How to Find the Best Antivirus, the Ultimate Guide
Of all the antiviruses, find the one for you
You probably have your whole life on your smartphone or laptop. Photos, work documents, notes and reminders. Some of the things you keep in your devices might be deeply personal, things you don’t want to share with anybody else – including your wife or husband.
A successful malware attack can destroy everything. Sometimes it can even expose your personal information for the whole world to see.
An antivirus is the first step in keeping yourself safe, but you shouldn’t just settle for an antivirus. You should find the best antivirus.
What is antivirus software and what antivirus should I use?
Antivirus has always been the go-to solution to fight malicious software and cyber criminal tactics. And it still is. Malware, phishing scams, ransomware, DDoS – these are just a handful of the threats that lurk on the Internet.
But let’s start with the basics: what exactly is an antivirus software and what does it do?
A good antivirus is a must have. It minimizes the times you have to enter damage control mode to clean up the mess caused by a successful malware attack.
Before we go into finding our dream antivirus, let’s see what exactly makes an antivirus, an antivirus.
How does antivirus software work? Things you should know about AV before getting one
Virus scanner and script blocking
Reactive scanning is the bread and butter of an antivirus. Basically, it scans any new program or file before it’s opened and checks if it is a known malware or if it behaves like one.
It’s all done in the background, and the scanned file or program only opens once the antivirus has finished the scan.
Then there is the full system scan, where the antivirus goes through every nook and cranny of your device in order to find malware or any other suspicious software or files.
What to look for:
Ideally, the scanner should be lightweight and not hog down your device while still having a very high detection and block rate.
Database of known malware
However, scans cannot be effective if the program doesn’t know what it’s looking for. That’s why every antivirus software comes with a database of known malware, and compares each scanned file to the contents of the database.
This database is updated very frequently, quite often on a daily basis. This is one of the reasons why we always advocate for people to keep their software updated, particularly their antivirus.
Updated software goes a long way to protect you on the internet, since it greatly diminishes the possibility of malicious hackers exploiting an unpatched vulnerability of your software.
But antivirus programs also make use of something called “heuristic analysis”. This means that it will consider a file to be malware if it behaves like one, even if it can’t be found in its database. This is one reason why some AVs falsely classify some safe programs such as Chrome as a virus. The industry calls this a “false positive” and it is a criteria used to judge the quality of an antivirus.
Any antivirus software worth its salt will automatically update itself, both to clean up any vulnerabilities it might have and to keep its virus database and capabilities up to date. Basically, the quicker and more frequent the updates, the better.
Sometimes, removing malware can be just as important as blocking it in the first place. Usually, the cybersecurity industry sees the two functions as being separate. That’s why many of the free AV’s out there can only detect and block malware, but won’t be able to remove it if your PC is infected.
For that, you will most likely have to purchase the full antivirus solution or download a separate piece of software specializing in malware removal.
Other features you should look for
Ransomware protection: Some antiviruses come with ransomware protection. You select some files and documents to protect in case of a ransomware attack. Afterwards, the ransomware won’t be able to encrypt the blocked files.
File shredder: This may come as a shock, but the standard “Delete” + “Clear Recycle Bin” won’t actually delete a file from your hard drive. It will just make it invisible for you to see. But these files can be recovered with a specialized program.
In normal circumstances, these invisible files disappear only after being pushed out of their memory block by a new ones. But file shredders destroy them completely and leave no trace of them on your hard drive.
Firewall: Some AV’s can filter and scan your internet traffic to detect incoming threats before they reach your device.
Other features to look for: DNS Protection, Password Managers, System Optimization, Phishing protection, Antispam, Browser protection.
Test antivirus to be sure it works
Sometimes you’ll go through a long period where you don’t encounter any online threats and seem to forget that you even have an antivirus installed.
“Is it still alive?” you may ask.
Well, there’s a test you can do to see if it still works.
So how do you test your antivirus to see if it’s still active?
Basically, you have to create a “false virus” that triggers your AV’s defense procedures.
What you need to do is to create an antivirus test file (a .txt file) . A simple notepad document will do just fine.
Then you will need to use a standardized EICAR code. This is something recognized by all antivirus developers as a means of testing if their software is active.
In the antivirus test file, copy this single line: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Your antivirus should trigger immediately and activate its security protocols to eliminate the “fake virus”.
