Virus Bulletin
Copyright © 2018 Virus Bulletin
'So, what is the best anti-virus product?'
Naturally, as a company that has engaged in anti-virus testing for over two decades, this is a question we are often asked. And, perhaps surprisingly, we don't feel it is a question we can answer.
Firstly, because what is the 'best' anti-virus (or endpoint security) product depends on the specific requirements of the user or organization. What works best for a home user may not be ideal for a small business, and what will work best for a small business may be less suitable for a large international organization. Not to mention that different threat models require different responses.
Secondly, picking out which is 'the best' has never been what the VB100 tests are about. Their goal has always been to show which products satisfy a minimum standard and, by testing every two months, showing which products perform well over a longer period of time.
To emphasize this part, we will soon morph the VB100 test into a certification test, with this report being the last to be presented as a comparative review.
In this last 'old-style' test, we put 35 anti-virus products from 32 vendors through their paces. 27 of the products achieved VB100 certification.
For three products, it was a missed file from the WildList that stood in the way of achieving a VB100 award. The files included on the WildList are well vetted and have been confirmed to have been seen in the wild more than once, thus detection can (and should) be expected.
Five other products erroneously blocked one or more of the hundreds of thousands of files belonging to legitimate software in our 'clean set'. Though false positives are an inevitable side-effect of any security solution, we believe they shouldn't occur for very widely used legitimate software.
Three products are new to the VB100 test bench.
FireEye is hardly a new name, thanks both to its advanced detection products and its strong research division. After a brief standalone test last year, we are pleased to report that the product easily achieved a VB100 award in its first participation in the test.
The same was the case for TotalAV, a relatively new UK‑based product whose developers are working hard to make a name for themselves in the crowded market for home-user endpoint security.
The third new product in this test was Panzor CloudAntivirus, another new company that presents itself as using 'Artificial Intelligence Cloud technology'. Panzor also saw its first participation rewarded with a VB100 certification.
In order to provide some extra detail on the performance of the products in our tests, alongside the certification tests the VB100 reports include the 'Reactive and Proactive' ('RAP') test – a test which measures how quickly products detect new malware. The RAP scores give a good indication as to how quickly a product catches up when it comes to detecting new malware statically. In the results on the following pages, the RAP images display an average of the RAP scores across the two test platforms.
| Windows 7 | Windows 10 | |
| Main version | 9.0.45.1 | 9.0.45.1 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
 |
| Windows 7 | Windows 10 | |
| Main version | 2018.03.06 | 2018.03.06 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 18.2.2328 | 18.2.2328 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 18.2.3046 | 18.2.3046 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 6.2.31.985 | 6.2.31.985 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 19.6.0.328 | 19.6.0.328 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 5.1.38 | 5.1.38 |
| ItW catch rate | 99.90% | 99.90% |
| False positives | 0 | 0 |
| Windows 7 | Windows 10 | |
| Main version | 15.1.0108 | 15.1.0108 |
| ItW catch rate | 99.71% | 99.71% |
| False positives | 0 | 0 |
| Windows 7 | Windows 10 | |
| Main version | 2018.2.0.8461 | 2018.2.0.8461 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 14.0.1400.1979 | 14.0.1400.1979 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 11.0.159.9 | 11.0.159.0 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 3.0.1.3 | 3.0.1.3 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 4.12.3102.401 | 4.12.3102.401 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 26.21.8 | 26.21.8 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 5.6.2.1117 | 5.6.2.1117 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 25.4.0.3 | 25.4.0.3 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 2.16.20 | 2.16.20 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 15.1.0330 | 15.1.0330 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 10.3.0.6294 | 10.3.0.6294 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
