AV-Comparatives AV-Comparatives - Real-World Protection Test February-May 2020

[Andy Ful]

Just for reference I admin about 10 family members who are concerned about security because they don't understand information technology and malware threats.

I think they qualify for average illeterate pc users and I know for sure that they don't install applications. The only softeare they might install are browser extensions and some (say 1 or 2) have once installed an app from the Windows apps store.

So I am really interested in what real world scenarios average pc users install software.

The reason I am so 100 percent sure about those average pc users not installing software is the fact that I have afded a deny execute ACL for Everyone to the downloads folder and told them when they ever ran into a problem to call me. This to prevent click happy PC users to unintentionally install software

With configure defender on high and simple windows hardening (and the deny execute ACL on downloads) no one has ever phoned me having trouble installing software simply because they don't

Is my experience with those 10 family members so extraordinary that @Andy Ful labels them as non standard/a everage PC users?

Hmm. I am not sure what was the meaning of "non standard/average PC users" without more context. There is no widely accepted definition of the average user, so a few months ago I used something like below:
" Let's assume that average computer users are those who use Windows 10 and native security (Windows Defender + Edge Chromium) with the preference of apps from Microsoft Store. Of course, some apps have to be installed by more experienced users. "

 

[Lenny_Fox]

@Andy Ful

Well that definition nails what i tried to explain. In that context (maybe installing extensions from Google store and apps from Windows store) when they don't install software by themselves, what is the relevance of False Positives in regard to downloaded (executable files).

Since Microsoft started co-signing drivers, I never have had any false positives of hardware related drivers. Some monitoring and management software of hardware vendors is not signed, but inmy experience blocking them due to false positives isues with Windows Defender on Max, does not seem to cause any problems.

As posted earlier my girlfriend's laptop and my PC have WD on Max for nearly two years now. The only reason I run WD on High for my relatives is your warning it could cause FP's on vendors software.

The only FP's which might interfer with average user experience are FP blocks on URL's. This might cause users to delay purchases or websites visits, how damaging is that? Near zero IMO, so I repeate my earlier statement FP's are not (very)relevant to average PC users.

 

[Andy Ful]

@Andy Ful
...
so I repeate my earlier statement FP's are not (very)relevant to average PC users.

I think that the situation can be different for the young average young (games, mods, cracks, etc.).

 

[Andy Ful]

I think that it is relatively easy to protect adult users (middle age + ). They usually have established interests and use computers for simple things. So one can install a fresh Windows and a bunch of popular & reputable applications to cover their needs. Next one can tweak the AV to be more aggressive or harden the system. There will be no problem with false positives.
But still, many users (also adults) like to install the new applications for fun, curiosity, advised by a friend, etc. The false positives will be important for them.

 

[Lenny_Fox]

I think that it is relatively easy to protect adult users (middle age + ). They usually have established interests and use computers for simple things.

You are right, the relatives are uncles and aunts all over 60.

My younger brother used to game and try a lot of software. Recently he seems to focus on two games and seem to have lost the urge to try and install a lot of software.

But he always shut down the antivirus when he could not install something. When we were still using our fathers PC, I can remember my father yelling at my brother (after yet another infection) "Why did you disable the antivirus?" My brother's response "I thought it was okay, my friends said it was a false positive, their antivirus did not block the program".

 

[The Ordynary]

as always kaspersky, Avira, and Bitdefender at the top, engines constantly at the top of the tests, it is undeniable that they are the top 3 in the market,

 

[Andy Ful]

as always kaspersky, Avira, and Bitdefender at the top, engines constantly at the top of the tests, it is undeniable that they are the top 3 in the market,

In fact, the Kaspersky scoring was 4, Avira 9, and Bitdefender 12 among 17 AVs. This test is not a good example to show that they are the top 3 AVs in the market (even if it would be true). Of course, this scoring does not include the fact that Kaspersky, Avira, Bitdefender, and Eset have the lowest number of false positives.

 

[The Ordynary]

In fact, the Kaspersky scoring was 4, Avira 9, and Bitdefender 12 among 17 AVs. This test is not a good example to show that they are the top 3 AVs in the market (even if it would be true). Of course, this scoring does not include the fact that Kaspersky, Avira, Bitdefender, and Eset have the lowest number of false positives.

both in tests and in real life, they are the 3 main detection mechanisms today, they are constantly at the top, they are excellent, with a slight disadvantage of the bitdefende mechanism.

 

[Andy Ful]

... they are constantly at the top ...

Your post can be misguiding for the readers when compared to the malware detection scorings. You have made the statement that does not follow from the test results (AV-Comparatives tests). When we take the AV-Comparatives Real-world malware detection results from this year (February-May and July-August), there were three AVs constantly at the top: F-Secure, TrendMicro, and Panda. TrendMicro and F-Secure are also constantly at the top in AV-Test tests (February-April-June, Panda does not participate in these tests).
So, these Real-world malware detection results cannot be taken as an example of your statement.

Of course, these results do not prove that Avira, Bitdefender, or Kaspersky cannot be the top AVs, especially when we include the results of false positives and some other tests.

 

[Soulbound]

Your post can be misguiding for the readers when compared to the malware detection scorings. You have made the statement that does not follow from the test results (AV-Comparatives tests). When we take the AV-Comparatives Real-world malware detection results from this year (February-May and July-August), there were three AVs constantly at the top: F-Secure, TrendMicro, and Panda. TrendMicro and F-Secure are also constantly at the top in AV-Test tests (February-April-June, Panda does not participate in these tests).
So, these Real-world malware detection results cannot be taken as an example of your statement.

Of course, these results do not prove that Avira, Bitdefender, or Kaspersky cannot be the top AVs, especially when we include the results of false positives and some other tests.

Agreed that such post can be misguiding.

Response from Andy is however clear and constructive

 

[Cortex]

I'm over 60 & certainly do not do simple things on PC's & other units & don't think I ever have, in my experience lots my age do stay on the safe side but not all - Generalisation can be counter productive - Surely posts on here are opinions, I would have thought a large amount of posts are of widely different in regards as to AV's, PC setup etc - Most AV's in comparatives are half decent, I don't get the misguiding idea at all.