Christian Mairoll Posted April 15, 2015 Report Share Posted April 15, 2015 Antivirus testing organization AV-Comparatives published the first real-world protection test in its 2015 test series: March 2015. The detailed overall result reports (covering four months each) are released in July and December. Emsisoft Anti-Malware prevents 100% of infections For this test, AV-Comparatives used a test set of 410 live test cases (malicious URLs found in the field) consisting of working exploits (i.e. drive-by downloads) and URLs pointing directly to malware. In other words, mimicking the threats a typical user would experience in everyday life. The graph above shows the test results against the “out-of-box” malware protection provided by Microsoft Windows, which in this case is Microsoft Security Essentials since AV-Comparatives ran this test under Microsoft Windows 7 Home Premium 64 Bit SP1. Emsisoft detected all threats, and thereby received a 100% detection rate. In 0.7% of the cases Emsisoft Anti-Malware displayed an alert which recommends the user to block the threat instead of automatic removal, which is why AV-C counts these as “user dependent”. See the full fact sheet here. Related Posts: Fourth time in a row: Advanced+ ranking in Real-World… Emsisoft Runs 4 month Malware Protection Marathon at… AV-Comparatives 2013 Real World Protection Test Emsisoft Anti-Malware achieves highest honor in… Emsisoft Anti-Malware achieves a perfect score of 100% in… View the full article 2 Quote Link to comment Share on other sites More sharing options...
Siketa Posted April 16, 2015 Report Share Posted April 16, 2015 Christian, are 4 FPs caused by Emsi signatures or BB alerts for known good programs? Regarding False Alarm test http://www.av-comparatives.org/wp-content/uploads/2015/04/avc_fps_201503_en.pdf we can see that all detections are from BD engine. Yet BD result shows less FPs than Emsi. Why is that? Quote Link to comment Share on other sites More sharing options...
Fabian Wosar Posted April 16, 2015 Report Share Posted April 16, 2015 Actually, those are triggered by the surf protection. The problem is, that we blacklist entire domains because blocking on URL level would require us to break transport layer encryption. Quote Link to comment Share on other sites More sharing options...
Siketa Posted April 16, 2015 Report Share Posted April 16, 2015 Thanks, Fabian! What about the False Alarm test? Quote Link to comment Share on other sites More sharing options...
Fabian Wosar Posted April 16, 2015 Report Share Posted April 16, 2015 All false positives in the on-demand scan were caused by Bitdefender. There were differences in signatures though due to synchronization delays. Quote Link to comment Share on other sites More sharing options...
gricardo21 Posted April 16, 2015 Report Share Posted April 16, 2015 i wonder why, most of the products that uses Bitdefender engine get lower rates than Bitdefender if it is supposed they use the same engine...? and what does it means with user interaction? if emsi automatically blocks files (with the BB) Quote Link to comment Share on other sites More sharing options...
Fabian Wosar Posted April 17, 2015 Report Share Posted April 17, 2015 i wonder why, most of the products that uses Bitdefender engine get lower rates than Bitdefender if it is supposed they use the same engine...? and what does it means with user interaction? if emsi automatically blocks files (with the BB) Bitdefender will always have slightly more up-to-date signatures for a few minutes after a new signature update is released, as updates have to be distributed to OEM partners first. On average our users get Bitdefender signature updates between 5 and 10 minutes after Bitdefender users. Given that the update interval in general is usually 1 hour, that is rarely a big deal. But it can explain minor variations in detections. Also keep in mind that Bitdefender may use cloud assisted technologies during on-demand scans as well, which can lead to varying results. We don't use any of Bitdefender's cloud features, as their privacy policy does not meet our own standards. User interaction means, that we asked the user what he wants to do with the file instead of making the decision for him. For example: Whenever we show a dialog like that instead of just quarantining the file automatically, it is counted as a user based decision and is only worth half the points. 2 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.