on my pc and get infected for sure it will deserve this negative title" }-

Yup..90% of the people out there are "click first and ask questions later". The only real prevention I've ever seen to date would be DefenseWall...sandboxing rulez....

-{ Quote: "Yup..90% of the people out there are "click first and ask questions later". The only real prevention I've ever seen to date would be DefenseWall...sandboxing rulez...." }-yeap.
are you or did you ever test drivesentry?

should test sandboxie against something like keylogging in the sandbox or breaching the sandbox ;D

-{ Quote: "yeap.
are you or did you ever test drivesentry?" }-

Actually I've been reading Drive Sentry product info all day. I can't wait to test it. I'm going to do a install, config and prevention review this weekend.

Avira Free prevention tests are going up tonight.

-{ Quote: "should test sandboxie against something like keylogging in the sandbox or breaching the sandbox ;D" }-

I gotta say I really didn't like sandboxie (maybe I was just missing something). I felt like DefenseWall was pretty easy to use and polished.

defensewall is probably easier to use (after using both) but sandboxie is more flexible, and more relying on your decision if you want something to run with full privilege so that thers no problems or if you want something sandboxed. i use it more of an on-demand solution and defensewall is a real-time solution, at least in my mind.

-{ Quote: "defensewall is probably easier to use (after using both) but sandboxie is more flexible, and more relying on your decision if you want something to run with full privilege so that thers no problems or if you want something sandboxed. i use it more of an on-demand solution and defensewall is a real-time solution, at least in my mind." }-
realtime sounds good to my ears:thumb:

-{ Quote: "Actually I've been reading Drive Sentry product info all day. I can't wait to test it. I'm going to do a install, config and prevention review this weekend.

Avira Free prevention tests are going up tonight." }-cool8) dont forget this one has a malware database plus hips fuction together;)

-{ Quote: "Actually I've been reading Drive Sentry product info all day. I can't wait to test it. I'm going to do a install, config and prevention review this weekend.

Avira Free prevention tests are going up tonight." }-avira8) cool i am going to the store and get a 2 litle pepsi and some popcorn:thumb:

I like to see twister AV tested with its FDD Hips.Despite some FP,I found its FDD impressive.

-{ Quote: "I like to see twister AV tested with its FDD Hips.Despite some FP,I found its FDD impressive." }-dave does twister have a hips built in?

Yes it does and they offer I believe it was a three month trial.

-{ Quote: "Yes it does and they offer I believe it was a three month trial." }-do you have the link?i love hips;) does it have self protection and can twister protect other application from manipulation?thanks again dave/john;D which one?ah what the heck john it is:thumb:

Hey Jmonge cant get the link to work for some reasons.You can google it Twister antivirus. by filesclab

-{ Quote: "Hey Jmonge cant get the link to work for some reasons.You can google it Twister antivirus. by filesclab" }-sure,thanks i will check this one out

Was Windows and IE up to date? An updated OS and software should be the foundation of any security setup.

4/5 caught is pretty darn good. Heck, I only have 3 samples because I'm a newbie and a highly recommended anti-malware is blind to 2 out of 3. We all know that signature based protection is not enough but we can't exactly install a noisy HIPS on our families computers.

It would also be interesting and more real if he had tried the links one at a time on a clean system. Nobody on Earth is going to click 5 bad links in a row. That way the hourglass wouldn't be on constantly.

-{ Quote: "Actually I've been reading Drive Sentry product info all day. I can't wait to test it. I'm going to do a install, config and prevention review this weekend.

Avira Free prevention tests are going up tonight." }-

I would love to see a similar test with Comodo Internet Security (after the soon to be released update) and Rising AV.

-{ Quote: "Avast is going downhill ... :ouch:" }-Avast has been tested & re-tested & re-tested for literally years & years, by pros with malware databases in the multiple thousands. Then along comes an amateur with a 5-item test-basis, and we are to decide Avast is going downhill? Good grief!

-{ Quote: "I like to see twister AV tested with its FDD Hips.Despite some FP,I found its FDD impressive." }-You want to see TAV tested by a non-professional with a miniscule malware database? Whatever for?

Hey, this sort of stuff is good fun to read, but any IT who based a buy/non-buy decision on this sort of thing would place his job in serious jeopardy. In any event, the only test data that have any real value are produced by COMPARATIVE tests of several SIMILAR security applications, using a LARGE database of contemporary REAL, in-the-wild malware. Anything else is mere fluff.

Avast! by Alwil is a very strong AV but you must remember that talented programmer students worldwide as well as seasoned ones are always out to detect shifts in certain AV patterns they can claim as success in exploiting known first as Proof-of-concept by some and actually released as a disruptor by the others.

The end user gets throwed off balance by these but IMO they serve also to make AV programmer teams take notice and work even more diligently to plug those holes. I don't know of any AV that is 100% untouchable by any stretch at some point in time, thats why it's always a good idea to keep on hand and use other security programs like Behavior Blockers (Mine is MAMUTU) for one and a very reliable HIPS unless it's built into your AV of choice and is proven itself worthy of confidence.

EASTER

No need to hit the 'panic' button or calling out, 'the whole sky is falling'.

Regarding avast!, an infected user would either be encouraged to perform a boot scan to pick up the file, or seek further support. eg. post on the avast forum, and have the problem file identified.

Hey, they might even be recommended to install something simple, like a-squared's hijackfree, see all running processes, or ports, identify the problem, and then kill and delete the problem file, all done!

No AV program is 100 per cent effective, if you find it, let us all know! ;)

Regarding HIPS, or sandboxed programs, yes by far they are more effective, but then you have the same problem with a novice user having difficulty using the program. For example, shutting down/quarantining a legitimate system process, or complaining, 'where did my important file go that I downloaded? I downloaded file from email, deleted email, and now file is gone. I'm screwed!' (sandbox program either rolled-back/or deleted contents).

-{ Quote: "'where did my important file go that I downloaded? I downloaded file from email, deleted email, and now file is gone. I'm screwed!' (sandbox program either rolled-back/or deleted contents)." }-
This case is not for my software, definitely.

-{ Quote: "This case is not for my software, definitely." }-

Hehehe... Good for you man. :-) (I'm not being sarcastic either).

If sandboxie isn't setup to recover the same path as the browser download folder, a file may be lost. It was only until recently, sandboxie addressed IE downloads, as on some occasions I had to manually look through the sandboxed contents and find the file I wanted to keep.

Ilya, by default, DefenseWall keeps all changes and files which is great. And by default, with no user interaction, your program is rock-solid and better than an AV.

But with every program, you'll have the odd occasion, a novice say attempt to change settings they shouldn't. For example, perform a roll-back (which they shouldn't do), without realising anything downloaded will disappear. But as I mentioned, by default, your program won't cause a user any concern.

