MartinPe 10 Posted December 2, 2019 Share Posted December 2, 2019 I know your are not a fan of this guy. But this time you did very good. Link to comment Share on other sites More sharing options...
itman 1,659 Posted December 2, 2019 Share Posted December 2, 2019 Yes. 99.33% on Proactive Detection and 100% on Clean system. I consider this quite a good score given the PC Security Channel's testing methods. So I guess we have the first ad hoc of Augur's advanced machine learning capability. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 3, 2019 Most Valued Members Share Posted December 3, 2019 2 hours ago, itman said: Yes. 99.33% on Proactive Detection and 100% on Clean system. I consider this quite a good score given the PC Security Channel's testing methods. So I guess we have the first ad hoc of Augur's advanced machine learning capability. Is he a decent tester? I rarely watch any of these videos normally as they can be sneaky with how they test e.g. disabling key features. Not heard of this channel Link to comment Share on other sites More sharing options...
itman 1,659 Posted December 3, 2019 Share Posted December 3, 2019 (edited) 27 minutes ago, peteyt said: Is he a decent tester? My objection from his methodology section is this: Quote MalEx In order to automate the process of executing thousands of samples, we use a python script. Each malware is executed as a separate process group and a breakaway job. This ensures that the test continues smoothly regardless of the outcome of the execution and the actions of the malware process. If a malware fails to execute and returns an error (as is often the case when malware is blocked), the product is granted a block. If a sample launches successfully, it is counted as a miss. As such, all web protections are bypassed including file scanning at file creation time. In contrast, the AMTSO methodology member AV labs employ for real-time testing is the sample is downloaded using its source URL. Then there is the issue of post-execution detection using AMS for example which is ignored in his testing. Edited December 3, 2019 by itman Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 202 Posted December 3, 2019 Most Valued Members Share Posted December 3, 2019 (edited) 6 hours ago, peteyt said: Is he a decent tester? I rarely watch any of these videos normally as they can be sneaky with how they test e.g. disabling key features. Not heard of this channel Yes because Antivirus companies will tell you that you have disabled some features that could have blocked the threats before they start to run in the system , as web protection for example , so some layers have been disabled in order to run the test, But the crazy thing about this test or this guy , that he unleash lot of threats at the same time at the AV , it's sometimes funny to watch other products how they cripple with something like this, including Windows Defender and somekind of other security products that claim that it will protect your system , there are many more videos like this who do the testing. It's not funny that the antivirus fails , but it is funny that the advertising campaign that will be ran by the AV company will claim that it will protect your infrastructure , till you get hit by something Honestly for me , since NOD32 v2 , I never had to change any antivirus product , even though sometimes I wanted to give others a try , but I just can't go away , it's so light and efficient , it doesn't matter if the product doesn't protect 100% , because nothing is safe 100% , But it's so bad when a product claims to protect you like Windows Defender , and let your PC get encrypted by a malware , or somekind of very old virus not to be detected (Not windows defender but can't remember which company and which video) and corrupt your system. It's always better to have multi-layer protection. Edited December 3, 2019 by Rami Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 3, 2019 Most Valued Members Share Posted December 3, 2019 4 hours ago, Rami said: Yes because Antivirus companies will tell you that you have disabled some features that could have blocked the threats before they start to run in the system , as web protection for example , so some layers have been disabled in order to run the test, But the crazy thing about this test or this guy , that he unleash lot of threats at the same time at the AV , it's sometimes funny to watch other products how they cripple with something like this, including Windows Defender and somekind of other security products that claim that it will protect your system , there are many more videos like this who do the testing. It's not funny that the antivirus fails , but it is funny that the advertising campaign that will be ran by the AV company will claim that it will protect your infrastructure , till you get hit by something Honestly for me , since NOD32 v2 , I never had to change any antivirus product , even though sometimes I wanted to give others a try , but I just can't go away , it's so light and efficient , it doesn't matter if the product doesn't protect 100% , because nothing is safe 100% , But it's so bad when a product claims to protect you like Windows Defender , and let your PC get encrypted by a malware , or somekind of very old virus not to be detected (Not windows defender but can't remember which company and which video) and corrupt your system. It's always better to have multi-layer protection. But I've seen probably all AVs fail on one of these videos. Nothing will ever be 100 percent but also the actual tests never truly represent how an AV works in real life. A general user should never be running multiple malware pieces at the same time. It all comes down to the user really in my opinion. Obviously you want an AV that has good protection then it just depends on what you want, the interface and so on. Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 202 Posted December 3, 2019 Most Valued Members Share Posted December 3, 2019 (edited) 1 hour ago, peteyt said: But I've seen probably all AVs fail on one of these videos. Nothing will ever be 100 percent but also the actual tests never truly represent how an AV works in real life. A general user should never be running multiple malware pieces at the same time. It all comes down to the user really in my opinion. Obviously you want an AV that has good protection then it just depends on what you want, the interface and so on. As far as I remember , Kaspersky has done the best among all. But honestly for me I don't really care , I am happy with ESET , and if bad things will happen , it will happen even if Zeus himself is protecting my computer. The best security practice is to disconnect the PC from network Edited December 3, 2019 by Rami Link to comment Share on other sites More sharing options...
