AV-Comparatives Consumer Real-World Protection Test February-May 2021

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

JB007

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,581
Now we have to wait 72 hours or less:
"Dear ......, Thank you for the information provided. We sent the files to our laboratories for specialized analyzes. If a false positive is found, the detection will be removed within 72 hours. If you need help in the future, we invite you to contact us again. Regards, Bitdefender Customer Service "
 
  • Like
  • Sad
Reactions: Nevi, Venustus, harlan4096 and 1 other person
E

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
plat1098 said:
Snipped from the AV test results:

View attachment 259052

Dang! I'm SO disappointed (well, not really). :whistle: :coffee:

Malwarebytes still having a lot of trouble w/false positives in the test scenario, it seems.
Click to expand...
I had that too during the time I tested WD last years. I couldn't make it work. It simply refused to update without any error message. I clicked on check for update but my click did nothing. I was forced to use cmd/powershell to trigger updates. Sometimes it worked, sometimes it didn't
I thought, messing with windows updates' settings could affect windows/microsoft defender
 
  • Like
  • +Reputation
  • Wow
Reactions: Nevi, roger_m, Venustus and 4 others
M

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
784
JB007 said:
@Gandalf_The_Grey : why "sad" ?
Click to expand...
For reference, Fortinet Labs will live re-evaluate a site reported as a false positive. Usually it takes about 30 seconds. The longest I’ve had to wait was about an hour for a malware analysis site they weren’t sure about.

I don’t have experience with consumer AVs and typical reporting times though, but this is a lifesaver on enterprise hardware because you don’t have to deal with the extra work for adding exceptions.
 
  • Like
  • Wow
Reactions: roger_m, JB007, Venustus and 1 other person
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,868
JB007 said:
Hello,
I just tried your link for mrg-effitas and it was blocked by Bitdefender :unsure:

View attachment 259501

View attachment 259502
Click to expand...
For any Bitdefender-related submission whether it's a false positive or false negative, use this business page to submit to them. They respond very quickly when you do so. Within 4 hours on average in my experience but I have also received as quickly as within 5 minutes on some occasions. I guess it depends on how busy the analysts are.
 
  • Like
  • Thanks
  • +Reputation
Reactions: Nevi, zoran popovic, Guilhermesene and 6 others
M

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
784
SeriousHoax said:
For any Bitdefender-related submission whether it's a false positive or false negative, use this business page to submit to them. They respond very quickly when you do so. Within 4 hours on average in my experience but I have also received as quickly as within 5 minutes on some occasions. I guess it depends on how busy the analysts are.
Click to expand...
Ah that’s very competitive!

FWIW I honestly don’t know if Fortinet’s “live” service has a set of on call human analysts or if they just check VirusTotal automatically or something. I didn’t want to try making a false suggestion since that would be rather unethical.
 
  • Like
Reactions: Nevi, roger_m, JB007 and 1 other person
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,868
MacDefender said:
Ah that’s very competitive!

FWIW I honestly don’t know if Fortinet’s “live” service has a set of on call human analysts or if they just check VirusTotal automatically or something. I didn’t want to try making a false suggestion since that would be rather unethical.
Click to expand...
30 seconds seems too fast for a human analyst to analyze and whitelist a site. Maybe it's automatic and powered by AI?
If you submit a malicious/phishing site to Microsoft then it shows you this message saying to speed up reviews they use AI for classifications. In practice, they kind of never add any malicious site that I submit to them so I doubt how good it is while the human analysts of Bitdefender for example add things as quickly as they can specially when submitted via the business page. But I guess Microsoft does the same for their enterprise customers.
m.PNG
 
  • Like
Reactions: Nevi, roger_m, JB007 and 1 other person
M

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
784
SeriousHoax said:
30 seconds seems too fast for a human analyst to analyze and whitelist a site. Maybe it's automatic and powered by AI?
If you submit a malicious/phishing site to Microsoft then it shows you this message saying to speed up reviews they use AI for classifications. In practice, they kind of never add any malicious site that I submit to them so I doubt how good it is while the human analysts of Bitdefender for example add things as quickly as they can specially when submitted via the business page. But I guess Microsoft does the same for their enterprise customers.
View attachment 259505
Click to expand...
Ah very interesting! Yeah I agree 30 seconds is extremely fast unless they really just have a call center the same way Amazon has chat agents ready and waiting. I also suspect it is AI or something else automation assisted. I mostly report false positives because I run some RSS reader services and it is obvious from my Fortinet logs when it falsely blocks something, but I’ve also reported a few phishing sites and they are pretty quick (minutes or less) to agree.
As @Gandalf_The_Grey said, 72 hours sounds way too long. Often times phishing domains come and go in that amount of time. But that might also just be a worst case and they tend to respond faster, I just don’t have personal experience with BD.
 
  • Like
Reactions: Nevi, roger_m, JB007 and 4 others
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,868
MacDefender said:
Ah very interesting! Yeah I agree 30 seconds is extremely fast unless they really just have a call center the same way Amazon has chat agents ready and waiting. I also suspect it is AI or something else automation assisted. I mostly report false positives because I run some RSS reader services and it is obvious from my Fortinet logs when it falsely blocks something, but I’ve also reported a few phishing sites and they are pretty quick (minutes or less) to agree.
As @Gandalf_The_Grey said, 72 hours sounds way too long. Often times phishing domains come and go in that amount of time. But that might also just be a worst case and they tend to respond faster, I just don’t have personal experience with BD.
Click to expand...
I see. Good to know that Fortinet is quick and effective in this case. Yeah, I also agree that 72 hours is too long.
Bitdefender has a separate subscription named, Bitdefender Premium Security where one of the main features is priority support. Here they respond to every query immediately 24x7 via live chat support I think. There was a member here in MT from Iran who had this subscription and shared his positive feedback.
So for general consumers, we'll have to pay extra to get premium support 🤷‍♂️
 
  • Like
Reactions: Nevi, zoran popovic, newhobbitmann and 5 others
zoran popovic

zoran popovic

Level 7
Verified
Well-known
Sep 26, 2019
318
JB007 said:
Hello,
I just tried your link for mrg-effitas and it was blocked by Bitdefender :unsure:

View attachment 259501

View attachment 259502
Click to expand...



