AV Test vs Real Scan result

Discussion in 'other anti-virus software' started by Pandora Box, Dec 31, 2013.

Thread Status:
Not open for further replies.
  1. Pandora Box

    Pandora Box Registered Member

    Joined:
    Dec 6, 2013
    Posts:
    25
    Location:
    In a doghouse
    I'd like to know which do you believe between
    Real Antiviruses scanning test results review(Screenshots, VDOs)
    vs
    AV Test?
    or
    none of them by your own double click>>install>>tada!!(clean/infected).

    I've been experience with my Avs testing scan their virus detecting results
    are very opposite from Av Test. I've my own test results
    from my own suspicious files collections about 300(Today 400).
    Their results are all gone very weird & I'm not courage enough
    to show it to public either because the reality result is too harsh..... to reveal.
     
  2. Inside Out

    Inside Out Registered Member

    Joined:
    Sep 17, 2013
    Posts:
    421
    Location:
    Pangea
    Depends on the pack.
     
  3. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,071
    Location:
    Germany
    @Pandora Box

    Did you execute the file samples or did you just scan them on demand?

    A lot of detection or protection methods only work upon execution, for example
    • Behavioral analysis
      EAM, Kaspersky System Watcher component, Bitdefender Active Virus Control + B-Have and more
    • Deeper Heuristics
      Other programs apply deeper heuristics on execution than on demand scanning.
    • File Reputation
      Then there are file reputation approaches, like in Avast or Norton, which have zero effect in on demand scanning. Some of them even only kick in if the files get on the pc through threat-gate applications like browsers, e-mail programs and removable media. KIS 2014's Trusted Applications Mode will block all files from executing which haven't been whitelisted.
     
  4. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    The real test would be to see the percentage of infected computers using any particular product. This information is not available. Allegations have been made, and I believe it is likely, that some AV vendors are putting a lot of effort into anticipating what samples will be in an upcoming test. This "teaching for the test" to the extent it is happening, would tend to invalidate a lot of testing.
     
  5. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    microsoft use such statistics from PCs with info gathered from update sessions
     
  6. spywar

    spywar Registered Member

    Joined:
    Oct 23, 2012
    Posts:
    583
    Location:
    Paris
    300 suspicious files ? You must make sure to use only malicious files, testing organisation don't deal with susp files...
     
  7. Inside Out

    Inside Out Registered Member

    Joined:
    Sep 17, 2013
    Posts:
    421
    Location:
    Pangea
    This.
     
  8. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    I believe that to be correct to the extent the malware is covered by the monthly malware removal tool, but we don't have access to that.
     
  9. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Even that can be misleading,the risk-level of users can differ greatly.

    It's quite difficult to get a true,Real-World comparison of products,the current testing methodology isn't perfect,but it's hard to envisage a more accurate way.
     
  10. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I know what you probably meant, but what you really want is the percentage of those computers with a particular product that are infected. Example: the percentage of infected computers that use Jake's Most Awesome Antivirus is exactly 0%, but that doesn't mean that Jake's Most Awesome Antivirus is an effective product.
     
    Last edited: Jan 4, 2014
  11. DaZa9

    DaZa9 Registered Member

    Joined:
    Jan 4, 2014
    Posts:
    22
    Any antivirus can protect you if you're not looking for trouble.
     
  12. dansorin

    dansorin Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    233
    Location:
    EU
    not true at all. you can get infected just by visiting a legitimate site.
     
  13. DaZa9

    DaZa9 Registered Member

    Joined:
    Jan 4, 2014
    Posts:
    22
    Really? so wilder security is legitimate, then am I infected now?
     
  14. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,250
    That's a rather pointless argument, it was stated that you can get infected from legitimate websites, not that you will.

    In any case I feel quite safe visiting any website with zero protection.
     
    Last edited: Jan 6, 2014
  15. dansorin

    dansorin Registered Member

    Joined:
    Feb 27, 2009
    Posts:
    233
    Location:
    EU
    a good example of such a possibility is the recent Yahoo ad targeted attack.
     
  16. Inside Out

    Inside Out Registered Member

    Joined:
    Sep 17, 2013
    Posts:
    421
    Location:
    Pangea
    IMO the infection rate for all computers running a particular reasonably-popular AV usually tells more about its effectiveness than most lab tests. One would think N***** (which is meant to be good now) and especially M***** were amazing at one point in early noughties at least given the test results, but even then lots of users complained about their detection rate and other AVs easily finding malware those two couldn't.

    There can still be exceptions, though. If an AV is considered so buggy users quickly give up on it, that means it won't even have had the chance to "fail". Or if the issues are hard to notice at times but they still cripple its effectiveness (like modules sometimes shutting themselves down without notice, faulty and overdone fingerprinting/whitelisting etc.), it's still nothing positive but for a different reason from inherently poor detection.
     
    Last edited: Jan 6, 2014
  17. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I don't think we disagree. My point is that the right percentage to use is (number of computers with Product X that are infected) / (number of computers that use Product X), not (number of computers with Product X that are infected) / (number of computers with any AV product that are infected).
     
  18. FreddyFreeloader

    FreddyFreeloader Registered Member

    Joined:
    Jul 23, 2013
    Posts:
    527
    Location:
    Tejas
     
Loading...
Thread Status:
Not open for further replies.