AV-Comparatives - Heuristic/Behaviour Test March 2013

http://www.av-comparatives.org/heuristic-behaviour-test-march-2013/

 

I don't see why user-dependant and false positives should count so negatively in a test like this.

 

For knowledgeable users, Emsisoft wins.

Congrats to the usual high performers, Bitdefender, Kaspersky, & Emsisoft.

 

Wow, very surprised Avast! was almost last considering it was version 8...

 

It's the position it has always been at. I am just surprised why so many ppl insist using Avast. probably because it uses fancy terms in version 8, lol.

 

Just a note for the "knowledgeable user":
Emsisoft it's just a newcomer in Heuristic/Behaviour Test ..........

July 2012:
http://chart.av-comparatives.org/chart1.php?chart=chart8&year=2012&month=7&sort=1&zoom=2

Earlier Test:
http://www.av-comparatives.org/retrospective-test/

 

Sorry to break your hate fun, but wtf? I'm not going to say i'm defending avast! here but if you look at scores of others it's overall wtf. It just makes much no sense at all.

And if i go to the avast! defending territory, NOT a single user dependend detection? I call that absolute nonsense because if the samples were really THAT new to avoid all the signatures and heuristics, there would be quite a few "low reputation file" warnings. And i'm pretty sure there should be at least few AutoSandbox detections or notifications. But they are displaying it as there was not a single such detection which is imo just plain impossible.

 

With 3 months old definitions and no cloud access?
Yes it doesn't work very well under such circumstances.

 

@VLK: read the report. it is not 3-MONTH OLD DEFS, it is max 1 day old defs.

 

Sorry I didn't see that in the report (and I don't see it even now, after reading the report once more - but if you say so then OK)...

So you changed the methodology this time?

 

Well, then that makes it even weirder... i mean, c'mon, as bad as MSE? Just doesn't seem like a logical thing to observe considering MSE doesn't have a single proactive feature and avast! has several.

 

The methodology you refer to (3 months etc.) has been changed already years ago .
From 2004 to 2006 the time-frame was was 3 months.
In 2007 the time-frame was was 2 months.
In 2008 the time-frame was was 1 month.
In 2009 the time-frame was already shortened down to 1 week.
Since 2012 it is 1 day.

 

it has several proactive features, in other words, fancy terms. That's what I was talking about. You don't need several such features, one is enough as long as it works well.
I don't hate Avast. I don't hate any AV products. I just speak based on reputable test results, aka, objective facts in my opinion; other than relying on subjective impression.

 

Well, i know what i've seen avast! do with its additional security features in teh past and not seing any being used here makes no sense at all.

 

Well, I can see a reason for user-dependant not being equal to full automatic block. I just don't see the reason why you get punished twice for essentially the same false positives. Or why, in a heuristic and behavior test, signature based false positives count at all. They did do a heuristic/behavior blocker based false positive tests by installing and running 100 commonly used applications, which yielded no false positives for any product.

Anyways, 3 misses. 2 of which were already fixed at the time we got the test results and one of which was a case where we missed a reference during cleaning. That's not too bad. We most certainly have to work on the user-dependency though.

 

I dont understand why people complain on these type of tests,who uses a AV outdated by weeks by the way?? if you dont have internet,you stand no chance.Any tests in today's scenario is pointless in my opinion because of the influx of malware coming out everyday and plus somethings dont match real world and I agree with RejZor about not having a single user dependent ones out of those missed samples.

oliverjia,you can stop here...no need to manipulate fantasy words and proactive features as one,they are different things for sure,we arent that dumb to spot a wisely edited hatred type of post,I dont know why people hate free security softwares so much,its just antivirus programs anyways isnt it!?

Still,who uses a AV without up to date sigs?? its pointless to me anyways,real world is somehow much important but again there are flaws in every test.

As I said,any test is pointless these days.
>no own experience >quoting commercial testers >2013

 

again, congrats forticlient for advanced+

 

result isnt suprise.

Bitdefender has Active Virus Control, it is very powerfull, fully automatic and far from False Positives. Very impressive technology.
It has B-have emulation but i didnt find more detailed information about this tech. There is white paper but it is old. It looks like F-secure's deep guard. I dont know BD based Av's has this ability (Emsisoft for example)
This techs make it very solid product. I believe, Bitdefender's own software is better than all other BD engine based software. (except eam) It earn all awards this year.

Eam is another success story. Thanks to new AV-comparatives test, We know now, EAM has very good Proactive Dedection.

Eset has very good signature dedection but it hasnt got Proactive Dedection. It has HIPS but only advanced user can use it. This is too bad for them, They doesnt show as their potantial.

 

Emsisoft is amazing


Kudos to Bitdefender and Kaspersky for solid results.

 

It's nothing like that actually. Deep Guard is F-Secure's equivalent to Bitdefender's AVC.

All of them do. B-have is just an extended emulator and part of the scan engine.

 

I don't understand your logic. From where you see that I hate free security softwares? It has nothing to do with free or non-free.

And my answer to your implication: no, I don't work for any av company and I am not in security industry.

 

From what I've seen in several tests lately, Avast's behaviour blocker is much improved in version 8.
What is important to me is financial, banking, shopping protection. I can always re-image the computer, but can't re-image my bank account.

 

IBK,

Any chance that you would be using Win 8/Win 8.1 machine with Smart Screen as the baseline metrix for these kind of tests (real world, behavior tests) in near future.

Thanks,
Harsha.

 

I just read f-secure whitepaper;
http://campaigns.f-secure.com/software-updater/deepguard_whitepaper_final.pdf
It looks emulator+cloud+BB

B-HAVE+AVC=Deep Guard.
I dont know BD has cloud check. It sent sample user computer to BD server, if they need but I dont have info about realtime cloud check.

There are information about B-have;
http://encribd.com/read-file/bhave-the-road-to-success-bitdefender-pdf-1379165/

Like your words, it is emulator. If all BD based software using this tech, AVC is more powerfull then i think.

 

There is nothing like cloud lookup/real time analysis with cloud based servers on Bitdefender.