AV-Comparatives Malware Protection Test March 2021

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Gandalf_The_Grey

Level 53
Verified
Trusted
Content Creator
Apr 24, 2016
4,248
41,423
Introduction

In the Malware Protection Test, malicious files are executed on the system. While in the Real-World Protection Test the vector is the web, in the Malware Protection Test the vectors can be e.g. network drives, USB or cover scenarios where the malware is already on the disk.

Please note that we do not recommend purchasing a product purely on the basis of one individual test or even one type of test. Rather, we would suggest that readers consult also our other recent test reports, and consider factors such as price, ease of use, compatibility and support. Installing a free trial version allows a program to be tested in everyday use before purchase.

In principle, home-user Internet security suites are included in this test. However, some vendors asked us to include their (free) antivirus security product instead.
 

plat1098

Level 25
Verified
Sep 13, 2018
1,499
13,060
It was like Defender when Windows 10 first came out. You can't be talking out of both sides of your mouth, claiming to be "crushing" malware and then making a poor, dead last showing in these tests. So, it seems it was getting kind of imperative that Malwarebytes started backing up its claims with some cold hard data. From somewhere.

False-positives are too high. They should work on that, that's annoying and should not be a substitute for strong real time.
 

Raiden

Level 19
Verified
Content Creator
May 7, 2018
900
7,449
It's nice to see Malwarebytes move up again! They still have some tweaking to do to get the FP count down a bit, but an impressive showing overall! Considering where they have been falling for quite some time.
 

Raiden

Level 19
Verified
Content Creator
May 7, 2018
900
7,449
where is fsecure ????????????????????????????????????
I don't know for sure, but there is a possibility they didn't sign up for this years rounds of tests. Either they don't want to be part of AV-comparatives anymore, or simply due to financial reasons (especially with COVID still going on) they had to choose which testing organizations they really wanted to be part of this year.
 

The_King

Level 12
Verified
Aug 2, 2020
551
6,124
where is fsecure ????????????????????????????????????
I believe F-Secure uses the BitDefender engine like Gdata, VIpre and Total Defense hence there scores are almost identical.
So it should test similar to those AVs overall.

Edit
Seems F-Secure may have recently switched to Avira engine in that case then it will perform similar to Avira.
 
Last edited:

Reiner

Level 2
Jan 26, 2021
74
405
All this test shows is that there are only three giants in AV engine and signatures/technology: BitDefender, Avast/AVG and Avira.

P.S. Eset and Kaspersky's slow decline is slightly concerning.
I agree, Eset was already in decline, it is no surprise to me, but Kaspersky is scary, they are falling well in recent times, it seems they will lose the throne or have already lost to GData, F-Secure and Norton
 

blackice

Level 33
Verified
Apr 1, 2019
2,215
13,008
The worst performance was 98.97% protection rate. I'm not sure I'm seeing anyone failing here. Maybe Trend Micro is concerning. As for Kaspersky; maybe the loss of some major business partners in the west could account for Kasperky not having as many signatures for malware. A smaller pool to pull from. Honestly anyone with decent internet hygiene would be fine with any of these.
 
Last edited:

XLR8R

Level 4
Jan 20, 2020
160
723
The worst performance was 98.97% protection rate. I'm not sure I'm seeing anyone failing here. Maybe Trend Micro is concerning. But maybe the loss of some major business partners in the west could account for Kasperky not having as many signatures for malware. A smaller pool to pull from. Honestly anyone with decent internet hygiene would be fine with any of these.

Online is based on advanced cloud analysis, but read AV-comparatives' disclaimer on online protection rates.

The concerning thing is that the signature + cloud part of the AV engine, which is reflected in the offline and online detection rates. Since the pandemic (maybe slightly before that), some vendors have been in decline. The signature + heuristic + cloud performance is directly linked to the number of staff + available infrastructure + technological advancement of the AV engines.

Kaspersky was a leader in signature + cloud for so long that it is not even funny where it stands today. Eset is also on a slow decline. It looks like for the actual "technology" components only AVG/Avast, Avira and BitDefender have held their ground whereas the others have refocused efforts towards webfilters and behavior blockers instead of the core scan technologies.
 

blackice

Level 33
Verified
Apr 1, 2019
2,215
13,008
Online is based on advanced cloud analysis, but read AV-comparatives' disclaimer on online protection rates.

