AV-Comparatives - Malware Protection Test March 2024

[harlan4096]

AV-Comparatives - Malware Protection Test March 2024:

Introduction

In the Malware Protection Test, malicious files are executed on the system. While in the Real-World Protection Test the vector is the web, in the Malware Protection Test the vectors can be e.g. network drives, USB or cover scenarios where the malware is already on the disk.

Please note that we do not recommend purchasing a product purely on the basis of one individual test or even one type of test. Rather, we would suggest that readers consult also our other recent test reports, and consider factors such as price, ease of use, compatibility and support. Installing a free trial version allows a program to be tested in everyday use before purchase.

In principle, home-user Internet security suites are included in this test. However, some vendors asked us to include their (free) antivirus security product instead.

Tested ProductsInformation about additional third-party engines/signatures used inside the products: G Data and Total Defense use the Bitdefender engine.

F-Secure and TotalAV use the Avira engine. AVG use the Avast engine.
 

• Avast Free Antivirus 24.1
  
• AVG Internet Security 24.1
  
• Avira Free Security 1.1
  
• Bitdefender Total Security 27.0
  
• ESET HOME Security Essential 17.0
  
• F-Secure Internet Security 19.3
  
• G Data Total Security 25.5
  
• Kaspersky Standard 21.16
  
• McAfee Total Protection 1.15
  
• Microsoft Defender Antivirus 4.18
  
• Norton Antivirus Plus 22.24
  
• Panda Free Antivirus 22.02
  
• Quick Heal Internet Security 24.0
  
• Total Defense Essential Anti-Virus 14.0
  
• TotalAV Antivirus Pro 5.24
  
• Trend Micro Internet Security 17.8
  

All products were installed on a fully up-to-date 64-Bit Microsoft Windows 10 system. Products were tested at the beginning of March with default settings and using their latest updates.

Test Procedure

The Malware Protection Test assesses a security program’s ability to protect a system against infection by malicious files before, during or after execution. The methodology used for each product tested is as follows. Prior to execution, all the test samples are subjected to on-access and on-demand scans by the security program, with each of these being done both offline and online. Any samples that have not been detected by any of these scans are then executed on the test system, with Internet/cloud access available, to allow e.g. behavioural detection features to come into play. If a product does not prevent or reverse all the changes made by a particular malware sample within a given time period, that test case is considered to be a miss. If the user is asked to decide whether a malware sample should be allowed to run, and in the case of the worst user decision system changes are observed, the test case is rated as “user-dependent”.
...

Full Report