If it doesn’t, then that means your software is inactive/disabled.
What’s the best antivirus you could use?
Now that you know what to look for in an antivirus, it’s time to find out which one you should use.
Here are 3 ways you can find the best free or paid antivirus for you:
- User opinions
- Expert reviews
- Independent testing.
1. User comparison and reviews for paid or free antivirus
The major benefit user comparisons and reviews of antivirus software is that you can get a sense of how the product performs in real life. A comparison can help you figure out which is the best antivirus program for you, or whether you should choose the free or paid version.
A word of advice!
Keep an eye out for users who might be biased in favor of one AV in particular. There is a chance their highly positive review might be ‘doctored’. This happens most often on the developer’s review page, but any of the platforms we’ve mentioned below can fall prey to false reviews.
Cybersecurity forums are still some of the best places you can check to find good and trustworthy reviews and comparisons of antivirus software.
For example, the links below will point you to some of the best security forums in the online, where you can find a great number of user reviews and good (or bad) experiences users had with security products:
- The Community Video Reviews – a forum which contains video reviews and tests antivirus products
- Windows Secrets – Security & Scams
- Wilders Security Forums – Security Products
- Bleeping Computer – Anti-Virus and Anti-Malware Software
For those who don’t know, Quora is a questions & answers site. Basically, you ask a question and (generally) qualified users answer them. Or you can just browse questions similar to yours and see if you find an answer there.
The website is designed so you can quickly access your areas of interest. Search the site for the following categories: Computer Security, Anti-Virus Software or Internet Security or just use these links:
As you can see, these topics are followed by thousands of people, so it should be pretty easy to find the information you need. Here are some starting points that can help you find your best antivirus program.
- What is the best antivirus of 2016?
- Khusabu Patel answers the question “Which is the best antivirus ever?” on Quora
- A former Symantec executive explains offer a persuasive answer to the question: “Does it make sense to use antivirus software in 2016?”
A similar concept to Quora, but Yahoo! Answers centers on the experience and knowledge of everyday users rather than the knowledge of experts. Use this if you want to read about real life examples and stories rather than well documented answers.
Questions such as “What is the best antivirus” will yield quite a lot of different opinions, and many of them will come with personal accounts and reviews of any given software.
For specific areas on Internet security, check these categories:
And here are some specific questions:
- Which is the best antivirus for Windows 7?
- Do check out this fabulous best answer for the question: “What is the best anti-virus program for Windows 10?”
A treasure of the Internet hidden in plain sight. Reddit distinguishes itself from Yahoo! Answers and Quora due to its long discussion threads.
Ask Reddit users to compare various antivirus software and you will end up with a very lively conversation among users that covers almost every antivirus program imaginable. ‘Redditors’ will talk at length about the pros and cons of one antivirus or another.
The best way to search for quality information on Reddit is to type your Google query and add “reddit” at the end, something like this: “what is the best antivirus 2016 reddit”
- As of September 2016, what’s the best anti-virus/anti-malware protection?
- This thread is a bit older, but you might still find it relevant: What is the best antivirus to go on a new computer?
Reviews of antivirus programs are another way to choose the product that fits your needs. Most people read the reviews on the developer’s page, but it’s impossible to be sure which review is real and which isn’t.
Trustpilot offers a way around this since it is an independent reviews platform. Basically, users can post without worrying they will have their negative comment deleted by developers who jealously guard the brand name of an otherwise poor product.
2. Experts view on what is a good free (or paid) antivirus software
PC Magazine is meant to answer any and all questions related to computers and software that runs on them, including antivirus.
To access the reviews, type “best antivirus” in the search box and choose one of the two top articles by Neil Rubenking (one of the top experts in the field).
Below is an image of the best antiviruses as rated by PC Magazine. If you want a more in-depth look, press the blue text at the bottom of each antivirus column.
If you access the review for the products, you will notice the available price, and a few conclusions (Pros, Cons and Bottom Line) in case you don’t have time to read the article.
If you continue to scroll down, you can check the main security features that were put to the test:
- malware blocking
- malicious URL blocking
- phishing detection
- privacy protection
- additional features.
To see even more articles and filters, press the “Security” tab just above the page title.
This takes you to a useful part of their website where you can filter antiviruses by price, company, and categories.
