Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: What's the Best Anti-virus?

30 Apr 2014   #861
newpgm

Windows 7 Ultimate x64
 
 

It's unfortunate that Microsoft (MSE) is @ (or near) the bottom. Seems like Microsoft should have a better footprint in security detection/protection. The free versions of AVG & Avast, both of which I have used in the past without problem, are a much better choice.

thank you


My System SpecsSystem Spec
.
30 Apr 2014   #862
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by newpgm View Post
It's unfortunate that Microsoft (MSE) is @ (or near) the bottom. Seems like Microsoft should have a better footprint in security detection/protection. The free versions of AVG & Avast, both of which I have used in the past without problem, are a much better choice.

thank you
How do those conducting these AV comparison tests determine what is and what is not a virus? How would all companies that make antivirus apps agree that the same set of files are malicious? AV-Comparatives uses 12000+ files for its accuracy check. Perhaps those working on MSE don't think that all of 12000+ files are bad. Or there is some other reason for MSE's seemingly poor performance.

It would be nice/better if some researcher would take the time to publish a paper detailing the malicious actions of some files and then state which AV apps did not prevent those actions.
My System SpecsSystem Spec
30 Apr 2014   #863
newpgm

Windows 7 Ultimate x64
 
 

I did read your reply of three weeks ago but not well enough. You make a good point re: "how do those conducting these AV comparison tests determine what is and what is not a virus?" Especially with 12,000+ files.
My System SpecsSystem Spec
.

30 Apr 2014   #864
UsernameIssues

W7 Pro SP1 64bit
 
 

I'm not MSE's biggest fan - as this post shows. MSE should never let an app take over the shell without warning the user.

But I wonder if companies like AVG/AVAST/BitDefender... study the AV-Comparitives testing method and write code that works well for those tests. This would mean that AV-Comparatives has a huge influence on what gets considered as malware. This might be a very good thing - IF those at AV-Comparitives are steering AV companies in the right direction (e.g. driving them to detect truly malicious files). Or, it could be a very bad thing (e.g. driving them to detect files that are not worthy of flagging*).

*assumes that the more files an AV company has signatures for, the slower things get.
My System SpecsSystem Spec
30 Apr 2014   #865
Dallas 7

Windows 7 Pro x64
 
 

Quote   Quote: Originally Posted by UsernameIssues View Post
I'm not MSE's biggest fan - as this post shows. MSE show never let an app take over the shell without warning the user.

But I wonder if companies like AVG/AVAST/BitDefender... study the AV-Comparitives testing method and write code that works well for those tests. This would mean that AV-Comparatives has a huge influence on what gets considered as malware. This might be a very good thing - IF those at AV-Comparitives are steering AV companies in the right direction (e.g. driving them to detect truly malicious files). Or, it could be a very bad thing (e.g. driving them to detect files that are not worthy of flagging*).

*assumes that the more files an AV company has signatures for, the slower things get.

MSE scored poorly in comparison to the other AVs whether they studied the "testing methods" or not.
MSE took the same tests everyone else took, and the test results speak for themselves.
Even if the companies had access to the tests and methods ahead of time like you suggest and MSE STILL scored last, what does that say for MSE? What's MSE's excuse, "The dog ate my homework"?

Not only that, but it's hardly fair to question the integrity of AV Comparatives or their testing methods without concrete evidence to show good cause.
They have a good reputation, and I've never seen or heard of any good reason to question the integrity of them or the service they provide.
My System SpecsSystem Spec
30 Apr 2014   #866
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Dallas 7 View Post
Quote   Quote: Originally Posted by UsernameIssues View Post
I'm not MSE's biggest fan - as this post shows. MSE show never let an app take over the shell without warning the user.

But I wonder if companies like AVG/AVAST/BitDefender... study the AV-Comparitives testing method and write code that works well for those tests. This would mean that AV-Comparatives has a huge influence on what gets considered as malware. This might be a very good thing - IF those at AV-Comparitives are steering AV companies in the right direction (e.g. driving them to detect truly malicious files). Or, it could be a very bad thing (e.g. driving them to detect files that are not worthy of flagging*).

*assumes that the more files an AV company has signatures for, the slower things get.

MSE scored poorly in comparison to the other AVs whether they studied the "testing methods" or not.
The test results still speak for themselves.
Even if the companies had access to the tests and methods ahead of time like you suggest and MSE STILL scored last, what does that say for MSE? What's MSE's excuse, "The dog ate my homework?"

Not only that, but it hardly seems fair to question the integrity of any of the parties or the testing methods involved without concrete evidence to back it up.
I've never seen or heard of any good reason to question the overall integrity of AV Comparative's tests or methods.
I did not mean to imply that any of these organizations making comparisons allowed any company to cheat. I'm not questioning anyone's integrity.

Let me give a concrete example of studying the testing methods:
MS knows that it does not flag the installer for Conduit as being bad.
Conduit is a class of malware that several AV apps ignore.
MS knows who scored high in a round of testing.
If those that score high flag file like Conduit, then MSE could too.
MS could opt to add tons of signatures to MSE.


"The test results still speak for themselves."
Then would you please answer my questions:
What constitutes a virus?
Was each of the 12000+ files used in the test a virus according you your definition?
Who decides what constitutes a virus?
My System SpecsSystem Spec
01 May 2014   #867
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

Microsoft has said it bases it's detections on threats actually seen by it's users. How they can determine no new or unseen threats will be added. Supposedly they use user statistics, but how many agree to send such? A Guy
My System SpecsSystem Spec
01 May 2014   #868
Dallas 7

Windows 7 Pro x64
 
 

UsernameIssues,
First, some people get paid to define/detect viruses, and test AV programs, I don't.
I'm a consumer, not a designer. I have followed the AV test results of AV Comparatives for a long time, and doing so has served me very well. I have never found cause to question the validity or integrity of their services.

