- Apr 1, 2019
- 2,868
Especially not zero day samples. You can run into them, but it's not super common. Or else most Windows 10 machines would be constantly infected.
Malware Protection Test March 2021
- Thread starter Gandalf_The_Grey
- Start date
That's the same as dismissing all AV tests because all they are doing the same (executing thousands of malware) after all. I think this argument, in general*, is a bit like dismissing car crash tests as you won't intentionally drive to a wall with high speed in the real world.
*:
But..but, all those YouTuber tests always showed me that a large folder of random files will just randomly appear on my desktop one day. They also showed me that it's best practice to just execute each one to see what it is, even though it just randomly appeared....
The easiness of finding big number of malicious files on internet that gets undetected by my AV makes me think why should I even bother using it. That's making the big majority of AVs just a tool to keep average Joe from executing not-a-malware.exe
- May 3, 2015
- 1,741
It is true and makes sense!
If a certain AV is highly used in the USA, but used very little Europe for example, it's FP rate and detection rate of certain malware families will be different than an AV highly used in Europe vs USA. Some pieces of software may only be available/used in certain regions. Similarly some malware families are only seen in certain regions as well. With the advent of ML and the cloud I would assume that FPs are going to be higher generally speaking, as most AVs seem to be imporing some sort of file reputation system. MD and Smartscreen are a great example of this. Between BAFS and Smartscreen, MD/W10 can be pretty ruthless to new files. To the point that it can be extremely annoying for a developer trying to create a new program.
The problem with FPs in tests (at least the way AV-Comparatives displays them) is you only see the total number as part of the graph/chart. AV-Comparatives use to post an appendix to outline in more detail where the FPs came from, as well as if the file had very low, low, medium, or high prevalence. Using MD as an example, it use to have reasonably high FPs in AV-Comparatives. However, when looking at the appendix, one would see that the bulk of the FPs came from files with very low to low prevalence. Files with medium, or high prevalence were extremely low. Which agrees with what the vendors are telling you. Most people in general use software that is fairly well known to most AV vendors, so the FP rate in the real world for the vast majority of people is going to be really low. However, if you are using an AV that is not widely used in your region and you are either using software that is primarily used in that region, or a file with low prevalence in general, your chances of a FP will be higher.
But..but, all those YouTuber tests always showed me that a large folder of random files will just randomly appear on my desktop one day. They also showed me that it's best practice to just execute each one to see what it is, even though it just randomly appeared....
You clearly forgot to disable some protection modules as well... specially recommended for ESET and Bitdefender users as their protection modules are interconnected and require each other to offer full protection.
Nightwater
Level 2
- Jan 26, 2021
- 69
Remembering that this shield is made of plasticNobody can stop this Malware Samurai Crusher while its wearing Iron Man Armor: Mark VII with Captain American' s shield, malware industry is over, period.
Malwarebytes is just a second-tier antivirus, I would never trust my system with it
- Apr 1, 2019
- 2,868
Your not wrong...there will always be malware available that is undetected. It's the reason why I always say that no AV/IS is ever 100% effective in catching everything, all of the time. It's why I am a person who leans more on education on how to be safe online, instead of putting all of your faith in an AV/IS. Problem is, many people do it the other way around.... put faith in AV and do whatever they want. In saying that....the vast majority of users, regardless of their technical prowess, don't go purposefully looking for malware. So I would argue that in most cases the chances of getting infected are still reasonably low.
Thanks! They had a separate test that I missed.
