another magazine AV group test

Another thought to go along with this testing nonsense. Check out the latest test from Consumer Reports. CR consistently ranked, get this: Trend Micro PC-Cillan their overall pick for: A/V suite, A/V and spyware. With only a slight ding for completeness, i.e. no built in HID.

Now, in case your unaware. Trend's spyware is getting better but still a bit lax on the definition of spyware/grayware.

 

The Consumer reports testing was already discussed in this thread.

https://www.wilderssecurity.com/showthread.php?t=181739

 

Herein lies the fallacy of depending on others for guidance. People select a particular product or brand based on other's advice and recommendations. Your doctor can prescribe you an antibiotic which results in a severe anaphylactic shock reaction when all you needed is an aspirin.

 

Just an update. Submitted the same keylogger setup files yesterday that I did a week ago & only the same 8 AV's are detecting them but like I said maybe it is not that important to flag a setup file.
Only way to know is to run the setup I guess and submitt the main program files.
Do any of you have sugestions for the best system file monitor. One that shows ALL new or changed files?

thanks

con

 

Lool, indeed, doctors love antibiotics.

Exactly.

Yes, nod lost a bit of his former power, but this scanner was always vulnerable for totally simple malware manipulation. Kaspersky still belongs to the top products against modded malware the same with AntiVir.

AntiVir made huge steps ahead in the last years, they surely have improved their team during this time.
They managed to jump from a middlefield scanner to a high end av in a time range of approx. 2-4 years.
But Kaspersky has the big advantage in making nearly no false positive, the worst case related to fp´s still
remains Dr.Web. (as I told sometimes ago: It´s unpardonable to show AOL as potential backdoor, that´s DrWeb)
Beside: Bit Defender is also a delicate candidate for the top 5 of most false positive´s but surely behind Dr.Web.

 

Process Monitor
InCtrl5

 

I really can't take any of these "tests" very seriously as they seem to vary from test to test, even by the same testing group. The only thing they're useful for is just a general impression, that's about it. Just my humble opinion....

 

They vary because things changes, I give you a tip: Create about 40-80 unique common samples of malware, use different packers, crypters a.s.o. Then test the whole set against all scanners, do the same every 3-6 months. You will be surprised and it´s funny to see what has changed but one thing is to overcome: You need time and stamina because this could make a lot of work.

 

Lucas

I have used PM but never for monitoring an install. IS this a process where by you log the changes and go in manualy to delete them?

InCtrl5 is shareware and so I am not sure that would work for me. I used TotalUninstall a few years ago but didn't see it tracking all files & reg entries at that time.


con

 

I never used PM to monitoring an install. It's a bit over my head

 

Process Monitor is the best tool available.

 

SystemJunkie

How do you use it for that? I was looking and didn't see anything except looking at the date time stamp, then removing things manually.
Just reinstalled PM today and had to uninstall KAv or PM would hang.

 

This is the big problem of Kaspersky´s klif.sys, the slow motion maker.

@controler: learning by doing, nothing else, just do it, test it then you will check it.

 

Oh and that really helps!!!!!

 

I absolutely agree. It is interesting to compare how the main vendors perform on the very latest stuff with today's updates, and then to run the same tests again three months later (with the latest updates but the same samples).

I would not entirely blame magazine reviews for the public's perception of what the best AV is. Walk into PC World and you'll see a small collection of options available (mainly Symantec- and McAfee-based). The general population isn't interested enough to even read magazine reviews, let alone specialised forums full of experienced users. It's frustrating.

Of course, every so often you get a magazine review that uses a decent, large sample of malware. These tests aren't bullet-proof, but they are more useful than the "Panda had a lovely interface, but I prefered Norton's" grouptests. I would count the tests that Computer Shopper and PC Pro have run recently as being useful*.

[* DISCLOSURE: But I would, because I am involved in the testing]

 

Lol, indeed, the mental darkness is still on a very high level it would need endless time to highlight the mass-spirit, probably it´d be in vain. If I were the creator of this world I would transmit each reasonable soul already a mass load of high-iq information from the start. I would stop the purgatory process of oblivion. ;-))