I'm testing AV products against zeroday malware

Hello Brad,
Really enjoyed your Antivirus testing against zero day attack keep up the good work.
Can you also add Dr.Web Security Space and Norton Internet Security 2010 to your testing?

 

+1 to the comment DefenseWall is very good product also really looking forward to see its review.

 

Well it will go on until it ends

But seriously it really is additional data (not yet information) about various products. I watch, look at other sources then if there is some compelling reason to change what I have or consider a change like say a subscription running out or a MAJOR flaw in my SW then I'll pick one or two to TRIAL on my setup.

Then, and only then if trials go well, I will get a new product.

There is no rush here guys.

 

You're alright Escalader

 

Oh if only it were that simple! But it isn't, thanks in large part to a contingent of self-appointed deputy sheriff types who make it their job here at Wilders to protect many of us from... gasp!... ourselves! The world is, unfortunately, well-populated with these overbearing folks who were apparently born with a greater sense of what is good and what is bad for you and me. They are never hard to find... in fact they show up quite quickly wherever and whenever people appear to be enjoying themselves. I cannot say that I am particularly happy to see them, but I am never surprised.

Edit: typo

 

where is comodo internet security

 

Is ZoneAlarm tested? If yes how did it fair? Where is the link to see the result?
Thanks in advance

 

ZoneAlarm has not been tested yet.

 

Some people just have to cheer it on because them self's cant find the self control not to, Or the self control to stay out of where there nose don't belong.

But meh welcome to the way of the world.

 

it is a public forum, so why get nasty about remarks not aimmed at you? but I don't understand the interest here. It's like if I had a trojan on my computer & I than proceeded to load every know AV to see if indeed they to could discover it. SO what? There is not real formulatic testing going here no testing of speed of scan not real results, no real measure of what he has how many false positives, no measured results... just people sitting around in amazement as one person tests a bunch of 'wild variants' & reports the results and gives it 'his rating". I however respect everyone point of view so please carry on...

 

I found Rising Antivirus 2009 free that updates..
http://down.rising-global.com/for_down/09globalver/ravintfree.exe

Brian see how this one does without the full blown package you had tested RIS 2009.

 

Brad, Request: Spyware Terminator

 

I really don't know how to respond to this thread.. Other than to say I do know the difference between registry values, and files. It's apparent that my review of Vipre has upset you because you have deemed it unfair in some way.. I will delete the review out of respect for your contributions to the AV field, and your opinion.

 

No matter what test is run, or who runs it, if an AV product, that is someone favorite, or someone who is affiliated with it, doesn't do well, they are going to complain that the test is meaningless. It happens all the time in this or any other forum. Say what you think, and end it. No need for name calling or meanness.

I've found these tests and videos to be very interesting. It's fun to see how these different AV/antimalware compare to one another. Nice job Brad.


Of course it's nice to see that my NOD32 did so well. Just kidding. Calm down.

 

So what's up next to be tested?

 

Let me once again restate that I send these infections in to the AV companies if a certain product misses it. I have quit rating the product after I review it. I tell the user to draw their own conclusion on what they see. This thread was not intended to be Product A vs Product B, or to ridicule industry experts when they give their advice.

These testings do show that there are variants being released daily that are running wild online, hacked websites, ransomware on peoples computers.. Anyone who worked in an IT shop, and had to clean these machines see the successes, and failures of the Anti Virus companies.. The main thing I wanted to learn from this experiment is what products I can use in conjunction with my current infrastructure to improve detections or stop them in their tracks.

I started weeks ago doing this on my own before I involved anyone else. The main reason I asked people what they wanted me to try was because I wanted to find new products, and see how they do against some of the same problems I have ran up against.

Once again I really hope those I aggravate with my testing would not take it so serious because I'll state once again this is just for fun, and to try to see what products are currently detecting what I throw at them, and if they do not detect certain threats.. I send in the threats to the product I review.
So in the end I try to do what I can.. I think I will incorporate that into my videos from here on out.

