AV-Comparatives: Real-World Protection Test February - June 2018

Discussion in '0-day Release' started by RGiskardR, Jul 13, 2018 at 11:24 PM.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member

  2. Google Adsense

  3. jasonX

    jasonX Giveaways Moderator Staff Member

    Tencent PC Manager doing good I see....Trend Micro 100%/38 FPs...
     
  4. Der.Reisende

    Der.Reisende Malware Tester Silver Member

    Take those tests with a grain of salt...
    Malware HUB testing and MTAC testing have shown somewhat different results.

    Tencent (PC Manager Global):
    They still do not (always) shine on 0days, but it has been doing better in July than in previous months. Does surprisingly well on Ransomware, judging of the samples I tested lately (some to be found in MTAC).
    1.PNG 2.PNG

    Note I have been testing it with tweaked settings, which may sharply raise the number of Behavior Blocker alerts. Cannot tell about base protection.
    AV Test / AV Comparitives samples are probably a few days old, Tencent has moderately good signatures, and in combination with non-delayed Bitdefender signatures, it's just a matter of hours till most current malware is detected.

    New product versions appear weekly it seems? They really care for the Global product (as well as for the bloated chinese one), you can see here:
    https://guanjia.qq.com/about/history.html

    Also, if you open a ticket at their chinese forum (which is quite difficult to register at, use Google translator!), they reply very very fast, and in english. I haven't got further notifications though.
    For example:
    http://bbs.guanjia.qq.com/thread-5863092-1-1.html
    http://bbs.guanjia.qq.com/thread-5864047-1-2.html

    Weaknesses are clearly scriptors (in the past, there have been some behavior blocking actions, but it quarantined wscript.exe, as it was carrying out the attack) and Java RATs (Adwind,...). Regarding the scriptors, they maybe altered the Behavior Blocker to reduce FP. Last month I tested Tencent PC Manager Global TAV version (which did not incorporate the Bitdefender engine), it did much better against those scriptors, it blocked at least some. For some reason, TAV is gone (probably discontinued, the version number was already way behind the Tencent Engine+BD engine one).

    Bundle it with a good firewall, and maybe a Anti-Ransomware of your choice (would suggest AppCheck AR Free) and you have a very lightweight product for free, with Bitdefender signatures in realtime.
    Once configured, the product will look for new signatures multiple times an hour, and offer you to autoupgrade once it finds a new version, without you needed to think about manually pushing it.

    Had fantastic scores in the Malware HUB testing, but this seems to be the price to pay?
    Not yet tried it.

    P.S. I don't believe the F-Secure scores...
    3.PNG 4.PNG
    Weak against scriptors (unable to remove on scan, other than Tencent), but also missed Banker .exe, ransomwares and other threats in the past.
    Not sure how DeepGuard works, it might be some cloud rep module, and actual rules updated from time to time.

    Have tested it multiple times, back in time it missed every 0-day Shade, altough reported multiple times to support.
    I have removed FS SAFE, because it delayed my browser sessions, and felt a little bit heavy in comparison to Tencent (damn, FS is actually a light product!). And it's to stressy to test 2 products.

    Oh, and thanks @RGiskardR for the share of course :)
     

Share This Page