SECURITY EVANGELIST

You probably have your whole life on your smartphone or laptop. Photos, work documents, notes and reminders. Some of the things you keep in your devices might be deeply personal, things you don’t want to share with anybody else – including your wife or husband.

A successful malware attack can destroy everything. Sometimes it can even expose your personal information for the whole world to see.

An antivirus is the first step in keeping yourself safe, but you shouldn’t just settle for an antivirus. You should find the best antivirus.

What is antivirus software and what antivirus should I use?

Antivirus has always been the go-to solution to fight malicious software and cyber criminal tactics. And it still is. Malware, phishing scams, ransomware, DDoS – these are just a handful of the threats that lurk on the Internet.

Antivirus definition

But let’s start with the basics: what exactly is an antivirus software and what does it do?

Antivirus
The definition of antivirus software programs goes something like this: A piece of software designed block out viruses and other malware from entering your device and compromising your personal data or the hardware itself.

A good antivirus is a must have. It minimizes the times you have to enter damage control mode to clean up the mess caused by a successful malware attack.

Before we go into finding our dream antivirus, let’s see what exactly makes an antivirus, an antivirus.

How does antivirus software work? Things you should know about AV before getting one

Virus scanner and script blocking

Reactive scanning is the bread and butter of an antivirus. Basically, it scans any new program or file before it’s opened and checks if it is a known malware or if it behaves like one.

It’s all done in the background, and the scanned file or program only opens once the antivirus has finished the scan.

Then there is the full system scan, where the antivirus goes through every nook and cranny of your device in order to find malware or any other suspicious software or files.

Some AVs also block malicious ActiveX or Java scripts from infecting your PC. Plugins based on these technologies can be used to make your PC part of a botnet, inject code or do drive-by downloads.

What to look for:

Ideally, the scanner should be lightweight and not hog down your device while still having a very high detection and block rate.

Database of known malware

However, scans cannot be effective if the program doesn’t know what it’s looking for. That’s why every antivirus software comes with a database of known malware, and compares each scanned file to the contents of the database.

This database is updated very frequently, quite often on a daily basis. This is one of the reasons why we always advocate for people to keep their software updated, particularly their antivirus.

Updated software goes a long way to protect you on the internet, since it greatly diminishes the possibility of malicious hackers exploiting an unpatched vulnerability of your software.

But antivirus programs also make use of something called “heuristic analysis”. This means that it will consider a file to be malware if it behaves like one, even if it can’t be found in its database. This is one reason why some AVs falsely classify some safe programs such as Chrome as a virus. The industry calls this a “false positive” and it is a criteria used to judge the quality of an antivirus.

Automatic updates

Any antivirus software worth its salt will automatically update itself, both to clean up any vulnerabilities it might have and to keep its virus database and capabilities up to date. Basically, the quicker and more frequent the updates, the better.

Malware removal

Sometimes, removing malware can be just as important as blocking it in the first place. Usually, the cybersecurity industry sees the two functions as being separate. That’s why many of the free AV’s out there can only detect and block malware, but won’t be able to remove it if your PC is infected.

For that, you will most likely have to purchase the full antivirus solution or download a separate piece of software specializing in malware removal.

Other features you should look for

Ransomware protection: Some antiviruses come with ransomware protection. You select some files and documents to protect in case of a ransomware attack. Afterwards, the ransomware won’t be able to encrypt the blocked files.

File shredder: This may come as a shock, but the standard “Delete” + “Clear Recycle Bin” won’t actually delete a file from your hard drive. It will just make it invisible for you to see. But these files can be recovered with a specialized program.

In normal circumstances, these invisible files disappear only after being pushed out of their memory block by a new ones. But file shredders destroy them completely and leave no trace of them on your hard drive.

Firewall: Some AV’s can filter and scan your internet traffic to detect incoming threats before they reach your device.

Other features to look for: DNS Protection, Password Managers, System Optimization, Phishing protection, Antispam, Browser protection.

Test antivirus to be sure it works

Sometimes you’ll go through a long period where you don’t encounter any online threats and seem to forget that you even have an antivirus installed.

