AVLab.pl Advanced In-The-Wild Malware Test results for May 2025

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Apr 24, 2016
7,757
6
82,472
8,389
54
The Netherlands
Almost half of the year is behind us, thus we finish the 3rd edition of the Advanced In-The-Wild Malware Test – a long-term study aimed at identifying the best comprehensive security solutions for protecting Windows systems. In May, we tested as many as 17 solutions for detecting and neutralizing threats – we obtain URLs leading to malicious content from various places. These include commercial and free feeds, instant messaging, Internet forums, honeypots.
Click to expand...
Recent Results:
avlab.pl

Recent Results » AVLab Cybersecurity Foundation

The latest results of the Advanced In-The-Wild-Malware Test, in which we regularly evaluate software designed to protect devices.
avlab.pl avlab.pl
Related Publication in Details:
avlab.pl

The May Edition Of Advanced In-The-Wild Malware Test On Internet Samples » AVLab Cybersecurity Foundation

Almost half of the year is behind us, thus we finish the 3rd edition of the Advanced In-The-Wild Malware Test - a long-term study aimed at identifying the
avlab.pl avlab.pl
 
  • Like
  • +Reputation
  • Thanks
Reactions: Idanox, SeriousHoax, oldschool and 16 others
Digmor Crusher said:
They failed on 1 or 2 samples out of 473 so the difference is meaningless, 0.002 %
Click to expand...
yes, but here I am using Eset Ultimate today (gift from a friend) and saw it missed 1 on @Adrian Ścibor test, but did not see any analysis of which one it missed with perhaps a why. It would be interesting for me to read that (may it is there and I missed it :unsure: )
 
  • Like
Reactions: rashmi, lokamoka820, Jonny Quest and 1 other person
And I don't know how much of a factor it really is, but I still like to see the higher pre-launch percentages than post.
I could get nervous and uninstall F-Secure with its Avira engine, but I also realize I'm part of the security equation in where I go, what I'm clicking, and what I'm downloading (which is very little these days).
 
  • Like
Reactions: SeriousHoax, russ0408, rashmi and 4 others
simmerskool said:
yes, but here I am using Eset Ultimate today (gift from a friend) and saw it missed 1 on @Adrian Ścibor test, but did not see any analysis of which one it missed with perhaps a why. It would be interesting for me to read that (may it is there and I missed it :unsure: )
Click to expand...
I also am using Eset now ( a gift from a friend, maybe the same friend ;) ) I have zero concerns as to what it missed or why, as our buddy Andy says, 1 test means nothing.
 
  • Like
Reactions: Harputlu, simmerskool, Jonny Quest and 1 other person
lokamoka820 said:
I'm not surprised by Microsoft Defender or Avast results, we know they are the best free antivirus software for home user, I'm surprised by Comodo, is it that good?
Click to expand...
Comodo should be used as some sort of reputation blocker and not to replace an av solution but yes it is good although the built in one in windows (smart app control) should be superior

Avast free , Symantec , Kaspersky free , bitdefender free , defender are all good complement to either comodo or smart app control
 
Last edited by a moderator:
  • Like
Reactions: SeriousHoax, rashmi, Captain Awesome and 2 others
lokamoka820 said:
I'm surprised by Comodo, is it that good?
Click to expand...
Picture this: a Game of Thrones-inspired tale of security software... ESET would be the comical sidekick, EICAR would kill Microsoft Defender, the formidable Night King, and Kaspersky and Bitdefender would ruthlessly conquer their opponents, eventually bending the knee to Comodo, the rightful king! 😊
 
  • HaHa
  • Wow
Reactions: Jonny Quest and lokamoka820
simmerskool said:
yes, but here I am using Eset Ultimate today (gift from a friend) and saw it missed 1 on @Adrian Ścibor test, but did not see any analysis of which one it missed with perhaps a why. It would be interesting for me to read that (may it is there and I missed it :unsure: )
Click to expand...
Just because you didn't find it doesn't mean such an analysis doesn't exist :)

The basic version is available for download under the "DOWNLOAD COMPARISON TABLE" button.

1. Download the CSV file.

table.png


2. Separate the columns with commas.
3. Filter by the "FAIL" result for the Eset column.

csv.png


A MUCH MORE advanced analysis under the hood, including product logs and all visual data from our testing system, is exclusively available to vendors only:

eset fail.png


Digmor Crusher said:
I also am using Eset now ( a gift from a friend, maybe the same friend ;) ) I have zero concerns as to what it missed or why, as our buddy Andy says, 1 test means nothing.
Click to expand...
Theoretically, it doesn't mean anything, but practically speaking, you wouldn't want it on your work computer: VirusTotal

I would also like to ask if anything is unclear or difficult to understand...

We can make improvements, just let us know what you don't understand.
 
  • Like
  • +Reputation
Reactions: Idanox, rashmi, SeriousHoax and 6 others
Adrian Ścibor said:
Just because you didn't find it doesn't mean such an analysis doesn't exist :)

The basic version is available for download
Click to expand...
@Adrian Ścibor did not mean to impune your integrity if that's how you took my comment -- I did say I might have missed it. I skimmed your site when I saw notice of the test. I did not dig deeper at the time. Happy to see you have detailed info. Appreciate your testing and posts at MT.
 
  • Like
Reactions: rashmi, SeriousHoax, Jonny Quest and 3 others
simmerskool said:
@Adrian Ścibor did not mean to impune your integrity if that's how you took my comment -- I did say I might have missed it. I skimmed your site when I saw notice of the test. I did not dig deeper at the time. Happy to see you have detailed info. Appreciate your testing and posts at MT.
Click to expand...
Don't worry :) I just wanted to clarify this so that others could benefit from it, too.

We could share more telemetry data with tech enthusiasts, but I'm worried that competitors would exploit it. When we first introduced the Remediation Time metric into testing, other labs found the same thing in their tests but under a different name. In any case, it's good that testing is evolving for everyone's benefit. Competition is always good.

We are working on tests for Linux, but programming the automation is expensive.

Unfortunately, we will only provide vendors with even better visibility into the logs thanks to our proprietary ideas. Community, as recipients our tests, you will not have access to this. This is important for our cooperation with everyone.

It's not a big secret, but we've received feedback from companies saying that we've been doing our job more reliably than any other lab lately. It's important to us to know that we're doing our job well and thoroughly, leaving no space for doubt.

That is why your opinion is IMPORTANT to us, so that we can develop and implement new ideas ;)
 
  • Like
  • +Reputation
  • Applause
Reactions: roger_m, Trident, simmerskool and 8 others

You may also like...