I think my point is, AV programs are intended to be simple, and straight-forward and cater to all everyday users. For most users, they do a good job. But for those who browse around a little deeper, visit unknown sites, download suspect files, run unknown files prompted in the browser for no reason, they aren't going to provide bullet-proof protection.

-{ Quote: "Avast has been tested & re-tested & re-tested for literally years & years, by pros with malware databases in the multiple thousands. Then along comes an amateur with a 5-item test-basis, and we are to decide Avast is going downhill? Good grief!

You want to see TAV tested by a non-professional with a miniscule malware database? Whatever for?

Hey, this sort of stuff is good fun to read, but any IT who based a buy/non-buy decision on this sort of thing would place his job in serious jeopardy. In any event, the only test data that have any real value are produced by COMPARATIVE tests of several SIMILAR security applications, using a LARGE database of contemporary REAL, in-the-wild malware. Anything else is mere fluff." }-

Avast is fine for a second or third opinion (using on-demand scans), but it shouldn't be used in the real world since it has no HEURISTIC engine. These days threats are released every second (forget zero-day).

Would you install an antivirus with no heuristic engine for clients that you want to keep for life? I don't think so. I'd have a lot of angry infected users and in the end they would lose trust in my ability to protect their family PC's.

-{ Quote: "This case is not for my software, definitely." }-

Agreed. I run DefenseWall and haven't seen anything like that.

-{ Quote: "Avast is fine for a second or third opinion (using on-demand scans), but it shouldn't be used in the real world since it has no HEURISTIC engine. These days threats are released every second (forget zero-day).

Would you install an antivirus with no heuristic engine for clients that you want to keep for life? I don't think so. I'd have a lot of angry infected users and in the end they would lose trust in my ability to protect their family PC's." }-

But then again also heuristics cant keep up with "zero second" malware, thats y most vendors offer different types of protection technology in 1 package to provide a descent defense. Its up to the users not top depend solely on 1 penetrable solution.

i think that antivirus is a thing of the past,dont get me wrong but proactive is the way to go smell the coffee and get real;D ,how many times people get their antivirus up to date and still get infected?i havent use any antivirus/antispyware for 2 years already without a scratch:thumb: then again
open your eyes proactive is the way to go admited;D

-{ Quote: "But then again also heuristics cant keep up with "zero second" malware, thats y most vendors offer different types of protection technology in 1 package to provide a descent defense. Its up to the users not top depend solely on 1 penetrable solution." }-

Yup, very true. HIPS and Sandboxing are the future.

-{ Quote: "i think that antivirus is a thing of the past,dont get me wrong but proactive is the way to go smell the coffee and get real;D ,how many times people get their antivirus up to date and still get infected?i havent use any antivirus/antispyware for 2 years already without a scratch:thumb: then again
open your eyes proactive is the way to go admited;D" }-

Agreed. I stopped running AV on our PC's at home once I discovered DefenseWall (sandboxing).

-{ Quote: "Agreed. I stopped running AV on our PC's at home once I discovered DefenseWall (sandboxing)." }-
cool8) well they can be use as a second opinion(on demand scanning) antivirus detect malware for me not satisfy to detect,prevent make me more satisfy;D prevention is better than the cure:thumb:
note:i am watching the avira video

The average Family ,I would have to say wouldn't have other means of security other then Antivirus or a suite.Heuristics or not if you have bad habbits or just careless or perhaps think your beyond infection because the guy down the street told me that X has the best detection in the world because its heuristics are the best and testing labs say so.I say best wishes to them. That said, I have used avast for yrs,and had 1 infection while using Avast, but avast nailed it on a boot scan.Avast can be a very effective weapon in the right hands.Example my Neice's husbands computer is a mess it will not even run.I can recommend Him the products we see and use in here and He would probably still turn it to ****,Because his habbits are extremley bad on a computer he visits every adult site one could imagine and downloads everything under the sun,beside the fact he would disable anything blocking his way.

-{ Quote: "Avast is fine for a second or third opinion (using on-demand scans), but it shouldn't be used in the real world since it has no HEURISTIC engine. These days threats are released every second (forget zero-day).
" }-

Why does it have no heuristic engine? :o

-{ Quote: "Why does it have no heuristic engine? :o" }-i know it has a behaviour blocker built in

does the professional version have heur?

-{ Quote: "does the professional version have heur?" }-

I don't think so.

That topic is starting to loose any sense(if it ever made any).Yea it missed a rootkit out of the hundreads created every day...And please do not tell me it should have caught it with heuristics..please,we are still in the age that Rustoc variants are being chopped up and carved and still less than 5 AV's effeciently prevent it.Please,there is more than 1% chance one will not even wake to see another day,so much for missing a sample.

I may be wrong but I believe avast does use heuristic for email only and VDB for its resident shields.

as RejZoR noted..
-{ Quote: "Post by: RejZoR on July 14, 2008, 07:05:28 PM
Thats a well known thing about avast!. Surprisingly it's holding pretty well with just signatures. It'll get behavioral detection module sometime in the end of this year, probably a beta version first..." }-

-{ Quote: "Avast is fine for a second or third opinion (using on-demand scans), but it shouldn't be used in the real world since it has no HEURISTIC engine." }-A- I am not now a user of Avast, nor am I a particular fan. However, it chills me to witness what amounts to character assassination of a good AV by a self-proclaimed "tester" who lacks even proper use of terminology and evidently hasn't explored Avast's structure or track record deeply enough.

B- When assessing whether *someone* can effectively perform a particular job, it is just plain silliness to base one's conclusions on whether or not that *someone* uses a particular tool to do that job.

B1- One should assess the effectiveness of the job done (in this case, Proactive protection) rather than simply the presence or absence of a particular tool (in this case, heuristics -- concerning which, I strongly recommend reading THIS link (http://antivirus.about.com/library/glossary/bldef-heur.htm) and then THAT link (http://en.wikipedia.org/wiki/Heuristic_analysis)).

B2- For example, if looking for a contractor to build you a home, a wise shopper would not reach a decision by asking the contractor, "By the way, do you have a hammer?" Instead, I would hope that a wise shopper would mainly concentrate on looking at the quality of the homes that the contractor has actually built.

C- Thus, it would make sense to review VALID tests, by QUALIFIED testers, when assessing Avast's proactive proficiency, rather than simply implying that Avast is only of 2nd-or-3rd-opinion value because they do not use a particular tool someone read about somewhere. And there ARE many tests which cover Avast. A few examples...

C1- AV-Comp's Retrospective/Proactive Tests - comparatives numbered 2,4,6,8,10,12,14,16,18,20

C2- here (http://mtc.sri.com/live_data/av_rankings/)

C3- & here (http://www.shadowserver.org/wiki/pmwiki.php?n=Stats.VirusMonthlyStats)

D- In most of the proactive tests cited above, Avast usually ranks in the mid-portion of the top tier of Avs. How do they do it?