“Is it still alive?” you may ask.

Well, there’s a test you can do to see if it still works.

So how do you test your antivirus to see if it’s still active?

Basically, you have to create a “false virus” that triggers your AV’s defense procedures.

What you need to do is to create an antivirus test file (a .txt file) . A simple notepad document will do just fine.

Then you will need to use a standardized EICAR code. This is something recognized by all antivirus developers as a means of testing if their software is active.

Your antivirus should trigger immediately and activate its security protocols to eliminate the “fake virus”.

If it doesn’t, then that means your software is inactive/disabled.

What’s the best antivirus you could use?

Now that you know what to look for in an antivirus, it’s time to find out which one you should use.

Here are 3 ways you can find the best free or paid antivirus for you:

  • User opinions
  • Expert reviews
  • Independent testing.

How to choose the best antivirus

 

1. User comparison and reviews for paid or free antivirus

The major benefit user comparisons and reviews of antivirus software is that you can get a sense of how the product performs in real life. A comparison can help you figure out which is the best antivirus program for you, or whether you should choose the free or paid version.

A word of advice!

Keep an eye out for users who might be biased in favor of one AV in particular. There is a chance their highly positive review might be ‘doctored’. This happens most often on the developer’s review page, but any of the platforms we’ve mentioned below can fall prey to false reviews.

Security forums

Cybersecurity forums are still some of the best places you can check to find good and trustworthy reviews and comparisons of antivirus software.

For example, the links below will point you to some of the best security forums in the online, where you can find a great number of user reviews and good (or bad) experiences users had with security products:

Quora

For those who don’t know, Quora is a questions & answers site. Basically, you ask a question and (generally) qualified users answer them. Or you can just browse questions similar to yours and see if you find an answer there.

The website is designed so you can quickly access your areas of interest. Search the site for the following categories: Computer Security, Anti-Virus Software or Internet Security or just use these links:

As you can see, these topics are followed by thousands of people, so it should be pretty easy to find the information you need. Here are some starting points that can help you find your best antivirus program.

Yahoo Answers

A similar concept to Quora, but Yahoo! Answers centers on the experience and knowledge of everyday users rather than the knowledge of experts. Use this if you want to read about real life examples and stories rather than well documented answers.

Questions such as “What is the best antivirus” will yield quite a lot of different opinions, and many of them will come with personal accounts and reviews of any given software.

For specific areas on Internet security, check these categories:

And here are some specific questions:

Reddit

A treasure of the Internet hidden in plain sight. Reddit distinguishes itself from Yahoo! Answers and Quora due to its long discussion threads.

Ask Reddit users to compare various antivirus software and you will end up with a very lively conversation among users that covers almost every antivirus program imaginable. ‘Redditors’ will talk at length about the pros and cons of one antivirus or another.

The best way to search for quality information on Reddit is to type your Google query and add “reddit” at the end, something like this: “what is the best antivirus 2016 reddit”

Trustpilot

Reviews of antivirus programs are another way to choose the product that fits your needs. Most people read the reviews on the developer’s page, but it’s impossible to be sure which review is real and which isn’t.

Trustpilot offers a way around this since it is an independent reviews platform. Basically, users can post without worrying they will have their negative comment deleted by developers who jealously guard the brand name of an otherwise poor product.

2. Experts view on what is a good free (or paid) antivirus software

PC Magazine

PC Magazine is meant to answer any and all questions related to computers and software that runs on them, including antivirus.

To access the reviews, type “best antivirus” in the search box and choose one of the two top articles by Neil Rubenking (one of the top experts in the field).

One covers which is the best free antivirus of 2016 while the other one is about the best paid antivirus of 2016.

Below is an image of the best antiviruses as rated by PC Magazine. If you want a more in-depth look, press the blue text at the bottom of each antivirus column.

 

table-of-avs

 

If you access the review for the products, you will notice the available price, and a few conclusions (Pros, Cons and Bottom Line) in case you don’t have time to read the article.