MartinPe 10 Posted December 3, 2019 Author Share Posted December 3, 2019 23 hours ago, peteyt said: Is he a decent tester? I rarely watch any of these videos normally as they can be sneaky with how they test e.g. disabling key features. Not heard of this channel He has his way of testing, what I consider interesting is how the AV react when the system is locally attacked. Not filtered from the web or AV blocking the malware already on disk. Karspersky and Bitdefender handle his way of testing very well. Windows Defender not so much since it didn't was able to catch the malware before being written on disk. The ver 12 didn't go well last time, but very happy to see that v13 is handling his test very well. It's just fun to see some AV having troubles like Malware Bytes that seem to suffer as much as Windows defender. Personnaly, I have more confidence with www.av-comparatives.org Link to comment Share on other sites More sharing options...
itman 1,659 Posted December 4, 2019 Share Posted December 4, 2019 (edited) 17 hours ago, Rami said: t's sometimes funny to watch other products how they cripple with something like this, including Windows Defender Assume none of those sample still have the "mark of the web" enabled on them. This of course will lead to WD not cloud scanning them, Also assume he has also disabled or changed Win 10 native SmartScreen settings which will by default, warn upon execution of any .exe not downloaded from the Win Store web site. Edited December 4, 2019 by itman Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 202 Posted December 4, 2019 Most Valued Members Share Posted December 4, 2019 6 hours ago, itman said: Assume none of those sample still have the "mark of the web" enabled on them. This of course will lead to WD not cloud scanning them, Also assume he has also disabled or changed Win 10 native SmartScreen settings which will by default, warn upon execution of any .exe not downloaded from the Win Store web site. It's the same thing of disabling the multi-layer protection that the AV is having , but still Windows Defender doesn't do good without it's cloud , although one of the videos Windows Defender missed lot of threats , including one from Windows XP days that would give you the same error message over and over. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 4, 2019 Most Valued Members Share Posted December 4, 2019 6 hours ago, Rami said: It's the same thing of disabling the multi-layer protection that the AV is having , but still Windows Defender doesn't do good without it's cloud , although one of the videos Windows Defender missed lot of threats , including one from Windows XP days that would give you the same error message over and over. And its good to know but would a user disable the cloud feature? Its like tests that diable web protection on eset - it will obviously not be as good because you have disabled a key and important feature Link to comment Share on other sites More sharing options...
Custerinky 0 Posted December 4, 2019 Share Posted December 4, 2019 I watch his video's occasionally. Sometimes he reminds me of a Circus master and other times a Circus clown. I personally take it all with a grain of salt. The biggest plus one has is constant awareness of surroundings and smart decision making. Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 202 Posted December 5, 2019 Most Valued Members Share Posted December 5, 2019 18 hours ago, Custerinky said: I watch his video's occasionally. Sometimes he reminds me of a Circus master and other times a Circus clown. I personally take it all with a grain of salt. The biggest plus one has is constant awareness of surroundings and smart decision making. Yes indeed but he gives the AVs a different test from different perspective even though he disabled some layers to get them inside the computer and then ran them while realtime is running , he somehow in someway , tests how much powerful is the real-time protection. not overall the security solution Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 5, 2019 Most Valued Members Share Posted December 5, 2019 4 hours ago, Rami said: Yes indeed but he gives the AVs a different test from different perspective even though he disabled some layers to get them inside the computer and then ran them while realtime is running , he somehow in someway , tests how much powerful is the real-time protection. not overall the security solution Does he let people know this though? I've seen testers turn things off but not really explain what it does and why he has disabled it. Problem is that people often aren't given the full picture. Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 202 Posted December 5, 2019 Most Valued Members Share Posted December 5, 2019 1 hour ago, peteyt said: Does he let people know this though? I've seen testers turn things off but not really explain what it does and why he has disabled it. Problem is that people often aren't given the full picture. Yes and it might hurt the image of the AV company even though he doesn't explain exactly how his test is done , and what has been disabled and what not, it's right what you say my friend. Link to comment Share on other sites More sharing options...
Custerinky 0 Posted December 6, 2019 Share Posted December 6, 2019 It was refreshing to see such results especially after the 2 previous tests. The Ransomware test was very disturbing and then he ran Malware and just stopped after the first phase. I really wonder how there can be such contrast within months. Link to comment Share on other sites More sharing options...
