AVLab.pl Product Enquiry - Which products should we test in your opinion?

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Fair enough. It can then just be a false sense of security, a bit of a sales tool, of the "protection" it provides.
It is 100% sales tool.
The fact that they have maintained a persistent threat for over twenty years suggests fundamental flaws in existing security measures.
They rely on careless users that switch off their security software, download dodgy “stuff” or as our favourite @bazang likes to say “users want to use stuff” or not running any security software whatsoever. Some of them create exclusions for the aforementioned dodgy stuff.
Such users rarely do banking, in fact in their countries online shopping often involves collecting payment from customer directly upon delivery.
Many of them don’t even keep money in their bank, upon being paid, they go and withdraw everything.

Such users cannot be protected by anything. Banking protection will not help them.
 
F

ForgottenSeer 114834

It is 100% sales tool.

They rely on careless users that switch off their security software, download dodgy “stuff” or as our favourite @bazang likes to say “users want to use stuff” or not running any security software whatsoever. Some of them create exclusions for the aforementioned dodgy stuff.
Such users rarely do banking, in fact in their countries online shopping often involves collecting payment from customer directly upon delivery.
Many of them don’t even keep money in their bank, upon being paid, they go and withdraw everything.

Such users cannot be protected by anything. Banking protection will not help them.
The shift from standard detection to layered defense reflects the evolving threat landscape. Do you seriously believe layered modules are less capable of mitigating risks?
 
F

ForgottenSeer 114834

Layered modules is one, useless gimmicks is another.
Based on personal opinion, means that the following statement is subjective and reflects the speaker's individual viewpoint rather than objective facts or evidence. It's a way to acknowledge that the subsequent statement is not necessarily a universally shared belief.

Example:

"Based on personal opinion, I believe that chocolate ice cream is the best flavor."
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Based on personal opinion, means that the following statement is subjective and reflects the speaker's individual viewpoint rather than objective facts or evidence. It's a way to acknowledge that the subsequent statement is not necessarily a universally shared belief.

Example:

"Based on personal opinion, I believe that chocolate ice cream is the best flavor."
Arguments have already been presented in relation to these opinions. If anyone can chime in and say “I was infected with this Trojan on this day and banking protection helped me avoid financial loss”, I’ll accept I was wrong.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
Defender free on default settings + Smart App Control (Windows 11) - tested in the category "Home Users".
Microsoft promotes the above as a recommended setup for average users at home and hybrid work. It is applied automatically on many computers after the Evaluation period.
This setup is similar to Norton with Download Insight, except the user cannot bypass the alerts.
 
Last edited:

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,153
Layered modules is one, useless gimmicks is another.
But, how much of this is really a gimmick, and how much of it is layered protection? (I'm asking in sincerity) Are all of the other components of the standard browsing protection "disabled" using banking protection, or still active including those features creating a greater layer of protection as @Lynx is suggesting?

banking.jpg
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Neither untrusted apps, nor some command line tools and utilities should ever be running on users machines at any given time. It should not be waited for user to “bank/shop” and for banking protection to do all that.

The clearing of the clipboard is ok, but again, clipboard grabbers should not be running. DeepGuard should be monitoring the clipboard access and it is.
 

Adrian Ĺšcibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
220
Last edited:

SpiderWeb

Level 13
Verified
Top Poster
Well-known
Aug 21, 2020
609
We do it regularly :) See on Recent Results » AVLab Cybersecurity Foundation and previous months. Why? Maybe we test better than other labs, so that's why they participate in our test only? :)

You can track this website also: Malwarebytes » AVLab Cybersecurity Foundation
I really like how you distinguish between pre-launch and post-launch remediation. I know I have a personal preference towards pre-launch remediation and was never comfortable with post-launch. This is giving consumers a great overview on how each AV behaves.
 

Adrian Ĺšcibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
220
I have a personal preference towards pre-launch remediation and was never comfortable with post-launch.
Indeed.

I really understand your opinion.

In theory protection at pre_execution level is better than post_execution, but in practise result is same on paper. You can choose products which are characterised by better protection at PRE level. Hovewer sometimes danger situation may occurs when malware is executed by user, so software must protect system in 100%.

That's why we want to show to community the differences between pre and post level in Advanced In-The-Wild Malware Test (a new edition for July 2024 will be published this week and we will include NordVPN Threat Protection software to check efectiveness of protection at PRE execution level and Tachyon Internet Security as well in September 2024 edition).
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
@Adrian Ĺšcibor

There are some errors in the test files:
The content of the test file (Comparison Table, .csv file) for September 2022 is the same as for July 2022.
The test file for May 2024 is the same as for March 2024.

Edit.
By the way, the .csv test files with malware hashes can be very helpful. :)(y)
 
Last edited:

Adrian Ĺšcibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
220
@Adrian Ĺšcibor

There are some errors in the test files:
The content of the test file (Comparison Table, .csv file) for September 2022 is the same as for July 2022.
The test file for May 2024 is the same as for March 2024.

Edit.
By the way, the .csv test files with malware hashes can be very helpful. :)(y)
Checksums are available in each CSV for every single test edition :)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,591
Checksums are available in each CSV for every single test edition :)

The scorings displayed on the AVLab website differ in these two cases from the information included in the .csv files. So, someone used the correct testing information for scorings and statistics but attached the wrong .csv files.
For the May 2024, test the .csv file is named "report-summary-march-2024.csv" and binary equal to the .csv file taken from the March 2024 test.
For September 2022 the file name is OK ("september-2022.csv"), but it is simply renamed file "july-2022.csv" taken from the July test.

Edit.
I used the hashes included in the .csv files to get information from VirusTotal about the infection rate of digitally signed files (valid, fake, malformed) compared to unsigned files. :)
 
Last edited:

Adrian Ĺšcibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
220
The scorings displayed on the AVLab website differ in these two cases from the information included in the .csv files. So, someone used the correct testing information for scorings and statistics but attached the wrong .csv files.
For the May 2024, test the .csv file is named "report-summary-march-2024.csv" and binary equal to the .csv file taken from the March 2024 test.
For September 2022 the file name is OK ("september-2022.csv"), but it is simply renamed file "july-2022.csv" taken from the July test.

Edit.
I used the hashes included in the .csv files to get information from VirusTotal about the infection rate of digitally signed files (valid, fake, malformed) compared to unsigned files. :)
I am gonna to fix this soon, sorry for that. I have to do some reasearch in our database manually for the data.

*By the way - we are on the straight way to publish a first "Cyber Transparency Audit" soon. The project is new, so keep fingers crossed please :)
 

Adrian Ĺšcibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
220
@Adrian Ĺšcibor do you reach out to Emsisoft or visa versa, as you seem to be the only (or one of few) testing Emsi.
Yeap. We stay in contact with their engineers, threat analytists and CEO. Would you like to know something more or ask for details?
*edited - vocabulary mistake :/
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top