I don't understand your comment and I don't understand what you mean.
I have F-Secure on my computer and on my phone and tablet and this site is opening for me right now.
Not wanting to discredit your antivirus program, I would like to say that Bit Defender is known as a robust and very sharp AV and that it is very "distrustful" to many sites, even the most respectable ones. I had it for a while and then soon uninstalled it because it didn't allow the computer to run Chkdsk.
So much for Bit Defender.
 
  • Like
Reactions: Nevi, roger_m, Venustus and 2 others
JB007

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,581
zoran popovic said:
I don't understand your comment and I don't understand what you mean.
I have F-Secure on my computer and on my phone and tablet and this site is opening for me right now.
Not wanting to discredit your antivirus program, I would like to say that Bit Defender is known as a robust and very sharp AV and that it is very "distrustful" to many sites, even the most respectable ones. I had it for a while and then soon uninstalled it because it didn't allow the computer to run Chkdsk.
So much for Bit Defender.
Click to expand...
I apologize if I have hurted you.
I also know this trusted site and I just wanted to report this detection without any ulterior motive.
 
  • Like
Reactions: Nevi, roger_m, Venustus and 3 others
zoran popovic

zoran popovic

Level 7
Verified
Well-known
Sep 26, 2019
318
JB007 said:
I apologize if I have hurted you.
I also know this trusted site and I just wanted to report this detection without any ulterior motive.
Click to expand...

Not a problem. There is no need for an apology.
Mrg effitas is not my site nor am I its owner. the only thing that was strange to me was that BD blocked that site that I have been visiting for years without the slightest problem. in any case thanks for the correspondence.
 
  • Like
Reactions: Zartarra, Nevi, roger_m and 2 others
SeriousHoax

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,868

JB007,​

is mrg-effitas still getting blocked by Bitdefender? Last night I submitted the false positive report to them but surprisingly they said they were not able to reproduce it on their end and asked for a screenshot of the detection. I did that and since then I've received no further reply from them. It's weird. But can you check again?
I have to add that this was their Enterprise submission portal so they tested it on their Enterprise (Gravity Zone) product. So the problem probably for some reason happens on the home users version only.
Edit: I understand what they meant by "The URL is not blocked".
It means the site specifically is not blocked by their database. So probably Bitdefender is falsely detecting some sort of malicious javascript or something similar like that on the website and blocking it entirely.
,.PNG
 
Last edited:
  • Like
  • Thanks
  • Wow
Reactions: Nevi, roger_m, blackice and 5 others
JB007

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,581
SeriousHoax said:

JB007,​

is mrg-effitas still getting blocked by Bitdefender? Last night I submitted the false positive report to them but surprisingly they said they were not able to reproduce it on their end and asked for a screenshot of the detection. I did that and since then I've received no further reply from them. It's weird. But can you check again?
I have to add that this was their Enterprise submission portal so they tested it on their Enterprise (Gravity Zone) product. So the problem probably for some reason happens on the home users version only.
Edit: I understand what they meant by "The URL is not blocked".
It means the site specifically is not blocked by their database. So probably Bitdefender is falsely detecting some sort of malicious javascript or something similar like that on the website and blocking it entirely.
View attachment 259531
Click to expand...
Thanks @SeriousHoax
I will try tomorrow because BDTS is installed on my home desktops and I'm at work all the night. I think you are right about the difference between BD for busines and BD for home users.
 
  • Like
Reactions: SeriousHoax, Gandalf_The_Grey, Venustus and 2 others
M

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
784
It’s funny, just today I saw a Twitter link to a personal blog about Tesla firmware hacking. It got blocked by Fortinet as Malicious which was clearly wrong. On the block page it allowed me to suggest a category and I chose Personal Website / Blog. Originally it said an analyst would review in 2 minutes but in reality it took a bit over 5 minutes but the end result they agreed with my category.

I suspect this is mostly done by automation with a human reviewing the results but overall this is the kind of speed I was used to in terms of correcting wrongly labeled websites. What I love as an administrator is that any of my clients can fill out this form. It greatly reduces the work I have to do to fix false positive blocks.
 

Attachments

  • 12518EA5-5F34-4F9A-893C-93B60EE7CD96.png
    12518EA5-5F34-4F9A-893C-93B60EE7CD96.png
    668.2 KB · Views: 91
  • D1060F1D-C7C2-44B9-8236-2A4203AD48FA.png
    D1060F1D-C7C2-44B9-8236-2A4203AD48FA.png
    576.2 KB · Views: 94
  • Like
  • Applause
Reactions: SeriousHoax, Gandalf_The_Grey, roger_m and 2 others

Similar threads

Spartan
    • Like
    • Applause
    • +Reputation
AV-Comparatives AV-Comparatives - Real-World Protection Test Jul-Oct 2024
Replies
15
Views
1,046
Security Statistics and Reports
superleeds27
S
Gandalf_The_Grey
    • Like
    • Thanks
    • +Reputation
AV-Comparatives Consumer Malware Protection Test September 2024
Replies
2
Views
640
Security Statistics and Reports
Sorrento
Sorrento
Gandalf_The_Grey
    • Like
    • Thanks
    • Wow
AV-Comparatives Advanced Threat Protection (ATP) Test 2024
Replies
0
Views
635
Security Statistics and Reports
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top