PassingBy 5 Posted December 12, 2019 Share Posted December 12, 2019 (edited) Not too long ago we were here, in another thread, discussing about the previous test from this very same guy who gave ESET appalling scores with a major war of words ongoing on this place for weeks. That was when i joined the ESET family and this forum. Because while everyone was fighting based on the opinions of this guy, what i did was to download ESET, then set it up with maximum settings, including the HIPS rules which i added manually from an ESET guide and, that is my understanding, later on were added by ESET as standard in their product. The result was me leaving another product after over 15 years of non stop usage (they removed the spam protection to an extent) and buying a 3 years subscription for ESET with a special offer in my country of residence. I never had issues with the previous product. I had never issues with the current one, with only minor complaints related to small details. It might be to soon to be too positive. I don't know. However the bottom line is: Try things by yourself. Reviews are entertaining, they can be a rough guide to what you are looking for. But there is no substitute for your experience. ESET is working fine for me. I only consider their notifications an utter pain in the neck. I had to mute them. And some of their threats are not explained in the proper way. I am happy that i can change whatever i want and that i can set rules by myself if needed. It surely is not a suite for the lazy. But it is a good product, if one takes some time to learn how to use it and is not scared of asking questions. The support in the forum is overall good as well. The previous product had an appalling support. And did try many other products together with ESET. I threw all of them away. Some slowed down my PC, others had too much bloatware in them, some were oversimplified and didn't allow me to have a good control (no notifications at all in those...as opposed to ESET, with worse nightmares as you don't know what's going on underneath). Try things yourself! We'll be here in a few months with this guy giving ESET a lower score and more arguments arising, most probably. Edited December 12, 2019 by PassingBy Nightowl, peteyt and fabioquadros_ 3 Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 202 Posted December 12, 2019 Most Valued Members Share Posted December 12, 2019 (edited) On 12/6/2019 at 5:28 AM, Custerinky said: It was refreshing to see such results especially after the 2 previous tests. The Ransomware test was very disturbing and then he ran Malware and just stopped after the first phase. I really wonder how there can be such contrast within months. You also need not to forget that he does disable multiple layers in order to get the malware inside the computer , so half of the IS package wasn't working when these malwares were inserted into the PC , and then he enables them again , and run the real-time protection and then the test For example most of them wouldn't be able to be downloaded , passed to the computer because of the web protection. Edited December 12, 2019 by Rami Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 12, 2019 Most Valued Members Share Posted December 12, 2019 3 hours ago, PassingBy said: Not too long ago we were here, in another thread, discussing about the previous test from this very same guy who gave ESET appalling scores with a major war of words ongoing on this place for weeks. That was when i joined the ESET family and this forum. Because while everyone was fighting based on the opinions of this guy, what i did was to download ESET, then set it up with maximum settings, including the HIPS rules which i added manually from an ESET guide and, that is my understanding, later on were added by ESET as standard in their product. The result was me leaving another product after over 15 years of non stop usage (they removed the spam protection to an extent) and buying a 3 years subscription for ESET with a special offer in my country of residence. I never had issues with the previous product. I had never issues with the current one, with only minor complaints related to small details. It might be to soon to be too positive. I don't know. However the bottom line is: Try things by yourself. Reviews are entertaining, they can be a rough guide to what you are looking for. But there is no substitute for your experience. ESET is working fine for me. I only consider their notifications an utter pain in the neck. I had to mute them. And some of their threats are not explained in the proper way. I am happy that i can change whatever i want and that i can set rules by myself if needed. It surely is not a suite for the lazy. But it is a good product, if one takes some time to learn how to use it and is not scared of asking questions. The support in the forum is overall good as well. The previous product had an appalling support. And did try many other products together with ESET. I threw all of them away. Some slowed down my PC, others had too much bloatware in them, some were oversimplified and didn't allow me to have a good control (no notifications at all in those...as opposed to ESET, with worse nightmares as you don't know what's going on underneath). Try things yourself! We'll be here in a few months with this guy giving ESET a lower score and more arguments arising, most probably. Exactly. I used to run a tech blog thing but avoided reviewing AVs simply because it all comes down to user preference. Malware tests don't tend to really mirror how AVs work in real life. Most of the top AVs have similar scores so it depends on what you prefer, features etc. As a few have mentioned on here if you kept changing AVs on test results you'd be constantly moving and it would be hard considering different companies, testers etc. will show different results. I always think if your using an AV and haven't been infected or had any issues, slowdowns etc. Then does if matter if one AV comes slightly higher? The first one is obviously working so why risk it. It also comes down to the user to, avoiding risky sites etc. Link to comment Share on other sites More sharing options...
