AV Tests

alright ill clarify, a somewhat classical HIPS, not a behavior blocker HIPS. KIS's HIPS is far different and more granular than Norton's. Nothing wrong with Norton, just letting u know that Norton isnt some godly all knowing program that can do no wrong, hence other AV's can do better than it as well.

 

Almost any AV can do better than another at a given day, etc. etc. etc.

 

ye, exactly.

 

Why not add Norton to your testbed?

60-day free trial of NIS2010

 

I know since a lot of youtube tests comparing security products, many security companies are aware of the small tests on their products and the sites used to gather the URLs.

Some companies would be adding the few pages of links more quickly than others. Some might not even be adding from the malicious link sites but just through regular uploads from users etc (the security companies should however be accessing these sites, it's in their best interests as a lot of people are convinced by tests).

 

Check the protection log, I have seen on some Youtube reviews Panda never popped up but blocked the malware in silent. I think it's a big because it should be popping up.

 

If the malware was running it wasnt detected. Would like to see pbust comment on this.

 

I really enjoy seeing some members doing their own tests, even though the results have to be scrutinized within the given variables. What clearly comes out from TheIgster tests is that AVs can't be trusted completely, which we are all aware of. There is no denying that Avast has come a long way.

I think the real winner here is Shadow Defender, from what TheIgster said restoring an image in the end was only a precautionary measure just in case something might have been left behind.

It also shows that while browsing unknown websites, it would be wise when possible not to download or click on anything.

 

I think it comes down to, not how many pass tests, does your AV you're using stop the sites you were about to click on.

Most of the common links and files that are circulating are detected by AVs, as seen by PC Security Labs testing. I think that's what counts. If it's uncommon, the product will fail the test, but how will that infect you if there is no link for you to download it from, apart from the test site?

And personal experience weighs in too. I've been burned before, and the recommended AVs couldn't detect anything, but McAfee delivered the goods. There's no definitive answer is what I'm getting at.

As Osaban said, visiting unknown sites, don't download or install anything, and turn javascript off. You'll probably be fine with your browser and no AV if you took those steps.

 

It's something to talk about. It is a discussion forum. I didn't see anywhere where anyone called anyone an expert.

Time to relax friend.

 

What links are you testing.. links to drive-by downloads ? or links to exes. If its links to drive-by downloads, nothing comes close to NIS. It has the best browser protection against obfuscated JScript.

 

Why quote my whole post?

Just post a response.

As for links. I used various links. Links to all sorts of malware that was listed as of the day of the tests.

 

Are you sure that tests were done without favour?

Just going through a few links over at Malcode Database Avast did OK in stopping most but not all including an installer for the rogue Personal Security?

The failed downloads are the ones stopped by Avast.

 

Could you test Avast with and without the web shield next time?
I'm curious to see if it adds any additional protection besides browser exploits etc.

Thanks

 

Chinese antivirus no Kingsoft Internet Security and 360 Internet Security,why?

 

All the things that had to be said about how TheIgster does his tests, have been said. So do you really expect an answer?

I'll try to recap for you.

TheIgster in shadow mode (shadow defender) installs an AV and leaves it with the default settings. Then tries 15 random links from online sources that provide really recent malware.

It's obvious that any day an AV can detect more or less malware. It is obvious that an AV may monitor more intensively the sources that TheIgster uses ( although if TheIgster found these sources I don't know why an antivirus company has not yet ). Some AVs also update more often during the day. So take TheIgster's tests with the right spirit.
I hope he can do more and more tests so...let's say...in 3 or 4 months we'll have a set of results that could provide more valid indications. If we constantly see a product perform much better...then guys, you like it or not, there will be chances that the same product could be better for many home users in the real life too.

It's not really a matter of trusting the results. You don't have to trust anything or anybody since TheIgster's results will not force you tomorrow to buy a certain product and you already know that it's about tests that have their limitations.

These results are capable to create only some impressions...bad or good. There are other ways to support your favorite AV ( although you should not have that need ) without targeting TheIgster. So let the man do his tests and if you are capable or you want to...try to gain something from these tests, so the next time you may spend your money more wisely or you could acquire an extra layer of protection against marketing campaigns. Take it as another piece of information that could help you complete a very complex puzzle.

Another thing...this is a test that TheIgster does spending his personal time. So asking to try more and more antiviruses...and saying it like he did a huge mistake not including the antivirus you like is absurd.

 

Don't know about the favouring, but I know simple statistics... Just because an AV detects 100% in one sample, it does not mean it always detects 100% of malware if you take another sample.

 

From last two days i was continuously following this thread and reading and analyzing everybody's comment silently...I do agree with many of you that merely blocking 10, 20 or 30 malwares in a row doesn't mean that Antivirus "A" has 100% detection rate or bla bla bla...

Secondly i appreciate "TheIgster" that he done a very fabulous job and presented something good...

 

I second that.
Good Job Igster!

 

Thanks guys! And NoIos, well said!

 

One more thing of advice next time you test stuff. Always check the protection log. I have seen youtube reviews of Panda cloud where Panda does not alert the user it blocked malware, the only alert that is shown says this files is in use of another program. That other program is Panda as its cleaning/removing the file. So if you ever test Panda cloud again make sure you check that also

 

You're absolutely right.

 

These trolls posting nothing useful to the thread should STFU. press the back button your browser, don't waste ur time or any one else interested in this thread with your opinion on something that's NOT topic.

Good post and nice to see some Zero Day tests at random etc. they don't measure the full thruth as it's impossible but given enough of them a pattern will emerge.

Simon

 

Well, to be fair, regardless of the protection log, I saw for myself what it didn't stop because of all the running malware. I had to do a hard reboot because the system was so infected.

Templar, thanks for your post. Agree completely. If you don't think this testing is worthwhile, then don't bother posting and move along. No one is forcing you to read or participate in this thread.

 

I find these types of tests entertaining.
I don't believe they should sway someone one way or another, but they're fun to follow for me at least.
Keep testing!