AVLab-JULY 2013

Discussion in 'other anti-virus software' started by luckyboy, Aug 2, 2013.

Thread Status:
Not open for further replies.
  1. luckyboy

    luckyboy Registered Member

    Joined:
    Mar 28, 2013
    Posts:
    49
    Location:
    България
  2. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    1,786
    Norton and Eset really bad.. AVG is the far to bad:thumbd: :thumbd:
     
  3. luckyboy

    luckyboy Registered Member

    Joined:
    Mar 28, 2013
    Posts:
    49
    Location:
    България
    What about Emsi - 62%:argh: :argh: :argh: C'mon!
     
  4. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    They test only 40 samples a day. How they decide which 40 to choose?
     
  5. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Can somebody translate their methodology? Cause the results doesn't make sense.
     
  6. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,101
    Documents to download

    http://avlab.pl/page/dokumenty_do_pobrania

    General information [ download ] - This document describes general information about the testing, the methodology used to perform them, and the algorithm for the general information you should refer to anyone interested in testing anti-virus programs. Against drawing any conclusions from various tests, please refer to the document directly connected to it.

    Antivirus Lab methodology [ download ] - This document contains information on laboratory Antivirus (LabAV), principle of operation and the methodology applied. We advise you read this document to understand the actions LabAV.
     
  7. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Never heard of "AVLab" before so I'm not sure what to think about this :doubt:
     
  8. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    787
    Location:
    Germany
    From what I can decipher using Google Translate is that they get 20 URLs and 20 Malware Samples from malware.pl (which seems to be related to scumware.org, which seems to use data provided by PreBytes.pl who sell their URL and sample feeds to AV companies, meaning you could potentially buy 100% detection in that test) every day and just throw them at a given product.

    Personally the methodology sounds a bit odd. As instead of using just 40 URL and testing all protection layers, they seem to divide the detection into URL blocking only and real-time protection only. That is a bit odd, because even though you would have detected the 20 samples you downloaded from that URLs, you will end up with 20 misses unless you specifically block the URL.

    That being said, Google Translate isn't reliable. So I could be completely wrong. I am sure someone who knows Polish will be able to shed some more light on this :).
     
  9. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    I'm not buying that Emsisoft result lol.
     
  10. spywar

    spywar Registered Member

    Joined:
    Oct 23, 2012
    Posts:
    583
    Location:
    Paris
    What? from malware.pl ? :argh: :argh: :argh: byebye...
     
  11. avlab

    avlab Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    20
    Location:
    Poland
    Hi guys!

    malware.pl is the Polish equivalent scumware.org just as kaspersky.com / kaspersky.pl

    The results of programs are counted as the average of the result in real-time + Malicious URL / 2
    http://avlab.pl/page/laboratorium_antywirusowe_podsumowanie_lipiec_2013
    in polish (Wyniki programów są liczone jako średnia z uzyskanego wyniku z testów Real-Time + Malicious URL / 2:)

    Result Comodo in test realtime: http://avlab.pl/page/wykresy_labav
    the last comapare (mounthly) [Porównanie - wg miesiąca:]

    Porównanie - ostatnie 30 dni: = last 30 days; example 25 may to 25 june

    Porównanie - ostatnie 7 dni: = comaprision last 7 days

    -----------

    in july (7/2013) :

    real time 100%
    malicious url (malicious code + phishing!): 9%

    (100%+ 9%) / 2 = 54,5% = 55%

    ------
    Emsi IS 8 in july
    real - time: 100%
    malicious url (malicious code + phishing): 24%

    124%/2 = 62% <--- result --- > http://avlab.pl/page/laboratorium_antywirusowe_podsumowanie_lipiec_2013
     
    Last edited: Aug 2, 2013
  12. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    401
    Location:
    Australia
    Emsisoft result not representative...should be somewhere near Bitdefender.

    But good work Avast.

    I've said it before...As a stand-alone AV against integrated Security Sweets [LOL] Avast holds it own and does a very creditable job.... not in the same league as the big boys [KIS] but a very good partner in a combo for a spare computer.

    -cheers,
    feandur
     
  13. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,697
    Location:
    Zagreb, Croatia
    avlab,
    can you share Comodo's real time score?
     
  14. avlab

    avlab Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    20
    Location:
    Poland
    I do not understand, what exactly?
     
  15. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    787
    Location:
    Germany
    He already did. The first results are for Comodo.
     
  16. avlab

    avlab Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    20
    Location:
    Poland
    AVLab is non-commercial. No any vendors anti-virus does not affect the test result. We wanted to grant certificates for the results, so we combined the two tests for certification. Therefore, the results at first glance are strange to most people. Please understand us.
     
  17. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,561

    Yeah, And I'm not buying the CIS results either.
     
  18. spywar

    spywar Registered Member

    Joined:
    Oct 23, 2012
    Posts:
    583
    Location:
    Paris
    So the lack of webshield is the issue thank you avlab, but of course no executions were done ? Have you checked samples gathered from scumware ? Have you checked their dates as well ?
     
  19. avlab

    avlab Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    20
    Location:
    Poland
    Not only our tests confirm the poor results in tests for Comodo internet security. Look for phishing test http://avlab.pl/files/others/arts/135/test_antyphishingowy.pdf

    Such access can have only vendors AV. But we can in the future to develop also access to users.

    It should be remembered that such phishing sites have "little life" and after a few hours of the test might not work. Then, users will grumble why antivirus failed the test and the site does not work.

    Samples are checks by malware.pl and then sending for us, but does it automatic. Then, our scripts again checked samples. Every day we get hundreds of samples. At every night are prepared samples. Also, the occurrence of false positive is virtually impossible.

    To prevent FP we start the test from the most infected files and web pages. Of the hundreds samples we tested 20 files and links every day, but we starting from the most infected.
     
  20. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    20 links and 20 files is a tiny! sample set, to small in my opinion to judge any products. Are you actually executing these samples?
     
  21. spywar

    spywar Registered Member

    Joined:
    Oct 23, 2012
    Posts:
    583
    Location:
    Paris
    No they are not, afaik he/she did not tell me if yes or not, but I don't think at all.
     
  22. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    That makes this test even more questionable.
     
  23. avlab

    avlab Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    20
    Location:
    Poland
    We disagree. 40 samples but every day. In months gives to 1200. We try to reproduce reality. Situation when the user encounters the thousands of infected files is questionable. We test on a small number of files, but steadily.
    You can disagree. We do not have the infrastructure or money as professional testing organizations. Nobody not pay us for it so all day testing is not an option. We have school, work, personal life, etc..
     
  24. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    Do you execute the samples?
     
  25. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    yes I agree, this is questionable

    but congrats to forticlient :D
     
Loading...
Thread Status:
Not open for further replies.