If you continue to scroll down, you can check the main security features that were put to the test:

  • malware blocking
  • malicious URL blocking
  • phishing detection
  • privacy protection
  • additional features.

To see even more articles and filters, press the “Security” tab just above the page title.

 

security-tab-pcmag

 

 

This takes you to a useful part of their website where you can filter antiviruses by price, company, and categories.

 

pc-mag-categories

 

The Category filter can help you narrow down your search to desired functionalities such as: anti-phishing, antispam, antimalware, antivirus and parental control.

By the time you’ve finished reading PC Magazine’s antivirus reviews you will probably:

  1. Know which are the best antivirus programs of 2016.
  2. Know what each program is capable of.
  3. Know the most important security features an antivirus should have.
  4. Chances are you will own a shiny new antivirus, whether it’s free or paid!
  5. Somewhere out there, a piece of malware cries because it can’t infect your PC anymore…

Gizmo’s Freeware – Best Free Antivirus Software

This site focuses on all things related to free software, including antiviruses. Gizmo’s reviews and analyses will help you make up your mind on one software or another. Pretty handy when it comes to choosing your dream antivirus.

Do keep in mind these are only the free antivirus versions, and thus might not have the full functionality of a paid one.

Tom’s Guide – Best Antivirus Software and Apps 2016

Tom’s Guide mostly focuses on electronic gadgets such as smartphones and laptops, but it also has a thorough antivirus section, complete with reviews and rankings.

On the main page of this section you can find a drop down menu which covers four price points for PC antivirus: Free, Basic, Midrange and Premium, and another two categories for Android and Mac AV’s.

 

toms-guide-photo

 

Softpedia – Antivirus

For a lot of people, Softpedia is a one stop shop for many of their software needs. They have a huge list of around 600 various free or paid antivirus software and programs available for download. A great starting point if you want to take your time and just browse at your own pace.

PC Advisor – Test Centre

The test center from PC Advisor puts to the test about 17 antivirus products in the market for the UK public. That doesn’t mean you can’t check them out for yourself and decide if one of them is good enough for you.

3. An antivirus test can tell you all you need to know

Reviewers know which antivirus is better at blocking and eliminating malware by thoroughly testing them. By using the same antivirus testing sites, you can get a better picture of what the AV your want is capable of.

For the best results, antivirus tests have to be as objective as possible. This article can tell you all about the standards and principles these testing sites must respect.

AV-Test

An independent service provider in IT security that analyzes the latest malware, using the best security solutions available and informs the public on the top-quality results.

To check what antivirus solution you should choose, access their website and follow these steps:

1. Select what exactly you want to learn from the tabs in Test results according to area of application.

 

av-test-screenshot-1

 

We assume you are a Windows user, but you can choose whichever operating system/device you use.

2. In the new page, use the menu on the left to select your Windows version and the period when the tests were conducted.

3. Browse the antiviruses on the list.

Just so you know, AV-Test uses three criteria to judge an antivirus:

  • Protection
  • Performance
  • Usability.

An antivirus can obtain a maximum of 6 points for every criterion.

av-test-menu

4. Let’s choose for our example, Bitdefender Internet Security 2016.

5. In the list, the following criteria appear:

Protection – Protection against malware infections, which include zero-day malware attacks, including web and email threats.

Performance – This measures the impact an antivirus has on your PC’s speed and general performance.

Usability – Impact of the security software on the usability of the whole computer.

To get a better idea about each set of data, you can take a look at the right where the Industry average is posted.

 

av-test-scores

 

If you are not sure about a certain product, you can select from the top menu: Tests > Compare manufacturer results.

 

av-test-top-menu

 

This way, you can compare one antivirus software to another and see which one better suits your needs.

Use AV Comparatives to get much more in-depth antivirus test results

AV Comparatives is an independent antivirus testing agency known for its accurate reports and thorough measurement procedures.

This is the comparatives tab of their website. The antivirus test results are organized under 7 categories, each one analyzing certain functionalities and features:

  • Real-World Protection Tests
  • File Detection Tests
  • Heuristic/Behaviour Tests
  • False Alarm Tests
  • Performance Tests
  • Malware Removal Tests
  • Anti-Phishing Tests.

