In the most recent AV-Comparatives Realtime test: https://www.av-comparatives.org/com...=2018&chart_month=8&chart_sort=0&chart_zoom=0 , McAfee scored 100% in detection. In the most recent Malware Research Group corresponding 360 test: https://www.mrg-effitas.com/wp-content/uploads/2018/08/MRG-Effitas-2018Q2-360-Assessment.pdf , McAfee scored dead last in protection capability. I couldn't think of a better example to state that AV Lab test results widely vary and no one test should be used as determination in an AV product's protection capability.
Until all labs decide to use the same methodology with the same samples as a "baseline" test, then maybe, using their own methodology as secondary test; i will never trust any labs, even some "home-testers" do better than them.
Different products, different versions, and most importantly completely different time of testing (in this given example MRG in Q2 [test finished in June] while AV-C tested in August). Nevertheless, I also always recommend to look at various lab / tests /methods results to get a bigger picture.
Including yourself as "home tester"? Pls confirm with yes? With the ambition from your extreme defensive measures I can only assume you have done your own fair share of testing in comparison to measure results from labs to real-time local tests.
mediocre, not as bad as for example Panda but not in top10 either weak against non-PE but at least has signatures faster than a dead snail, aka Panda.
Indeed, i did in the past, i had a dedicated machine (not a VM) for realistic results and real 0-days samples which were manually downloaded (or USB transferred) then executed on the test machine ( as a normal user would do). But since my security setup block is made to block all execution of files located in commonly known landing areas, i don't even bother doing tests anymore. Those kind of malware tests are good for evaluating AVs, but they are useless against deny-default setups, can't execute, can't deliver payloads, can't infect. The only attack vectors i can see that defeat default-deny setups are network attacks (SMB exploits, etc...) or compromised legit software installers (Ccleaner style).
Expounding on AV-C's previous comments, AV-C tested McAfee Internet Security 21.2. MRG test Total Protection 16.0 R13. I gave up trying to get the latest release number for each product. I could not find this info on the McAfee web site or anywhere for that matter. Assumed is Total Protection has the same base malware protections Internet Security has with additional add-on security features; password manager, etc. for example. McAfee's improved scoring on the latest AV-C test is most likely a result of correcting security deficiencies found in the earlier MRG test. The main criteria I use in assessing AV protection capability for a product is consistent scoring across all AV lab tests the vendor participates in. If there is a wide deviation in scores, it can be assumed that there are base security protection issues with the product that are being corrected via on-the-fly testing.
It could just be a bug with mcafee. Like the one that webroot had in a previous MRG test, and I think emsisoft during one of the av-c test.
Appears to be not the case as far as MRG 360 tests go. I went though the last 4 quarterly reports. Below are the results: Q1-2018 - 3rd lowest ranking Q4-2017 - 2nd lowest ranking Q3-2017 - lowest ranking Q2-2017 - 2nd lowest ranking So as far as McAfee goes in this testing series, they have been a consistent poor performer. What would of interest is if McAfee always submits to MRG first, prior to testing by any other major AV labs like AV-C, AV-Test, etc.. In other words, "take the hit" from a lessor known and therefore less publicly referenced lab. Fix the deficiencies. Then move on to the major lab players which get broader public exposure.
I remember reading about their cloud service having issues around June. I'm not sure if that coincides with MRG's test. IBK said June, here's the article I managed to find: https://www.theregister.co.uk/2018/06/20/ibm_cloud_mcafee_service_degradation/ It says Mcafee was affected for nearly a day; whether issues persisted beyond that or the MRG thing was unrelated who knows.
i call cloud/ML/AI detections as signatures as well. suprisingly McAfee's ML engine is one of the first on Virustotal to sig something.
I have had that engine fail so many times, I just can't trust McAfee anymore. I don't know if it improved in the last two years, but the new engine was an effective downgrade and left many computers infected a couple of years ago.
