Some AVs companies have an excellent reputation here at Wilders, which hasn't been corroborated by Real World Protection Tests results for years I'm afraid...
https://www.av-comparatives.org/com...hart_month=July-Nov&chart_sort=1&chart_zoom=0 Microsoft Windows Defender: False Positives = 106 !!!
They don't seem to do well in tests. However they are best with false positives. I'd rather lose a few points in a test than lose a legitimate file.
Yes M$ is a joke, and seems like they still test it combined with SmartScreen, so no wonder you get so many false positives, because it's basically a white-list. If you're not on the list, you get a warning or it will be automatically blocked.
For me Eset catches many adware, trojans and blocks annoying popups (not detected by ublock) in websites. It has superb firewall and IDS which can be tweaked for maximum protection.
Actually it's more of a reputation service more than anything. A lot of it has to do how prevalent the particular file is, if it has a low prevalence there will be a higher chance of it being flagged. Also I believe that it looks at certain things, like looking to see if the file is digitally signed and so forth, so these can have an impact on whether Smartscreen flags the program. In saying this, you can usually override Smartscreen and allow the program to run if needed fairly easily. I was reading the report for this summary and when looking at the FP prevalence chart of the report, the vast majority of FP's that WD/Smartscreen flag falls under the very low - low categories, meaning that the vast majority of the programs that are being flagged as a FP, have a very low prevalence and chances are, a program(s) that none of us have heard of/used. Does this make it ok, well thats debatable, IMO MS could do better in this regard, but again when looking at the FP prevalence chart from Jul-Nov they had a total of 11 FP in the medium to high prevalence categories, so in reality and in the real-world, it's actually not as big of a problem as the test makes it out to be. The chart can be found in the report here: https://www.av-comparatives.org/tests/real-world-protection-test-july-november-2018/
Yes correct, but the job of an AV is to decide whether some app is malware or not, and not to make people gamble. I don't care about how popular some app is or not, I need to be able to get a verdict from the AV that's trustworthy.
Thing is you cannot assume that if a security program doesn't flag a file as malware that it automatically is assumed as safe (let's look at the CCleaner fisaco for example), what if it's a false negative?. Similarly, if something is flagged as malware, it doesn't mean it's malware, it could simply be a FP. Problem is, people tend to put way to much faith in security programs in general and they want the program to do all the thinking for them. This is very poor security IMHO as no product is perfect. Practice safe computing habits along with whatever setup you choose and you should be very safe. Having a security program doesn't mean you can all of a sudden practice unsafe habits, because the product will "decide" everything for me. I mean if you are downloading a program from a sketchy site, there's a good chance it could be some form of malware. What about opening a random email attachment, do we assume that if the product didn't flag it that it's considered safe? @Rasheed187 I am not picking on you personally, just the overall mentality that people want the product to do everything for them. What happens every time someone finds malware on their system that their AV/AM product missed, especially if they practice unsafe habits? Well product x is a POS because it missed this malware, how is that possible? They switch to another product, meanwhile don't change any of their habits, after some time we will get, OMG this product is POS it missed some malware, it's a never ending cycle. You cannot rely on a product to decide everything for you, every product will fail at some point. IMO your habits are just as important as whatever security program/setup you decide to use.
Exactly my point, and you would hope that after all these years AV's have evolved to be able to spot this stuff, and not based on how popular some app is, or if it's digitally signed or not. This discussion isn't about if people rely on AV too much. But pure from a technical point of view, you really shouldn't be producing 106 false positives. Because people might become skeptical, and allow malware to run.
That's totally fair. While I've haven't had any major FP issues with WD, they definitely can improve on it's FP rate.