D1- Avast's standard shield includes some behavior blocker options/capabilities. (By the way, Avast does use heuristics for its email module.)

D2- Avast utilizes a very aggressive generic detection algorithm.

D3- And what else? I do not know. It seems evident, however, that Avact uses something that is doing a job in this area.

-{ Quote: "These days threats are released every second (forget zero-day)." }-E- Why confuse the issue by casting a cloud over the well-known term "zero-day"? One should bring clarity, not obfuscation.

E1- The term "zero-day" generically covers ALL malwares, attacks, & exploits that are so new that list-based anti-malware programs have not yet been tweaked so as to protect against them. Notes 1 (http://en.wikipedia.org/wiki/Zero-Day_Attack), 2 (http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci955554,00.html)

E2- "New" encompasses seconds, minutes, hours, sometimes days. Why split hairs, except perhaps in an attempt to make one's self appear to be wise?

E3- Also, some good reading here (http://zerodaythreat.com/).

-{ Quote: "A- I am not now a user of Avast, nor am I a particular fan. However, it chills me to witness what amounts to character assassination of a good AV by a self-proclaimed "tester" who lacks even proper use of terminology and evidently hasn't explored Avast's structure or track record deeply enough.

B- When assessing whether *someone* can effectively perform a particular job, it is just plain silliness to base one's conclusions on whether or not that *someone* uses a particular tool to do that job.

B1- One should assess the effectiveness of the job done (in this case, Proactive protection) rather than simply the presence or absence of a particular tool (in this case, heuristics -- concerning which, I strongly recommend reading THIS link (http://antivirus.about.com/library/glossary/bldef-heur.htm) and then THAT link (http://en.wikipedia.org/wiki/Heuristic_analysis)).

B2- For example, if looking for a contractor to build you a home, a wise shopper would not reach a decision by asking the contractor, "By the way, do you have a hammer?" Instead, I would hope that a wise shopper would mainly concentrate on looking at the quality of the homes that the contractor has actually built.

C- Thus, it would make sense to review VALID tests, by QUALIFIED testers, when assessing Avast's proactive proficiency, rather than simply implying that Avast is only of 2nd-or-3rd-opinion value because they do not use a particular tool someone read about somewhere. And there ARE many tests which cover Avast. A few examples...

C1- AV-Comp's Retrospective/Proactive Tests - comparatives numbered 2,4,6,8,10,12,14,16,18,20

C2- here (http://mtc.sri.com/live_data/av_rankings/)

C3- & here (http://www.shadowserver.org/wiki/pmwiki.php?n=Stats.VirusMonthlyStats)

D- In most of the tests cited above, Avast usually ranks in the mid-portion of the top tier of Avs. How do they do it?

D1- Avast's standard shield includes some behavior blocker options/capabilities. (By the way, Avast does use heuristics for its email module.)

D2- Avast utilizes a very aggressive generic detection algorithm.

D3- And what else? I do not know. It seems evident, however, that Avact uses something that is doing a job in this area.

E- Why confuse the issue by casting a cloud over the well-known term "zero-day"? One should bring clarity, not obfuscation.

E1- The term "zero-day" generically covers ALL malwares, attacks, & exploits that are so new that list-based anti-malware programs have not yet been tweaked so as to protect against them. Notes 1 (http://en.wikipedia.org/wiki/Zero-Day_Attack), 2 (http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci955554,00.html)

E2- "New" encompasses seconds, minutes, hours, sometimes days. Why split hairs, except perhaps in an attempt to make one's self appear to be wise?

E3- Also, some good reading here (http://zerodaythreat.com/)." }-

Yikes, a hater ::) ! I wish I had the time to answer all these points, however I'm a self-proclaimed tester (I hope that's the right terminology ;D ) and I need to get back to looking for applications that offer the best protection possible.

bellgamin
Very nicely and comprehensively put. Thank you.

removemalware
Hater? Don't think so. Just somebody who appears to be correctly using logic to put a bit a bit of much needed balance into this thread.
If you were at all serious, you would take the time to acknowledge the points made.
That you haven't bothered to says as much for your credibility as the title of the thread.

(BTW, I'm not a hater, either. I do use Avast, and have found the protection and general functioning of the program more than adequate.)

-{ Quote: "bellgamin
Very nicely and comprehensively put. Thank you.

removemalware
Hater? Don't think so. Just somebody who appears to be correctly using logic to put a bit a bit of much needed balance into this thread.
If you were at all serious, you would take the time to acknowledge the points made.
That you haven't bothered to says as much for your credibility as the title of the thread.

(BTW, I'm not a hater, either. I do use Avast, and have found the protection and general functioning of the program more than adequate.)" }-

I suppose you're right. I'm just too busy give a huge long winded answer. I didn't even start this thread btw.

I'm sure Avast is fine for some people and that's great. If you find an application that works for you that's all that counts.

Also, I never said anything bad about Avast. It missed a malicious script and allowed a trojan to be loaded and I documented that in a video....that's it...how is that "character assignation" of an application?

I agree that Avast can't be judged on one test only and one carried out by an "amateur'. On the other hand this "amateur" has tested many other AVs using the same method, and getting different results. Aigle among Wilders members has a good reputation, as a good amateur tester for HIPS.

What I'm getting at is that there is nothing wrong in doing your own tests and sharing them on the internet. Avast got seriously infected in that test, the computer became a "bot", a spam machine, something that is happening to a great deal of users who won't be even aware their computer might be seriously compromised.

I really enjoy reading this site, but over the last 6-9 months something has happened. A large number of posters have developed the opinion that two testing sites are the only ones that matter. Any reader can probably figure out the two I am talking about. (one is for firewalls & the other is for AVs) Any other sites and opinions seems to be considered blasphemy. I don't get it. Why the strong backlash?

BTW - As removemalware said, he did not start this tread. Also, he posts videos of his tests, which I think is fantastic. It allows anyone to see what test are performed, and how. Most other testing site do their work in secrecy. Videos allow even one to watch and come to their own conclusions. Whether you agree with his test methods or not, I do not think he has any evil motives.

-{ Quote: "Also, I never said anything bad about Avast. It missed a malicious script and allowed a trojan to be loaded and I documented that in a video....that's it...how is that "character assignation" of an application?" }-
The missed script is probably because script blocking is included in the pro version and not the free.

