AV-Comparatives Consumer Real-World Protection Test February-May 2021

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

JB007

Level 24
Verified
May 19, 2016
1,325
Now we have to wait 72 hours or less:
"Dear ......, Thank you for the information provided. We sent the files to our laboratories for specialized analyzes. If a false positive is found, the detection will be removed within 72 hours. If you need help in the future, we invite you to contact us again. Regards, Bitdefender Customer Service "
 

Evjl's Rain

Level 46
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,556
Snipped from the AV test results:

View attachment 259052

Dang! I'm SO disappointed (well, not really). :whistle: :coffee:

Malwarebytes still having a lot of trouble w/false positives in the test scenario, it seems.
I had that too during the time I tested WD last years. I couldn't make it work. It simply refused to update without any error message. I clicked on check for update but my click did nothing. I was forced to use cmd/powershell to trigger updates. Sometimes it worked, sometimes it didn't
I thought, messing with windows updates' settings could affect windows/microsoft defender
 

MacDefender

Level 14
Verified
Oct 13, 2019
685
For reference, Fortinet Labs will live re-evaluate a site reported as a false positive. Usually it takes about 30 seconds. The longest I’ve had to wait was about an hour for a malware analysis site they weren’t sure about.

I don’t have experience with consumer AVs and typical reporting times though, but this is a lifesaver on enterprise hardware because you don’t have to deal with the extra work for adding exceptions.
 

SeriousHoax

Level 37
Verified
Mar 16, 2019
2,656
Hello,
I just tried your link for mrg-effitas and it was blocked by Bitdefender :unsure:

View attachment 259501

View attachment 259502
For any Bitdefender-related submission whether it's a false positive or false negative, use this business page to submit to them. They respond very quickly when you do so. Within 4 hours on average in my experience but I have also received as quickly as within 5 minutes on some occasions. I guess it depends on how busy the analysts are.
 

MacDefender

Level 14
Verified
Oct 13, 2019
685
For any Bitdefender-related submission whether it's a false positive or false negative, use this business page to submit to them. They respond very quickly when you do so. Within 4 hours on average in my experience but I have also received as quickly as within 5 minutes on some occasions. I guess it depends on how busy the analysts are.
Ah that’s very competitive!

FWIW I honestly don’t know if Fortinet’s “live” service has a set of on call human analysts or if they just check VirusTotal automatically or something. I didn’t want to try making a false suggestion since that would be rather unethical.
 

SeriousHoax

Level 37
Verified
Mar 16, 2019
2,656
Ah that’s very competitive!

FWIW I honestly don’t know if Fortinet’s “live” service has a set of on call human analysts or if they just check VirusTotal automatically or something. I didn’t want to try making a false suggestion since that would be rather unethical.
30 seconds seems too fast for a human analyst to analyze and whitelist a site. Maybe it's automatic and powered by AI?
If you submit a malicious/phishing site to Microsoft then it shows you this message saying to speed up reviews they use AI for classifications. In practice, they kind of never add any malicious site that I submit to them so I doubt how good it is while the human analysts of Bitdefender for example add things as quickly as they can specially when submitted via the business page. But I guess Microsoft does the same for their enterprise customers.
m.PNG
 

MacDefender

Level 14
Verified
Oct 13, 2019
685
30 seconds seems too fast for a human analyst to analyze and whitelist a site. Maybe it's automatic and powered by AI?
If you submit a malicious/phishing site to Microsoft then it shows you this message saying to speed up reviews they use AI for classifications. In practice, they kind of never add any malicious site that I submit to them so I doubt how good it is while the human analysts of Bitdefender for example add things as quickly as they can specially when submitted via the business page. But I guess Microsoft does the same for their enterprise customers.
View attachment 259505
Ah very interesting! Yeah I agree 30 seconds is extremely fast unless they really just have a call center the same way Amazon has chat agents ready and waiting. I also suspect it is AI or something else automation assisted. I mostly report false positives because I run some RSS reader services and it is obvious from my Fortinet logs when it falsely blocks something, but I’ve also reported a few phishing sites and they are pretty quick (minutes or less) to agree.
As @Gandalf_The_Grey said, 72 hours sounds way too long. Often times phishing domains come and go in that amount of time. But that might also just be a worst case and they tend to respond faster, I just don’t have personal experience with BD.
 