The concerning thing is that the signature + cloud part of the AV engine, which is reflected in the offline and online detection rates. Since the pandemic (maybe slightly before that), some vendors have been in decline. The signature + heuristic + cloud performance is directly linked to the number of staff + available infrastructure + technological advancement of the AV engines.

Kaspersky was a leader in signature + cloud for so long that it is not even funny where it stands today. Eset is also on a slow decline. It looks like for the actual "technology" components only AVG/Avast, Avira and BitDefender have held their ground whereas the others have refocused efforts towards webfilters and behavior blockers instead of the core scan technologies.
ESET has actually improved in AV comparatives on average recently. Averaging better than in 2019 in more recent Real World tests and about the same in Malware Detection tests. I see no decline here. Maybe from their day as everybody's favorite, but recently they seem to be improving slightly.

1618513503146.png
 
Last edited:

blackice

Level 33
Verified
Apr 1, 2019
2,215
13,008
The sensationalizing and security paranoia over a few missed samples is a little much here. 100% in one test does not make for perfect protection. Kaspersky missed 4 samples out of 10,000 plus. Defender missed 15. Neither of these is the end of the world for either product. The AV is the most overrated tool in any security setup. I don't see Kaspersky in decline. Bitdefender has had some recent stumbles in 2020 as well, people said similar things then.
 

Andy Ful

Level 73
Verified
Trusted
Developer
Dec 23, 2014
6,284
42,892
The detection results in Malware Protection tests are hard to interpret. Some AVs like TrendMicro can get results that cannot be connected with the world in the wild. Most of the samples used in the Malware Protection tests are prevented in the wild by several TrendMicro protection layers, so they even do not touch the user disk. Only a small percent is reused in cracks and pirated software and can be dangerous for some users. Despite missing so many samples, the overall protection suffers only a little.
 

XLR8R

Level 4
Jan 20, 2020
160
723
The detection results in Malware Protection tests are hard to interpret. Some AVs like TrendMicro can get results that cannot be connected with the world in the wild. Most of the samples used in the Malware Protection tests are prevented in the wild by several TrendMicro protection layers, so they even do not touch the user disk. Only a small percent is reused in cracks and pirated software and can be dangerous for some users. Despite missing so many samples, the overall protection suffers only a little.
Provided, the internet connection works just fine..... :)

Though, real-world protection test may be more representative, considering behavioral protection layers as well. But I still think the scan engine itself matters (technology + sigs + heur + cloud).
 

Raiden

Level 19
Verified
Content Creator
May 7, 2018
900
7,449
The sensationalizing and security paranoia over a few missed samples is a little much here. 100% in one test does not make for perfect protection. Kaspersky missed 4 samples out of 10,000 plus. Defender missed 15. Neither of these is the end of the world for either product. The AV is the most overrated tool in any security setup. I don't see Kaspersky in decline. Bitdefender has had some recent stumbles in 2020 as well, people said similar things then.
Agreed!

In school I would love to have gotten over 98% on every test I did!!!

I've learned that a lot of people have very unrealistic expectations when it comes to malware and AV's. Granted every test is a snap shot in time..they should be taken with a grain of salt. There's always more to the story than meets the eye. In this case 98% is hardly a fail...I don't know why/when 98% is considered poor, or a fail? No AV can catch everything....every single AV will miss things from time to time. Kaspersky is one of the best AV's around and I would hardly consider it failing by any stretch of the imagination. Same goes for Eset...

Lets put this into perspective shall we...according to the test they had 10,013 samples...Kaspesky missed 4, Eset missed 10 and MD missed 15.... so I am failing to see the problem here. If you are expecting an AV to catch 99.9-100% of the samples each time...well just wait till the next test because Kaspersky may just get 100% and Avast may get 98.7%. I don't have a crystal ball, but you get my point.

One thing this test highlights very well is how much most AVs rely on their cloud components for improved protection. Makes sense since the amount a malware created each day is insane and most vendors are off loading a lot of their capabilities to the cloud.

We need to stop this sensationalizing and paranoia about these products. Most products today are very capable and will do a very good job in the real world. You know what will make the most improvement to your overall security compared to any AV tested?? You guessed it! Your overall computing hygiene. Poor habits lead to infection/problems eventually, it's just a matter of time...regardless of which AV you are using.
 
Top