-{ Quote: "The resident protection of the Professional Edition includes an additional module, not contained in the Home Edition, called Script Blocker. This module watches all scripts being executed in the operating system (so-called WSH scripts - Windows Scripting Host), and scans all the scripts run as a part of a web page within your web browser (Internet Explorer, Netscape Navigator and Mozilla)." }-
http://www.avast.com/eng/avast-4-professional-antivirus-antispyware.html#8

Comparison of Pro and Free versions: http://www.avast.com/eng/avast-compare-home-professional.html

Avast is a fine work of programming. I have even installed it on my sisters computer along side of Windows Defender because I need to keep things simple on her machine. I also keep everything updated to reduce exposure to known exploits.

I also want to go on record as saying Avast is probably the most stable application I have ever ran on my machine. To me that is important as an AV, firewall AS or whatever needs to be running for it to work.

bellgamin did take the time to make a few good points and he is correct. It's impossible to judge a product by a simple test and therefore shouldn't be dismissed by anyone. I just hope people don't look over Avast because of this and similar tests. Avast makes the most complete free and stable anti-virus out today.

removemalware -{ Quote: "
I suppose you're right. I'm just too busy give a huge long winded answer. I didn't even start this thread btw.

I'm sure Avast is fine for some people and that's great. If you find an application that works for you that's all that counts.

Also, I never said anything bad about Avast. It missed a malicious script and allowed a trojan to be loaded and I documented that in a video....that's it...how is that "character assignation" of an application?" }-
My apologies, I mistakenly confused you with the thread starter, based partly upon your reply below bellgamins' post. Of course, you were referenced by the thread starter but were not he. I should have been more thorough.

-{ Quote: "I agree that Avast can't be judged on one test only and one carried out by an "amateur'. On the other hand this "amateur" has tested many other AVs using the same method, and getting different results. Aigle among Wilders members has a good reputation, as a good amateur tester for HIPS.

What I'm getting at is that there is nothing wrong in doing your own tests and sharing them on the internet. Avast got seriously infected in that test, the computer became a "bot", a spam machine, something that is happening to a great deal of users who won't be even aware their computer might be seriously compromised." }-

Yes, I'm just an amateur. I feel that video is the most un-biased, truthful way to see if an anti-malware application will truly remove malware and/or protect you...am I wrong?

-{ Quote: "BTW - As removemalware said, he did not start this tread. Also, he posts videos of his tests, which I think is fantastic. It allows anyone to see what test are performed, and how. Most other testing site do their work in secrecy. Videos allow even one to watch and come to their own conclusions. Whether you agree with his test methods or not, I do not think he has any evil motives." }-

Thank you so much! You made my point better than I could (I suck at writing) :P

-{ Quote: " "character assignation" of an application?" }-

LOL this - "character assignation" of an application? made my day! ....instead of "character assassination" ;D

I don't think you can based any decisions on just one test, they all will fail given the right test, so that's not proof of anything. Avast is a fine AV, ever-improving too. I'm sure someone could just as easily get NAV 2009 to fail a test also. Or any other AV. Sure, it's interesting, but I don't think conclusions can be drawn from it.

-{ Quote: "The missed script is probably because script blocking is included in the pro version and not the free.
" }-

So Avast Home would not score as good as Avast Professional? Thank you for that information, I didn't know that the Avast Home Engine is crippled ... :blink:

-{ Quote: "I agree that Avast can't be judged on one test only..." }-It wasn't only the fact that it was "one test" -- the key factor was that it was one test with only 5 malware samples. A sample of 5, taken from a exponentially huge universe, has a significance of zero point zilch.

-{ Quote: "On the other hand this "amateur" has tested many other AVs using the same method, and getting different results. Aigle among Wilders members has a good reputation, as a good amateur tester for HIPS." }- I have read, enjoyed, & respect what you & Aigle have done from time to time. In fact, they have influence my selections at times.

However, the present tester's posts and comments are quite unlike what you & Aigle have posted. This individual pontificates judgments (such as "Avast shouldn't be used in the real world") as though he actually had some factual basis for such a blanket condemnation.

There is nothing wrong with someone expressing such an opinion UNLESS that individual is posing as an objective tester who infers that he has competence concerning antivirus structures, malware detection, and testing methodology.

-{ Quote: "I really enjoy reading this site, but over the last 6-9 months something has happened. A large number of posters have developed the opinion that two testing sites are the only ones that matter. Any reader can probably figure out the two I am talking about. (one is for firewalls & the other is for AVs) Any other sites and opinions seems to be considered blasphemy. I don't get it. Why the strong backlash?" }-Why the backlash? Because there are people who pay their mortgages, put food on the table, and clothe their kids by working for anti-malware software companies. If their product is fairly & competently tested, & is truly lousy, then so be it -- people need to know. But if their product is unfairly & incompetently tested, and thereby loses market share & adversely affects people's jobs and lives, then it is bloody EVIL

There is a lot more to COMPETENTLY testing antivirus apps than simply to put up a pretty website and proudly proclaim, "Last week I couldn't spell 'antivirus tester' but now I ARE one."

Just as there are quack doctors, there are also quack testers. Testing is a profession. It requires training, experience, expertise. Of equal importance, effective testing calls for the testing organization to gather, compile, and maintain a large database of valid in-the-wild malware. It often takes antivirus companies a long time to compile such a database. It can take potential testers as long or longer to do so.

To read more about this subject, I suggest you go here (http://www.av-comparatives.org/), then click on "Comparatives, then scroll down to the line labelled "Anti-Virus Testing Websites" & download the pdf report therefor. You might also benefit from reading the report offered on the following line labelled "Anti-Virus Testing Tips."

Yet another report, assessing the state of antivirus testing, is contained in THIS (http://csrc.nist.gov/nissc/2000/proceedings/papers/038.pdf) pdf report.

Some great reading material there in your posts/links bellgamin.

I noticed with certification/testing, there is a strong emphasis on 'active' threats, and I understand it now. AV developers also mention this often. That is those threats that affect regular users visiting regular sites. You will always have threats on sites regular users will probably never visit, but can bring down most programs. That's just the way it goes. New malware always being developed.

I agree user testing is good for general viewing, but conclusions can't be made on one test. I read many tests, feedback across many forums, and feedback from many users/testers across many forums and test sites. Then I form an opinion. ;)

For example, a malicious site may not being detected while at time of testing, but I don't see a problem if it is added a few days/week later by the AV company. Then by the time a regular user may visit the malicious site, or find a link to the site, site is already flagged.

-{ Quote: "I don't think you can based any decisions on just one test, they all will fail given the right test, so that's not proof of anything. Avast is a fine AV, ever-improving too. I'm sure someone could just as easily get NAV 2009 to fail a test also. Or any other AV. Sure, it's interesting, but I don't think conclusions can be drawn from it." }-

Yes but at least that would have been a fair shot lol.NAV by default protects against malicious scripts,while the FREE version of avast doesn't.I'm not trying to defend avast or something,but if you are gonna call a product 2nd or 3rd class for on demand worth only at least be kind enough to also test the trial of the pro version lol.
its like putting on a fight the light weight champion vs the heavy weight champion.