SeriousHoax

Level 37
Verified
Mar 16, 2019
2,656
Ah very interesting! Yeah I agree 30 seconds is extremely fast unless they really just have a call center the same way Amazon has chat agents ready and waiting. I also suspect it is AI or something else automation assisted. I mostly report false positives because I run some RSS reader services and it is obvious from my Fortinet logs when it falsely blocks something, but I’ve also reported a few phishing sites and they are pretty quick (minutes or less) to agree.
As @Gandalf_The_Grey said, 72 hours sounds way too long. Often times phishing domains come and go in that amount of time. But that might also just be a worst case and they tend to respond faster, I just don’t have personal experience with BD.
I see. Good to know that Fortinet is quick and effective in this case. Yeah, I also agree that 72 hours is too long.
Bitdefender has a separate subscription named, Bitdefender Premium Security where one of the main features is priority support. Here they respond to every query immediately 24x7 via live chat support I think. There was a member here in MT from Iran who had this subscription and shared his positive feedback.
So for general consumers, we'll have to pay extra to get premium support 🤷‍♂️
 

zoran popovic

Level 6
Sep 26, 2019
261
Hello,
I just tried your link for mrg-effitas and it was blocked by Bitdefender :unsure:

View attachment 259501

View attachment 259502



I don't understand your comment and I don't understand what you mean.
I have F-Secure on my computer and on my phone and tablet and this site is opening for me right now.
Not wanting to discredit your antivirus program, I would like to say that Bit Defender is known as a robust and very sharp AV and that it is very "distrustful" to many sites, even the most respectable ones. I had it for a while and then soon uninstalled it because it didn't allow the computer to run Chkdsk.
So much for Bit Defender.
 

JB007

Level 24
Verified
May 19, 2016
1,325
I don't understand your comment and I don't understand what you mean.
I have F-Secure on my computer and on my phone and tablet and this site is opening for me right now.
Not wanting to discredit your antivirus program, I would like to say that Bit Defender is known as a robust and very sharp AV and that it is very "distrustful" to many sites, even the most respectable ones. I had it for a while and then soon uninstalled it because it didn't allow the computer to run Chkdsk.
So much for Bit Defender.
I apologize if I have hurted you.
I also know this trusted site and I just wanted to report this detection without any ulterior motive.
 

zoran popovic

Level 6
Sep 26, 2019
261
I apologize if I have hurted you.
I also know this trusted site and I just wanted to report this detection without any ulterior motive.

Not a problem. There is no need for an apology.
Mrg effitas is not my site nor am I its owner. the only thing that was strange to me was that BD blocked that site that I have been visiting for years without the slightest problem. in any case thanks for the correspondence.
 

SeriousHoax

Level 37
Verified
Mar 16, 2019
2,656

JB007,​

is mrg-effitas still getting blocked by Bitdefender? Last night I submitted the false positive report to them but surprisingly they said they were not able to reproduce it on their end and asked for a screenshot of the detection. I did that and since then I've received no further reply from them. It's weird. But can you check again?
I have to add that this was their Enterprise submission portal so they tested it on their Enterprise (Gravity Zone) product. So the problem probably for some reason happens on the home users version only.
Edit: I understand what they meant by "The URL is not blocked".
It means the site specifically is not blocked by their database. So probably Bitdefender is falsely detecting some sort of malicious javascript or something similar like that on the website and blocking it entirely.
,.PNG
 
Last edited:

JB007

Level 24
Verified
May 19, 2016
1,325

JB007,​

is mrg-effitas still getting blocked by Bitdefender? Last night I submitted the false positive report to them but surprisingly they said they were not able to reproduce it on their end and asked for a screenshot of the detection. I did that and since then I've received no further reply from them. It's weird. But can you check again?
I have to add that this was their Enterprise submission portal so they tested it on their Enterprise (Gravity Zone) product. So the problem probably for some reason happens on the home users version only.
Edit: I understand what they meant by "The URL is not blocked".
It means the site specifically is not blocked by their database. So probably Bitdefender is falsely detecting some sort of malicious javascript or something similar like that on the website and blocking it entirely.
View attachment 259531
Thanks @SeriousHoax
I will try tomorrow because BDTS is installed on my home desktops and I'm at work all the night. I think you are right about the difference between BD for busines and BD for home users.
 

MacDefender

Level 14
Verified
Oct 13, 2019
685
It’s funny, just today I saw a Twitter link to a personal blog about Tesla firmware hacking. It got blocked by Fortinet as Malicious which was clearly wrong. On the block page it allowed me to suggest a category and I chose Personal Website / Blog. Originally it said an analyst would review in 2 minutes but in reality it took a bit over 5 minutes but the end result they agreed with my category.

I suspect this is mostly done by automation with a human reviewing the results but overall this is the kind of speed I was used to in terms of correcting wrongly labeled websites. What I love as an administrator is that any of my clients can fill out this form. It greatly reduces the work I have to do to fix false positive blocks.
 

Attachments

  • 12518EA5-5F34-4F9A-893C-93B60EE7CD96.png
    12518EA5-5F34-4F9A-893C-93B60EE7CD96.png
    668.2 KB · Views: 10
  • D1060F1D-C7C2-44B9-8236-2A4203AD48FA.png
    D1060F1D-C7C2-44B9-8236-2A4203AD48FA.png
    576.2 KB · Views: 9
Top