AV-Comparatives: Real-World Protection Tests for June 2017 & Feb – June 2017

You must be looking at different results than I am looking at in the test. Symantec, Trend Micro, and Tencent all detected more samples than Microsoft. What are you looking at? Trend Micro detected more samples than all other AVs. Symantec, and Tencent detected almost as many samples as Trend Micro.

 

Disregard my last post. I did not realize there was more than one set of test. I did not see the test results for June in the last link until now. Was this test sponsored by Microsoft?

 

If Eset continues to perform this poorly then I may have to abandon them after my license runs out. This is only one test, but if they continue to perform like this in the next several test then I may have to abandon ship. I've been using Eset since 2004. They have also been slow to fix bugs lately.

To be fair to Eset though, the main reason I use them is for their Firewall, and Exploit protection. They have been performing well against network, and exploit attacks. In most cases you would have to intentionally run the malicious code if you use Eset. Other AV solutions have good detection, but lack exploit protection, and they have a mediocre firewall.

These test definitely shows a drop in detection though when you look at how well many of the other vendors did in this test.

Edited 7/15/17 @ 11:18

 

Now I wonder how it will be sorted if all of them scored the same number of FP's or none.

Its strange how fp is a factor to rankings in the chart where protection is the thing that is being tested.I still think the chart should be sorted by red (missed samples).

 

+1

 

Elementary my dear: Alphabetically.

i.e. =

-----------------------------

The strange is to omit the FP factor in Protection.

Consider this:
Two products are using different ways to get the same level of detection.
The first has few FP's, the second a lot. Which product is better?
Look at the F-Secure results......

 

Not even so much the ram, but cpu usage. Keep an eye on it's various components. It is one of the heavier AVs out there.

 

Yes, Avira is not so light.

 

Well, the test was performed under a fully patched Windows 7 Home Premium

I wonder if ESET decided to change their default HIPS setting to Smart Mode. Would they do better on these test? They seem to try to be cautious regarding false positives and user-dependent alerts.

ESET seems to have a very good network and exploit protection. I believe @itman posted that it was the only one reported to protect a system from Eternalromance. And that's very good for ESET

But it is disappointing that despite being having a dedicated ransomware protection, it was still one of the few tested products to fail against WannaCry( the ransomware, not the exploit)

 

Picture is worth a thousand words.

 

I agree, on my 2 fast Win 10 machines, WD slows them down noticeably compared to what's on my signature. What's the point to have a fast computer slowed down by an antivirus...

 

But that's RAM usage not CPU usage. RAM usage only affects performance on systems with not much RAM installed.

 

1st column= CPU
2nd column = Memory
3rd column = Disk
4th column = Network

 

I missed that. I must need more sleep.

 

No. The Eset HIPS only monitors select system and registry areas for suspicious actions against them. It does not operate like a behavior blocker which has the capability to create rules dynamically to monitor a specific suspicious process.

One reason MSE and WD scores have improved is both are now performing cloud scanning of suspicious processes. This would be most effective on Win 7 for packed and obfuscated scripts for example since Win 7 does not natively have the Win 10 AMS interface feature that AV vendors can use to scan those scripts.

 

http://chart.av-comparatives.org/chart1.php?chart=chart2&year=2017&month=6&sort=1&zoom=4

 

If you find Eset easy to use and are uncertain if you should keep it because of this test, then you obviously do not know the product well enough and or do not use it to full potential. There is much more to Eset then it's AV and default settings.

Tested at default settings means baseline protection testing. It means you are testing the product with minimum out of the box settings applied for Max usability and not protection.

If users really believe also that WD is kicking all these products butts, then obviously they are not personally testing it themselves with fresh samples. It has improved, but not enough to make me ditch 3rd party just yet. They also need to work on file access and hhd resource usage wise.

 

For kicks, I uninstalled my 3rd party av a few days ago and have been using WD. Not noticing any performance hits. How exactly and when is WD slowing things down for you? Just curious.

 

https://www.wilderssecurity.com/threads/av-comparatives-performance-test-may-2017.394733/

 

Thanks anon for the information. Not seeing any of that on my system. Maybe things have improved since then? Or maybe it just runs ok on my machine. But I do not feel it it lagging anything or causing any slow downs. If so, I would have ditched it already.

 

I notice it when opening/moving large amounts of files, as well as my 7200 rpm HHD, being taxed at 100% quite often by it.

As per the test, it does state these samples used are in the wild, but nothing about age of those samples.

When I test personally all samples are 10 days old or newer. I do not see the same results as these labs because of. Since so much malware is released on a daily basis in the wild, and the window from zero day "FUD", to how ever many days it takes the rest of the vendors to catch up and push signatures can be rather large sometimes, one would think this would be an important aspect to these tests, as the results are certainly not in the 99% to 100% ranges when testing with newer samples.

I take these tests with a large grain of salt, as should everyone.

 

Agreed. AV Lab tests are "approximations" of AV software protection capabilities. Results given are based on the malware samples used and the particular testing methods employed. They should never be interpreted as that any given security product will protect or not protect against all malware in existence.

 

Gotcha I don't do a lot of that on my machine so its a non issue. I also have an SSD drive so maybe that is why I am not seeing any performance hits.

 

According to av-test: downloads, launches, installations
https://www.av-test.org/en/antiviru...-2017/microsoft-windows-defender-4.10-171447/

 

Saw that as well. Not noticing anything different between WD and the third party av I was using prior.