-{ Quote: "Yes but at least that would have been a fair shot lol.NAV by default protects against malicious scripts,while the FREE version of avast doesn't." }-

Unless the script blocker does heuristic detection, I doubt it will detect someting not detected by the web shield and the standard shield.

-{ Quote: "Yes, I'm just an amateur. I feel that video is the most un-biased, truthful way to see if an anti-malware application will truly remove malware and/or protect you...am I wrong?" }-

I wasn't trying to criticize you, as a matter of fact I have watched almost all of your tests and found them very informative. I also like your attitude because it reflects the position of a user who wants to try out programs and share the experience. I honestly don't know if you are always using the programs you test at their best (see paranoid) settings, but I'm convinced that your not biased or favoring any product.

As far as I'm concerned I'd like to watch more of your tests in the future.

-{ Quote: "I wasn't trying to criticize you, as a matter of fact I have watched almost all of your tests and found them very informative. I also like your attitude because it reflects the position of a user who wants to try out programs and share the experience. I honestly don't know if you are always using the programs you test at their best (see paranoid) settings, but I'm convinced that your not biased or favoring any product.

As far as I'm concerned I'd like to watch more of your tests in the future." }-

Thanks Osaban! I know you were not criticizing me (hope I didn't come off that way :) ). Correct, I love testing anti-malware applications. I'm always looking for the "perfect protection" for my clients in St. Louis (that's why I started testing).

Here I the products I really believe in and use:
For Prevention - DefenseWall and DriveSentry (DefenseWall is loaded on my workstation and the wife's computer). DriveSentry is protecting my field laptops and usb sticks.

For Detection and Removal - Malwarebytes (free), SuperAntiSpyware (free) and Spyware Doctor. Sometimes I'll use Combofix if the OS sec policies have been modified.

Correct, I'm not a biased reviewer/tester. I show people what would happen if you used a particular application for prevention or removal...I don't write reports or use secretive test measures. What I see and experience so shall you.
Basically I provide NO BS reviews.

If you watch my anti-malware video reviews and you see product A block 3 out 5 threats and product B block 5 out 5 threats then I'm assuming you have enough information on those products to see which one works best at this current moment.

Matt, I think what people are trying to say, a sample of 5 is not conclusive and might not represent the performance of any given program, no matter which program.

For example:
Program A which blocks 3 out of 5, might get 1800/2000 in further testing.
Program B which blocks 5 out of 5, might get 1850/2000 in further testing.
Program C which blocks 5 out of 5, might get 1750/2000 in further testing.
Program D which blocks 1 out of 5, might get 1820/2000 in further testing.

:)

-{ Quote: "It wasn't only the fact that it was "one test" -- the key factor was that it was one test with only 5 malware samples. A sample of 5, taken from a exponentially huge universe, has a significance of zero point zilch." }-

Percentages bro...if it blocked 75% out of 5 then logic tells us it will block 75% out of 100 (maybe better maybe worse). If you would like me to test it against 100 url's then just say the word because I have them.

-{ Quote: "However, the present tester's posts and comments are quite unlike what you & Aigle have posted. This individual pontificates judgments (such as "Avast shouldn't be used in the real world") as though he actually had some factual basis for such a blanket condemnation." }-

How much more factual could I get? It's a video that shows Avast failed to stop a trojan from loading and the host pc was turned into a bot! If an infected PC means zilch to you then have fun living in AV comparatives fantasy land.

-{ Quote: "There is nothing wrong with someone expressing such an opinion UNLESS that individual is posing as an objective tester who infers that he has competence concerning antivirus structures, malware detection, and testing methodology." }-

It is my opinion that Avast should never be used in the real world as sole protection based on the fact that out of 5 malicious URL's tested it allow 2 to successfully execute and take over the host.

-{ Quote: "Why the backlash? Because there are people who pay their mortgages, put food on the table, and clothe their kids by working for anti-malware software companies. If their product is fairly & competently tested, & is truly lousy, then so be it -- people need to know. But if their product is unfairly & incompetently tested, and thereby loses market share & adversely affects people's jobs and lives, then it is bloody EVIL" }-

Then make a better product. Avast was fairly tested.

-NOD32 4.0 Beta 1 blocked all 5 urls,
-Avast 4.8 blocked 3 out of 5

Now people...which would you choose? Based on just those set's of videos?

I'm no brainiac but I'd be going with the errrmm....one that blocked more. Duh...::)

Of course you need to perform you own research, I'm just giving you some FACTUAL video tests that may help you decide.

-{ Quote: "There is a lot more to COMPETENTLY testing antivirus apps than simply to put up a pretty website and proudly proclaim, "Last week I couldn't spell 'antivirus tester' but now I ARE one."" }-

Ummmm Ok. I never said I was some professional tester. I'm just a guy that cleans and protects thousands of computers every year. I'm just looking for the best possible anti-malware applications to make my job easier and make my clients happier.

I don't present my results on some graph or use secretive testing measures...you see what I see...what could be more honest or factual.

-{ Quote: "Just as there are quack doctors, there are also quack testers. Testing is a profession. It requires training, experience, expertise. Of equal importance, effective testing calls for the testing organization to gather, compile, and maintain a large database of valid in-the-wild malware. It often takes antivirus companies a long time to compile such a database. It can take potential testers as long or longer to do so." }-

When I grow up I wanna be a professional tester...what a joke man. You don't need to be a professional tester (if there ever was such a thing) or have a massive DB of malware to see if a product is worth someones time or not.

-{ Quote: "To read more about this subject, I suggest you go here (http://www.av-comparatives.org/), then click on "Comparatives, then scroll down to the line labelled "Anti-Virus Testing Websites" & download the pdf report therefor. You might also benefit from reading the report offered on the following line labelled "Anti-Virus Testing Tips."" }-

Or you can watch some exciting real world anti-malware review videos at YouTube.com/mrizos
(http://youtube.com/mrizos) :P

Yet another report, assessing the state of antivirus testing, is contained in THIS (http://csrc.nist.gov/nissc/2000/proceedings/papers/038.pdf) pdf report." }-

Hey matt when you tested Nod 4 beta where urls/samples, the same used on avast for testing.

-{ Quote: "Percentages bro...if it blocked 75% out of 5 then logic tells us it will block 75% out of 100 (maybe better maybe worse). If you would like me to test it against 100 url's then just say the word because I have them.



How much more factual could I get? It's a video that shows Avast failed to stop a trojan from loading and the host pc was turned into a bot! If an infected PC means zilch to you then have fun living in AV comparatives fantasy land.



