So what if one AV program misses some malware--what's the harm?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
The topic of conversation is this:  I use Windows Defender on Windows 10, w
hich AV Comparibles (sic) says has 'only' an 80% detection rate (I say that
's good enough).  Another program, like say Norton or whatever, will have a
 98% detection rate.  What badware (virus, malware, etc) lies in the gap be
tween Defender's detection rate and the better commercial software?  In the
 18% range? (98-80 = 18%)?

I am speculating not much badware.  It's something obscure like a "Open Can
dy" cookie or something that might hijack your browser or something like th
at, nothing "serious". I'm speculating the 'serious stuff' is in the 80% an
d below range that every AV program (including the 'hapless' Defender) will

Is this a reasonable assumption?  Please, resist the temptation for a "para
de of horribles" example.  I'm sure you can come up with one, but I could c
ounter that the Stuxnet virus could infect even the machine that has 98% de
tection.  We're talking about 'center mass' or stuff that falls 1 or 2 stan
dard deviations from the mean, not stuff China, North Korea or the CIA woul
d write.


"Diesel" wrote in another thread:

While it's a true statement, it's mostly marketing FUD and PR
nonsense. Honestly. SAS catches things MBAM missed, BugHunter caught
things MBAM missed (yes, it did), MBAM caught things both of the
previously mentioned ones missed. None of this remained consistent.
Sometimes, within hours, one or more would trade places on who
scanned what first and detected it. It's no different than various
antivirus programs. It's been ongoing since more than one antivirus
was presented to the world. :)

Re: So what if one AV program misses some malware--what's the harm?

RayLopez99 explained :
Quoted text here. Click to load it

Then it is. Only you can make the determination as to how much your  
data is worth.

Quoted text here. Click to load it

Probably some of the polymorphic worms and viruses. Trojans are much  
more likely to affect you due to their prevalence and Defender might  
well be "good enough" to know most of them, so you're okay.

Another consideration is how quickly a vendor reacts to newly  
discovered malware, how long their 'zero-day' lasts. I don't think that  
is a metric these comparatives use.

If your data is worth more, then the higher scoring AVs are worth more.

Quoted text here. Click to load it

I don't think that is the case, but I'm not familiar with that  
particular "AV Comparibles" service. A good comparatives service will  
not have competitors rising to the top by detecting lameware and crud.

Quoted text here. Click to load it

Not IMO.

You are correct, Stuxnet could infect a machine if it was in that 2  
percent the AV was missing.

Quoted text here. Click to load it

I agree, Defender will probably do well against most of the 'run of the  
mill' malware. If that's good enough, then it is good enough.

Quoted text here. Click to load it

Right, doing consistently good for years carries some weight though.

Re: So what if one AV program misses some malware--what's the harm?

On 2016-02-29 22:19, RayLopez99 wrote:
Quoted text here. Click to load it

No. Every malware program will miss some thing that others catch. If you  
rely on a single defender, sooner or later you'll get evil stuff. Choose  
a shield, and  keep a few others handy for regular housekeeping.

Sorta like having a broom for daily sweeping, and a vac for the weekly  
clean up.

Have a good day,

Wolf K

Site Timeline