AV-Comparatives: Malware Protection Test September 2019

AV-Comparatives: Malware Protection Test September 2019

Chart:
https://www.av-comparatives.org/com...=2019&chart_month=9&chart_sort=1&chart_zoom=2

PDF:
https://www.av-comparatives.org/tests/malware-protection-test-september-2019/

-----------------------------

False Alarm Test September 2019 (Appendix to the Malware Protection Test September 2019).

Chart:
https://www.av-comparatives.org/com...=2019&chart_month=9&chart_sort=1&chart_zoom=0

PDF:
https://www.av-comparatives.org/tests/false-alarm-test-september-2019/

 

For this test series, you need to review the .pdf version which shows detection if the network connection is disabled or hijacked by malware.

 

Good suggestion. I wasn't going to look at it until I saw your post. Very interesting.

 

This shows that AV's are basically pretty dumb without the cloud. That's why I became so excited when I read about new AI tools like Cylance, who claim they can spot malware without any cloud. But it turned out to be mostly hype since it was possible to easily fool Cylance. They did claim they fixed it though.

 

Again you lump some with all. Eset's off/online detentions are identical. Kaspersky's are very close to each other. The "looser's" in this analysis were WD and Trend.

 

I agree and Panda is also similarly dependent on cloud detection.

 

Why is there no offline protection rate? There's an offline detection rate. It might be that with some of these vendors their scans are dependent more on internet connectivity than other protection methods they employ once you run a file.

 

They were not losers, at the end they still blocked the malware to score almost a 100%
So offline / online doesn't say much.....

 

The score of 100% is only on online detection, don´t mix this.

 

I agree.

AV-C just showed what off-line detection is. Their job is to test AV solutions as they normally run; i.e. w/Internet connectivity. Hence why there was no off-line protection testing. The important point to note from the .pdf write-up is the AV solution should at least inform that their cloud capability is non-functional.

Would be informative if these ad hoc testers at sites like malwaretips.com would perform testing with the network connection disabled.

 

A good example of why if I were to write malware I would either kill the internet connection or at least block the servers used by the AV companies. The latter would probably go unnoticed by most users.

 

Nearly all AV detected 100 % so maybe malware will die out soon, please write some new malware Jack to save jobs.

 

Bwahahahhaaaaaa!!! Best post ever!