It is my opinion that Avast should never be used in the real world as sole protection based on the fact that out of 5 malicious URL's tested it allow 2 to successfully execute and take over the host.



Then make a better product. Avast was fairly tested.

-NOD32 4.0 Beta 1 blocked all 5 urls,
-Avast 4.8 blocked 3 out of 5

Now people...which would you choose? Based on just those set's of videos?

I'm no brainiac but I'd be going with the errrmm....one that blocked more. Duh...::)

Of course you need to perform you own research, I'm just giving you some FACTUAL video tests that may help you decide.



Ummmm Ok. I never said I was some professional tester. I'm just a guy that cleans and protects thousands of computers every year. I'm just looking for the best possible anti-malware applications to make my job easier and make my clients happier.

I don't present my results on some graph or use secretive testing measures...you see what I see...what could be more honest or factual.



When I grow up I wanna be a professional tester...what a joke man. You don't need to be a professional tester (if there ever was such a thing) or have a massive DB of malware to see if a product is worth someones time or not.



Or you can watch some exciting real world anti-malware review videos at YouTube.com/mrizos
(http://youtube.com/mrizos) :P

Yet another report, assessing the state of antivirus testing, is contained in THIS (http://csrc.nist.gov/nissc/2000/proceedings/papers/038.pdf) pdf report." }-" }-

Thanks for your tests. I know that you don't slander AVs - you just get frustrated when they don't perform. I'm not saying that your test should change people's setups, but you are testing with multiple security products, so how they do is of value.

@removemalware

Did you also test Avira Free or AVG Free? :P

-{ Quote: "Matt, I think what people are trying to say, a sample of 5 is not conclusive and might not represent the performance of any given program, no matter which program.

For example:
Program A which blocks 3 out of 5, might get 1800/2000 in further testing.
Program B which blocks 5 out of 5, might get 1850/2000 in further testing.
Program C which blocks 5 out of 5, might get 1750/2000 in further testing.
Program D which blocks 1 out of 5, might get 1820/2000 in further testing.

:)" }-

You are correct. I may up the URL count to 10 or 20. After testing 10-20 URLS with multiple anti-malware application you should be able to see what works and what doesn't.

I like your videos, i watch them occasionally. But this last post is not your best..
-{ Quote: "Percentages bro...if it blocked 75% out of 5 then logic tells us it will block 75% out of 100 (maybe better maybe worse). If you would like me to test it against 100 url's then just say the word because I have them." }-
A sample of 5 is meaningless. You really, really should not go there.
-{ Quote: "
How much more factual could I get? It's a video that shows Avast failed to stop a trojan from loading and the host pc was turned into a bot! If an infected PC means zilch to you then have fun living in AV comparatives fantasy land.
" }-
I think you should rewrite this, it's zero'ing my interest / faith in your seriousness. ;)
The fact that you put a link in the browser out of nowhere, and stand there waiting, already takes a leap of faith to believe how serious you are. I was taking that leap thinking "the world is complicated as it is".

You need to understand the basic nature of AVs before making these statements. Population = tons. Your sample = 0.0...1 %.
It doesn't invalidate the experience you present us in videos, your post however does.

I'm not going to quote you more, this is negative as it is. I don't like being negative.

-{ Quote: "@removemalware

Did you also test Avira Free or AVG Free? :P" }-

I tested Avira Free. It blocked everything I threw at it. Definitely my favorite free traditional AV app.

-{ Quote: "I like your videos, i watch them occasionally. But this last post is not your best..

-{ Quote: "
A sample of 5 is meaningless. You really, really should not go there." }-

I realize it's a small number, but I'm producing videos in 10 minute chunks so 5 was the number suggested to me by a few people (for time sakes).

I'm choosing threats that are about 1 week old. I have to differ with you on saying it's meaningless. These are real threats...bad threats. Some products blocked all of them (NOD and Avira) and some did not (Avast).

-{ Quote: "I think you should rewrite this, it's zero'ing my interest / faith in your seriousness. ;)
The fact that you put a link in the browser out of nowhere, and stand there waiting, already takes a leap of faith to believe how serious you are. I was taking that leap thinking "the world is complicated as it is". " }-

Your're missing the point. People DO NOT ENTER these URL's into their browser, they are REDIRECTED TO THEM. I'm showing what happens after they get the redirection.

-{ Quote: "
You need to understand the basic nature of AVs before making these statements. Population = tons. Your sample = 0.0...1 %.
It doesn't invalidate the experience you present us in videos, your post however does." }-

Sorry you didn't like post.

I'm not going to quote you more, this is negative as it is. I don't like being negative." }-

Ok, thx.

5 is still meaningless, because the population is huge. I can get 5 links that bypass Avira probably. What does that prove? That Avira can be bypassed, as any other AV.
To really compare them, i need big numbers.

BTW i was not missing the point, but you seemed to miss mine: i have to believe you're honest. I take a leap by accepting those links from nowhere. While not a AV comparatives fan, i regard them as professional and sound. When you mention "AV comparatives fantasy land", i get a red flag - as in, i just saw exactly that, a fantasy video.

-{ Quote: "Yikes, a hater ::) ! I wish I had the time to answer all these points, however I'm a self-proclaimed tester (I hope that's the right terminology ;D ) and I need to get back to looking for applications that offer the best protection possible." }-


no one can claim to have 'the' answer to think so would be foolish IMHO, to each his own from what little I've seen of your presentation they have been very informative but I still won't change to what your using as I don't believe in your formuative aproach to security. From what I understand you recommend PcTools stuff and I don't think they do such a good job, just my 2 cents...

I like your testing matt,I think your motives are good.You stated your opinion and show actual facts at the moment of testing with the urls at Hand.Its unbiased as far as I am concerned.Your doing your best.:thumb:

-{ Quote: "I like your testing matt,I think your motives are good.You stated your opinion and show actual facts at the moment of testing with the urls at Hand.Its unbiased as far as I am concerned.Your doing your best.:thumb:" }-

Thanks man! You are correct, I'm just testing the URL's at hand. I'm giving my opinion on an application based on how well it protected me against those 5 URL's. I suppose I'll increase my URL base to 10.

-{ Quote: "5 is still meaningless, because the population is huge. I can get 5 links that bypass Avira probably. What does that prove? That Avira can be bypassed, as any other AV.
To really compare them, i need big numbers.

BTW i was not missing the point, but you seemed to miss mine: i have to believe you're honest. I take a leap by accepting those links from nowhere. While not a AV comparatives fan, i regard them as professional and sound. When you mention "AV comparatives fantasy land", i get a red flag - as in, i just saw exactly that, a fantasy video." }-

Yeah, big numbers are for a group like Av Comparitives (they have the time). I'm just grabbing this weeks threats and testing against them. I hope you continue to watch the reviews (even if it's just for entertainment value :P ).

