AV Comparatives has released the newest report.

oh come on, if people just accepted the current methods, nothing would change.

sadly, this is what most people have done here on wilders.

I thought this place was supposed to be full of smart people with their own brains, who can figure out something when its staring them right in the face, who pick pieces of puzzes and puts them together, who reason rather than argue.

Doubt i will see that response on here any day soon, too many people loving their software to question anything or anybody, alot of people in their own little worlds of security.

i guess all it takes these days is a professional looking website to test anything.

 

I am wondering about the calculation for Panda.
How can 82/40/67% detection rate produce 99.2 when
Gdata has overall >99% and gets 99.6!?
Even Eset has more detection rate than Panda - and gets only 97.7
Ok, weighting - but this is ridiculous.

 

These tests are not totally useless. The contrarians are thread-swooping & pooping, is all.

AV-C's tests of scans are useful to those who scan.

AV-C's tests of scans are also useful to contrarians who are searching for something to argue about in a dogmatic & pompous manner.

Dynamic testing has its purposes, & so do on-demand tests. Further, on-demand scans, as done by the AV I use for that purpose, apply very aggressive heuristics as well as sigs. Thus, those scans are NOT solely "static" (as opposed to "dynamic"), & they are far from useless. I guess you could say they are *dynamic on-demand scans*. Or... not.

 

1224732 samples,

1215176 detected

which is 99.21974766724474%

 

Did this On-Demand Detection of Malicious Software comparative (February, 2010) disable Internet connectivity during testing? The report does not appear to specifically state if this was the case.

 

no. its not explicitly written, but how else would we have tested the clouds?

 

nod surprised me & avast was a bit surprised by F_secure but in truth should not be good job by all three & I use one of each on my 3 machines...

 

read my post on the last page why these tests are still important to certain people in certain situations. to u it may be useless, but to people who use and rely on their AV's in a diff way, it is important.

 

LOL PC_Gamer, you call all these On Demand tests useless and you have an On-Demand AV on your setup?

Fail post!!

 

eh? I dont understand your post at all,

theres nothing wrong with having an on-demand program, its the tests that are at fault, not the softwares.

noob indeed.

 

Since I cannot test applications I put a lot of stock in these tests. I think that the Nov 2009 test provides the most realistic tests and results.
So do choose my AV to a large measure by comparing tests by those whom I consider among the best.
Tests of firewalls by Matousec are an indicator to me, and when the firewall is considered with tests by AV-C I think that to choose based upon such tests is more reliable than pulling one out of the air, as some seem to want to do.

In combination with applications like MBAM, which has a proven record according to many on such forums as this one, gives me as much protection as I believe I can get. I have no interest in seeing how many other security applications I can get on my systems.

So I'll continue to use an AV/suite plus a couple of other good applications and think I will continue to be free from malware. I know no test is good unless your favorite performs well.

It is also easier to be a critic than a doer.

Regards,
Jerry

 

Yeah there are ways to bypass the malware detection system, with clean files, as pc_gamer illustrated.

But to think that hundreds of thousands of files 'might' have been done this way, and might be clean, is a stretch of the imagination. Flip it the other way, if the file is in-fact clean, but can't be downloaded by anyone else through a google search or is part of any program available for download, then the user isn't at any convenience by the AV detecting it as malicious.

Yes the clean files shouldn't be marked (just because other vendors are doing so and marking the files as malicious), but in reality, with the amount of malware popping up each day, the VT system works on trust, and the vendors are assuming others aren't abusing the system (reporting files as malicious when they're clean). Same thing as calling up your local authorities, saying a 'sicko' lives next door and is exposing himself, getting a few friends to call up and say the same, of course the authorities will put a mark against the neighbour's name as being a potential weirdo for them to watch. Does this show the authorities 'at times' don't really know the difference between the sane/insane, and are going by a group's word?

I don't expect my half-baked analogy to be dissected, as it took me three seconds to think up. What I'm getting at, the vendors aren't expecting the virus total service to be abused (just like making calls to your authorities). It can be abused, and it does at times, but overall, they aren't expecting this act of community service and good-will (people doing the right thing) to be abused. By the most part, the virus total service is an exceptional service users have for free.

As Jerry said above, easier to be a critic than a doer. If you see a market for better testing, then the door's there (for you, me, others) to make an opportunity out of it. At the end of the day, haven't paid a cent to read AV-C's report, or use virus total. So no need to complain.

 

Oh well, after reading my reply it WAS a noob and fail post !!

My apologies to you Mr. Gamer

But On-demand/Access is still important, imagine if your "prevention" layer failed

 

On-demand is important, even if you personally don't think it is. You receive an external drive full of media you want to 'borrow', you don't have time to launch all 60 000 files, so you copy these to your drive. If you don't scan these first, then you're a goose.

Users here run virtualisation each day. Before they keep files, they want to scan and re-scan files, sometimes a few, sometimes many. Otherwise defeats the purpose of them running in a virtualised state each day. They'll be running a virtualised system that by default is infected each day.

If the majority see value in these tests, then keep em up. But I respect PC_Gamer's point, and his knowledge that tests could always be improved.

 

You've got a point there. Henry Ford once said something to the effect that if he had asked people what they wanted, they would have said faster horses.

OTOH, how can you test on-demand performance other than by doing on-demand scans? I find them kind of interesting because I don't use any security software at all real-time, just an on-demand scan every couple of weeks.

 

Excellent point indeed, particularly considering Virus Bulletin for example which you need to become a member to read details of tests.

 

Hey just wanted to pop in and say thanks IBK for doing the tests and spending all your hard work on another report. Too many marks and flamers here, I'd rather just say thanks for the results. I'll be waiting for the next round, just not relying on it lol.

 

Interesting thing is this topic about recent AV-C results has about as many views and responses as some of the non-commercial "test" threads that were closed. If people show an active interest in testing/videos/results in some of the banned tests I wonder if or how long it will be before some of the commercial testing outlets implement similar methods- not as a primary testing method, but something further removed. If the interest is there it would seem some company will take advantage of the untapped market.

 

Anyone knows if IBK has any plans of interactive testing like the one done by Dennis labs and AV test org?

I love these tests. But these wil be interesting if they ae done with real life scenario/ samples in the way done by Dennis Labs, even with a relatively much smaller set of samples.

 

I find it interesting that in corporate market TM was best in one test.

http://us.trendmicro.com/us/trendwatch/core-technologies/competitive-benchmarks/avtest/

 

AV-C performs such a ridiculous tests and then publishes "rankings". Now what is the mostly naive user even on this esteemed forum supposed to think ? That GData is better than all the other products!! Wrong.

If someone goes out and buys GData based on this information alone they will be making a big mistake. AV-C is doing a disservice to the community as a whole, and they are really beginnning to get on my nerves.

Check out the real-world tests done by AV-Test, Dennis Labs, MRisoz (on Youtube) and others.

For Symantec, SONAR was not tested, and with that in mind, these results are not worth the keystrokes used to type it ;-)

 

AVC will provide whole product dynamic testing soon. Its even written in the report. There was a very small (compared to what will be done this year) dynamic test at the end of 2009. So, the ones who prefer to read just that reports, can do that, and viceversa.

 

Thanks a lot. It really sound good.

I missed that as I just read the detection rates, not the full report.

 

I still consider On-Demand tests important, so guys keep it up!
Don't let this guys discourage you.

 

Note that sample set sizes are very different for each category: Therefore misses or good performances in one category (for example, backdoors/trojans) may have greater impact on the final score than those in another category (like macros or script, etc.)