|
|
| Windows 7 | Windows 10 | |
| Main version | 1.0.100.87034 | 1.0.100.87034 Pro |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 2 | 2 |
| Windows 7 | Windows 10 | |
| Main version | 7.70.0 | 7.70.0 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 1 | 1 |
| Windows 7 | Windows 10 | |
| Main version | 18.03.00 | 18.03.00 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 1 | 1 |
| Windows 7 | Windows 10 | |
| Main version | 1.1.220.3133 | 1.1.220.3133 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 3.0.0.75 | 5.0.0.0 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 1 | 0 |
|
| Windows 7 | Windows 10 | |
| Main version | 5.0.0.0 | 5.0.0.0 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 1.0.94630 | 1.0.94630 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 12.3.26531.901 | 12.3.26531.901 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 1.39.36 | 1.39.36 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 9.0.0.747 | 9.0.0.747 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 9.0.0.747 | 9.0.0.747 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 17.0.3.7038 | 17.0.3.7038 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 10.1.4.33 | 10.1.4.33 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 8.6 | 8.6 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 1 | 0 |
| Windows 7 | Windows 10 | |
| Main version | 2.0.1430 | 2.0.1430 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Windows 7 | Windows 10 | |
| Main version | 6.2.18.885 | 6.2.18.885 |
| ItW catch rate | 100.00% | 100.00% |
| False positives | 0 | 0 |
 |
|
| Certification tests | Windows 7 | Windows 10 | VB100 | ||||||
| FPs | FP rate | WildList misses | WildList catch rate | FPs | FP rate | WildList misses | WildList catch rate | ||
| AhnLab V3 Internet Security 9.0 | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% |  |
| Arcabit AntiVirus | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Avast Free Antivirus | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| AVG Internet Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Bitdefender Endpoint Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| CompuClever Antivirus PLUS | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Cyren Command Anti-Malware | 0 | 0.00% | 3 | 99.90% | 0 | 0.00% | 3 | 99.90% | |
| Defenx Security Suite | 0 | 0.00% | 9 | 99.71% | 0 | 0.00% | 9 | 99.71% | |
| Emsisoft Anti-Malware | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| eScan Internet Security Suite for Windows | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| ESET Internet Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| ESTsecurity ALYac | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Faronics Anti-Virus | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| FireEye Endpoint Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Fortinet FortiClient | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| G DATA Antivirus | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| IKARUS anti.virus | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| K7 Total Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Kaspersky Endpoint Security 10 for Windows | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| NANO Antivirus | 2 | 0.0003% | 0 | 100.00% | 2 | 0.0003% | 0 | 100.00% | |
| Panda Endpoint Protection Plus | 1 | 0.0001% | 0 | 100.00% | 1 | 0.0001% | 0 | 100.00% | |
| Panda Free Antivirus | 1 | 0.0001% | 0 | 100.00% | 1 | 0.0001% | 0 | 100.00% | |
| Panzor CloudAntivirus | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Rising Security Cloud Client | 1 | 0.0001% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| TACHYON Endpoint Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| TeamViewer ITbrain Anti-Malware | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Tencent PC Manager | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| TotalAV | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Total Defense Internet Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Total Defense Premium | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| TrustPort Antivirus Sphere | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| VIPRE Advanced Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| VirIT eXplorer PRO | 1 | 0.0001% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Wontok SafeCentral Security Suite | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| Zemana EndPoint Security | 0 | 0.00% | 0 | 100.00% | 0 | 0.00% | 0 | 100.00% | |