-{ Quote: "Thanks man! You are correct, I'm just testing the URL's at hand. I'm giving my opinion on an application based on how well it protected me against those 5 URL's. I suppose I'll increase my URL base to 10." }-

Yes, that would be my only suggestion - to increase the URLs. Then there wouldn't be so many complaints. Keep up the good work.

-{ Quote: "Yes, that would be my only suggestion - to increase the URLs. Then there wouldn't be so many complaints. Keep up the good work." }-

Thanks man! I'll bring them up to 10. Let's see how MBAM Pro deals with them tonight.

Nothing wrong with anecdotal testing. We all do it to some extent when we try out programs, and often report the results here and elsewhere. And I think Matt's videos are very interesting and informative. But as many have pointed out, extrapolating a few samples to the whole population is just not realistic. The real value is in exposing the vulnerabilities that can then be categorized and countered, just as is done in the Matousec testing for firewalls. Not in the numbers. So I hope the vendors are looking at the small sample testers like Matt and using the tests to improve their product where appropriate. And that the testers are making that data available freely. But they are not the gauge to compare products.

Hello, First of all I would like to introduce myself, I have been reading posts on Wilders Security Forum for a few months now and have been watching Matt's reviews on Remove-Malware.com but I figured I would register and put in my two cents on this subject because Avast! is my favorite AV (I will offer a Un-biased opinion)

-{ Quote: "Then make a better product. Avast was fairly tested.

-NOD32 4.0 Beta 1 blocked all 5 urls,
-Avast 4.8 blocked 3 out of 5

Now people...which would you choose? Based on just those set's of videos? " }-

Honestly? I would pick Avast 4.8, for a signature based AV the product is simply Amazing Dont get me wrong NOD32 4.0 beta 1 may be a great AV but is it free? Avast! may have missed 2 of those malicious URLs but with the sheer number of threats out there today and that are being made everyday? that's really not that bad In My Opinion. Plus Avast! makes up for its shortcomings in the number of Providers (shields) that it has running if your looking for a free security setup I would Have to say Avast! (free with great detection rates plus the number of shields) mixed with SAS and MBAM and for a firewall Comodo firewall without D+ and if you want to take it a step further you could even add on DriveSentry (I saw your review on youtube about it last night and it did really well as far as I could tell) Honestly I like the Reviews you do Matt what I don't like though is the negative attention it seems Avast! has gotten in light of the review you did for a AV that has survived as long as Avast! has as a signature based AV with a aggressive Generic detection module it deserves a lot more respect. But that's just My Opinion.

-{ Quote: "Nothing wrong with anecdotal testing. We all do it to some extent when we try out programs, and often report the results here and elsewhere. And I think Matt's videos are very interesting and informative. But as many have pointed out, extrapolating a few samples to the whole population is just not realistic. The real value is in exposing the vulnerabilities that can then be categorized and countered, just as is done in the Matousec testing for firewalls. Not in the numbers. So I hope the vendors are looking at the small sample testers like Matt and using the tests to improve their product where appropriate. And that the testers are making that data available freely. But they are not the gauge to compare products." }-

Yes, very true. I suppose to completely gauge a product you need to test it against vast samples. My prevention video tests will use 10 malicious URL's and you can make your own opinions after that. Thanks for the complements btw! :)

-{ Quote: "Hello, First of all I would like to introduce myself, I have been reading posts on Wilders Security Forum for a few months now and have been watching Matt's reviews on Remove-Malware.com but I figured I would register and put in my two cents on this subject because Avast! is my favorite AV (I will offer a Un-biased opinion)



Honestly? I would pick Avast 4.8, for a signature based AV the product is simply Amazing Dont get me wrong NOD32 4.0 beta 1 may be a great AV but is it free? Avast! may have missed 2 of those malicious URLs but with the sheer number of threats out there today and that are being made everyday? that's really not that bad In My Opinion. Plus Avast! makes up for its shortcomings in the number of Providers (shields) that it has running if your looking for a free security setup I would Have to say Avast! (free with great detection rates plus the number of shields) mixed with SAS and MBAM and for a firewall Comodo firewall without D+ and if you want to take it a step further you could even add on DriveSentry (I saw your review on youtube about it last night and it did really well as far as I could tell) Honestly I like the Reviews you do Matt what I don't like though is the negative attention it seems Avast! has gotten in light of the review you did for a AV that has survived as long as Avast! has as a signature based AV with a aggressive Generic detection module it deserves a lot more respect. But that's just My Opinion." }-


Thanks man, I respect you opinion. True, Avast is free and offers a lot for being free. Believe me, I'm not here to "rag" on anyones antivirus. I just like to document my own personal tests and then share them with everyone.

One thing I am passionate about is trying to find an application that provides the most protection possible...by itself.

I realize Avast would be a great solution with MBAM and SAS, but we're talking about introducing so much more software into our operating environment...sometimes too much security is worse than malware (speaking on slowness here).

@removemalware
Matt, first of all I'd like to thank you for your effort you put in testing anti-malware programs. Though I had to scratch my head when I see the prevention tests, your testbed is way to small and since the av's are all tested on separate dates they don't prove anything.

In our labs we started experimenting with prevention tests in summer 2007, using frozen testbeds on frozen av databases using at least a couple hundred 0day threats.

Matt, I said from the outset that I enjoy your videos. I especially like the fact that you plan to make trial-runs of not-often-tested apps such as Drive Sentry.

Because of your small sample size, it is not fair and objective to conclude that the product subjected to your trial runs <IS> or <IS NOT> good at what it is designed to do.

It IS fair & objective to conclude something along the following lines (hypothetical example): "Product X identified 3 of the 5 malwares. The 2 misses resulted in (infection or bot status or whatever)."

Now, as to your statement as follows...

-{ Quote: "Avast is fine for a second or third opinion (using on-demand scans), but it shouldn't be used in the real world since it has no HEURISTIC engine." }-

Of course you are equally as entitled as any other poster to have opinions concerning the quality of any given security app or category of apps. In my OPINION, however, it greatly detracts from your objectivity if you make these kinds of comments in the context of a forum thread which is mainly concerned with one of your online YouTube trial-run demonstrations.

I suggest you search through Wilders so as to read some of the posts by IBK, for example. In "general discussion" threads, IBK sometimes shares his own opinions & experiences BUT in threads about AV-Comp & its tests, he is all business, fully objective, and strictly to-the-point of test structure, database, methods, etc.

Matt, I do wish you every success and will continue to view your videos with great interest.

-{ Quote: "@removemalware
Matt, first of all I'd like to thank you for your effort you put in testing anti-malware programs. Though I had to scratch my head when I see the prevention tests, your testbed is way to small and since the av's are all tested on separate dates they don't prove anything.

