AV-Comparatives: Real-World Protection Test - April 2017

Discussion in 'other anti-virus software' started by anon, May 15, 2017.

  1. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,221
    Location:
    USA
    What's the deal with Emsisoft? If they use Bitdefender signatures then why do they always lag far behind bitdefender on signature detection before their Behavior Blocker has to kick in. Is Bitdefender cheating them on their signatures?
     
  2. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    2,982
    Location:
    DC Metro Area
    Emsisoft uses the Bitdefender Engine, in combination with it's own anti-malware engine, only for on-demand scanning.The scanners have been integrated at the lowest level in order to avoid unnecessary duplicate detections for the same malware.

    https://support.emsisoft.com/topic/16558-question-about-the-bitdefender-engine/#comment-128178

    Found in thread Titled: "Question about the Bitdefender engine."

    https://support.emsisoft.com/topic/16558-question-about-the-bitdefender-engine/#comment-128178
     
    Last edited: May 17, 2017
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,491
    Location:
    The Netherlands
    Win SmartScreen is also available on Win 7 and 8 AFAIK. The cloud features from WD is indeed only available on Win 10. So maybe that's why MRG disabled it? That still isn't clear to me.

    Where do you see me getting personal? It's just funny to me that when results are good, the test is all of a sudden not disputed. Nobody seems to care about Win SS anymore.
     
  4. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,093
    Location:
    Germany
    Bitdefender is probably blocking those samples with their webfilter in their own product, so they won't even download, and we cannot see if the sample would have been missed by their on-access scanner. Emsisoft's webfilter on the other hand may be significantly weaker, thus putting more emphasis on signatures and their behavior blocker.
     
  5. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,471
    I think you missed this
    Don't you agree?
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,221
    Location:
    USA
    Ok, I forgot about Emsisoft's web filter difference. Does Emsisoft still not scan http traffic for malware? That's why I chose not to use them a few years ago after they stopped supporting Online Armor. I'm surprised if they still don't scan http traffic.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,221
    Location:
    USA
    Ok, I see. I think Emsisoft should scan http traffic for malware. I think that is the difference in test results.
     
  8. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    2,982
    Location:
    DC Metro Area
    Scanning https seems to be a double-edged sword with arguments on either side - both respecting security and privacy.

    This month's results for Emsisoft are an abberation -- it typically blocks/detects 100%.

    True, many are user dependent, but that has never bothered me. The choice is usually a "no-brainer."

    I have a very high degree of confidence in Emsisoft's behavior blocker.

    EMIS also has a kick-azz firewall -- my PC has never caught fire even during the severest of thunderstorms :) Just kidding -- it has some usefull options for asking about outgoing communications and privacy threat connections on websites. It's heritage is the robust engine that powered Online Armor, but it utilizes a simpler, friendlier UI that’s intelligent enough to keep the number of alerts it throws at you to a minimum while giving you the option of keeping you informed as unknown programs attempt to access the internet.
     
    Last edited: May 17, 2017
  9. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,846
    Location:
    Europe then Asia
    SS in Win7 is only via IE, not system wide. big difference. it is why Win10 isn't Win7+MSE

    i saw it, i agree with the part you mention but what about malicious urls/exploits submitted in the test? WDSC has nothing to detect them except via SS.

    Anyway we can't talk about WD or SS alone anymore, now in Win10 CU it is WD Security Center (with both integrated in it).
     
    Last edited: May 17, 2017
  10. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,093
    Location:
    Germany
    You neither have to scan traffic nor do you have to detect anything at all, if you can block the hosting service from which the malware is downloaded; at least in this test, I suppose. Bitdefender probably has a more extensive and up-to-date URL blacklist than Emsisoft.
     
  11. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,833
    Location:
    Innsbruck (Austria)
    Bitdefender has Active Virus Control (sort of behavior analysis) which appears to be quite effective. It is not the URL blocker making the difference.
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,221
    Location:
    USA
    I just prefer blocking threats as early as possible.
    I only commented on their low signature detection in comparison to Bitdefender, and Emsisoft uses Bitdefender signature database so I wanted to understand why there is such a big difference in signature detection.

    I like their behavior blocker also. I think it's the best feature of their suite. I wish Eset had something very similar.

    It's heritage is not the Online Armor firewall engine. Emsisoft firewall was started from scratch. I tested it before it was even alpha stage . It did not even have a GUI yet. I'm glad you are happy with the firewall. I hope it continues to improve.
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,221
    Location:
    USA
    I thought Bitdefender had a great behavior blocker after watching some videos on Youtube of different people testing it against Malware packs, and infected links. I wish Eset would develop a behavior blocker, but they are obsessed with 0 to extremely low false positives. I suggested they could leave the behavior blocker disabled by default so it would not affect them in test results like AV-Comparatives.
     
  14. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,846
    Location:
    Europe then Asia
    just some part of its code come from OA.
     
  15. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,293
    Location:
    USA
    Nothing wrong with that. False positives have caused me more problems over the years than malware has.
     
  16. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,846
    Location:
    Europe then Asia
    They have an HIPS already (ok a poorly made HIPS but still an HIPS)
     
  17. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,221
    Location:
    USA
    As I already stated, they don't have to have the Behavior blocker enabled by default. They could prevent any false positives with that simple approach.
     
  18. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,221
    Location:
    USA
    Yes, I use it in Smart Mode. I had way too many problems out of Interactive Mode, and Policy Based Mode. I posted about them over at Eset forum, but I never was able to resolve the problems I ran into with Interactive, and Policy Based Mode.
     
  19. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,846
    Location:
    Europe then Asia
    I don't know the current version, but i remember in the one i used years ago, Policy Mode (or maybe the other) allowed by default while Interactive bring a storm of prompts...ridiculous...
     
  20. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    464
    I believe you are referring to automatic mode.
     
  21. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    3,846
    Location:
    Europe then Asia
    yes this one.
     
Loading...