Second, if you're insinuating that AV Comparatives is playing favorites or loading the tests with files that don't even qualify as viruses, then you are indeed questioning AV Comparative's integrity for the sole purpose of trying to resurrect MSE from the bottom of the ash pile.

Third, I answered your question, it's your turn to answer mine:

MSE took the same tests everyone else took.
Even if the companies had access to the tests and methods ahead of time,
so did MSE, but they STILL scored last!
What's MSE's excuse, "The dog ate my homework"?
My System SpecsSystem Spec
01 May 2014   #869
Dallas 7

Windows 7 Pro x64
 
 

Quote   Quote: Originally Posted by A Guy View Post
Microsoft has said it bases it's detections on threats actually seen by it's users. How they can determine no new or unseen threats will be added.
Supposedly they use user statistics,
but how many agree to send such? A Guy

Good question.
My System SpecsSystem Spec
01 May 2014   #870
UsernameIssues

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by Dallas 7 View Post
UsernameIssues,
First, some people get paid to define/detect viruses, and test AV programs, I don't.
I'm a consumer, not a designer. I have followed the AV test results of AV Comparatives for a long time, and doing so has served me very well. I have never found cause to question the validity or integrity of their services.

Second, if you're insinuating that AV Comparatives is playing favorites or loading the tests with files that don't even qualify as viruses, then you are indeed questioning AV Comparative's integrity for the sole purpose of trying to resurrect MSE from the bottom of the ash pile.

Third, I answered your question, it's your turn to answer mine:

MSE took the same tests everyone else took.
Even if the companies had access to the tests and methods ahead of time,
so did MSE, but they STILL scored last!
What's MSE's excuse, "The dog ate my homework"?
Your answer to my first question is that you cannot answer it. You really don't have to answer it to see what I'm driving at. There are people at MS that get paid to decide what a virus is. There are people at AVG that get paid to decide what a virus is. There are people at AV-Comparatives that get paid to decide what a virus is. These people disagree about what a virus is and they always will disagree. There is no clear cut answer on what constitutes a virus and there never will be one that all parties agree to.

I am not questioning the integrity of those at AV-Comparatives. They include files they they define as viruses. They don't play favorites. However, they do not set the definition of what a virus is for the entire world.


I've followed AV test results since the early '90s when I had to pick/buy an AV app for our office. Also, malware is a part of my computing hobby. You saw how many hours I put in play with and studying the ransomware in my rant about how poor MSE's heuristics are. You should know by now that I'm not defending MSE - I'm merely attempting to get people to look at these AV comparisons in a different way.


There are classes of malware. MSE (and other companies) simply opt to not call certain classes as being bad. Doing that will always put them near the bottom of AV-Comparatives' testing. MS could decide overnight to flag everything that MS knows about.. but MS/MSE has made a business decision not to bloat their definitions with the files some other AV apps flag. This includes the installer for Conduit and files that are not in the wild. I prefer an AV app that flags Conduit's installer, so I'm looking for something other that MSE to install on the dozens of computers that I support for free.


BTW, Malewarebytes does the same thing. They remove the signatures for malware that is no longer in the wild. And while MBAM is not an AV app, the principle is the same. MSE could easily flag everything that MBAM flags and then some (e.g old malware), but MS/MSE opts not to - so as not to slow the computer down and to avoid false positives.


Just to make sure that I've answered your question:
What's MSE's excuse, "The dog ate my homework"?
They don't have nor need an excuse for coming in last or near the bottom. They opted to be there for good reasons. I just don't like or agree with all of their reasons.
My System SpecsSystem Spec
Reply

 What's the Best Anti-virus?




Thread Tools




Similar help and support threads
Thread Forum
Possible Memory Leak Virus - Anti-virus detects nothing?
Hello, I am needing some support on what is exactly taking up all the RAM on my brother's PC as after about 8 hours of uptime, 65% of my Physical Memory is being used up with nothing really open. I did some research and found out it was a possible memory leak or virus, so I first tried to run...
Performance & Maintenance
I have a virus and unable to run/download anti-virus software
Hi, This is my first time posting to the forum. I am not that knowledgeable with computers, but can follow basic instructions. My laptop is acting funny--I think I have a virus. However, I am unable to run any anti-malware or anti-virus software. I try to run McAfee and I get an error...
System Security
Test your anti-malware/anti-virus protection with EICAR
As many of you know(quite a few don't) what EICAR is, this is a open poll to see what programs pick it up and what programs fail the basic tests. I am conducting this poll because A-Squared failed to see this on a scan, but MSE picked it up before it could be downloaded. So after you take...
System Security
BSOD 00x50 vipre anti-virus conflicting with new anti-virus
I did a bonehead move of installing PC tools anti-virus before uninstalling vipre on my wife who's out of town. The kids infected it playing flash games. long story short, Her Gateway (win7 home premium) is on a a start-up loop. All I can get to work with a recovery disk is get into the DOS prompt...
BSOD Help and Support
Anti-malware, Anti-virus, Anti-spyware
First of all i would like to apologize if this topic is in wrong category, or it should not even be asked on this site. And second of all, please be patience :) i'm a noob looking for answers :o So whats all about? Well i'm meeting new terms here and i have no idea what they mean and what they do....
System Security
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections) Source ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 15:09.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App