 

av-comparatives

 

The go-to tests most likely to interest you are the “Real-World Protection Tests” and “Performance Tests”.

REAL-WORLD PROTECTION TEST

This is the most relevant test because it shows many viruses it blocks in “real-world” usage. A good antivirus should have a protection rating of 99% or more, meaning they protect you against 99% of malware attacks.

You can see either an interactive monthly graph by pressing “MONTHLY RESULTS” or just check the detailed monthly reports.

 

av-comparatives-monthly-results

 

Do keep in mind though, a 99% test result might not be relevant to your time using an antivirus. You might be attacked with a malware or rootkit, that wasn’t part of the test, which the AV developer doesn’t know about or didn’t get to update quickly enough.

Take this into account when going over the test results.

PERFORMANCE TEST

This test measures the impact an antivirus has on your system performance. It takes into account standard PC activities such as:

  • file copying
  • archiving/ extraction
  • encoding
  • installing/ uninstalling apps
  • app launch times
  • download speeds.

These tests were done with PC Mark 8 Professional Testing Suite, an industry-leading benchmarking software.

You can find the scores and results of each test on pages 9 and 10 of each report.

For example, page 9 centers around is all about PC performance during file copying, archiving, installing, encoding, launching apps and downloading operations. Scroll down to page 10 and you can see the PC Mark 8 points achieved by each software.

If you are still not convinced on a product’s abilities to keep you safe from malware, we recommend running another 2 additional tests: File Detection Test and Heuristic/ Behavior test.

FILE DETECTION TEST

An antivirus is only as good as its malware detection. That’s why AV Comparatives releases monthly reports on how well antiviruses can detect malware.

What this test tells you is:

  1. How many false positives the antivirus produces. A false positive means the antivirus mistakes a normal file with an antivirus.
  2. The success rate of an antivirus in detecting malware.

The quick and dirty results with detection rates and false positives are at pages 7 and 8.

False positives are an important antivirus testing metric because they can impact your device performance. If a file belonging to a program is mistaken as a virus, then your AV will treat it as such. Thus, you may end up with a non-functioning software.

HEURISTIC/BEHAVIOUR tests

Simply hearing the words “heuristic analysis” probably makes you scratch your head.

Heuristic analysis
Heuristic analysis is a defense system against new and unknown malware. Basically, an antivirus notices a suspicious new software, and then analyzes it to know what it does.

During the analysis, the antivirus opens the program in an isolated virtual machine, meaning a PC-within-a-PC, and tracks everything the suspicious program does.

If the suspicious software starts to show malware-like behavior, then the antivirus flags it as such and activates all of its security features to annihilate the threat.

AV Comparatives tests this feature of antivirus software every year. You can find each report in the “Heuristic / Behaviour Tests”. The important information is at page 5.

ANTI-PHISHING TEST

This test evaluates an AV’s capabilities against phishing attempts. These usually occur by email or instant messaging, and lure the target into either entering sensitive details on fake websites or download and open a malware infected attachment.

As in the previous tests, you can go directly to page 4 and see an overview for each antivirus, complete with percentages of blocked phishing websites.

Virus Bulletin

Virus Bulletin is an important benchmarking and comparison site for the entire antivirus industry. It measures just about everything you can think of, including install times, scan speed, stability, performance impact, false positives, detection rate and so on.

The site can be pretty confusing at first, given all of its features and options, so let’s make a sense of the madness.

On the main page of the website, go to the top right corner and press the “VB Testing” tab.

 

vb-testing-tab

 

This will take you to a new page with 3 separate test reports: VB100, VBSpam, VBWeb.

This time, we will take a look at VB100, the rigorous testing standard that made Virus Bulletin such a go-to resource for antivirus comparisons.

 

vb100-testing

 

For a quick overview of every antivirus, check the “Latest RAP Quadrant”, (RAP comes from “Reactive and Proactive”). This will take you to a page with a two-dimension graphic.

