AV-Comparatives AV-Comparatives Real-World Protection Test: FEB-MAR 2024

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

F

ForgottenSeer 109138

Has the thought ever occured that these all are with exception of one hitting high detection rates on default settings with someone literally "trying" to infect the system.
 
Last edited by a moderator:

Trident

Level 29
Verified
Top Poster
Well-known
Feb 7, 2023
1,810
From this test, one can classify products as follows:
Leaders (0 compromise): Avast, AVG, F-Secure, Kaspersky.
Acceptable performance/average: Avira, Bitdefender, Norton, McAfee, Trend Micro
Weaker than average competitors (one can easily do better by looking elsewhere): Eset, GData, Microsoft, Panda, Total Defense.
Rock bottom/avoid: TotalAV
Joke/not sure why it’s there: QuickHeal

Did not participate: Webroot, Comodo, ZoneAlarm, Malwarebytes.
 
Last edited:

Adrian Ścibor

From AVLab.pl
Verified
Well-known
Apr 9, 2018
183
From this test, one can classify products as follows:
Leaders (0 compromise): Avast, AVG, F-Secure, Kaspersky.
Acceptable performance/average: Avira, Bitdefender, Norton, McAfee, Trend Micro
Weaker than average competitors (one can easily do better by looking elsewhere): Eset, GData, Microsoft, Panda, Total Defense.
Rock bottom/avoid: TotalAV
Joke/not sure why it’s there: QuickHeal

Did not participate: Webroot, Comodo, ZoneAlarm, Malwarebytes.

Even I wonder why QH's result so pooooor compared to AVLab' testing method. For me personally, the AV-C methodoology is unknown under the hood, so I can speak only for myself and AVLab' team. Maybe there are differences between malware delivery method or real/unrealistic protocol delivery into the system? Or maybe the samples are not so malicious if QH engine pass throuth without block some of them, I do not know...

I don't want anyone to take my opinion the wrong way, but one thing is for sure, most of the vendors we test, stay with us for longer, despite the sometimes not always 100% result. Why? I believe and they too, they have the benefit of this because we show them where the problem of a bad result might be: addons, engine, logs, unexpected behaviour.

Of course, it is good that we have more opinions about the software thanks to AV-C.
 

Trident

Level 29
Verified
Top Poster
Well-known
Feb 7, 2023
1,810
Maybe there are differences between malware delivery method or real/unrealistic protocol delivery into the system? Or maybe the samples are not so malicious if QH engine pass throuth without block some of them, I do not know...
I doubt this is the case because the very same samples, delivered the same way, most likely through malicious downloads, are detected by everyone else.
Could be QuickHeal, having less users and safe files on their hands (less telemetry) under default settings is “milder”. To avoid FPs.
Or just their engines aren’t that well tweaked, I wouldn’t expect them to have the same know-how as other companies that have far higher margins and can invest a lot more in R&D.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top