AVLab.pl Security test on the example of 400 malicious samples in the wild (November 2022)

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Adrian Ścibor

From AVLab.pl
Thread author
Verified
Well-known
Apr 9, 2018
175
though not much help because the av company can decide not to fix and not publish that fact, ask @Adrian Ścibor av companies do not fix problems found in avlab tests
Not true. Believe me that many times Vendors have fixed the bugs found in our tests. The ones that were found. Avast, Malwarebytes, Comodo, MKS-VIR, SecureAPlus, Webroot and others. They must want to cooperate with you. But not everyone wants to. You report a problem and bang away from the corporate communications wall.
 

Andrezj

Level 6
Nov 21, 2022
248
Not true. Believe me that many times Vendors have fixed the bugs found in our tests. The ones that were found. Avast, Malwarebytes, Comodo, MKS-VIR, SecureAPlus, Webroot and others. They must want to cooperate with you. But not everyone wants to. You report a problem and bang away from the corporate communications wall.
i did not say all av companies refuse to fix based upon test resultts
i said some do not fix, the point is that they are not requried to fix anything, there are arguments that a revealed problem is not really a problem, or say poc is not a real threat
microsoft chose to not fix a number of problems reported about defender (by other labs)
g data did not fix problems reported about its behavior blocker and firewall (demonstrated by poc)
but most antivirus desire to improve their product
Point out such a source of malware.
I believe there is no such thing. What is zero-day from the user's point of view? Something that hit him the first time?

Consider, for example, APP.ANY.RUN. They have a great deal of files from users. How do you investigate whether they are zero-day? For some sample will be zero-day, for other vendors not.

You won't get a malware test base of many thousands in one month. Even paid malware services don't have such databases. I know, because I checked. I asked. I did the reconnaissance to even pay for it. They don't have such databases.

From our point of view, it is not the base that is important, but the REAL URLs that live a few minutes, a few hours max, and the malware is 404.

Another difficulty is that not every unknown file is malware. This is where Vendors may have the most doubt, as you have investigated it, show and proof that it is harmful!
i said if such a test were possible, but we know it is not possible, it is a hypothetical example
the point i made using such an extreme hypothetical test is any tests that do nothing except make av look bad (even if results are entirely accurate), then the companies will not participate in testing
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top