AV-Comparatives: Real-World Protection Test – May 2018

[Sephiroth Source]

I saw this one today: The best antivirus software in 2018 based on three security tests

Of the tested solutions, only 7 have reached 100%: Bitdefender, Comodo, Emsisoft, Norton, SecureAPlus, Sophos and ZoneAlarm. I wonder why VoodooShield lost a sample even using VT. Another detail: the Windows Defender that was the first in the other test was the last one here.

 

[ForgottenSeer 58943]

Of the tested solutions, only 7 have reached 100%: Bitdefender, Comodo, Emsisoft, Norton, SecureAPlus, Sophos and ZoneAlarm. I wonder why VoodooShield lost a sample even using VT. Another detail: the Windows Defender that was the first in the other test was the last one here.

If VoodooShield was running Always-On/Aggressive it would have not missed that. As explained here;

Yeah, we missed one... AVLab tested VS in AutoPilot mode. If VS would have been ON during the test, it certainly would have blocked that file. It is kinda funny... AVLab emailed everyone the test results and they explained to me that they tested VS on AutoPilot mode because our User Guide says "Antivirus testing labs should run VoodooShield in AutoPilot mode when testing VoodooShield with traditional antivirus methodologies, since this mode emulates as closely as possible traditional antivirus." And that is perfectly cool with me... it just further demonstrates that the computer should be locked when it is at risk

.

AutoPilot mode is an allow-by-default mode, and if we are going to be tested along side other allow-by-default products, it is only fair that VS is tested in AutoPilot mode, otherwise we are not comparing apples to apples. Besides, if they were to have tested VS in Smart or Always ON mode, it would have been boring and we would not have learned anything new. Now, if someone was going to perform a deny-by-default product test, Smart Mode or Always ON would make more sense.

What is interesting is this... when VS is on AutoPilot, it will block any and all blacklist unknowns automatically (without question), and it will also block any file that has 5+ detections from the 65+ engines. And actually, 5 is not an absolute number because it also depends on VS's false positive detection feature. If even a single blacklist detection is found in an engine that VS believes to not be a false positive, it will be blocked. Also, VoodooAi missed the file as well, because when VS is on AutoPilot, if the VoodooAi result is greater than 50, it will be automatically blocked.

There will always be bypasses in non-locking, allow-by-default products, there is no way around it. Locking the computer full time is not the answer either. And sandboxing is great for security geeks, but not so great for the other 99%... for a lot of reasons that I have talked about before.

In other words, install your favorite effective AV product and also lock your computer when it is at risk with VoodooShield

 

[Sephiroth Source]

If VoodooShield was running Always-On/Aggressive it would have not missed that. As explained here;

Perfectly explained, thank you!

 

[roger_m]

Tencent best antivirus??????????????

They have consistently, been scoring very highly lately.

 

[Deleted Member 3a5v73x]

Note: During May testing, Panda’s protection rate fell below its usual standard. After the test, when we provided Panda with the relevant test data, they discovered a bug in their products caused by a recent update. This meant that some few malware samples were reported in the logs, but not blocked or warned about. Panda rapidly fixed the bug, and Panda products now protect fully against all their missed test cases.

What makes this interesting is they fixed it through regular "cloud sync" without having a need to update software itself. I've seen it other way around when samples were blocked, but warnings didn't show up nor reported in the logs. I think they partially repaired Safe Browsing module too few days back with "cloud sync", but sadly it's not fully working yet, suspicious websites aren't reported and whitelisted ones still show up in blocked counter. It's full around with small annoying bugs, once they are worked out, Panda Dome will be a good suite to use. Nothing was changing months because regular users aren't reporting non-working things, in fact, when you purchase something, you expect to recieve product in 99% working condition, not the case with Panda Dome product line-up.

 

[Kuttz]

Tencent best antivirus??????????????

According to AV-Comparatives:

We would like to point out that while some products may sometimes be able to reach 100% protection rates in a test, it does not mean that these products will always protect against all threats on the web. It just means that they were able to block 100% of the widespread malicious samples used in a test.

 

[Kuttz]

According to the chart McAfee now better than ESET and the poorest AV is Panda!

 

[ForgottenSeer 58943]

According to the chart McAfee now better than ESET and the poorest AV is Panda!

 

[Deleted member 178]

If all products were tested with max settings, they all would surely score higher, but Average Joe doesn't use max settings.

 

[cruelsister]

Don't even bother to consider this test. They want you to believe that the products tested against URL malware (which is all they ran against- 227 samples) would have the same validity (equal detection rates) against malware that could be run from other areas like email downloads, USB etc.

You want to test in the MOST GENERAL circumstance (like wherever malware can arise) instead of a specific area (like downloaded malware only which was used in this test) before you make pronouncements like "Our Real-World Protection Test is currently the most comprehensive and complex test available, using a large number of test cases". Do they think we are without minds that can think?

And obviously they have never watched any of my videos (this report is really a new low and anyone that is familiar with Logic would immediately see how totally absurd it is. AV-C should be embarrassed).

 

[Mahesh Sudula]

Virus Scanning on hashes is a different subject to that from Real World Malware Attacks -- Dr WEB
Note: Any Security application (Kernel/ Software) protects you until they DIE (Most likely to happen in few years). Moreover they are
to be used in tandom with the user. NO AV CAN REPLACE USER ENTIRELY

 

[cruelsister]

I was remiss! For those that never took Symbolic Logic:

Opehlia is a Cat
Opehlia has Blue Eyes
Therefore All Cats have Blue Eyes

AV-C used 227 URL malware samples
Product X protected against all 227 samples
Therefore Product X is good against All Malware

 

[stefanos]

According to AV-Comparatives:

The problem is many people are looking the reviews from sites like pcmag,TechRadar,techadvisor,AV-TEST etc to choose their protection. With these results published, I would choose Avira or Tencent, because Panda , Mcafee, Eset Kaspersky are weak products. Sorry for my english is not good

 

[212eta]

Microsoft was better than Kaspersky ?

Yeap...

 

[Dave Russo]

I saw this one today: The best antivirus software in 2018 based on three security tests

Thanks worth the look

 

[Evjl's Rain]

Thanks worth the look

this test looks good but they are always always bias towards arcabit