| RAP (Reactive And Proactive) test - Windows 7 | Reactive | Reactive average | Proactive | Proactive average | RAP weighted average‡ | ||
| Set -2* | Set -1* | Set +1† | Set +2† | ||||
| AhnLab V3 Internet Security 9.0 | 87.93% | 80.03% | 83.98% | 55.42% | 58.24% | 56.83% | 74.93% |
| Arcabit AntiVirus | 94.41% | 93.25% | 93.83% | 81.85% | 74.51% | 78.18% | 88.62% |
| Avast Free Antivirus | 93.34% | 91.63% | 92.48% | 82.53% | 72.17% | 77.35% | 87.44% |
| AVG Internet Security | 92.83% | 84.58% | 88.71% | 77.65% | 71.53% | 74.59% | 84.00% |
| Bitdefender Endpoint Security | 94.22% | 86.50% | 90.36% | 85.48% | 79.36% | 82.42% | 87.71% |
| CompuClever Antivirus PLUS | 89.63% | 93.27% | 91.45% | 82.44% | 74.59% | 78.51% | 87.14% |
| Cyren Command Anti-Malware | 85.42% | 87.17% | 86.30% | 61.90% | 60.85% | 61.37% | 77.99% |
| Defenx Security Suite | 82.18% | 73.38% | 77.78% | 63.68% | 62.74% | 63.21% | 72.92% |
| Emsisoft Anti-Malware | 94.64% | 93.73% | 94.19% | 83.08% | 74.88% | 78.98% | 89.12% |
| eScan Internet Security Suite for Windows | 95.15% | 93.47% | 94.31% | 82.25% | 74.51% | 78.38% | 89.00% |
| ESTsecurity ALYac | 94.27% | 88.42% | 91.34% | 80.20% | 74.27% | 77.23% | 86.64% |
| Faronics Anti-Virus | 94.79% | 94.32 | 94.55% | 83.27% | 75.03% | 79.15% | 89.42% |
| FireEye Endpoint Security | 91.62% | 88.35% | 89.98% | 84.22% | 74.91% | 79.56% | 86.51% |
| Fortinet FortiClient | 96.61% | 96.17% | 96.39% | 82.16% | 77.37% | 79.77% | 90.85% |
| G DATA Antivirus | 97.58% | 96.35% | 96.97% | 86.00% | 77.52% | 81.76% | 91.90% |
| IKARUS anti.virus | 97.43% | 88.79% | 93.11% | 79.98% | 75.18% | 77.58% | 87.93% |
| K7 Total Security | 83.86% | 75.83% | 79.84% | 63.68% | 62.74% | 63.21% | 74.30% |
| NANO Antivirus | 85.41% | 77.63% | 81.52% | 60.70% | 60.65% | 60.68% | 74.57% |
| Panda Endpoint Protection Plus | 80.70% | 65.68% | 73.19% | 44.00% | 51.17% | 47.58% | 64.65% |
| Panda Free Antivirus | 78.46% | 76.10% | 77.28% | 44.24% | 51.34% | 47.79% | 67.45% |
| Panzor CloudAntivirus | 97.99% | 96.20% | 97.10% | 91.13% | 82.49% | 86.81% | 93.67% |
| TACHYON Endpoint Security | 93.10% | 91.43% | 92.26% | 78.88% | 73.45% | 76.17% | 86.90% |
| TeamViewer ITbrain Anti-Malware | 93.78% | 93.49% | 93.63% | 82.84% | 74.61% | 78.72% | 88.66% |
| Tencent PC Manager | 95.12% | 93.74% | 94.43% | 82.25% | 75.06% | 78.65% | 89.17% |
| TotalAV | 75.59% | 65.55% | 70.57% | 61.16% | 62.35% | 61.75% | 67.63% |
| Total Defense Internet Security | 94.36% | 93.29% | 93.82% | 84.56% | 75.01% | 79.78% | 89.14% |
| Total Defense Premium | 94.38% | 93.44% | 93.91% | 84.68% | 75.01% | 79.84% | 89.22% |
| TrustPort Antivirus Sphere | 96.86% | 96.41% | 96.63% | 86.21% | 78.43% | 82.32% | 91.86% |
| VIPRE Advanced Security | 95.21% | 93.81% | 94.51% | 83.36% | 75.25% | 79.31% | 89.44% |
| VirIT eXplorer PRO | 38.59% | 36.39% | 37.49% | 35.16% | 32.75% | 33.95% | 36.31% |
| Wontok SafeCentral Security Suite | 98.14% | 98.00% | 98.07% | 88.67% | 82.10% | 85.38% | 93.84% |
| Zemana EndPoint Security | 94.68% | 94.18% | 94.43% | 83.70% | 74.98% | 79.34% | 89.40% |
*Set -1 = Samples discovered 1 to 5 days before testing; Set -2 = Samples discovered 6 to 10 days before testing. †Set +1 = Samples discovered 1 to 5 days after updates frozen; Set +2 = Samples discovered 6 to 10 days after updates frozen. ‡ Weighted average gives equal emphasis to the two reactive weeks and the whole proactive part.
| RAP (Reactive And Proactive) test - Windows 10 | Reactive | Reactive average | Proactive | Proactive average | RAP weighted average‡ | ||
| Set -2* | Set -1* | Set +1† | Set +2† | ||||
| AhnLab V3 Internet Security 9.0 | 88.84% | 78.53% | 83.68% | 55.42% | 58.24% | 56.83% | 74.73% |
| Arcabit AntiVirus | 94.06% | 86.59% | 90.32% | 81.85% | 74.51% | 78.18% | 86.28% |
| Avast Free Antivirus | 92.75% | 91.90% | 92.33% | 78.75% | 71.61% | 75.18% | 86.61% |
| AVG Internet Security | 92.69% | 91.94% | 92.31% | 82.47% | 72.17% | 77.32% | 87.32% |
| Bitdefender Endpoint Security | 94.49% | 93.58% | 94.04% | 85.51% | 79.36% | 82.44% | 90.17% |
| CompuClever Antivirus PLUS | 94.61% | 93.40% | 94.00% | 82.44% | 74.59% | 78.51% | 88.84% |
| Cyren Command Anti-Malware | 85.96% | 83.73% | 84.85% | 61.90% | 60.85% | 61.37% | 77.02% |
| Defenx Security Suite | 80.73% | 75.88% | 78.30% | 63.68% | 62.74% | 63.21% | 73.27% |
| Emsisoft Anti-Malware | 94.59% | 94.48% | 94.54% | 84.80% | 75.28% | 80.04% | 89.70% |
