I took a random sample, I don't know which one you took. Was it a coincidence or are they named the same by the Microsoft Defender?This trojan was one of the included sample
Now I'm going off topic. 
Kaspersky is overestimated, while Microsoft defender is underestimated
- Thread starter Parkinsond
- Start date
Now I'm going off topic. 
In my opinion the strong point of a good antivirus especially against 0-day attacks is behavioral analysis
Agree; MD has some sort of cloud-based behavioral analysis, but system watcher is more robust and polished.
- Dec 4, 2014
- 3,494
- 1
- 19,052
- 4,479
- 52
Very often for new malware, detection is made by behavioural protection when the malware is launched, rather than signatures. So you really would need to launch the samples too, for it to be a valid test of what samples are missed. Of course this is something that should be done with proper care, so you don't infect your computer.
That is true, but as I was not using VM, I could not launch the scripts.
It is merely signature-based detection.
u could have checked all the missed files in kaspersky's opentip
I have checked all the samples, even detected ones, by VT to find out how many vendors could detect each one.
Agree, and that's how I took it (my 100 points for your previous post).
The percentage of people affected by malware is what percent world wide, compared to all of the PC's used world wide? We occasionally get members here looking for malware removal, and Bleeping Computer has had a reputation over the years of malware removal, so that would make sense as far as the number of people posting there. But the only "malware" problem I've had since the days of XP (using AV and Spyware tools) is what's happened in cooperate servers being hacked, and my personal information possibly being compromised from there (4 different companies). And as an aware user, that was a question I had, where do I have to go (other than a malware, phishing repository site) to get some of this malware?
App Review - F-Secure Internet Security v19.5
F-Secure is a relatively well-known Finnish antivirus. Formerly with Bitdefender, then with Avira as a partner, the software has evolved over the years. For this version, there are very few changes, apart from the fact that Avira's HEUR/APC detections make a comeback alongside F-Secure's own...
malwaretips.com
Last edited:
with respect do you think this kind of testings are standard? actually it shows nothing, do you think a million dollar company can not have some employees to just add public website malwares? and get good scores in tests like yours?! malware detection is different from the tests we do here , you need malware analysis knowledge, technical knowledge, programming etc , you need honeypots , sensors , dark web monitoring for new samples,cloud detection and behavior monitoring and a lot of other stuff to be able to have proper testing. many public website samples are dead samples or detected by behavior or cloud detection, when something like that is happening the companie analysts focus on the part of the web that people like us does not have access to and try to detect targeted attacks, not wasting their energy and resources on something that their multi layered program can detected.
U have hit the nail on the head
"Kaspersky is overestimated" - Only a touch of divine editing can fix this horror! 
For pre-execution protection, yes; both are equal."Kaspersky is overestimated" - Only a touch of divine editing can fix this horror!
Regarding post-execution protection, I do not know; need to launch samples to test.
But post-execution protection depends on the duration between launch and block; if is long enough, damage can not be reverted by blocking and deleting the malware.
I prefer to rely on pre-execution protection.
What was the detection name was is heur? Did you execute it in a sandbox to see if it works? Although ESET is not known of adding non working malware to their definitions.
Do you have a copy of the missed malware that ESET detected. ?
I would love to examine it.
15 pieces of malware, whether PS1 or other, is too little, which is why I try to make packs with several pieces of malware (like the hundred). That's a fact.
Secondly, Kaspersky and MS Defender don't work in the same way, nor do they have the same shields.
Especially as PS1 malware, C&C servers die quite quickly, very often hit by the deactivation of servers by the host (called a TakeDown), so not reliable enough to test.
Yes, MS Defender must have Web protection, but it also manages to block attacks, like Kaspersky (called AMSI)
Secondly, Kaspersky and MS Defender don't work in the same way, nor do they have the same shields.
Especially as PS1 malware, C&C servers die quite quickly, very often hit by the deactivation of servers by the host (called a TakeDown), so not reliable enough to test.
Yes, MS Defender must have Web protection, but it also manages to block attacks, like Kaspersky
(called AMSI)
I'm not a malware hunter, or even related to the tech field.
As stated clearly, it just testing of signature-based detection by scan; I have no VM to launch samples to evaluate behavioral protection and post-execution detection and containment.
All the samples were deleted after testing, certainly I would like to keep snakes inside my room
The number of samples is limited because getting more samples from MB means it will be older ones; I wanted to test the most recent just added to their database during the same day to test.15 pieces of malware, whether PS1 or other, is too little, which is why I try to make packs with several pieces of malware (like the hundred). That's a fact.
Secondly, Kaspersky and MS Defender don't work in the same way, nor do they have the same shields.
Especially as PS1 malware, C&C servers die quite quickly, very often hit by the deactivation of servers by the host (called a TakeDown), so not reliable enough to test.
Yes, MS Defender must have Web protection, but it also manages to block attacks, like Kaspersky
I did not evaluate any shields of both, only on-demand scanner and the efficacy of their signatures combined with their cloud-backend.
K has the best behavioral protection; however, it failed me once when detected a piece of what looked ligitimate software as ransomware but it was late after initiation of damage. In addition, it has some FPs from time to time; it is not that superior.
Nowt wrong IMO with the Big K as regards malware detection - I don't use it at present but will again, maybe soon
I keep switching between free AVs; all of the have pros and cons; the most system and browser friendly unfortunately is MD.Nowt wrong IMO with the Big K as regards malware detection - I don't use it at present but will again, maybe soon
You may also like...
-
How would you describe Microsoft Defender's protection in 2026?- Started by RoboMan
- Replies: 19
-
Microsoft warns of new Defender zero-days exploited in attacks- Started by Brownie2019
- Replies: 2
-
Microsoft Defender Antivirus feat AI Defender- Started by Shadowra
- Replies: 13
-
Bitdefender Total Security or Microsoft Defender — Who Wins for Everyday PC Users?- Started by Bot
- Replies: 116
-
Orion Malware Cleaner (OMC) - By Trident- Started by Trident
- Replies: 23