AV-Comparatives AV-Comparatives Real World Protection Test - Feburary - May 2019

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
shmu26 said:
AFAIK the malicious file type would be document_bill.docx.exe
If you did not enable "show file name extensions" you will see only document_bill.docx and that looks safe.
But even if it is truly document_bill.docx it is still dangerous because it might be a weaponized doc.
Click to expand...
It is easy to fool most people by using another trick:
Code: 
document_bill.docx                                                       .exe

The .exe is not visible when there are many spaces between.

Edit.
The cautious user can recognize the trick because in the "Type" column in Windows Explorer the file will be still visible as an application.
 
Last edited:
  • Like
  • Wow
  • Thanks
Reactions: DDE_Server, ForgottenSeer 72227, Dave Russo and 11 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
shmu26 said:
But this thing about scripts silently downloading and attacking your computer -- that's scare stories from the sandbox fanboys, or maybe it's propaganda from some company trying to sell you something.
Click to expand...
I want to qualify this claim a little bit. I read today that both Chrome and Firefox had an actively exploited zero-day this year. In the case of Firefox, it was in fact capable of remote code execution on Windows 7 32 bit, due to a vulnerability in that OS which was not patched at the time.
However, all the vulnerabilities were subsequently patched, and were observed only in targeted attacks. So it is still safe to say that random surfing does not put the average user at a risk of infection.

Regular AV protection is not the best way to defend against attacks of these types. The advanced security solutions are better equipped for that.

But anyways, in real-life terms, it's not a threat. Today's attacks are more and more targeted. If a malcoder worked for months and discovered a million-dollar zero-day exploit, you can be sure he won't waste it on you.
 
Last edited:
  • Like
Reactions: DDE_Server, ForgottenSeer 72227, simmerskool and 6 others
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
shmu26 said:
I want to backtrack on this claim a little bit. I read today that both Chrome and Firefox had an actively exploited zero-day this year. In the case of Firefox, it was in fact capable of remote code execution on Windows 7 32 bit, due to a vulnerability in that OS which was not patched at the time.
However, all the vulnerabilities were subsequently patched, and were observed only in targeted attacks. So it is still safe to say that random surfing does not put the average user at a risk of infection.

Regular AV protection is not the best way to defend against attacks of these types. The advanced security solutions are better equipped for that. But anyways, in real-life terms, it's not a threat.
Click to expand...
After reading your comment yesterday I proceeded to have a dream last night that I got ransomware from a drive by download. Woke up and my system is clean. :ROFLMAO: Though not impossible drive by dls are rare. I’ve been reading too many stories.
 
  • Like
  • HaHa
Reactions: Nevi, DDE_Server, ForgottenSeer 72227 and 6 others
Dave Russo

Dave Russo

Level 22
Verified
Top Poster
Well-known
May 26, 2014
1,149
Eset is still a very good choice,just add voodoshield, with Eset"s low impact and nice firewall plus tweaks its very strong,There are very few of us here at MalwareTips,who do not add layers to our security,the only thing I do not recommend is buying a license from Eset, do to cost{you get the exact same product on e-bay for so much less}A good survey one day would be ,who uses a Internet security program only? I would bet on this site less than10 percent. gl all
 
Last edited:
  • Like
Reactions: Nevi, ForgottenSeer 72227, simmerskool and 5 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Dave Russo said:
Eset is still a very good choice,just add voodoshield, with Eset"s low impact and nice firewall plus tweaks its very strong,There are very few of us here at MalwareTips,who do not add layers to our security,the only thing I do not recommend is buying a license from Eset, do to cost{you get the exact same product on e-bay for so much less}A good survey one day would be ,who uses a Internet security program only? I would bet on this site less than10 percent. gl all
Click to expand...
What in particular do you like about the ESET firewall? Wondering whether it's better than Windows firewall with SysHardener tweaks.
 
  • Like
Reactions: DDE_Server, simmerskool and Andy Ful
Dave Russo

Dave Russo

Level 22
Verified
Top Poster
Well-known
May 26, 2014
1,149
shmu26 said:
What in particular do you like about the ESET firewall? Wondering whether it's better than Windows firewall with SysHardener tweaks.
Click to expand...
Forgive me I am no expert,But Eset is one of the only program who"s firewall passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet } and I like the easy to use options.Windows firewall fails,Kaspersky"s firewall fails,but once again the test may be misleading, so I am only giving a opinion and not a expert gl.
 