 

vb-quadrant

 

The Reactive dimension measures how well the antivirus can detect known malware. The Proactive side tests the AV’s ability to adapt and detect new malware that AV developers haven’t yet discovered and patched.

For the in-depth results, go to the “Latest Report” page.

 

vb-test-results

 

This is a list of antiviruses that passed Virus Bulletin’s extensive tests. On the left of the table you can select what indicators you want to measure.

Just about every single aspect of an antivirus you can think of, with all of them being measured. This will give you the most complete opinion of what a software can, or cannot do.

Use these 5 criteria to see how serious the AV developer is about security

Checking a few details on the antivirus developer’s website and patch notes can help you get a better idea of how seriously they approach updates and bug hunting.

For example, highly detailed patch notes will give you a better picture of what you can expect from the company in terms of reliability. And this applies for other types of software as well, not just antivirus or other security solutions.

This article includes very useful tips to help fill in the blanks in your research.

To sum up

After all these tests, from AV Test, AV Comparatives or PC Magazine, you probably noticed that some antivirus products always seem to come at the top.

This is normal. These antivirus developers have been in business for a long time, and have constantly perfected their software and procedures.

Most antivirus programs now come with a trial testing period to help you decide if you actually want it or not.

The trial period is especially useful if you have doubts about a certain product or you can’t decide between two or more AV’s and want to see them in action.

Keep in mind though that using two or more antivirus programs at the same time isn’t a good idea. The antiviruses will end up thinking each other is a malware, or compete in order to eliminate viruses and significantly drag down your device performance.

But in all of our blog posts, we always emphasize two things:

First, security software alone can’t keep you safe online. It’s a widespread belief in the cybersecurity field that the best antivirus is you, meaning your judgment and general internet savvy. After all, it’s safer not to click the link rather have your antivirus work to eliminate the malware from your PC.

Second,  no single antivirus solution is enough to keep you safe. Even antivirus developers encourage you use multiple security software programs to keep you safe. If malware passes one software, they will have to face another, and with each new step chances of infection drop dramatically.

This article was initially written by Aurelian Neagu in 2014 and was updated by Paul Cucu in November 2016.

where-malware-hides-featured
2016.10.27 SLOW READ

Practical Online Protection: Where Malware Hides

The Anti-Ransomware Protection Plan
2016.05.24 SLOW READ

The Anti-Ransomware Protection Plan You Need to Follow Today

Why Your Traditional Antivirus Can’t Detect Second Generation Malware
2015.09.09 SLOW READ

This Is Why Antivirus Can’t Detect Second Generation Malware [Infographic]

Comments

Thanks for this useful comparison and telling us the what should the best antivirus actually have?.

By far, the best article I’ve ever read about this subject. Brilliant.

Many thanks for your feedback, Louis!! We are happy to know it was useful.

Great! You are providing very useful and amazing knowledge regrading antivirus.

Thank you so much for sharing such a informative blog which is having synchronized information , i was looking for these information over different search engines from past few days but fortunately find my solution over here, i will be keep in touch with you over your future post as well.

Kaspersky Support for Immediate Solution for Antivirus Issues.
http://www.kasperskysupportnumber.com

Kaspersky facilitate and support variety +1-855-676-2448 is that the best different to decide on to induce eliminate any forms of technical errors that encountered by users on their Kaspersky window. You’ll be able to decision America anytime, as our technical consultant’s area unit out there all the time. The good issue is that kasperskysupportnumber.com. Kaspersky facilitate and support team is sort of professionally trained and holds the unimaginable data to fix-up errors within the minimal time.

Impressive research! A very good resource that I will bookmark for sure. Personally, I use Kaspersky.

Hello Peter and thank you for your feedback!

Virus that make very harm to any PC or laptop, so we are always take care of it. But sometime due to internet or some other reason, our computer get affect from virus. The technique through which a computer get less affected from virus. is derived in your blog and your writing skill is also very unique. Thanks for publish it.

