AV-Comparatives - File Detection Test - March 2013

Ehm ... you may want to look up what a GmbH (German equivalent of a Ltd) and what an e.V. (Austrian equivalent of a Non Profit Organization) actually are .

 

1) I know who you are.
2) I'm an Avira (paid) user (for more than 6 years).
3) I know very well what means that so called Avira's "cloud'.

The APC works in Avira's Quick Scan only or not?
=

What is the Avira Protection Cloud?

 

Correct, but the release of the next APC integration feature is soon - which will be a much more useful integration feature.

 

I'm looking forward to see this because APC looks like Comodo's Valkyrie (static analysis part) and it's doing very well considering the tests that Stefan has done.

 

That's why IMHO: It was (and still is) cloud or "semi-cloud" ?

We will see what is this "improved Avira cloud integration"

 

As Stefan said to you,
It's a hash cheking system and working with AI engine to automatically categorise samples. (I think this is how APC works).

 

thanks for the education.

 

Yes all of these are real-time scanning. None of them are static-scan on-demand scanning. Thats the point I am trying to make.

 

Here is another reason why I think this test is totally bogus.

AVIRA.. they got 99.6% on this static-scan test, yet in AV-C's own real-world test, they totally suck.

http://www.av-comparatives.org/images/docs/avc_prot_201303en.pdf

So what does this say about the test ? It tells me that even though you might "appear" great on this test, in the real-world you are not. So why even have this test.

 

Why not? The one doesn't negate the other, and people can still find interest in seeing the results of a particular type of test. I, for example, only want a light, non-cloud, pure and simple antivirus with good signature detections, nothing else. I secure my computer in other ways than security suites, so that's all I want or need.

 

Good point, qakbot. This is the joke of the year

 

Because these people who find this interesting are plain and simple pure lamers. And because why should they participate in something that has no point and no business value. I am sure Symantec has found that AVC brings them no additional value now.

Additionally, you might have 9 excellent top results and 1 awful - people will only comment the single awful one. Media will only comment the awful one. What is going on now here - don't you see. What is going on here with all the tests results. People comment the awful (fake) test results of Symantec.

I really wonder why McAfee, Microsoft and others still take part in this joke. This is not technical job, this is not technical review - this is just marketing. Information used by marketing guys to influence the market.

 

We have been in dispute with you before and again you mention information without being so sure and from 5 machines point of view.

Fortunately, Windows 7 and Windows 8 are getting more and more popular. Unfortunately, Windows XP is still a factor because many people still use it - about 1 out of 3 machines still runs XP. This is what I see (from thousands of machines I work with everyday) and from Wikipedia:
http://en.wikipedia.org/wiki/Usage_share_of_operating_systems

And no, the so called by you offline infections (or the malware that spreads via removable media (USB flash or cards) or via network shares) is still very popular - if not the most popular real malware. Petty much each and every USB flash drives I see and that belongs to home lame users is infected by malware. And there are many people who must use public flash drives in their jobs on daily bases. I see many infections that spread this way. Additionally, autorun malware that spreads via network is also popular among small/medium businesses. I check regularly ESET, Symantec, McAfee and Microsoft statistics and I operate with lots of machines everyday and this is what it shows - not from 5 secured machines perspective.:
http://www.microsoft.com/security/portal/threat/views.aspx
http://download.microsoft.com/downl...rt_Volume_13_Key_Findings_Summary_English.pdf

http://www.welivesecurity.com/2013/01/07/2012-top-ten-malware-and-the-threatblog/

Cracks, INF/Autorun, Conficker - offline malware is still very active

~ Removed Copyrighted Image ~

 

Not all of Norton's cloud based detections seem to come into play from a scan of the file/folder.

I was just experimenting with some files and three of the ones not detected by a scan (and at least one of them has a bad reputation according to Norton [I have seen many files with bad reputations not detected from a scan of the file/folder]) are only detected as Suspicious.Cloud.7.EP when I browse to the folder through 2shared.com upload window (not even browsing to the location with Windows Explorer causes a detection). I executed one of those files too and it was detected as SONAR.Heuristic.

