AV Test MalwareTips Cumulative Report - November 2016

BoraMurdar

Super Moderator
MalwareTips Staff
Verified
Joined
Aug 30, 2012
Messages
6,069
OS
Windows 10
Antivirus
Emsisoft
#1
All tests were conducted in protected virtual environment. Due to the small number of samples used in this tests, you should take results with a grain of salt. MalwareTips doesn’t encourage readers to take this test as a proof that tested security product is good or bad as security products are dynamically changing. This test shows how the tested product behaves with certain malware samples, on unique circumstances in given period of time.

Product’s malware detection rate is not an equivalent of protection. This should not be mixed up. MalwareTips encourage you to compare these results with others and take informed decisions on what security products to use.

Document-page-001 (1).jpg

PDF

All credits to our AV Testers Team

Each security product's subforum will soon be updated with it's monthly report!

Sky is the limit, stay tuned with MalwareTips ;)
 

SHvFl

Level 34
Content Creator
Verified
Joined
Nov 19, 2014
Messages
2,311
OS
Windows 10
Antivirus
Emsisoft
#4
@BoraMurdar what a great idea for a new thread, this would be the most accurate of it's kind out there i would say. :)
This kind of report has issues. If not all test are done at the same date the static detection will vary a lot which will also break the dynamic stats for the program. So if a specific tester is a day late always or even a few hours it will affect the test a lot.
It's an interesting metric but not so sure about it's accuracy.
 

BoraMurdar

Super Moderator
MalwareTips Staff
Verified
Joined
Aug 30, 2012
Messages
6,069
OS
Windows 10
Antivirus
Emsisoft
#5
This kind of report has issues. If not all test are done at the same date the static detection will vary a lot which will also break the dynamic stats for the program. So if a specific tester is a day late always or even a few hours it will affect the test a lot.
It's an interesting metric but not so sure about it's accuracy.
It will be improved over time, that's why there is a disclaimer above ;)
 

SHvFl

Level 34
Content Creator
Verified
Joined
Nov 19, 2014
Messages
2,311
OS
Windows 10
Antivirus
Emsisoft
#8
It will be improved over time, that's why there is a disclaimer above ;)
Yeah, i know that's why i said it's interesting.I for sure don't know how accurate it is and tbh none can say even if they checked all data times because you have no idea how signatures changed.
Anw at least it's not paid test using samples that will make products look good. Maybe in the future you ignore all reports that are 12 hours after VT report or something like that(you might already have done it)?
 

davisd

Level 20
Verified
Joined
Feb 2, 2016
Messages
975
OS
Windows 10
Antivirus
Default-Deny
#15
Please add infected rate to the graph. That's what we really want to know.
If all run samples are malware, and Windows Defender's Total Detection Rate is 64.70% then system infection rate wouldn't be 35.30% at that point? But over 12 or 24 hours infection rate would lower i guess when AV signatures gets updated and it finds those infections?
 

tim one

Level 21
AV-Tester
Verified
Joined
Jul 31, 2014
Messages
1,073
OS
Windows 10
Antivirus
F-Secure
#16
If all run samples are malware, and Windows Defender's Total Detection Rate is 64.70% then system infection rate wouldn't be 35.30% at that point? But over 12 or 24 hours infection rate would lower i guess when AV signatures gets updated and it finds those infections?
Please consider that some undetected malware may be corrupt, or dormant ( dynamic scan) because VM-aware.
It is not simple.
 

shmu26

Level 67
Content Creator
Verified
Joined
Jul 3, 2015
Messages
5,623
OS
Windows 10
#17
Please consider that some undetected malware may be corrupt, or dormant ( dynamic scan) because VM-aware.
It is not simple.
I would add that there are native Windows security features that can stop the malware. For instance, it might fail to escalate privileges on a modern OS, but could succeed on Windows XP.
 

conceptualclarity

Level 19
Content Creator
Verified
Joined
Aug 23, 2013
Messages
943
Antivirus
ESET
#18
Very, very welcome. :D

This should be a boost to Malware Tips' profile.

Would really like to see not just the brand but the specific product(s) used listed in the chart, since with most of these brands there are three or more current products available.
 

tim one

Level 21
AV-Tester
Verified
Joined
Jul 31, 2014
Messages
1,073
OS
Windows 10
Antivirus
F-Secure
#19
I would add that there are native Windows security features that can stop the malware. For instance, it might fail to escalate privileges on a modern OS, but could succeed on Windows XP.
The problem is our testing environment, the virtual machine.
If a malware is not detected by the AV in testing because it has anti-vm routines, this malware is not producing processes in its execution because it goes into sleep mode.
Now the AV does not detect the malware but not because of a lack, but because the malware is inert: no malware in the eyes of the AV.
Perhaps the best solution would be Shadow Defender in this context.
@BoraMurdar is totally right in saying to take the tests as a grain of salt.
 

shmu26

Level 67
Content Creator
Verified
Joined
Jul 3, 2015
Messages
5,623
OS
Windows 10
#20
The problem is our testing environment, the virtual machine.
If a malware is not detected by the AV in testing because it has anti-vm routines, this malware is not producing processes in its execution because it goes into sleep mode.
Now the AV does not detect the malware but not because of a lack, but because the malware is inert: no malware in the eyes of the AV.
Perhaps the best solution would be Shadow Defender in this context.
@BoraMurdar is totally right in saying to take the tests as a grain of salt.
that's the advantage of SD. The disadvantage is you can't do a reboot with the malware still present. I looks to me like some of our testers reboot and then run a scan, although you would know better than me.
 

Similar Threads

Similar Threads