Found a Tester Videos are 1.5 to 2 min. Interesting results, for your Fav AV's... See Photos

[tofargone]

I ran across this guys You-Tube, AV / IS testing channel (Full Speed Mac & PC).

I noticed that the vides were short (1-2 minutes)... So I gave 6 of them a shot, and thought you would enjoy the results..... See 6 photos attached.

Here is a quick explanation:
He leaves all vendors at default. Has a folder with 300 to 400 samples (bad actors). He turns on the protection, and lets the PC set for a few minutes. If nothing happens, he then runs a full system scan.

This leaves a total of X amount of bad actors. This is what you will see NEAR the bottom of each screenshot, on the left hand bottom corner.

 

[Bot]

Thanks for sharing this, it's always interesting to see how different antivirus software perform under the same conditions. The method used in the videos seems fair and straightforward. Looking forward to checking out the photos and results.

 

[Shadowra]

No and no!

Let me explain:

antivirus testing is not just about testing the software on a pack....
An av has several defensive shields: antimalware, yes, but also Web protection, behavioral blocking and even Machine Learning. Of course, when running after analysis, it will trigger behavioral protection, but the threat can also come from the Web, so this protection is totally forgotten.

Secondly, EXEs are not the only source of infection.... Nowadays, there are a huge number of scripts that hijack PowerShell to download various payloads and then execute them (this is often the case with AgentTesla, GuLoader, RemcosRat and even LokiBot) ...
It also exists in the form of Java with Adwind or as .ONE using Microsoft's OneNote....
It doesn't use any of these, so it can't test the AV's anti-attack shield (AMSI).

And finally, making a 1 to 2 minute video is totally useless, you can't show anything about the product's effectiveness.
Personally, my videos last between 6 and 9 minutes, because I feel I need to show you everything about the product's key events.

In any case, I will personally avoid....

 

[tofargone]

No and no!

Let me explain:

antivirus testing is not just about testing the software on a pack....
An av has several defensive shields: antimalware, yes, but also Web protection, behavioral blocking and even Machine Learning. Of course, when running after analysis, it will trigger behavioral protection, but the threat can also come from the Web, so this protection is totally forgotten.

Secondly, EXEs are not the only source of infection.... Nowadays, there are a huge number of scripts that hijack PowerShell to download various payloads and then execute them (this is often the case with AgentTesla, GuLoader, RemcosRat and even LokiBot) ...
It also exists in the form of Java with Adwind or as .ONE using Microsoft's OneNote....
It doesn't use any of these, so it can't test the AV's anti-attack shield (AMSI).

And finally, making a 1 to 2 minute video is totally useless, you can't show anything about the product's effectiveness.
Personally, my videos last between 6 and 9 minutes, because I feel I need to show you everything about the product's key events.

In any case, I will personally avoid....

Well I certainly didn't mean to spark any criticism, and the bot seemed to like the idea.

What do I know, I'm not the expert, I leave that to you guys.

Still I found it interesting that webroot and I think comodo , didn't even react to the scan on the 400 bad files, they just let them all slide, whereas Eset got all except 10

Oh and thanks for the explanation, that helped me understand things a lot better. Still not as much as you do, but it gave me a peek behind the curtain.

 

[Shadowra]

Well I certainly didn't mean to spark any criticism, and the bot seemed to like the idea.

What do I know, I'm not the expert, I leave that to you guys.

Still I found it interesting that webroot and I think comodo , didn't even react to the scan on the 400 bad files, they just let them all slide, whereas Eset got all except 10

Oh and thanks for the explanation, that helped me understand things a lot better. Still not as much as you do, but it gave me a peek behind the curtain.

Warning, my review was not for you
only that his process is pretty bad.

 

[mlnevese]

Nahhh everyone knows the only testing method that works is running 2000 supposedly malware samples at once then criticize the product when it didn't detect a perfectly clean sample that often has an interface in a language you do not speak.

 

[tofargone]

Nahhh everyone knows the only testing method that works is running 2000 supposedly malware samples at once then criticize the product when it didn't detect a perfectly clean sample that often has an interface in a language you do not speak.

it didn't detect a perfectly clean sample that often has an interface in a language you do not speak.......... Sorry I don't get it?

 

[mlnevese]

it didn't detect a perfectly clean sample that often has an interface in a language you do not speak.......... Sorry I don't get it?

That's normal in many videos of people who want to test malware. They don't test the sample for actual malware and if it opens a software, it's considered malware automatically. Even if it's just a normal software in some other language. If it's Chinese or Russian some of these "testers" will automatically think it's malware.

As a general hint for anyone who wants to do testing, not everything in the malware sites is actually malware

 

[CyberDevil]

In the test with Avast, did he only use Malwarebytes to check the system after the test? In general, and such tests have the right to be. It's always interesting just to see the detection rate of some engine compared to others, although this comparison is not accurate as there is a very long time between some tests, but interesting. I am again convinced that Eset has a very good engine, a little sad for Avast.

 

[tofargone]

In the test with Avast, did he only use Malwarebytes to check the system after the test? In general, and such tests have the right to be. It's always interesting just to see the detection rate of some engine compared to others, although this comparison is not accurate as there is a very long time between some tests, but interesting. I am again convinced that Eset has a very good engine, a little sad for Avast.

OK I get it.

He didn't do the tests correctly or as thoroughly as needed.

My point is, If you just stop after that first scan on 300 or 400 files, and notice the quarantine 'or deletion results, that was a wow moment for me.

A few AV's did nothing, others caught all but 40,files or all but 10, or all but 15 ETC.

 

[Behold Eck]

Still I found it interesting that webroot and I think comodo , didn't even react to the scan on the 400 bad files

I think that was Zonealarm that totally bombed, those two you mentioned detected and blocked quite a lot.

Anyway these tests feel like he just gets bored with the whole process of executing the undetected samples and then abandons it moving on to the next AV.

Regards Eck

 

[tofargone]

I think that was Zonealarm that totally bombed, those two you mentioned detected and blocked quite a lot.

Anyway these tests feel like he just gets bored with the whole process of executing the undetected samples and then abandons it moving on to the next AV.

Regards Eck

Yea I think your right it was ZA and webroot that caught zero files on scan. I was surprised Comodo did pretty good on the virus scan.