surprised Tencent scoring higher than Kaspersky. now that i look back to other tests, Tencent been nailing them, hmm, some Chinese stuff anyone with any experience with it?
Some noticeable low scores for big name products e.g. F-secure score of 72%. The one that doesn't make any sense to me is BD scored 93% and Emsisoft 78%. Doesn't EAM use BD's engine anymore? And as expected, Windows Defender scoring 70%; second last from the bottom.
I'm not sure myself if they are still using it but I have seen it explained in the past that when something uses the same engine (BD in this case) that it may be an older version, or not the same definition set, so the scores will not necessarily be the same.
this test is about malware removal, it has nothing to do with signatures, or at least have to do very little with it.
EAM uses the current BD engine and definitions but not its cloud, and since BD relies quite a lot on it, it makes a noticeable difference.
So it detects and removes malware with it psychic abilities? It still has to detect the infection and know what to remove and how.
they're using already detected samples, infect the computer, and let the antivirus disinfect. you can read the variants on the 3rd page if i remember correctly. this test is solely about the disinfection of your computer.
Still doesn't "add up." Cloud usage would be of benefit primarily for detection purposes. Remediation is done after detection and blocking and done using locally employed methods.
Oh, so that explains it. I remember Fabian mentioning something regarding disinfection. Okay, I found a couple of post for those that are interested. https://www.wilderssecurity.com/threads/emsisoft-anti-malware-9-released.365088/page-4#post-2384016 "The reason why we don't support "cure" as in disinfecting files that have been infected by an actual virus is because it isn't reliable. In addition to that, we also have to provide cleaning support for detections that our engine finds. As a direct result of both we decided to implement our own cleaning." https://support.emsisoft.com/topic/...s-mean-exactly/?do=findComment&comment=127903 "Replace the file with the clean original. In 99% of all cases disinfection won't work anyways, mostly because during infection certain information are overwritten which can't be restored, that ultimately the cured file will not be the same as the original one, which will lead to all kinds of subtle bugs." This could explain why the results in this test are different from Bitdefender.
i was just answering the question about the engine and definitions used, not talking about their impact about the test result.
None of the AV engine SDKs also include any "clean engine" components. Cleaning is based on scanning, independent whitelists, proprietary algorithms - each implemented by the product vendor. The AV SDK definitions do have some very generic cleaning algorithms as part of definition set but that will only work when your detection is very specific i.e. not a generic detection or heuristic one.