Gandalf_The_Grey
Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,249
AV-Comparatives - False Alarm Test March 2021
Introduction This report is an appendix to the Malware Protection Test March 2021 listing details about the discovered False Alarms. In AV testing, it is important to measure not only detection capabilities but also reliability. One aspect of reliability is the ability to recognize clean files...
malwaretips.com
Oh no Kaspersky only had a protection rate of 99.96% is this particular test, it's such a failure. I'm gonna be uninstalling Kaspersky right now to switch to another AV that had a protection rate of 99,98%. Lmao
I encountered malware like 1 time during the last 10 years of me browsing the internet so I can't miss those precious 00.02% extra protection
Edit: Panda scoring 99,98% protection rate, seems legit we all know Panda is a beast of a AV
I encountered malware like 1 time during the last 10 years of me browsing the internet so I can't miss those precious 00.02% extra protection
Edit: Panda scoring 99,98% protection rate, seems legit we all know Panda is a beast of a AV
Last edited:
- May 3, 2015
- 1,741
- May 26, 2014
- 1,130
false positives a bit ghastly??
- Apr 1, 2019
- 2,868
The FPs are high, but mostly esoteric. I used Windows Defender (when it was called that) through the days of having even worse false positives and never saw a single false positive. I install very few applications regularly outside of games. MB may be moving into the territory of being a decent lightweight solution for low risk users.
- May 26, 2014
- 1,339
Thats the biggest issue I have with MB, it is not lightweight.
- Apr 1, 2019
- 2,868
Really? I just ran a bunch of benchmarks today and it got higher CPU frametimes and framerates than MD, ESET, Bitdefender and definitely better than AVG. I'm wondering if AVG has an issue with nvidia drivers or something because the CPU hit is very surprising. Maybe it's something else on my machine. CPU benchmarks are inline with all the other suites, but any 3D application I take an 8-10% hit on framerate/cpu performance.
- Apr 1, 2019
- 2,868
What's the performance impact you were seeing? Also, was that running next to MS Defender? I had premium running with Defender back in the day and it slowed loading of programs and games to a crawl.
Last edited:
- May 26, 2014
- 1,339
Slow launch of applications, Microsoft Defender disabled.
- Apr 1, 2019
- 2,868
Interesting, we’ll see how it goes. So far I only notice a slight increase in startup time. I see their AV Test scores improved with the 4.3 update, so far browsers, iTunes and games ‘seem’ unaffected.
- Mar 16, 2019
- 3,862
Continuing it here: @EndangeredPootis
Video - Windows Defender vs Malware in 2021 (The PC Security Channel)
It uses Avira's full SDK. So heuristics, cloud, etc all. That's what I meant. So it's normal to see it scoring the same as Avira.
Video - Windows Defender vs Malware in 2021 (The PC Security Channel)
It uses Avira's full SDK. So heuristics, cloud, etc all. That's what I meant. So it's normal to see it scoring the same as Avira.
- Sep 8, 2019
- 461
Offline without its cloud? the cloud has the most comprehensive algorithms, just look at MD, it performs absolutely awfully without the cloud, and I highly doubt its all thanks to its signatures.
Also, how does Avira achieve 1% higher online detection rate, despite both supposedly having the same algorithms?
- Mar 16, 2019
- 3,862
MD's case is different because they don't push local signatures quick enough. MD's local signature is usually very accurate and they take time to write proper signatures, classify threats appropriately. It's often more than a week behind at creating offline signatures for a new threat. While as I said, Avira is more frequent and release signatures far quicker than Microsoft. Over 10,000 samples were tested and they were a few days old for sure that's why Avira had a high offline detection.
Avira Pro version has a feature like a cloud priority or something. Their pro gets priority over the free version if something not seen before requires cloud analysis. I can't say for sure why there was a difference but TotalAV probably was not quick enough to get a faster cloud response at the time of testing, connectivity issue, or anything. In SE Labs tests, often Avast and AVG had slightly different detection results even though they are the same product. So it could be anything. But the difference is very low so it's nothing to speculate about.
- Jun 5, 2014
- 275
mate aside from mb which one of these you recommend? was going to start a thread for this performance thing but saw this. seems you already tested frametime and stuff which one did you see performed better. thanks.
edit: seems your use is like me ordinary stuff and applications web movies and mostly games. appreciate any advice on system performance optimization and program recommendations. will continue on pm to not hijack the thread.
Similar threads
