AV-Comparatives Malware Protection Test September 2022

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Anthony Qian

Level 10
Thread author
Verified
Well-known
Apr 17, 2021
454
The result is due for release tomorrow, but for some reason, it was released today. :)
AV-C20221013.jpeg

ESET didn't manage to get a 3-star certificate, once again.


Source: Malware Protection Test September 2022
 

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,364
Also have a look at the appendix about the false alarms:

False Alarm Test September 2022
This report is an appendix to the Malware Protection Test September 2022 listing details about the discovered False Alarms.

In AV testing, it is important to measure not only detection capabilities but also reliability. One aspect of reliability is the ability to recognize clean files as such, and not to produce false alarms (false positives). No product is immune from false positives (FPs), but some produce more than others. False Positives Tests measure which programs do best in this respect, i.e. distinguish clean files from malicious files, despite their context. There is no complete collection of all legitimate files that exist, and so no “ultimate” test of FPs can be done. What can be done, and is reasonable, is to create and use a set of clean files which is independently collected. If, when using such a set, one product has e.g. 15 FPs and another only 2, it is likely that the first product is more prone to FPs than the other. It doesn’t mean the product with 2 FPs doesn’t have more than 2 FPs globally, but it is the relative number that is important.
PDF:
 
Jun 21, 2020
363
I'm mostly impressed by the offline detection, which has fallen out of favour by a lot of security implementations. The first thing I have recommended for years is to get the latest definitions and updates for your security solution (and second opinion software) and then unplug the PC from the internet. A vastly great number of these malware and viruses want, and need, to phone home. Can't do that without a connection to the outside...

Which is why I'm liking the improvement of ESET and G Data in having relatively low false positives in this test.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,715
The result is due for release tomorrow, but for some reason, it was released today. :)

ESET didn't manage to get a 3-star certificate, once again.


Source: Malware Protection Test September 2022
right...? the lowest in the top tier had 99.96%, eset in 2d tier had 99.91% (difference of 5 detections out of 10,019), but eset with 0 (zero) false positives, while others in top tier had up to 8 false positives. Seems like a somewhat arbitrary fine line between 3*** & 2** Meanwhile F-Secure not tested?
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,211
Interesting tests as always and some great results. I just prefer sandboxing or default deny hence my liking of Comodo or Hard_Configurator approach. Aferall, protection is about layers I just need to be less security paranoid at times lol
 
G

Guilhermesene

I'm mostly impressed by the offline detection, which has fallen out of favour by a lot of security implementations. The first thing I have recommended for years is to get the latest definitions and updates for your security solution (and second opinion software) and then unplug the PC from the internet. A vastly great number of these malware and viruses want, and need, to phone home. Can't do that without a connection to the outside...

Which is why I'm liking the improvement of ESET and G Data in having relatively low false positives in this test.
Like you, I also worry about offline detection, even more so in times when most AV's today are migrating to cloud services ☁️

Offline detection is still quite useful especially in specific scenarios where the internet fluctuates or the AV service server has some connection problem.

Glad to know I'm not the only one who values this parameter 🙂
 

zkSnark

Level 5
Verified
Well-known
Jan 13, 2019
207
Like you, I also worry about offline detection, even more so in times when most AV's today are migrating to cloud services ☁️

Offline detection is still quite useful especially in specific scenarios where the internet fluctuates or the AV service server has some connection problem.
Offline and Online protection rates are better than compromised and false positives, aren't they? So for me, GData, Avast and AVG are the winners from this perspective. But have to consider how were their past records too.
 
G

Guilhermesene

Offline and Online protection rates are better than compromised and false positives, aren't they? So for me, GData, Avast and AVG are the winners from this perspective. But have to consider how were their past records too.
It depends on which point of view you want to see 🙂 for some it could be the offline rate, others the online rate, others the number of false positives etc.
 
  • Like
Reactions: zkSnark

Anthony Qian

Level 10
Thread author
Verified
Well-known
Apr 17, 2021
454
right...? the lowest in the top tier had 99.96%, eset in 2d tier had 99.91% (difference of 5 detections out of 10,019), but eset with 0 (zero) false positives, while others in top tier had up to 8 false positives. Seems like a somewhat arbitrary fine line between 3*** & 2** Meanwhile F-Secure not tested?
According to AV-C websites, they classify tier 1 and 2 using statistical methods. In this test, the difference is very small because most vendors did quite well. It also implies the virus samples collected by AV-C are not so fresh and/or most security vendors improved its protection capabilities.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,715
According to AV-C websites, they classify tier 1 and 2 using statistical methods. In this test, the difference is very small because most vendors did quite well. It also implies the virus samples collected by AV-C are not so fresh and/or most security vendors improved its protection capabilities.
ok, but still makes me wonder what weight AV-C gave to false positives.
 
  • Like
Reactions: franz

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top