 

I could honestly not care less about who you find to be a "lamer" or not, and I fail to see how your categorizing of people based on their interests has any influence on how much relevance an AV test of any kind has to others.

 

LOL
See Fabian Wosar's reply first post on this page.
"Ehm ... you may want to look up what a GmbH (German equivalent of a Ltd) and what an e.V. (Austrian equivalent of a Non Profit Organization) actually are"

Don't embarrass yourself in front of us. LOL

 

LOL
You actually really think real-time scanning has nothing to do with static on-demand scanning?

 

Thank you oliverija.
I know what GmbH and e.V is. I can hardly understand AVC's being non-profit organization when it gains profit to do what they do and they do it for money, not to help others. Anyway,

qakbot and I was mean that AV-Comparatives don't do tests for free and for fun - they are getting paid for this, they do not do charity with the money they receive for tests, just like AV-Test does.

 

Well, only because one product does great in the on demand test and does bad in the real world test does not means that all suites will perform the same.
I still feel on demand tests are relevant to some extent.

 

A non-profit organization, by definition, doesn't make any 'profit'.
Yes, they do have an 'income' to cover 'expenses'.
The argument that they ask money for testing (and that in itself is for some apparantly close-to-contemptuous) doesn't negate the fact they are a non-profit organization.
Any failure to really understand the main difference between non-profit and for-profit organizations, can be cured with an hour of google searches.
It's getting a tad tedious to write year after year that AV-C is a non profit organization, working closely with the Austrian uni of Innsbruck and thus can not be easily compared with profit-driven testing companies.

AV-Comparatives Fundraising

AV-Comparatives (Full title: Institute for Security in Information Technology - AV-Comparatives) is a non-profit-making organisation, entered in the central register of Austrian not-for-profit organisations. The most important qualification for inclusion in this list is that the organisation does not make a profit to be distributed amongst members. Any money that the institute makes must be re-invested to further its aims. In the case of AV-Comparatives, income is used to finance the equipment (servers, UPS, analytical systems), services such as the Internet connection and electricity supply, expenses such as conference fees, employees, and other items necessary for the organisation to function.

Subsidies

Subsidies are an important part of AV-Comparatives‘ income. We are supported by academic and public bodies, and the Austrian state. Subsidies may be direct or indirect. They may take the form of financial support for research and development, or the payment of staff costs, or support from academic staff of the universities for specific projects. In co-operation with the universities, bachelor’s and master’s theses are used for working on specific problems.

University of Innsbruck, Research Group for Databases and Information Systems
University of Innsbruck, Research Group Quality Engineering
Hong Kong University of Science and Technology
National Taiwan University of Science and Technology
Brandeis University Mississippi, Computer Science Department
Management Center Innsbruck
Kufstein Technical College
Tirol Regional Development Agency
Regional Government of Tirol
Austrian Federal Ministry for Economy, Family and Youth
Austrian Federal Ministry for Transport, Innovation and Technology
Tirol Careers Service link

 

=
The APC is not just hash checking

--------------------------------

----------------------------------

=
how APC works

 

You are not the only one, but obviously for some people there is only one way to approach and solve a problem.

 

File-detection test that "does not add anything"?? Subtle way to justify their poor performance, is that yours or Norton opinion? ...so from now on they will dictate how AV tests have to be carried out? It's why they have created their (tailored made) "Dennis" tests?

 

Thanks for the image!
Still, I find surprising how friends and people around my vicinity still manage to "share" malware among usb sticks these days. And trust me, it's not me who's trying to get extra $ off from 'repairs'

 

Well, let's put in this way: Does Avira complains about doing 'average' in your "relevant" (according to you) real-world tests?

Why Symantec pulled themselves out off AV-C just because they "didn't like" the valid file-detection tests? Afraid of the dark?

Imo, they have A LOT to hide. So stop Symantec cheating users with fancy words like these:

Let's rejoin AV-C tests again and stop talking pure BS.