The Category filter can help you narrow down your search to desired functionalities such as: anti-phishing, antispam, antimalware, antivirus and parental control.
By the time you’ve finished reading PC Magazine’s antivirus reviews you will probably:
- Know which are the best antivirus programs of 2016.
- Know what each program is capable of.
- Know the most important security features an antivirus should have.
- Chances are you will own a shiny new antivirus, whether it’s free or paid!
- Somewhere out there, a piece of malware cries because it can’t infect your PC anymore…
This site focuses on all things related to free software, including antiviruses. Gizmo’s reviews and analyses will help you make up your mind on one software or another. Pretty handy when it comes to choosing your dream antivirus.
Do keep in mind these are only the free antivirus versions, and thus might not have the full functionality of a paid one.
Tom’s Guide mostly focuses on electronic gadgets such as smartphones and laptops, but it also has a thorough antivirus section, complete with reviews and rankings.
On the main page of this section you can find a drop down menu which covers four price points for PC antivirus: Free, Basic, Midrange and Premium, and another two categories for Android and Mac AV’s.
For a lot of people, Softpedia is a one stop shop for many of their software needs. They have a huge list of around 600 various free or paid antivirus software and programs available for download. A great starting point if you want to take your time and just browse at your own pace.
The test center from PC Advisor puts to the test about 17 antivirus products in the market for the UK public. That doesn’t mean you can’t check them out for yourself and decide if one of them is good enough for you.
3. An antivirus test can tell you all you need to know
Reviewers know which antivirus is better at blocking and eliminating malware by thoroughly testing them. By using the same antivirus testing sites, you can get a better picture of what the AV your want is capable of.
For the best results, antivirus tests have to be as objective as possible. This article can tell you all about the standards and principles these testing sites must respect.
An independent service provider in IT security that analyzes the latest malware, using the best security solutions available and informs the public on the top-quality results.
To check what antivirus solution you should choose, access their website and follow these steps:
1. Select what exactly you want to learn from the tabs in Test results according to area of application.
We assume you are a Windows user, but you can choose whichever operating system/device you use.
2. In the new page, use the menu on the left to select your Windows version and the period when the tests were conducted.
3. Browse the antiviruses on the list.
Just so you know, AV-Test uses three criteria to judge an antivirus:
An antivirus can obtain a maximum of 6 points for every criterion.
4. Let’s choose for our example, Bitdefender Internet Security 2016.
5. In the list, the following criteria appear:
Protection – Protection against malware infections, which include zero-day malware attacks, including web and email threats.
Performance – This measures the impact an antivirus has on your PC’s speed and general performance.
Usability – Impact of the security software on the usability of the whole computer.
To get a better idea about each set of data, you can take a look at the right where the Industry average is posted.
If you are not sure about a certain product, you can select from the top menu: Tests > Compare manufacturer results.
This way, you can compare one antivirus software to another and see which one better suits your needs.
Use AV Comparatives to get much more in-depth antivirus test results
AV Comparatives is an independent antivirus testing agency known for its accurate reports and thorough measurement procedures.
This is the comparatives tab of their website. The antivirus test results are organized under 7 categories, each one analyzing certain functionalities and features:
- Real-World Protection Tests
- File Detection Tests
- Heuristic/Behaviour Tests
- False Alarm Tests
- Performance Tests
- Malware Removal Tests
- Anti-Phishing Tests.
The go-to tests most likely to interest you are the “Real-World Protection Tests” and “Performance Tests”.
This is the most relevant test because it shows many viruses it blocks in “real-world” usage. A good antivirus should have a protection rating of 99% or more, meaning they protect you against 99% of malware attacks.
You can see either an interactive monthly graph by pressing “MONTHLY RESULTS” or just check the detailed monthly reports.
Do keep in mind though, a 99% test result might not be relevant to your time using an antivirus. You might be attacked with a malware or rootkit, that wasn’t part of the test, which the AV developer doesn’t know about or didn’t get to update quickly enough.
Take this into account when going over the test results.
This test measures the impact an antivirus has on your system performance. It takes into account standard PC activities such as:
- file copying
- archiving/ extraction
- installing/ uninstalling apps
- app launch times
- download speeds.
These tests were done with PC Mark 8 Professional Testing Suite, an industry-leading benchmarking software.
You can find the scores and results of each test on pages 9 and 10 of each report.
