Av-Comparatives: On-Demand Comparative August 2010

Discussion in 'other anti-virus software' started by hckyo, Sep 23, 2010.

Thread Status:
Not open for further replies.
  1. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Can't agree more with you! :thumb::thumb::thumb:
     
  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Note, I do agree with you. Having two real-time AVs can or probably will, at some point, cause problems. But, aren't those problems prone to occur only if both are set to automatically clean the system? Would the same happen if both are set to prompt the user for an action? (Which should be the default behavior, considering false positives that could lead to damage the O.S itself, if detecting and killing some O.S important file/process.)

    I consider that having two real-time AVs set to only alert the user and not to clean/kill/quarantine anything, would be the same as being verifying the system with two on-deman antimalware applications at the same time, wouldn't it?

    I never took a deep look at antimalware applications, because I mostly make use of what the O.S has to offer me; so, it would be interesting to know what would be the behavior in the scenario I mentioned: both defined to only alert the user and not do any other action until the user decides what to do.

    Edit: By the way, when I previously mentioned two AVs, I was strictly considering the hypothesis of a hybrid one, real-time protection by one and web protection of one other, if the other one lacks it, or if not so great.
     
    Last edited: Sep 26, 2010
  3. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    No doubt they should spend that time!

    However, just as a comment in my personal security policy

    "block by default, allow by exception" a few FP's is no reason to panic or reject a good AV product.

    The product should find the FP and notify user via pop up.

    The pop up should allow user to accept, delete or quarantine the exe in question.

    If the system now becomes unstable (not good) it should allow user to put the FP back in it's rightful location.

    If that fails I simply restore the os C partition and off I go again.

    I'd rather have the odd FP than a product that accepted too many parasites while desperately trying to avoid FP's.

    It's a question of management of these FP's when you hit them.
     
  4. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    That sounds like the best solution to false positives, giving a notification and a choice on how to handle it. Do any of the top AVs do it that way?
     
  5. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Well I think avira does that for users. I use Nod32 here is some data from their help on the matter:


     
  6. littlebits

    littlebits Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    262
    I know that Avira has an option to "Deny access to file" which blocks the file from loading in the memory but doesn't quarantine it or delete it.
    Avast has an option for "No Action" which will ignore the detected file and allow it to load into your memory. Of coarse in order to avoid future notifications on both, you have to add the file(s) to the exclusion lists. You need to go into the advanced settings and select the default actions in order to be able to select an option. Most AV's default setting are configured to quarantine (move the chest or virus vault) by default.

    What I would love to see in all AV's is the option to "Report False positive and ignore detection of the selected file in question" all in one setting.
    Most AV's make it difficult to report false positives and add them to the exclusion lists.

    Thanks.:)
     
  7. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    AV-comparatives released the results for a single product test. Qihoo 360 scored 99.2%
     
  8. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    That is something to take notice about. I suppose no one here has used it yet?

    Regards,
    Jerry
     
  9. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    I wouldn't know. I haven't been here in a while.

    Qihoo's numbers are identical to eScan's. They probably using the same engine.
     
  10. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,410
    Location:
    U.S.A.
  11. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    Thanks for the information on how Avira, Avast and NOD32 handle false positives, useful for me as these are the 3 AV's I've been using the most lately.
     
  12. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,410
    Location:
    U.S.A.
    Removed Off Topic Posts; not related to ronjor's Post.
     
  13. xandros

    xandros Registered Member

    Joined:
    Oct 30, 2006
    Posts:
    411
    me too same of you im happy coz avira & avast & nod32 doing good
     
  14. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    I'm puzzled, since none of these 3 products are in your signature?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.