AVLab-JULY 2013

AVLab-JULY 2013

http://avlab.pl/page/laboratorium_antywirusowe_podsumowanie_lipiec_2013

 

Norton and Eset really bad.. AVG is the far to bad

 

What about Emsi - 62% C'mon!

 

They test only 40 samples a day. How they decide which 40 to choose?

 

Can somebody translate their methodology? Cause the results doesn't make sense.

 

Documents to download

http://avlab.pl/page/dokumenty_do_pobrania

General information [ download ] - This document describes general information about the testing, the methodology used to perform them, and the algorithm for the general information you should refer to anyone interested in testing anti-virus programs. Against drawing any conclusions from various tests, please refer to the document directly connected to it.

Antivirus Lab methodology [ download ] - This document contains information on laboratory Antivirus (LabAV), principle of operation and the methodology applied. We advise you read this document to understand the actions LabAV.

 

Never heard of "AVLab" before so I'm not sure what to think about this

 

From what I can decipher using Google Translate is that they get 20 URLs and 20 Malware Samples from malware.pl (which seems to be related to scumware.org, which seems to use data provided by PreBytes.pl who sell their URL and sample feeds to AV companies, meaning you could potentially buy 100% detection in that test) every day and just throw them at a given product.

Personally the methodology sounds a bit odd. As instead of using just 40 URL and testing all protection layers, they seem to divide the detection into URL blocking only and real-time protection only. That is a bit odd, because even though you would have detected the 20 samples you downloaded from that URLs, you will end up with 20 misses unless you specifically block the URL.

That being said, Google Translate isn't reliable. So I could be completely wrong. I am sure someone who knows Polish will be able to shed some more light on this .

 

I'm not buying that Emsisoft result lol.

 

What? from malware.pl ? byebye...

 

Hi guys!

malware.pl is the Polish equivalent scumware.org just as kaspersky.com / kaspersky.pl

The results of programs are counted as the average of the result in real-time + Malicious URL / 2
http://avlab.pl/page/laboratorium_antywirusowe_podsumowanie_lipiec_2013
in polish (Wyniki programów są liczone jako średnia z uzyskanego wyniku z testów Real-Time + Malicious URL / 2

Result Comodo in test realtime: http://avlab.pl/page/wykresy_labav
the last comapare (mounthly) [Porównanie - wg miesiąca:]

Porównanie - ostatnie 30 dni: = last 30 days; example 25 may to 25 june

Porównanie - ostatnie 7 dni: = comaprision last 7 days

-----------

in july (7/2013) :

real time 100%
malicious url (malicious code + phishing!): 9%

(100%+ 9%) / 2 = 54,5% = 55%

------
Emsi IS 8 in july
real - time: 100%
malicious url (malicious code + phishing): 24%

124%/2 = 62% <--- result --- > http://avlab.pl/page/laboratorium_antywirusowe_podsumowanie_lipiec_2013

 

Emsisoft result not representative...should be somewhere near Bitdefender.

But good work Avast.

I've said it before...As a stand-alone AV against integrated Security Sweets [LOL] Avast holds it own and does a very creditable job.... not in the same league as the big boys [KIS] but a very good partner in a combo for a spare computer.

-cheers,
feandur

 

avlab,
can you share Comodo's real time score?

 

I do not understand, what exactly?

 

He already did. The first results are for Comodo.

 

AVLab is non-commercial. No any vendors anti-virus does not affect the test result. We wanted to grant certificates for the results, so we combined the two tests for certification. Therefore, the results at first glance are strange to most people. Please understand us.

 

Yeah, And I'm not buying the CIS results either.

 

So the lack of webshield is the issue thank you avlab, but of course no executions were done ? Have you checked samples gathered from scumware ? Have you checked their dates as well ?

 

Not only our tests confirm the poor results in tests for Comodo internet security. Look for phishing test http://avlab.pl/files/others/arts/135/test_antyphishingowy.pdf

Such access can have only vendors AV. But we can in the future to develop also access to users.

It should be remembered that such phishing sites have "little life" and after a few hours of the test might not work. Then, users will grumble why antivirus failed the test and the site does not work.

Samples are checks by malware.pl and then sending for us, but does it automatic. Then, our scripts again checked samples. Every day we get hundreds of samples. At every night are prepared samples. Also, the occurrence of false positive is virtually impossible.

To prevent FP we start the test from the most infected files and web pages. Of the hundreds samples we tested 20 files and links every day, but we starting from the most infected.

 

20 links and 20 files is a tiny! sample set, to small in my opinion to judge any products. Are you actually executing these samples?

 

No they are not, afaik he/she did not tell me if yes or not, but I don't think at all.

 

That makes this test even more questionable.

 

We disagree. 40 samples but every day. In months gives to 1200. We try to reproduce reality. Situation when the user encounters the thousands of infected files is questionable. We test on a small number of files, but steadily.
You can disagree. We do not have the infrastructure or money as professional testing organizations. Nobody not pay us for it so all day testing is not an option. We have school, work, personal life, etc..

 

Do you execute the samples?

 

yes I agree, this is questionable

but congrats to forticlient