AV-Comparatives: Real World Protection Test - April 2016

Discussion in 'other anti-virus software' started by anon, May 17, 2016.

  1. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,101
  2. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,744
    Location:
    New York City
    Thanks. AVG continues to impress.
     
  3. Impet

    Impet Registered Member

    Joined:
    May 5, 2013
    Posts:
    898
    Well done AVG, Sophos could be better ...
     
  4. Crystal_Lake_Camper

    Crystal_Lake_Camper Registered Member

    Joined:
    Mar 20, 2016
    Posts:
    50
    yes AVG is on the right way :) it is a shame that it slows down the system so much and makes it unstable at some times.
     
  5. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,228
    Location:
    North Texas
    Seems there aren't many Windows 10 tests around...occasionally but that's it. None the less, thanks for posting!
     
  6. kinder2

    kinder2 Registered Member

    Joined:
    Aug 17, 2015
    Posts:
    51
    Why are you congratulating AVG, it is not even near the top of the chart. Do you work for AVG? Kaspersky is the best.
     
  7. entropism

    entropism Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    337
    Not a fan of AVG personally, but since when is 99.5% NOT near the top? Seriously now...
     
  8. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,101
    Because AVG looks that improved a lot.
    Kaspersky and the rest top runners are always on top. There is no reason to mention it.
     
  9. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,919
    I also like that AVG is improving.

    Avira is on top in last tests due to its APC. Nevertheless it rarely has zero rate of false positives.
     
    Last edited: May 18, 2016
  10. Sherlock_Holmes

    Sherlock_Holmes Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,449
    Location:
    Mumbai
    Emsisoft with too much user interaction
     
  11. sirvalence

    sirvalence Registered Member

    Joined:
    Aug 13, 2014
    Posts:
    3
    I recall this being mentioned before, but Panda has been missing for the last few tests. Anybody catch why?
     
  12. zord

    zord Registered Member

    Joined:
    Oct 2, 2009
    Posts:
    45
    This is not Real World Protection Test. This name is misleading...
     
  13. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,958
    Location:
    DC Metro Area
    That's a misnomer and misleading interpretation. The user's Pop-Up from Emisoft typically gives four choices with "Block" or ":Quarantine" in red given as the reccomended course of action in instances where malware has been detcted. It's caused by the particular nature of how EAM EMIS work. In effect, unless the user is blind, can not read, is color blind, or cannot use his/her hands because of a physical handicap, Emisoft detected and blocked 100% of the samples.

    This subject has been discussed previously.
     
    Last edited: May 18, 2016
  14. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    The problem is not whether it blocked 100% samples. The issue is it prompted too much from user.

    PS: I would still prefer prompt rather than a failed detection. However, normal user dont like ( hate) asking the user what to do.
     
  15. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,697
    Location:
    Zagreb, Croatia
    Emsi is working to improve BB automatic decision(s).
     
  16. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,958
    Location:
    DC Metro Area
    Agreed.

    I believe much of it has something to do with the "Exploit Protection"/dropper blocker in EMIS 11.

    The Behavior Blocker in EMIS protects against unknown executables performing potentially malicious actions by alerting the user and giving them the option to allow, block, or quarantine the executable.

    If I recall correctly, the significant number of "User Interventions" seems to be a fairly recent phenonenom starting 2-3 months ago.

    I use EMIS 11 and when this started I become somewhat unnerved until, I believe it was Fabian Warsaw, explained that in such instances the clear recommended course of action is typically "block" or "quarantine."

    Myself, being somewhat brain-dead on subtle technicalities such as WTF a particular file name is, I would prefer it otherwise, but as you say it's preferable to a program such NS which is notorious for deleting safe and often critical files with no choice and no setting that allows a choice.

    Frankly, because of this factor I would prefer to be using KIS, but for some unknown, atypical reason KIS 2016 totally borks my system.

    Overall, my confidence in Emisoft remains very high.
     
    Last edited: May 18, 2016
  17. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    You change EAM/EIS behavior blocker actions as shown in the below screen shot:

    EAM_BB_Options.png
     
  18. Impet

    Impet Registered Member

    Joined:
    May 5, 2013
    Posts:
    898
    What happened to Panda ...
     
  19. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    I like that way :thumb:
     
  20. Sherlock_Holmes

    Sherlock_Holmes Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,449
    Location:
    Mumbai
    I don't have a problem with user intervention , but because of that I can't recommend it to others .

    @itman - won't this reduce the detection of EAM ? or maybe increase FP's ?
     
  21. Yash Khan

    Yash Khan Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    1,837
    Is Emsisoft Signs & Antimalware Network good enough so that on average users system I can set BB option to always allow?
     
  22. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    As far as detection goes, it would only reduce it if the default action was set to "always allow."

    As far as FPs go, setting the default action to "always block", if so added by Emsisoft, would indeed increase the likelihood of FPs. Ditto for the existing "always quarantine" option. This is why Emsisoft has set the default action to "always alert" along with giving a recommended action to perform. This BTW in my experience this has been always to quarantine the process.

    There is an existing way to perform an "always block" action presently. When the alert is display, open the Eset GUI. Select the Protection option. Right click on the running alerted process. Then manually create an always block behavior blocker rule.
     
    Last edited: May 20, 2016
  23. Sherlock_Holmes

    Sherlock_Holmes Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,449
    Location:
    Mumbai
    Thank you for the reply
     
  24. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    There is a lot of confusion regarding the rep scanning and behavior blocking functions in Emsisoft. First, the behavior blocker is activated. Then the rep scanning is activated. Then a decision is made by EAM/EIS as to whether the app is safe and the user alerted as to the result of the decision process only if questionable. In other words, the software is automatically allowed to run if it is deemed safe by both behavior and reputation methods.
     
    Last edited: May 20, 2016
  25. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    I hope to see McAfee make a turn around soon.
     
Loading...