We have prepared a comparison of popular solutions to protect Windows 10 for the eight time. Tests are carried out in a controlled environment six times a year (every two months) in order to allow time for developers to refer to reported feedback and published results. Several developers have jointed the test in this edition. Eight solutions for home users and two products for business have been evaluated.

The tests lasted uninterrupted throughout July. Here is the full list of tested products:

  • Avast Free Antivirus
  • Avira Antivirus Pro
  • Bitdefender Total Security
  • Comodo Advanced Endpoint Protection
  • Comodo Internet Security
  • Emsisoft Business Security
  • G Data Total Security
  • Kaspersky Total Security
  • SecureAPlus Pro
  • Webroot Antivirus

The products and Windows 10 settings: daily test cycle

The tests are carried out in Windows 10 Pro x64. The user account control (UAC) is disabled because the purpose of the tests is to check the protection effectiveness of a product against malware, and not a reaction of the testing system to Windows messages. Other Windows settings remain the same.

Windows 10 system contains the following software: office suite, document browser, email client, and other tools and files that give the impression of a normal working environment.

Automatic updates of the Windows 10 system are disabled in a given month of the tests. Due to the complicated process and the possibility of a malfunction, Windows 10 is updated every few weeks under close supervision.

Security products are updated one time within a day. Before tests are run, virus databases and protection product files are updated. This means that the latest versions of protection products are tested every day. All solutions had Internet access during the tests.

Malicious software

We have used 1456 malicious software samples for the test, consisting of, among others, banking trojans, ransomware, backdoors, downloaders, and macro viruses. In the contrast to well-known testing institutions, the CheckLab tests are much more transparent because we share the full list of harmful software samples.

We use real working environments in a graphic mode, that is why the results of individual samples may differ from those presented by the VirusTotal service. We point that out because inquisitive users may compare our tests with the scan results on the VirusTotal website. It turns out that differences between real products installed on Windows 10 and scan engines on VirusTotal are significant.

Levels of blocking malicious software samples

We share checksums of malicious software for researchers and security enthusiasts by dividing them into protection technologies that have contributed to detect and stop a threat. According to independent experts, this type of innovative approach of comparing security will contribute to better understand differences between products available on the market.

Blocking of each malware sample by tested protection solution has been divided into few levels:

  • Level 1 (L1): The browser level, i.e. a virus has been stopped before or after it has been downloaded onto a hard drive.
  • Level 2 (L2): The system level, i.e. a virus has been downloaded, but it has not been allowed to run.
  • Level 3 (L3): The analysis level, i.e. a virus has been run and blocked by a tested product.
  • Failure (F): The failure, i.e. a virus has not been blocked and it has infected a system.

The result of blocking each sample are available at https://checklab.pl/en/recent-results in the table:

Advanced In The Wild Malware Test - July 2020
Advanced In The Wild Malware Test - July 2020

Solutions with the most effective protection in July 2020 (alphabetically and by result):

  • Avast Free Antivirus (blocked 1456/1456)
  • Bitdefender Total Security (blocked 1456/1456)
  • Comodo Advanced Endpoint Protection (blocked 1456/1456)
  • Comodo Internet Security (blocked 1456/1456)
  • Emsisoft Business Security (blocked 1456/1456)
  • G Data Total Security (blocked 1456/1456)
  • Kaspersky Total Security (blocked 1456/1456)
  • SecureAPlus Pro (blocked 1456/1456)
  • Avira Antivirus Pro (blocked 1455/1456)
  • Webroot Antivirus (blocked 1455/1456)

Detailed results are available at https://checklab.pl/en/recent-results


Add new comment