Last edited:
  • Like
Reactions: Nevi, ForgottenSeer 72227, oldschool and 7 others
Andrew3000

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
537
Dave Russo said:
Forgive me I am no expert,But Eset is one of the only program who"s firewall passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet } and I like the easy to use options.Windows firewall fails,Kaspersky"s firewall fails,but once again the test may be misleading, so I am only giving a opinion and not a expert gl.
Click to expand...



With kaspersky endpoint fails because it directly blocks the script used for the test, it seems.


215262

215263
 
  • Like
Reactions: Nevi, oldschool, simmerskool and 3 others
Wraith

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
ESET Firewall is one of the best.It offers protection like the corporate firewalls and there are a ton of settings you can use. The FW can stop the common exploits. The Windows Firewall is a good no nonsense firewall which can be customised with tweaks and the outbound connections can be controlled with the help of 3rd party apps. Has Windows 10 increased the Firewall self-protection? In Windows 7, it's extremely easy to disable the inbuilt firewall and it's one of the first things a malware does. Another firewall that I like is the Norton Firewall. It's extremely smart and has the ability to protect against exploits.
 
  • Like
Reactions: Nevi, DDE_Server, ForgottenSeer 72227 and 9 others
harlan4096

harlan4096

Super Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,948
Dave Russo said:
Forgive me I am no expert,But Eset is one of the only program who"s firewall passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet } and I like the easy to use options.Windows firewall fails,Kaspersky"s firewall fails,but once again the test may be misleading, so I am only giving a opinion and not a expert gl.
Click to expand...
This test was already discussed here in the forum about 1 year ago or even more... Kaspersky fails most of the tests because the size of the files are bigger than 1MB, once You download manually and scan it detects all:

Web Anti-Virus settings

help.kaspersky.com help.kaspersky.com

1560961334481.png
Update: in the past there was an option to tweak that size, I can't remember now if still in KES :unsure: :unsure:
 
  • Like
Reactions: Nevi, ForgottenSeer 72227, oldschool and 8 others
Andrew3000

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
537
harlan4096 said:
This test was already discussed here in the forum about 1 year ago or even more... Kaspersky fails most of the tests because the size of the files are bigger than 1MB, once You download manually and scan it detects all:

Web Anti-Virus settings

help.kaspersky.com help.kaspersky.com

Update: in the past there was an option to tweak that size, I can't remember now if still in KES :unsure: :unsure:
Click to expand...

Nope :(

215265
 
  • Like
Reactions: ForgottenSeer 72227, oldschool, roger_m and 2 others
Dave Russo

Dave Russo

Level 22
Verified
Top Poster
Well-known
May 26, 2014
1,149
of the test When I tested Kaspersky, used on wifes machine Kaspersky Total security. I do not know if Firewall is different on Endpoint,but if indeed its blocking the test then that would count as a pass ,but how can someone tell? When I tried symantec endpoint ,it showed one green pass, an then
it blocked the rest of the test. But KTS did finish the test with only1 out of 18 passed
 
  • Like
Reactions: ForgottenSeer 72227, Andy Ful and oldschool
simmerskool

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
Dave Russo said:
... passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet }
Click to expand...

my first time at the fortiguard test. I have a few layers here and ?? what is this test supposed to do or be doing?? appears as if nothing is happening? I see 0/18 as if I failed all tests yet, it also appears as if it never ran at all. no screenshots, no compressed files. all I see on the webpage is "Loading..." and nothing appears to be loading. Am I supposed to defang my security to run their security test? I'll skip it then, or am I missing the point? /sk

TairikuOkami said:
Since it has blocked even running the test, . :giggle:
Click to expand...

me too +1 but not by yandex here.
edit: you got 1 red mark on the otherwise grey circle, not one thing changed here??
 
  • Like
Reactions: Dave Russo, Andy Ful and oldschool

Similar threads

Gandalf_The_Grey
    • Like
    • Thanks
    • Wow
AV-Comparatives Advanced Threat Protection (ATP) Test 2024
Replies
0
Views
635
Security Statistics and Reports
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Hundred Points
    • Applause
AV-Comparatives Fake-Shops Detection Test November 2024
Replies
2
Views
344
Security Statistics and Reports
Vitali Ortzi
Vitali Ortzi
Spartan
    • Like
    • Thanks
AV-Comparatives AV-Comparatives - Real World Protection Test Feb-May 2024
Replies
32
Views
3,294
Security Statistics and Reports
mlnevese
mlnevese

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top