In our labs we started experimenting with prevention tests in summer 2007, using frozen testbeds on frozen av databases using at least a couple hundred 0day threats." }-

Yeah, prevention is a new thing for me since "a million" people kept asking to do some prevention videos. I usually just do detection and removal reviews.

Frozen test beds would be the way to go for sure. ....However, I'm constantly looking for what is going to get me in and out of an appointment (awesome removal and detection) while providing the client with long lasting effective protection (prevention). So, I don't think I can freeze my test beds.

I'll still be making prevention videos using 10 URL's just to give me an idea of what works best for me. If anyone wants to come along an watch then that's cool! :thumb:

Hundreds of 0Day threats! Are you guys collecting from a Honey Trap/Pot?

-{ Quote: "Matt, I said from the outset that I enjoy your videos. I especially like the fact that you plan to make trial-runs of not-often-tested apps such as Drive Sentry.

Because of your small sample size, it is not fair and objective to conclude that the product subjected to your trial runs <IS> or <IS NOT> good at what it is designed to do.

It IS fair & objective to conclude something along the following lines (hypothetical example): "Product X identified 3 of the 5 malwares. The 2 misses resulted in (infection or bot status or whatever)."

Now, as to your statement as follows...



Of course you are equally as entitled as any other poster to have opinions concerning the quality of any given security app or category of apps. In my OPINION, however, it greatly detracts from your objectivity if you make these kinds of comments in the context of a forum thread which is mainly concerned with one of your online YouTube trial-run demonstrations.

I suggest you search through Wilders so as to read some of the posts by IBK, for example. In "general discussion" threads, IBK sometimes shares his own opinions & experiences BUT in threads about AV-Comp & its tests, he is all business, fully objective, and strictly to-the-point of test structure, database, methods, etc.

Matt, I do wish you every success and will continue to view your videos with great interest." }-

Thanks Bellgamin! Hope ya like DriveSentry, I love this little app (the version for USB sticks is just awesome too!).

Anyway, I you guys are right. My sample DB is too small to be considered "professional", however I'll be testing with it (for my own purposes) and sharing the results with everyone on youtube.

*Everyone* going forward my prevention videos are just my personal experience and opinions with a small set of malicious URL's. If you want to see more URL's (above 10) in a test bed then there should be some other org's that have that data. I'm trying to keep my videos in 30 minute lengths

-{ Quote: "Yeah, prevention is a new thing for me since "a million" people kept asking to do some prevention videos. I usually just do detection and removal reviews.

Frozen test beds would be the way to go for sure. ....However, I'm constantly looking for what is going to get me in and out of an appointment (awesome removal and detection) while providing the client with long lasting effective protection (prevention). So, I don't think I can freeze my test beds.

I'll still be making prevention videos using 10 URL's just to give me an idea of what works best for me. If anyone wants to come along an watch then that's cool! :thumb: " }-
I understand you and I do appreciate what you do. Looking at your approach frozen testbeds might not be the solution indeed.

-{ Quote: "Hundreds of 0Day threats! Are you guys collecting from a Honey Trap/Pot?" }-
We've got "harvesting-machines" all over Russia. ;D

-{ Quote: "I understand you and I do appreciate what you do. Looking at your approach frozen testbeds might not be the solution indeed.


We've got "harvesting-machines" all over Russia. ;D" }-

Thanks Sputnik. Seems like Russia is the king of the bots these days.

-{ Quote: "Thanks Sputnik. Seems like Russia is the king of the bots these days." }-
and china;D

china seems to send out all those pesky trojans that steal my game id's :P

matt did you ever tested COMODO D+?the D+ is a killer man;)

-{ Quote: "and china;D" }-
China is the biggest country of threat origins in your analysis. Same on ThreatExpert (http://www.threatexpert.com/), although the other results listed on ThreatExpert are different then ours.

Not enough URL's to make a difinative test. The videos are good to watch to see how different scanners handle what they do find, however.

-{ Quote: "Not enough URL's to make a difinative test. The videos are good to watch to see how different scanners handle what they do find, however." }-most of the av's do fairly well on preventive but to clean very infected systems is hard for sure;D specially with rootkits in

If you think about someone who has an infected machine, but isn't the most computer savy...they'll go into their local store or download Anti-malware free/paid, believing they'll clean their machine. Your average novice sees the words 'Removes Spyware and Viruses' on the Box then believes that this software will solve their Infection problems. These people usually don't have the first clue about the software's effectiveness, hence why Norton ended up on many machines in it's bad bloated days. Those videos are showing what these people who fit the above description, could expect if they installed certain Ant-malware software on their PC. No anti-virus has 100% detection and it's reasonable to expect this, but some of the AV's tested in those videos were inadequate like F-secure and Mcafee in particular.

I don't understand why some people get frustrated with Matt, because their Favourite Anti-virus didn't perform as they would of wanted. It's not a reviewers fault if something fails a test. I think it's good to actually see how well an anti-malware performs, rather than rely on figures published in a magazine or website.

Great Video's Matt, keep up the good work:) :thumb:

-{ Quote: "If you think about someone who has an infected machine, but isn't the most computer savy...they'll go into their local store or download Anti-malware free/paid, believing they'll clean their machine. Your average novice sees the words 'Removes Spyware and Viruses' on the Box then believes that this software will solve their Infection problems. These people usually don't have the first clue about the software's effectiveness, hence why Norton ended up on many machines in it's bad bloated days. Those videos are showing what these people who fit the above description, could expect if they installed certain Ant-malware software on their PC. No anti-virus has 100% detection and it's reasonable to expect this, but some of the AV's tested in those videos were inadequate like F-secure and Mcafee in particular.

I don't understand why some people get frustrated with Matt, because their Favourite Anti-virus didn't perform as they would of wanted. It's not a reviewers fault if something fails a test. I think it's good to actually see how well an anti-malware performs, rather than rely on figures published in a magazine or website.

Great Video's Matt, keep up the good work:) :thumb:" }-agreed 100%well done said:thumb:

-{ Quote: "

I don't understand why some people get frustrated with Matt, because their Favourite Anti-virus didn't perform as they would of wanted. It's not a reviewers fault if something fails a test. I think it's good to actually see how well an anti-malware performs, rather than rely on figures published in a magazine or website.

Great Video's Matt, keep up the good work:) :thumb:" }-

You are on the money. I don't think Matt ever declared himself the testing expert. He just documents some real world scenarios and gives one mans opinion.

What I find cool is with the videos you can get an idea of the GUI, how hard or difficult a programs is to use, etc.. You can't get that from a chart or table. There are programs he has shown that have tested very well, but from watching the video I can determine they are not right for me or my users. That saves me from installing it and quickly uninstalling it.