AVLab ransomware test/October 2016 (1st. test for Voodoshield)

[hamo]

AVLab ransomware test
October 2016

All products tested with default settings

The best +++

=====================================================
Best ++
Avast Internet Security 2016
Avira Internet Security Suite
Bitdefender Antivirus Free Edition
Bitdefender Internet Security 2017
Dr. Web Space Security
ESET Smart Security 10 (BETA)
TrustPort Internet Security
=========================================================
Good +
Avast Free Antivirus 2016
AVG AntiVirus Free Edition
AVG Internet Security
Comodo Internet Security 8


Full pdf report
https://avlab.pl/sites/default/files/68files/ENG_2016_ransomware.pdf​

 

[Dirk41]

Never heard about this lab test . Thank you for sharing.
Are they as reliable as AV comparatives and AV test ?

 

[HarborFront]

Top of the list

Arcabit Internet Security
KIS 2017
EIS 2016/2017
G DATA Internet Security
Qihoo 360 Total Security
SecureAPlus Premium
ZAM Premium
ZA Internet Security Suite
Trend Micro Internet Security 2017
Comodo Cloud Antivirus
Foltyn Security Shield
VS Pro
F-Secure SAFE

 

[Terry Ganzi]

It is in alphabetical order champ.

 

[Evjl's Rain]

what impressed me:
- Zonealarm blocked everything - really that good?
- comdodo: 3 products in 3 different lists - why so inconsistent? the one which is supposed to be the weakest of those 3 (CCAV) performed the best. The one expected to be the best (CIS 10 beta) failed
- norton almost failed -
- Arcabit Internet Security - who?

EDIT: wrong interpretation of the test result. In order to get Best+++: the product must block 100% of samples. Zemana missed 1 sample and the PC was encrypted -> How did it get best+++

 

[jamescv7]

So many contradictions.

Avira Endpoint and Free version got only tested where the Internet security got best++ ratings?

We conclude that some protection modules are limited to Avira Free which not surprising but the signatures must detect that easily when both have same response time.

I'm surprise that Avira's endpoint version fall on the same category like the free version when suppose to have better protection due to business concept.

At least on AVG, the results are consistent on both editions.

Overall the mechanistic protecrion, hips, and sandbox are counted as valid in the test compare on other independent testing organizations.

 

[_CyberGhosT_]

Good to see VoodooShield making a splash but I
will wait for AV Comparitives to test and score
VS, I already know what the end result will be
but it will be nice to see it in writing from the
big boys playground
PS: Thank You @hamo

 

[Captain Awesome]

avast internet security and avast free are same on protection so this so called AVLab ransomware test is not vaild for me.

 

[frogboy]

The term to be taken with a grain of salt spring to mind.

 

[RmG152]

comdodo: 3 products in 3 different lists - why so inconsistent? the one which is supposed to be the weakest of those 3 (CCAV) performed the best. The one expected to be the best (CIS 10 beta) failed

CCAV default settings > comodo Internet security default settings, and if you looks at the pdf:

Comodo Internet Security Pro 10 BETA failed to respect the automatic sandbox module settings,
which is the core protection against unknown malware. During testing, stable version hasn’t been
available yet, so don’t put an equal sign between BETA and stable version results of Comodo Internet
Security Pro 10.

avast internet security and avast free are same on protection so this so called AVLab ransomware test is not vaild for me.

Maybe one sample is a Downloader + ransom and avast is firewall block the download of the sample.

 

[Dirk41]

I wonder one thing : how do they test defender ?
Just with defender engine or with the other security settings w10 has ? ( I mean smartscreen ... )

 

[Lord Ami]

avast internet security and avast free are same on protection so this so called AVLab ransomware test is not vaild for me.

FYI, all avast versions have same detection capabilities regarding Shields. Firewall etc are other layers.
So this result is legitimate/correct as it should be.

 

[Evjl's Rain]

I wonder one thing : how do they test defender ?
Just with defender engine or with the other security settings w10 has ? ( I mean smartscreen ... )

I think they just ignored smartscreen and UAC prompts + they said they gained administrator privileges when necessary
I believed smartscreen is either a part or not a part of windows defender because it can be enabled everywhere with all AVs

AFAIK, Smartscreen is a reputation-based protection (blue prompts) with WD basic signatures (when it shows red prompts)

 

[Dirk41]

I begin to think that all test performed with admin rights are useless . It is like to leave your house door open and think if someone can entry

 

[Evjl's Rain]

I begin to think that all test performed with admin rights are useless . It is like to leave your house door open and think if someone can entry

no not pointless. This is for testing purposes
Most ransomwares cannot access your C drive without being allowed by UAC and administrator priveledges unless they can utilize task scheduler to allow themselves to bypass UAC

This is not real life usage for some people but it is definitely a real life situation for many people (novice users) because they will default-allow. AV vendors know that and they should be trying to deal with this and protect all kinds of users in any situation

no tests are useless. They are just suitable for the readers or not

EDIT: for example, Kaspersky developed Application control to limit the permissions of running processes automatically. This helps to prevent some damage and spreading to malwares to the system. It is very useful for novice users. Of course it is not perfect as they cannot make it more aggressive because it will break the usability for many other legit apps

 

[Dirk41]

Av vendors should add warns like this : use a standard account , max UAC and keep smartscreen enable

 

[jamescv7]

@Dirk41

Unfortunately that is not counted on their test, typically it's all about AV's protection core and modules.

UAC and Smartscreen were considered as baseline only.

 

[Dirk41]

@Dirk41

Unfortunately that is not counted on their test, typically it's all about AV's protection core and modules.

UAC and Smartscreen were considered as baseline only.

So +1 for MS

 

[aragornnnn]

MBAR failed so badly omg...

 

[conceptualclarity]

Top of the list

Arcabit Internet Security
KIS 2017
EIS 2016/2017
G DATA Internet Security
Qihoo 360 Total Security
SecureAPlus Premium
ZAM Premium
ZA Internet Security Suite
Trend Micro Internet Security 2017
Comodo Cloud Antivirus
Foltyn Security Shield
VS Pro
F-Secure SAFE

Please, let's avoid abbreviations when reporting test results.

Never heard of Foltyn Security Shield, scarcely heard of Arcabit Internet Security. Anybody have anything to say about them?

Noteworthy: Bitdefender doesn't make top rank.

Bitdefender Free does a little better than Bitdefender IS (see the chart on PDF)! Suggests that if one doesn't care about the lack of user control, Bitdefender Free may be a top free AV choice.

Comodo Cloud Antivirus doing better than Comodo IS 8 and Comodo IS Premium 10 Beta.

Not a good test for ESET, Malwarebytes, Norton, and Panda.