For example, page 9 centers around is all about PC performance during file copying, archiving, installing, encoding, launching apps and downloading operations. Scroll down to page 10 and you can see the PC Mark 8 points achieved by each software.
If you are still not convinced on a product’s abilities to keep you safe from malware, we recommend running another 2 additional tests: File Detection Test and Heuristic/ Behavior test.
An antivirus is only as good as its malware detection. That’s why AV Comparatives releases monthly reports on how well antiviruses can detect malware.
What this test tells you is:
- How many false positives the antivirus produces. A false positive means the antivirus mistakes a normal file with an antivirus.
- The success rate of an antivirus in detecting malware.
The quick and dirty results with detection rates and false positives are at pages 7 and 8.
False positives are an important antivirus testing metric because they can impact your device performance. If a file belonging to a program is mistaken as a virus, then your AV will treat it as such. Thus, you may end up with a non-functioning software.
Simply hearing the words “heuristic analysis” probably makes you scratch your head.
During the analysis, the antivirus opens the program in an isolated virtual machine, meaning a PC-within-a-PC, and tracks everything the suspicious program does.
If the suspicious software starts to show malware-like behavior, then the antivirus flags it as such and activates all of its security features to annihilate the threat.
AV Comparatives tests this feature of antivirus software every year. You can find each report in the “Heuristic / Behaviour Tests”. The important information is at page 5.
This test evaluates an AV’s capabilities against phishing attempts. These usually occur by email or instant messaging, and lure the target into either entering sensitive details on fake websites or download and open a malware infected attachment.
As in the previous tests, you can go directly to page 4 and see an overview for each antivirus, complete with percentages of blocked phishing websites.
Virus Bulletin is an important benchmarking and comparison site for the entire antivirus industry. It measures just about everything you can think of, including install times, scan speed, stability, performance impact, false positives, detection rate and so on.
The site can be pretty confusing at first, given all of its features and options, so let’s make a sense of the madness.
On the main page of the website, go to the top right corner and press the “VB Testing” tab.
This will take you to a new page with 3 separate test reports: VB100, VBSpam, VBWeb.
This time, we will take a look at VB100, the rigorous testing standard that made Virus Bulletin such a go-to resource for antivirus comparisons.
For a quick overview of every antivirus, check the “Latest RAP Quadrant”, (RAP comes from “Reactive and Proactive”). This will take you to a page with a two-dimension graphic.
The Reactive dimension measures how well the antivirus can detect known malware. The Proactive side tests the AV’s ability to adapt and detect new malware that AV developers haven’t yet discovered and patched.
For the in-depth results, go to the “Latest Report” page.
This is a list of antiviruses that passed Virus Bulletin’s extensive tests. On the left of the table you can select what indicators you want to measure.
Just about every single aspect of an antivirus you can think of, with all of them being measured. This will give you the most complete opinion of what a software can, or cannot do.
Use these 5 criteria to see how serious the AV developer is about security
Checking a few details on the antivirus developer’s website and patch notes can help you get a better idea of how seriously they approach updates and bug hunting.
For example, highly detailed patch notes will give you a better picture of what you can expect from the company in terms of reliability. And this applies for other types of software as well, not just antivirus or other security solutions.
This article includes very useful tips to help fill in the blanks in your research.
To sum up
This is normal. These antivirus developers have been in business for a long time, and have constantly perfected their software and procedures.
Most antivirus programs now come with a trial testing period to help you decide if you actually want it or not.
The trial period is especially useful if you have doubts about a certain product or you can’t decide between two or more AV’s and want to see them in action.
Keep in mind though that using two or more antivirus programs at the same time isn’t a good idea. The antiviruses will end up thinking each other is a malware, or compete in order to eliminate viruses and significantly drag down your device performance.
But in all of our blog posts, we always emphasize two things:
First, security software alone can’t keep you safe online. It’s a widespread belief in the cybersecurity field that the best antivirus is you, meaning your judgment and general internet savvy. After all, it’s safer not to click the link rather have your antivirus work to eliminate the malware from your PC.
Second, no single antivirus solution is enough to keep you safe. Even antivirus developers encourage you use multiple security software programs to keep you safe. If malware passes one software, they will have to face another, and with each new step chances of infection drop dramatically.
This article was initially written by Aurelian Neagu in 2014 and was updated by Paul Cucu in November 2016.