AV-Comparatives Consumer Real-World Protection Test February-May 2021

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,574
Now we have to wait 72 hours or less:
"Dear ......, Thank you for the information provided. We sent the files to our laboratories for specialized analyzes. If a false positive is found, the detection will be removed within 72 hours. If you need help in the future, we invite you to contact us again. Regards, Bitdefender Customer Service "
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Snipped from the AV test results:

View attachment 259052

Dang! I'm SO disappointed (well, not really). :whistle: :coffee:

Malwarebytes still having a lot of trouble w/false positives in the test scenario, it seems.
I had that too during the time I tested WD last years. I couldn't make it work. It simply refused to update without any error message. I clicked on check for update but my click did nothing. I was forced to use cmd/powershell to trigger updates. Sometimes it worked, sometimes it didn't
I thought, messing with windows updates' settings could affect windows/microsoft defender
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
For reference, Fortinet Labs will live re-evaluate a site reported as a false positive. Usually it takes about 30 seconds. The longest I’ve had to wait was about an hour for a malware analysis site they weren’t sure about.

I don’t have experience with consumer AVs and typical reporting times though, but this is a lifesaver on enterprise hardware because you don’t have to deal with the extra work for adding exceptions.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Hello,
I just tried your link for mrg-effitas and it was blocked by Bitdefender :unsure:

View attachment 259501

View attachment 259502
For any Bitdefender-related submission whether it's a false positive or false negative, use this business page to submit to them. They respond very quickly when you do so. Within 4 hours on average in my experience but I have also received as quickly as within 5 minutes on some occasions. I guess it depends on how busy the analysts are.
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
For any Bitdefender-related submission whether it's a false positive or false negative, use this business page to submit to them. They respond very quickly when you do so. Within 4 hours on average in my experience but I have also received as quickly as within 5 minutes on some occasions. I guess it depends on how busy the analysts are.
Ah that’s very competitive!

FWIW I honestly don’t know if Fortinet’s “live” service has a set of on call human analysts or if they just check VirusTotal automatically or something. I didn’t want to try making a false suggestion since that would be rather unethical.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Ah that’s very competitive!

FWIW I honestly don’t know if Fortinet’s “live” service has a set of on call human analysts or if they just check VirusTotal automatically or something. I didn’t want to try making a false suggestion since that would be rather unethical.
30 seconds seems too fast for a human analyst to analyze and whitelist a site. Maybe it's automatic and powered by AI?
If you submit a malicious/phishing site to Microsoft then it shows you this message saying to speed up reviews they use AI for classifications. In practice, they kind of never add any malicious site that I submit to them so I doubt how good it is while the human analysts of Bitdefender for example add things as quickly as they can specially when submitted via the business page. But I guess Microsoft does the same for their enterprise customers.
m.PNG
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
30 seconds seems too fast for a human analyst to analyze and whitelist a site. Maybe it's automatic and powered by AI?
If you submit a malicious/phishing site to Microsoft then it shows you this message saying to speed up reviews they use AI for classifications. In practice, they kind of never add any malicious site that I submit to them so I doubt how good it is while the human analysts of Bitdefender for example add things as quickly as they can specially when submitted via the business page. But I guess Microsoft does the same for their enterprise customers.
View attachment 259505
Ah very interesting! Yeah I agree 30 seconds is extremely fast unless they really just have a call center the same way Amazon has chat agents ready and waiting. I also suspect it is AI or something else automation assisted. I mostly report false positives because I run some RSS reader services and it is obvious from my Fortinet logs when it falsely blocks something, but I’ve also reported a few phishing sites and they are pretty quick (minutes or less) to agree.
As @Gandalf_The_Grey said, 72 hours sounds way too long. Often times phishing domains come and go in that amount of time. But that might also just be a worst case and they tend to respond faster, I just don’t have personal experience with BD.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Ah very interesting! Yeah I agree 30 seconds is extremely fast unless they really just have a call center the same way Amazon has chat agents ready and waiting. I also suspect it is AI or something else automation assisted. I mostly report false positives because I run some RSS reader services and it is obvious from my Fortinet logs when it falsely blocks something, but I’ve also reported a few phishing sites and they are pretty quick (minutes or less) to agree.
As @Gandalf_The_Grey said, 72 hours sounds way too long. Often times phishing domains come and go in that amount of time. But that might also just be a worst case and they tend to respond faster, I just don’t have personal experience with BD.
I see. Good to know that Fortinet is quick and effective in this case. Yeah, I also agree that 72 hours is too long.
Bitdefender has a separate subscription named, Bitdefender Premium Security where one of the main features is priority support. Here they respond to every query immediately 24x7 via live chat support I think. There was a member here in MT from Iran who had this subscription and shared his positive feedback.
So for general consumers, we'll have to pay extra to get premium support 🤷‍♂️
 

zoran popovic

Level 7
Verified
Well-known
Sep 26, 2019
318
Hello,
I just tried your link for mrg-effitas and it was blocked by Bitdefender :unsure:

View attachment 259501

View attachment 259502



I don't understand your comment and I don't understand what you mean.
I have F-Secure on my computer and on my phone and tablet and this site is opening for me right now.
Not wanting to discredit your antivirus program, I would like to say that Bit Defender is known as a robust and very sharp AV and that it is very "distrustful" to many sites, even the most respectable ones. I had it for a while and then soon uninstalled it because it didn't allow the computer to run Chkdsk.
So much for Bit Defender.
 

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,574
I don't understand your comment and I don't understand what you mean.
I have F-Secure on my computer and on my phone and tablet and this site is opening for me right now.
Not wanting to discredit your antivirus program, I would like to say that Bit Defender is known as a robust and very sharp AV and that it is very "distrustful" to many sites, even the most respectable ones. I had it for a while and then soon uninstalled it because it didn't allow the computer to run Chkdsk.
So much for Bit Defender.
I apologize if I have hurted you.
I also know this trusted site and I just wanted to report this detection without any ulterior motive.
 

zoran popovic

Level 7
Verified
Well-known
Sep 26, 2019
318
I apologize if I have hurted you.
I also know this trusted site and I just wanted to report this detection without any ulterior motive.

Not a problem. There is no need for an apology.
Mrg effitas is not my site nor am I its owner. the only thing that was strange to me was that BD blocked that site that I have been visiting for years without the slightest problem. in any case thanks for the correspondence.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630

JB007,​

is mrg-effitas still getting blocked by Bitdefender? Last night I submitted the false positive report to them but surprisingly they said they were not able to reproduce it on their end and asked for a screenshot of the detection. I did that and since then I've received no further reply from them. It's weird. But can you check again?
I have to add that this was their Enterprise submission portal so they tested it on their Enterprise (Gravity Zone) product. So the problem probably for some reason happens on the home users version only.
Edit: I understand what they meant by "The URL is not blocked".
It means the site specifically is not blocked by their database. So probably Bitdefender is falsely detecting some sort of malicious javascript or something similar like that on the website and blocking it entirely.
,.PNG
 
Last edited:

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,574

JB007,​

is mrg-effitas still getting blocked by Bitdefender? Last night I submitted the false positive report to them but surprisingly they said they were not able to reproduce it on their end and asked for a screenshot of the detection. I did that and since then I've received no further reply from them. It's weird. But can you check again?
I have to add that this was their Enterprise submission portal so they tested it on their Enterprise (Gravity Zone) product. So the problem probably for some reason happens on the home users version only.
Edit: I understand what they meant by "The URL is not blocked".
It means the site specifically is not blocked by their database. So probably Bitdefender is falsely detecting some sort of malicious javascript or something similar like that on the website and blocking it entirely.
View attachment 259531
Thanks @SeriousHoax
I will try tomorrow because BDTS is installed on my home desktops and I'm at work all the night. I think you are right about the difference between BD for busines and BD for home users.
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
It’s funny, just today I saw a Twitter link to a personal blog about Tesla firmware hacking. It got blocked by Fortinet as Malicious which was clearly wrong. On the block page it allowed me to suggest a category and I chose Personal Website / Blog. Originally it said an analyst would review in 2 minutes but in reality it took a bit over 5 minutes but the end result they agreed with my category.

I suspect this is mostly done by automation with a human reviewing the results but overall this is the kind of speed I was used to in terms of correcting wrongly labeled websites. What I love as an administrator is that any of my clients can fill out this form. It greatly reduces the work I have to do to fix false positive blocks.
 

Attachments

  • 12518EA5-5F34-4F9A-893C-93B60EE7CD96.png
    12518EA5-5F34-4F9A-893C-93B60EE7CD96.png
    668.2 KB · Views: 55
  • D1060F1D-C7C2-44B9-8236-2A4203AD48FA.png
    D1060F1D-C7C2-44B9-8236-2A4203AD48FA.png
    576.2 KB · Views: 54

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top