AV-Comparatives Real-World Test April 2015

Discussion in 'other anti-virus software' started by c2d, May 13, 2015.

  1. c2d

    c2d Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    570
    Location:
    Bosnia
    Last edited by a moderator: May 13, 2015
  2. Spokesman

    Spokesman Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    383
    Location:
    Belgium
    I cannot acces the website ? i have a white screen with these words :

    Your access to this site has been limited
    Your access to this service has been temporarily limited. Please try again in a few minutes. (HTTP response code 503)

    Reason: Exceeded the maximum number of 404 requests per minute for a known security vulnerability.

    Important note for site admins: If you are the administrator of this website note that your access has been limited because you broke one of the Wordfence firewall rules. The reason you access was limited is: "Exceeded the maximum number of 404 requests per minute for a known security vulnerability.".

    If this is a false positive, meaning that your access to your own site has been limited incorrectly, then you will need to regain access to your site, go to the Wordfence "options" page, go to the section for Firewall Rules and disable the rule that caused you to be blocked. For example, if you were blocked because it was detected that you are a fake Google crawler, then disable the rule that blocks fake google crawlers. Or if you were blocked because you were accessing your site too quickly, then increase the number of accesses allowed per minute.

    If you're still having trouble, then simply disable the Wordfence firewall and you will still benefit from the other security features that Wordfence provides.

    If you are a site administrator and have been accidentally locked out, please enter your email in the box below and click "Send". If the email address you enter belongs to a known site administrator or someone set to receive Wordfence alerts, we will send you an email to help you regain access.
    --------------------------------------
    I do have acces to the pdf-file
    Anyone from av-c that can explain this ?
     
  3. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
  4. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,741
    Location:
    New York City
    Panda Free outperformed almost all the paid products.
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,087
    Usual players on top, a lot of FPs from Trend Micro.

    ... and no Quihoo ...
     
  6. Spokesman

    Spokesman Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    383
    Location:
    Belgium
  7. Spokesman

    Spokesman Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    383
    Location:
    Belgium
    But tencent is still there ?

    Again good results Avira, Bitdefender ..
     
    Last edited: May 13, 2015
  8. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,228
    Location:
    North Texas
    Thanks c2d for posting.
     
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Winners for April were Avira, Bitdefender, and Panda

    Winners for most FPs were Trend and F-Secure :thumbd:
     
  10. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    Avira is doing extremely well lately :thumb:
     
  11. hamlet

    hamlet Registered Member

    Joined:
    May 10, 2005
    Posts:
    201
    The false positive numbers look a little different this time. Only ESET had no false positives and several others had one. Usually, it seems like there are a handful with zero. Having said that, I don't know if those numbers mean anything significant. I really don't put much weight on the false positive numbers. I think I have only had one or two false positives in the past 15 years with all the different products I have tried. The detection/blocking numbers are more meaningful to me.
     
    Last edited: May 13, 2015
  12. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    as i always said i saw lots of fp's from trend. one of the reasons i dont use it. someone always said to me i was crazy but this is more like what i saw when i ran it. we are starting to see a number of 100% scores. makes me wonder are the av's getting that good or do the tests need to be harder...
     
  13. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,937
    Location:
    London On
    Good Evening! Many Thanks for the update c2d! Sincerely...Securon
     
  14. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,718
    Results are pretty much similar to the ones in the March fact-sheet.

    http://www.av-comparatives.org/wp-content/uploads/2015/04/avc_factsheet2015_03.pdf

    A few quick observations based on comparing the 2:

    1. Avira, BD and Panda remained consistent with high protection rates, only having increased by 1 FP each.
    2. Eset remained with 0 FP.
    3. F-Secure and Trend Micro still has high FP rates.
    4. BullGuard and Quick Heal are still heavily user dependent.
    5. Emsisoft has increased in user dependence and FP rate.
     
    Last edited by a moderator: May 14, 2015
  15. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,101
  16. StillBorn

    StillBorn Registered Member

    Joined:
    Nov 19, 2014
    Posts:
    162
    anon's enclosed linked chart above appears to be listing the vendors in a ranking order of performance ("Duh"... never mind). In which case, Emsisoft sure is taking a beating on the "user dependent" factor. Five vendors showing red, an outright system "compromised," listed in order of detection performance over and above Emsisoft? Never mind F-Secure with 33 false positives listed as shown superior to EAM. Apparently I missed the "listed in no particular order" shticker.
     
    Last edited: May 14, 2015
  17. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Is Panda tested with the URL blocking toolbar or without it?
     
  18. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    with it
     
  19. StillBorn

    StillBorn Registered Member

    Joined:
    Nov 19, 2014
    Posts:
    162
    Previous fiascos addressing default issues aside, it's a safe assumption that the default settings were used unless otherwise requested by the vendor and explicitly published accordingly by AV-Comparatives.

    Edit: As I was typing this out, IBK quicker on the uptake than I was to reply. All things considered... :isay:
     
    Last edited: May 14, 2015
  20. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,016
    Impressive, indeed. :thumb:
     
  21. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    786
    Fully agree with you, it seems that Emsisoft is being punished for leaving some minor aspects of its behavior blocker in the hands of the user.
    In normal usage, the behavior blocker will almost all the time whitelist good software and block or recommend to quarantine bad/suspicious files.

    http://www.emsisoft.com/tl_files/images/screens/eam/en/alert_pup.png

    It isnt fair this "penality" and I almost sure that the false positives came from the Surf Protection.

    Emsisoft Surf Protection doesnt slowdown or make browser vulnerable to FREAK and similar attacks, I can totally live with occasional domain false positives.

    In my opinion AV Comparatives really needs to adress this situation, because it simple doesnt reflect reality.


    https://blog.hboeck.de/archives/869...irus-software-lowers-your-HTTPS-security.html
     
  22. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    787
    Location:
    Germany
    They are. We discussed this with AV-C already. Bottom line is, we block based on domain names and IP addresses. We are aware that this approach is a bit coarse, but it is the only approach, that:
    • Maintains the user's privacy as it does not snoop around in user traffic.
    • Does work with encrypted connections without breaking the encryption or removing any of the security guarantees provided by the connection.
    • Works across all browsers.
    In the past AV-C accepted domain and IP based blocks on non-malicious URLs, if the AV was able to proof that the same server/domain was hosting malicious files as well. Unfortunately some vendors tried to gamble that system so they stopped accepting these types of disputes.

    Personally I completely get their reasoning and if I was put into that position, I would have likely done the same. Still kind of sucks for us though.
     
  23. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,697
    Location:
    Zagreb, Croatia
    We all know that Emsi kicks ~ Snipped as per TOS ~ too....no matter how they test.
    :thumb:
     
    Last edited by a moderator: May 14, 2015
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,052
    Location:
    USA
    False positives have caused me more problems than malware over the years. I just uninstaled NS because it was deleting a file I was trying to download. No warning, no choice, nothing. It was just not there. I thought they were past that. Anyway, when a product delets a system file and makes your machine unbootable, that's when you appreciate a lack of false positives.
     
  25. Rohugh

    Rohugh Registered Member

    Joined:
    Apr 6, 2014
    Posts:
    56
    It is good to see Avast moving up towards the top again. :)
     
Loading...