I have stopped rating a product afterwords along with scanning with MBAM. I make mistakes, but in the end I am just trying to learn about each product, and do what I can

 

I will be removing reviews of products where I rate them at the end, and will retest them. If you find any things unfair in any reviews please let me know so I can stop doing so. I will try to show the features of each product before testing.

 

well I see the sincerity in your words and I apologize for my comment earlier today. Keep it coming.

 

I come back to my original comment:

I really don't see where this thread has progressed beyond a simple video exposition of product GUI traits.

For this to be a useful test, the test needs structure. As it is....

• The challenge set is quite small
• The challenge set is variable
• Not every product sees the same challenge set
• Potential impact of a given sample is unknown (this comment applies to virtually all tests) - not all samples are equal.
• Even within instances where a set of products see the same challenge set, the time between appearance/harvest and testing/updating is variable
• Scoring, such as it is, is haphazard.

Is there any value in this exercise? Sure, but it's more of a GUI/usability assessment than a performance test due to the uncontrolled nature of the test protocol. I'm sure plenty of folks appreciate even this limited scope of information. I don't want to minimize this target, even if it's not testing per se, since an unusable/confusing product can unfortunately be of less utility to a user than nothing. We sometimes forget that there are plenty of examples where the antimalware has wreaked more havoc than malware on some user systems.

In addition, the original poster himself has voiced some similar sentiments in the past in the Youtube reviews thread:

Lest it be assumed that this is ancient history, that thread started on Oct 5, not even two weeks ago. I presume the original poster has changed his mind based on the time invested in this thread, I simply mention these comments to underscore that some of the criticisms leveled above reflect rather mainstream views.

Have I seen poor advice offered here? No, not really. Inappropriate analysis? Not really simply because there's been no analysis to speak of.

Are there potential downside messages in this thread? Sure. Paranoia runs rampant enough without setting the stage to conclude that users should go without the tool which most users could profitably employ (a simple AV). I realize that AV's are not a panacea, they can have real issues, but they remain a powerful tool and resource for most users, especially when used in conjunction with simple changes such as LUA (plus SuRun as appropriate).

To those who state that critics should simply stay silent - sorry, the world doesn't work that way, at least not this one.

Blue

 

Ok normally I stay out of these kind of conversations.

But. I would not delete your video the awesome thing about this forum is point of view, Everyone has one.

People rub other people wrong it don't mean some people are right or some are wrong with the inspector, vipre is his baby I'm sure he don't like to see it in a bad light at all. Well thats to bad this is what someone else thinks and frankly should be left at that.

You have stated this is not a scored review its not even a review its just informative for people that want to see this kind of thing.

THIS IS NOT A TEST. this is a persons opinion and purely for his information that he is sharing in a post.

edit.
Removed some text.

 

My opinion on what I am doing or what Matt is doing is pretty much the same.. 10-20 threats in the wild, being tested each day. Can't really judge the entire product on how well it does.. Because the next day could be a totally different story.. I'm more interested in seeing the mechanisms involved in each product, and how it protects the system.. I marvel at programs that stop malware without signatures. If I had not started this thread I would not have known about some of the great programs out there like GeSwall for example.

 

If someone has a problem with a video, like a person affiliated with that company, and stated they have 10 years experience.. I'll just delete the video I don't really care to be honest. Showing some respect, and just doing what you think you can make the situation less hostile is sometimes good.

 

Ask pretty much anyone around here that knows me... I live for the hostility.

 

No problem, it is my fear to find zero days like these on computers at work or at home. If I can find stuff that is being missed by a product at a certain given time, and send it in to help stop others from being infected than I'll do what I can even if it is just a fraction.. Makes me sick when I run into the mindset that AV is worthless, and when a machine is infected to just format it without collecting the samples, and sending them in then criticize the AV makers for being "crap".

 

GeSWall test has not been posted yet, as far as I can see.