AV-Comparatives Real-World Protection Test February-May 2025

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

simmerskool said:
somewhat curious to me that Trendmicro shows so many false_positives, when I don't get any (so far) but I probably don't download as much as I did in the past. (fwiw) & I think someone posted about TM hypersensitive setting that might be causing this at AVC...?
Click to expand...
No, it’s about website blocking too.
AVC thinks that blocking domains due to a few malicious pages is not a good idea. I don’t support their opinion personally and some vendors have argued too.
Not all these FPs are on files.

Trend Micro generally causes false positives on files through the AEGIS behavioural monitoring which can be very aggressive in hypersensitive mode (it enables aggressive detections). These detections can target certain memory management mechanisms that have been abused times and times again in fileless attacks.

However the Trend Micro behavioural blocking respects digital signatures and prevalence information, so this is gonna be on some third-grade software that not many people use.
 
  • Hundred Points
  • Like
  • +Reputation
Reactions: simmerskool, stonjean633, Jonny Quest and 2 others

You may also like...