PassingBy 5 Posted December 13, 2019 Share Posted December 13, 2019 (edited) 18 hours ago, peteyt said: Exactly. I used to run a tech blog thing but avoided reviewing AVs simply because it all comes down to user preference. Malware tests don't tend to really mirror how AVs work in real life. Most of the top AVs have similar scores so it depends on what you prefer, features etc. As a few have mentioned on here if you kept changing AVs on test results you'd be constantly moving and it would be hard considering different companies, testers etc. will show different results. I always think if your using an AV and haven't been infected or had any issues, slowdowns etc. Then does if matter if one AV comes slightly higher? The first one is obviously working so why risk it. It also comes down to the user to, avoiding risky sites etc. I agree. But the point is also that tests do not reflect the real settings most users use. They assume that everyone buys the suite and leaves it as is. This of course gives an advantage to the "Install and forget" suites over those that require manual fine tuning, often considered backward due to the lack of automation. To me the efficacy of an AV suite is proven when the software is set to it's max protection settings and tested in real life. In that respect, considering i live in a part of Asia that is rife with threats, i can't complain to date. Had i followed the tests made by others, today i'd be using something else (and i tried a top notch suite ending up very very unhappy in less than one week and the 6 months for free). PS: i went to check AV Comparatives (I check it regularly, out of curiosity) and ESET is still below standards according to them. They had a survey on and what i am suggesting is exactly the above. Test the products with all protections on and see the difference. That would make for an interesting change. Edited December 13, 2019 by PassingBy Link to comment Share on other sites More sharing options...
itman 1,659 Posted December 13, 2019 Share Posted December 13, 2019 (edited) 6 hours ago, PassingBy said: They had a survey on and what i am suggesting is exactly the above. Test the products with all protections on and see the difference. That would make for an interesting change. A-V Comparatives does allow configuration setting changes for their Enterprise product tests: https://www.av-comparatives.org/tests/business-security-test-august-september-2019-factsheet/ . I believe the same applies to most other AV lab tests of enterprise products. The reasoning being that corps. should and most likely do such modification for maximum protection whereas the average user will run the like consumer product at default settings. Of note is EES Cloud was the top scorer in the most recent A-V C test factoring protection and false positive scores together. This score also was achieved at default settings. Edited December 13, 2019 by itman Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 13, 2019 Most Valued Members Share Posted December 13, 2019 14 hours ago, PassingBy said: I agree. But the point is also that tests do not reflect the real settings most users use. They assume that everyone buys the suite and leaves it as is. This of course gives an advantage to the "Install and forget" suites over those that require manual fine tuning, often considered backward due to the lack of automation. To me the efficacy of an AV suite is proven when the software is set to it's max protection settings and tested in real life. In that respect, considering i live in a part of Asia that is rife with threats, i can't complain to date. Had i followed the tests made by others, today i'd be using something else (and i tried a top notch suite ending up very very unhappy in less than one week and the 6 months for free). PS: i went to check AV Comparatives (I check it regularly, out of curiosity) and ESET is still below standards according to them. They had a survey on and what i am suggesting is exactly the above. Test the products with all protections on and see the difference. That would make for an interesting change. The problem is some tests don't just test with basic protection, they disable basic protection. For example they will download a file by disabling parts of the AV such as web protection and then running it. The file might get through as no AV is perfect, mistakes happen. However it might have been that the web protection would have blocked the virus from even being downloaded in the first place - so the test makes the AV look bad because it has put the AV in a more limited capacity and in most cases such as youtube videos this isn't explained so the viewers don't get the full truth. Link to comment Share on other sites More sharing options...
PassingBy 5 Posted December 15, 2019 Share Posted December 15, 2019 On 12/13/2019 at 1:58 PM, itman said: A-V Comparatives does allow configuration setting changes for their Enterprise product tests: https://www.av-comparatives.org/tests/business-security-test-august-september-2019-factsheet/ . I believe the same applies to most other AV lab tests of enterprise products. The reasoning being that corps. should and most likely do such modification for maximum protection whereas the average user will run the like consumer product at default settings. Of note is EES Cloud was the top scorer in the most recent A-V C test factoring protection and false positive scores together. This score also was achieved at default settings. Thanks for adding up on this. Interesting. Link to comment Share on other sites More sharing options...
PassingBy 5 Posted December 15, 2019 Share Posted December 15, 2019 On 12/13/2019 at 9:49 PM, peteyt said: The problem is some tests don't just test with basic protection, they disable basic protection. For example they will download a file by disabling parts of the AV such as web protection and then running it. The file might get through as no AV is perfect, mistakes happen. However it might have been that the web protection would have blocked the virus from even being downloaded in the first place - so the test makes the AV look bad because it has put the AV in a more limited capacity and in most cases such as youtube videos this isn't explained so the viewers don't get the full truth. Yes i followed your posts elsewhere and you explained this previously. That doesn't sound like a proper practice for a test, even when some readers point out that others AVs stopped the threat anyways. Link to comment Share on other sites More sharing options...
Recommended Posts