Nice post, Thanks for sharing a very informative article. Currently, I’m using McAfee Antivirus Software. It’s good & protect my all business computers. According to my experience I will recommend McAfee Antivirus. Please keep update us like this.

Thank you very much for writing this good article. I learned that it is not easy to choose any antivirus from any antivirus products.

I am got most help from this article. I realized that it is not easy to find good antivirus from any antivirus products. Thanks!

We’re so glad you found it useful, John! Thank you for your kind feedback!

AV’s shouldn’t be considered as a first line of defense as they are extremely unreliable when it comes to the zero-day malwares.
AV/AM may be an second opinion or cleaning addition to the whitelisting, sandboxing or light virtualization but we shouldn’t really rely on them in terms of real time protection.
If someone asks I always recommend Windows own security solutions like Windows Defender and Firewall supported by VoodooShield and Heimdal.
Adblocker with good anti-tracking and malware filters is also a must as many infections are coming from malwertising.

I’m just wondering, does Anti-Malware software like MalwareFox and Malwarebytes work in the same way?

Hi George! Anti-malware products are a bit different and their strength differs according to many elements, such as their intelligence, how it works, etc. But the same criteria to evaluate potential solutions are still the same.

Since you work for MalwareFox, you should probably know the answer to this yourself

Antivirus software on January 25, 2017 at 7:10 am

I love your How to Find the Best Antivirus, the Ultimate Guide article. Here is useful information for antivirus. Thanks for sharing this important article.

Thanks, awesome article! Thumbs up.

There’s one resource that aggregates antivirus test results from multiple independent testing labs which is worth checking out: https://bestantivirus.reviews/tools/test-results-calculator

See security as a onion, layers, defense in dept. Use an av with strong heuristics base, integrity checking, for instance webroot, then look at whitelisting software to make sure only whitelisted exe may execute.
Run pc in local account not adminstrator.
Strong password strategy
PATCH PATCH PATCH

Great Anti-Virus guide, Paul. Wow, Heimdal Security is like the ‘Windows Secrets of cyber-security’. Personally, I am curious about Webroot Secure Anywhere’s “journaling and rollback” technology. The actions of unknown (not in their database) software are tracked, and can be rolled back if necessary. “Webroot’s journaling and rollback feature should be able to recover from almost any attack, even encrypting ransomware.” (PCMag.com) I know that nothing is absolutely certain, but it certainly does sound like a great feature! One thing is sure — Heimdal Security is definitely the place to go first.

All software user this information very informative because nowadays we are working on digital system. So, It is very important for all user that use software system.

Thanks for the informative article. Would like to include a point that using a free antivirus software may not be the right fit for you and as soon as you install them, they ask you to upgrade to the full version. The points mentioned above, do certainly come into play while selecting the best antivirus. Get the right antivirus suited to your needs.

Hi Pawan! Indeed, our recommendation is to purchase a reliable AV, not use the free versions, who are not enough to provide substantial protection.

Jennifer Martin on July 20, 2016 at 3:18 pm

This list of antivirus will surely be very helpful. Thanks for putting it live.

Thats a very good compilation. Perhaps you should include ESET Antivirus in the list as it is secured and no performance issues. I am using it in my business and I feel calm and peaceful about it.

Hi Henry,

We didn’t recommend any specific product, but offered some resources that can help other people choose the right AV for them.

Allison@Intel Security on September 2, 2015 at 6:31 am

Thank you very much for this wonderful article.I think it should be very much helpful for all antivirus users to select antivirus to secure there computer.I have a small IT firm so would you please suggest me which antivirus is best for me Aurelian?

A wonderful and best exhaustive reearch I have ever seen in any AV article I have ever read. Kudos!

Aurelian Neagu - Copywriter on March 19, 2015 at 7:45 am

We are very glad you found the article useful! We tried to see things from an user’s point of view and we realized that it’s not easy to choose from so many antivirus products. Thank you!

Thank you for sharing the ultimate guide about to find about anti virus. Amazing and resourceful article.Really enjoyed this post. Please keep update us like this.

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP