Latest News
January 20, 2026 | Text: Markus Selinger | Antivirus for Windows
ATP Test: How easily Windows can be tricked by malware
Many users have known for a long time that they always need to keep their Windows up to date so that cyberattackers will have as few opportunities as possible to launch an assault. But Windows itself has a number of vulnerabilities that only security software can mitigate. Interesting fact: Windows attempts to load DLL files even if they are only referenced in code and the actual file does not even exist. Attackers create these phantom files, including malware code, and make them available to a Windows process. This process becomes an unintentional facilitator of the ransomware or infostealer attack. In the latest Advanced Threat Protection test – ATP test for short – 19 protection products for consumer users and corporate users demonstrate whether they see through all these DLL guises, including malware, or whether they fall for them.
Security software put to an ATP test –
20 protection programs under Windows 11 defend against ransomware and infostealers in an advanced test
Cyberattackers are nothing but criminals who are out to steal something. As they normally cannot find a digital safe containing cash, they commandeer data and demand a ransom for it. That is the essence of the entire business principle behind ransomware or infostealers. While an infostealer typically only extracts data, the ransomware also encrypts important data and usually ends up stealing it as well. It is a basic business model, but unfortunately it has also been extremely successful for years. Even experts have a hard time estimating the amount of ransom money collected. But last year, there were documented payments amounting to roughly USD 40 billion to known wallets of cybergangs. The FBI reported corporate losses of just under 17 billion dollars for the United States alone. The actual losses are likely to be higher, as much of the stolen data is also sold, resulting in further crimes.
The series of ATP tests regularly examines security software to see whether they are up to date and also aware of the latest attack tricks and techniques. In the ATP test taking place in November and December 2025, 10 products for consumer users and 9 solutions for corporate users under Windows 11 were evaluated.
19 security products in the ATP test under Windows 11
All products were required to demonstrate in 10 real attack scenarios that they identified the malware and were capable of fending it off in further steps. Each additional action is documented in the ATP test and illustrated in the results graphs.
In test lineup were 10 consumer user products from Avast, AVG, Avira, ESET, F-Secure, G DATA, Kaspersky, McAfee, Microsoft and Norton. The solutions for corporate users came from the vendors Acronis, Avast, Bitdefender, ESET, Kaspersky (with two versions), Microworld, Qualys and Trellix.
ATP test: security packages under Windows 11
Among the 10 security packages evaluated, 7 achieved top scores in the Advanced Threat Protection test under Windows 11
Corporate solutions in the ATP test
Nearly all endpoint solutions for corporate users rendered strong performance against ransomware and infostealers in the ATP test under Windows 11
In each ATP test, the experts in the lab deploy alternating attack techniques, just as cybergangsters do in real life. In the 10 scenarios involving 5 samples of ransomware and infostealers each, the testers award a specified number of points for the performance of each product. This means up to 3 points for ransomware, and up to 4 points for infostealers. Half points are also awarded if a product is capable of mounting a partial defense against an attack. At the end of the test, each product is ultimately able to earn up to 35 points for its protection score.
In this test, two special attack techniques were used:
Phantom DLL hijacking: An attacker, exploiting the fact that a Windows service attempts to load a non-existent DLL, places a malicious file in the searched location. Some Windows services load optional or weakly referenced DLLs when they are found in their search path, creating an opportunity for abuse. For example, under Windows the SessionEnv service has tried to load the TSVIPSrv.dll in the past, even if it was not present. If an attacker places a DLL with this name in a directory in the service's load path, the service may possibly load it at startup.
In our examples, a UAC bypass is used, allowing us to place TSVIPSrv.dll in "System32" and restart the SessionEnv service. We then load our malicious code into a real Windows service and launch the simulation of the behavior of infostealers or ransomware.
DLL sideloading: Using the attack technique, a legitimate executable file loads a DLL , in the guise of a trusted process, from an unexpected directory. However, the attackers replaced the file with a malicious version. In Windows, many applications first search for specific DLLs in their working directory before reverting to system paths. For example, the legitimate Microsoft Edge binary file, identity_helper.exe, tries to load msedge_elf.dll from the same directory.
In our examples, we sideload our manipulated msedge_elf.dll containing malicious code by placing it in the directory in which the identity_helper.exe file is located. Or we copy both files to another directory and launch them. The legitimate executable file loads the injected malicious library and executes simulated infostealer or ransomware behavior.
The 10 test scenarios
All attack scenarios are documented according to the standard of the MITRE ATT&CK database. The individual sub-techniques are listed in the MITRE database for “Techniques”, for example, “T1566.001” under “Phishing: Spearphishing Attachment”. Each test step is thus defined among the experts and can be logically understood. In addition, all attack techniques are explained, along with how and why the malware infection occurs and impacts systems.
ATP Test: 10 consumer user products
The products examined for consumer users came from the following vendors: Avast, AVG, Avira, ESET, F-Secure, G DATA, Kaspersky, McAfee, Microsoft and Norton. The test proceeded perfectly for 7 of the 10 products and they were not to be fooled by any attack technique. For this they all received the maximum 35 points for their protection score.
The ESET package identified 10 out of 10 attackers. However, encountering a ransomware sample, ESET identified, but was not able to completely stop the attacker. The insertion of an infected DLL file was also not prevented. In the end, data was encrypted and 2 out of 3 possible points were lost. ESET finished the test with 33 out of 35 points.
The packages from Microsoft and G DATA identified and fended off 9 attackers without errors, but both fell short when it came to an infostealer. No detection, no blocking and no further defense mounted – all the data was stolen. Both products thus lost 4 points each, leaving them with 31 out of 35 points for the protection score.
Nearly all of the packages examined in the test for consumer users received the AV-TEST "Advanced Certified" certificate, as they fulfilled two conditions: They needed to achieve the required 75 percent (at least 26.5 points) out of 35 points for the protection score in the test and regularly participate in the bimonthly Windows tests. As the vendor G DATA did not meet the second condition, it did not receive a certificate.
ATP Test: 9 products for corporate users
The final result was nearly perfect for all products when it came to the solutions for companies. 8 of the 9 tested endpoint solutions for corporate users fended off all attackers flawlessly in the 10 scenarios, receiving the maximum 35 points for their protection score: Acronis, Avast, Bitdefender, ESET, Kaspersky (with two versions), Microworld and Trellix.
Only Qualys lost in round 1 against a ransomware and an infostealer. Its security product managed to detect both malware samples, yet it couldn’t completely stop them. Round 2 also went to the attackers, and they were able to sideload their infected DLLs into the system. But round 3 spelled a knockout for the ransomware and infostealers – the systems were rescued and the attacks were repelled. Nevertheless, 1 point was taken off for the two glitches in the beginning. Thus, Qualys achieved a protection score of 33 out of 35 points.
Nearly all the tested solutions for corporate users received “Advanced Approved Endpoint Protection” certification, as they met the two following certification conditions: They needed to achieve the required 75 percent (at least 26.5 points) out of 35 points for the protection score in the test and regularly participate in the bimonthly Windows tests. As the manufacturer Acronis did not meet the second condition, it did not receive a certificate.
ATP test: even crafty malware didn't stand a chance here
The latest ATP test demonstrates that even malware with new techniques and sneaky tricks under Windows 11 is virtually no match for good protection software for Windows.
Among the packages for consumer users, 7 of the 10 candidates evaluated reached the maximum 35 points in the protection score, showcasing their system protection: Avast, AVG, Avira, F-Secure, Kaspersky, McAfee and Norton.
The endpoint solutions for corporate users also showcased how reliably they protect office PCs: 8 of the 9 products passed the tests with flying colors. Although the last product made errors in the beginning, it was still able to protect the system in the end. Which means that even after non-detection of malware, a security solution can fend off an attacker with additional protection modules. The ATP test is proof: malware detection alone is not always the decisive factor.