| eScan Internet Security Suite for Windows | 94.74% | 94.30% | 94.52% | 85.35% | 75.10% | 80.23% | 89.76% |
| ESTsecurity ALYac | 94.40% | 93.24% | 93.82% | 80.20% | 74.27% | 77.23% | 88.29% |
| Faronics Anti-Virus | 94.98% | 93.93% | 94.45% | 82.90% | 74.96% | 78.93% | 89.28% |
| FireEye Endpoint Security | 86.52% | 84.61% | 85.57% | 81.55% | 74.37% | 77.96% | 83.03% |
| Fortinet FortiClient | 96.67% | 95.97% | 96.32% | 84.49% | 78.45% | 81.47% | 91.37% |
| G DATA Antivirus | 97.60% | 96.79% | 97.20% | 85.97% | 77.52% | 81.74% | 92.05% |
| IKARUS anti.virus | 97.40% | 95.27% | 96.33% | 80.23% | 75.20% | 77.72% | 90.13% |
| K7 Total Security | 84.16% | 76.92% | 80.54% | 64.08% | 62.94% | 63.51% | 74.86% |
| NANO Antivirus | 85.89% | 79.65% | 82.77% | 60.70% | 60.65% | 60.68% | 75.40% |
| Panda Endpoint Protection Plus | 80.05% | 68.51% | 74.28% | 44.00% | 51.17% | 47.58% | 65.38% |
| Panda Free Antivirus | 81.72% | 66.33% | 74.03% | 44.24% | 51.34% | 47.79% | 65.28% |
| Panzor CloudAntivirus | 98.17% | 97.86% | 98.02% | 91.13% | 82.49% | 86.81% | 94.28% |
| TACHYON Endpoint Security | 92.83% | 91.74% | 92.29% | 78.85% | 73.45% | 76.15% | 86.91% |
| TeamViewer ITbrain Anti-Malware | 94.46% | 93.20% | 93.83% | 82.44% | 74.61% | 78.52% | 88.73% |
| Tencent PC Manager | 95.05% | 93.93% | 94.49% | 82.25% | 75.06% | 78.65% | 89.21% |
| TotalAV | 75.57% | 62.48% | 69.02% | 61.13% | 62.30% | 61.71% | 66.59% |
| Total Defense Internet Security | 94.21% | 93.92% | 94.07% | 82.41% | 74.61% | 78.51% | 88.88% |
| Total Defense Premium | 94.21% | 93.27% | 93.74% | 83.88% | 74.83% | 79.36% | 88.95% |
| TrustPort Antivirus Sphere | 96.87% | 89.04% | 92.95% | 85.97% | 78.43% | 82.20% | 89.37% |
| VIPRE Advanced Security | 95.03% | 93.83% | 94.43% | 83.79% | 75.25% | 79.52% | 89.46% |
| VirIT eXplorer PRO | 35.64% | 38.19% | 36.92% | 34.91% | 32.73% | 33.82% | 35.88% |
| Wontok SafeCentral Security Suite | 98.18% | 97.95% | 98.06% | 88.15% | 82.02% | 85.09% | 93.74% |
| Zemana EndPoint Security | 94.97% | 94.19% | 94.58% | 83.70% | 74.98% | 79.34% | 89.50% |
*Set -1 = Samples discovered 1 to 5 days before testing; Set -2 = Samples discovered 6 to 10 days before testing. †Set +1 = Samples discovered 1 to 5 days after updates frozen; Set +2 = Samples discovered 6 to 10 days after updates frozen. ‡ Weighted average gives equal emphasis to the two reactive weeks and the whole proactive part.
The main test on each platform was run in three parts, over three consecutive weeks. Products were installed on clean installations of both Windows 7 and Windows 10. At the beginning of each part of the test we made sure the latest updates were downloaded, while throughout the test, products were connected to the Internet, thus allowing for real-time cloud look-ups.
The products as we tested them are available to the general public. However, in a few instances we have allowed vendors to make modifications to the product to adapt to our specific test scenario. None of these modifications would have an impact on the real-world performance of the affected products.
For each part of the test, we used the most recent version of the WildList, together with one third of our constantly updated collection of widely used legitimate software. Using a shared drive, the files were copied onto the client machine and we recorded whether (and how) files were blocked by the anti-malware product.
If files weren’t blocked, a custom-built tool was used to open the file, thus triggering AV detection by products that don’t (always) scan files on being copied.
A product passed the test if, and only if, on both platforms it blocked all files from the WildList, and didn’t generate any false positives (i.e. incorrect detections) when scanning the full clean set.
The clean set consists of more than 450,000 files, all widely used programs, with any files that show suspicious behaviour being excluded from the set.
For the 'RAP' (reactive and proactive) test, the same set‑up was used, but for the proactive part of the test products were not connected to the Internet. This allowed us to measure their proactive detection abilities by having a 'frozen' version of each product scan two sets of malware files: those seen in the wild between one day and five days after the product 'freeze' date, and those seen in the wild between six and 10 days after this date.
Note: A slightly different approach when it comes to tidying up the set of malware, as well as a different approach to testing, means the individual RAP scores should not be compared with those seen in tests prior to April 2017.
