AV-Comparatives - File Detection Test - March 2013

I've found this discussion both entertaining and interesting.

On a personal level I've been using NIS for around a year now without any hassle. Decision was based on can other family members use their laptops/netbooks without having to deal with pop-ups or a noticeable slowdown.

Originally had the Emsisoft suite, but the firewall pop-ups became quite cumbersome to deal with and I ended up with NIS. Although the resource usage of the application has been a sweet blessing.

Touch wood - we have not had one infection (and I have sanity checked with other on-demand applications).

 

That because when it comes to real-world attacks, NIS is top notch. Check out the AV-Test Real-world tests. Its just another data-point that proves how irrelevant these this file detection test by AV-Comparatives really is. Its no wonder Symantec has pulled out, and I really hope they stick to their guns and not be held hostage by these testing outfits that really dont have the pedigree to be calling the shots and deciding on testing standards for the industry.

What qualifications does AV-Comparatives have to do such tests ?

 

Re: Boy Has Norton Dropped down

Why ??
I never praised Norton too much in this forum. Just because I have it my sig doesnt mean that I am a fanboy.

I just stated my opinion ( which is also opinion of many others here ).

 

Hi Stefan,

That is what Symantec wanted to do I would imagine. However, AV-Comparatives in all their wisdom forbids this. Their rules state: you have to participate in all tests, or you dont get to participate at all. So Symantec pulled out. This went on for a year with no Symantec results in the test every month. This likely hurt AV-Comparatives credibility, so they fought back by including Symantec in just the on-demand test, even though Symantec had pulled out, this just out of spite.

AV-Comparatives business practices are questionable at best. So here we are.

This is all documented in some of the posting from some of the av-comparatives staff over the last year on this forum btw.

 

On-demand tests still have their relevance. For example, a particular infected USB device I inserted a few days ago had a malware that installs a driver as well as runs an executable. Turns out Norton managed to block the executable files but didn't catch the driver (at all). The on-demand scan revealed nothing. The PC was not infected as nothing was using the driver (as the executables couldn't run and register themselves), but it was still not a good showing on Norton's part.

I have submitted many samples like this in the past few months, Symantec's analysis sometimes showed them as clean files, which they were not.

But, since the PC didn't get infected anyway, I decided to give Norton a pass for such incidents.

What I'm saying is, the scope is entirely there - if the driver did manage to install itself and a less experienced user doesn't know what the SONAR/ThreatFire alert means, they may have just allowed it outright. That means you have traces of malware on your system, which may still cause for e.g. slowdowns and unnecessary resource usage.

It is for reasons like this that file detection tests are still relevant today. Though, I still think if a product is good enough to pass those tests (rather than be at the top), it should be okay for real world use.

 

Re: Boy Has Norton Dropped down

Nobody called you a fanboy. You have always been sincere to Norton.

 

Re: Boy Has Norton Dropped down

Some amateur AV tests show the very good results with Reputation on:

Norton 360 with Norton Reputation Scan - detection rate 90,50%

Norton 360 without Reputation Scan - detection rate - 60%

 

Re: Boy Has Norton Dropped down

Which amateur tests are these?

 

They added Norton because lots of people wanted to see it but Norton did not apply for it.

 

Wow! Symantec done horrible! That's a surprise considering they have always done well on this particular test in the past.

 

Please have a look on the above comments ...

 

Perhaps they could not afford the "high" rating this year.

 

Organized crime can organize this and it will be inevitably subverted in time especially for the automated crime pack stuff.

I believe that is a $/ freebie thing since Symantec did not pay to be included in those tests at all.

Custom scan of a folder of samples is not so time consuming as real world scenario testing.

 

Re: Boy Has Norton Dropped down

i agree with some of this but not all. i use eset on many systems and do not get infected. even with doing some "shady" browsing to specifically test a system still not infected. and i have more the 10,000 samples and eset does extremely well.

i still use webroot and i have not really had issues. it does very well for me. i actually really like emsisoft a lot but a bit to rich for my blood. it they would run like a 50% off sale or something id be all over it. otherwise i def feel avast has come a long way and will continue to only improve. i gave up on avira after i had issues that they either could not fix or didnt want to be bothered with since i had no responses back after a while. so i gave up so now i have lic's that are no good to me.

for me my top three still remain. i would add emsisoft to that if their prices were better, to high to recc to clients most of the time when they see all the others advertised for little to nothing in the weekly flyers from staples etc.. even ones like avast and eset are hard sells when they can get norton, kaspersky (which im sorry but i refuse to use has good protection but even still to this day has way to much impact on the system, just had a large client call me and said enough.. they want to get rid of ti because it was putting a drag on their usage of the systems and those are brand new i5's)

anyway long story short i would not say i totally agre with the results but they are what they are and will not make me change what i use. and if i could find a MUCH better deal on emsisoft i would be using or adding it to my line up i would also like to know if i can become a reseller like i am for some other brands for my clients maybe that will give me a bit of room to allow for them to be able to use it.

 

Re: Boy Has Norton Dropped down

Well that is true

Since I never had any problem with my PC for years with norton, so i like it. I have tried almost all AV ( I just dont update that in my sig ) and found norton to be relatively fast compared to most of others.

I know many people hate symantec ( i was also part of this queue few years back) but now its a good AV.

What surprised me in AV-C testing this time is that even when Symantec used to pay AVC, still it opted out of this test because it did not reflect real life scenarios. Now, when norton in not included in any of AVC test, yet AVC included norton only in this test where it scored low. This would raise suspicion ( even if you hate norton , you cannot deny)

lastly, I still trust Av-c but this has proved that everything is business after all

 

Re: Boy Has Norton Dropped down

There are always good deal here for Emsisoft

http://store.downloadcrew.com/?act=search&brand=289

 

Re: Boy Has Norton Dropped down

was looking for 2 and 3 year deals though myself...when do these keys start from there when actually activated or when bought? i wouldnt mind buy three of them if i can hang onto the other 2 till i need them..

 

Re: Boy Has Norton Dropped down

Or you can buy a couple of them and ask Emsisoft customer support to add them all together.

 

Re: Boy Has Norton Dropped down

yes what i did.

 

Re: Boy Has Norton Dropped down

Norton is effective more if you disable smart update (which enables full set of updates). Norton rely more on cloud components like file/download reputation to cope against new threats. Without internet, it has limited offline heuristics to detect new variants of same family. So, Norton will shine more with active internet connection.

I am not a fanboy of Norton

 

Re: Boy Has Norton Dropped down

Internet was on during the test.

 

Re: Boy Has Norton Dropped down

It should be one of the reason for low detection. With reduced update set, Norton performs fast but compromise on detection.

 

Re: Boy Has Norton Dropped down

Fair enough. I agree. Hope Norton will return to AV-C and take part in all tests.
Anyway, I am conservative type of person and think signature based detection is still very important at current stage, I ditched Norton and turn to Avira IS.

 

Re: Boy Has Norton Dropped down

I agree 200% here. Signature based detection and remediation is still very necessary in my view and majority of antiviruses are now hybrid (local sig + cloud). If anyone want good protection with Norton, he should disable Smart Updates and have 24/7 Internet for that system.

 

Remember, this is a file detection test, make a RWT with Norton with web based malware you'll see how effective Insight is ...
BTW, I know that such a technology might be very annoying for the little developpers.