Producer Information

Avira is one of the leaders in developing cloud-based protection against malware. This technology is used by many leading companies involved in security. Avira’s scanning engines use advanced machine learning and heuristics. They help identify and block malicious code from infecting devices, networks, and systems. Avira is part of Gen Digital Inc.

Key features of Avira

Avira Protection Cloud is fully integrated with antivirus software which strengthens protection, and allows to detect drive-by download attacks. This is one of the ways to infect computers that is invisible to a user, so without a comprehensive protection, it is impossible to block sophisticated attacks.

Avira Browser Safety, the primary protection plugin operates between a browser and the Internet. First of all, it protects users from malicious IP addresses and domains that spread malware. The module can detect and block tracking scripts, ads, and cryptocurrency miners.

Protection against 0-day malware is carried out through a machine learning system that allows to identify new forms of malware, detect targeted malware, and provide a high level of protection.

By choosing one of the Avira solutions, a user gets top-of-the-line cloud-based scanning technology. Devices secured in this way are well protected against trojans, keyloggers, ransomware, unwanted software (PUPs, PUAs), and exploits, thanks to automatic updates of the system.

Selected awards

Certificates that confirm the high quality of software and effectiveness in protecting against threats and attacks in real time.

After completion of all edition of the test, we granted a special certificate for the high level of protection maintained throughout 2022.

We awarded the certificate for the highest quality of protection against Internet threats in the Advanced In The Wild Malware Test.

Advanced In The Wild Malware Test

Recent Results in March 2023

Avast Antivirus Pro

Blocked: 567/567
Total: 100%

PRE-LAUNCH: This classification references the detection of malware samples before they are launched in a live system.

POST-LAUNCH: This indicates an analysis level, i.e., an attack has executed and has been blocked by a tested product.

FAIL: This classification indicates a detection failure, i.e., an attack has NOT been blocked and has infected a system.

Remediation Time in a nutshell

March 2023



Average Remediation Time of active threats



Fastest Remediation Time of one single threat



Longest Remediation Time of one single threat



or active threats
after Remediation

Remediation Time (RT) Legend
The time expressed in seconds from the introduction of malware into the system by a browser, through the launch, to detection and resolution of a security incident. The Remediation Time may depend on the real activity of the malware, which may increase the time. Occurs only at the POST-Launch level.

remediation time

Example indicators

We can completely automate security tests carried out. For instance, we are able to record events of blocking an attack by a specific technology implemented in a product. If a product reacts to a malicious modification of the system, this kind of information is saved in the Windows event log or the local logs of the protection solution. We can capture such modification using the Windows API. For example, the activity of moving a virus to quarantine or running malware in a sandbox will cause the reading of a relevant key from the Windows registry or executing an action by a process. Then, we can mark recorded indicators as a detected attack, a blocked network connection, or an infected file removal. Here are some example indicators:

 ESET Internet Security:

C:\ProgramData\ESET\ESET Security\Logs\virlog.datMalware was removed or cured
*AppData\Local\ESET\ESET Security\QuarantineMalware was quarantined
C:\ProgramData\ESET\ESET Security\epfwlog.datBlocking of traffic by a firewall
C:\ProgramData\ESET\ESET Security\Logs\urllog.datBlocking of malware on a website

See the previous results

You can always go back in time and check how each individual security product performed during previous editions of the test. We make the results from all previous tests available to you to verify if your favorite developer has improved protection against latest malware in his security software.