Best Free Antivirus Software


Other Language?

  Read this article in Spanish
  Read this article in Chinese


In a Hurry?

  Go straight to the Quick Selection Guide



To begin with let me say this: there is no best antivirus out there. Why do I say this? Any product that you take will behave differently against various virus samples since the AV engines and other components incorporated in them are of different technologies.

While one product might have higher detection ratio, another might have better malicious URL blocking or virtualization techniques, yet another might have lesser impact on system performance and so on.

Antivirus Engine:

It is used for Real Time malware protection of files and is the core component to scan data on your PC for detecting and removing malware from hard disk, memory, boot sectors, network drives, removable disks, or from external network traffic (internet).

  • How does an antivirus detect malware:

Firstly you got the signature-based detection which contains an offline database of known patterns of malware downloaded from the internet which can identify specific malware codes or family of malware. Then you have heuristic based detection that identifies pieces of code that are unlikely to be found in legitimate programs and hence is prone to false positives depending on the sensitivity of heuristics. Virtualization and sandboxing unpacks or executes unknown programs in an isolated secure environment so that their behaviour can be analysed and scanned using the antivirus engine. The latest one is cloud based detection that requires a reliable internet connection and sends the suspicious scanned file over the internet and the analysis is done by the vendors' machine running the cloud engine.

  • Scanning for viruses:

Most antiviruses include these basic scan types: On-demand scan/manual scan is initiated by the user from right click context menu or from within the software. On-access scan is initiated when the resource is being accessed like running an executable, copying files from external drives etc. Scheduled scan periodically ensures that the system is free from malware by setting the time and frequency for scanning. Startup scan/quick scan checks most important locations like running processes, startup items, system memory and services, boot sectors and so on.

To be Continued in the next update....... Firewall, Proactive protection, Web protection components and more.

Honorable Mention:


Discussion And Comparison

1. Qihoo 360 Total Security

The Good:

  • Totally free, light on resources, extremely fast scan times and pre-configuration protection modes
  • Smooth running installer with no adware, pleasing UI and comes with many themes
  • Fast updates/fixes and excellent customer service with immediate replies
  • Great signatures with multiple engines and in-house cloud protection
  • Web protection addon, browsing locking, webcam, sandbox and usb protection modules
  • Online shopping protection, malicious URL protection and network threat blocking
  • Includes Glasswire Firewall and Windows patch-up components 
  • Great detection rates, with very high zero day protection
The Bad:
  • Speedup and clean-up tools might not be for everyone (not present in Essentials version)
  • Bitdefender or Avira engines not enabled by default 
  • Might encounter few false positives
  • PUP [Potentially Unwanted Programs] detection needs to improve
The Ugly: 
  • Nothing for the moment
The Truth: Rating 10 of 10 5/5 stars
 Home |  Download |  v8.2 |  bit version |  Fully freeware |  41.6MB |  Win XP-10, Mac OSX

2. Avast Free Antivirus

The Good:

  • Extremely light on the system with a modern and clean UI
  • The only antivirus with a fully customizable installer, selection of user preference components
  • Works best in hardened or lock-down mode, which blocks all unknown programs (medium-expert users only)
  • Top notch detection capability, many secondary components to offer variety to a wholesome software
  • Excellent malicious URL blocking, network protection, outdated software checking, integrated password manager, and comes with a rescue disk.
  • Deep screen technology that includes Sandbox and Safe machine components for protection
The Bad:
  • Bloated default setup, some ads and pop'ups
  • Account creation for further protection after a month
  • Lack of an anti-ransomware module, and Deepscreen disabled by default
  • Cloud reputation, Malware signatures and HIPS module needs improvement
The Ugly:
  • Offers Google Chrome and various bloated secondary components during install [Choose custom install]
The Truth: Rating 9 of 10 4.5/5 stars
 Home |  Download |  v11.1 |  bit version |  Feature limited freeware |  193 MB |  Win XP-10, Mac OSX

3. Comodo Internet Security Premium

The Good: 

  • Feature-rich with lots of options for customization along with setting tolerance against prompts
  • Tweaked settings gives the best 0-day protection among the pack
  • Multi-layered protection scheme with HIPS, Sandbox, Antivirus and Firewall
  • Industry grade firewall with options for learning and behavioural blocker
  • Low on resources with various graphical skins available and a clean user interface
The Bad: 
  • Painful for beginners to use it, not very newbie friendly 
  • Av-module is a bit weak especially the signature based detection
  • Auto-sandboxing happens for various legitimate files, troubles with FPS games
  • Too many tweaks needed for better protection
  • Buggy software and updates are released slow.
The Ugly: 
  • Chromodo browser, Yahoo search engine, custom DNS and Geek Buddy offered during default install. [Click customize installation during install]
The Truth: Rating 9 of 10 4.5/5 stars
 Home |  Download |  v8.2 |  bit version |  Unrestricted freeware |  208 MB |  Win XP-10, Linux, Mac OSX

4. AVIRA Free Antivirus

The Good:

  • Pretty light on the system and runs smooth without system slow-downs
  • Clean ad-free GUI, Ad-free installer, No pop-ups or ads
  • High quality signatures, very fast updates, excellent detection on non-zero day threats
  • Deep file scans with very less false positives
  • Avira Protection Cloud makes for an excellent cloud engine
  • Browser safety Add-ons available for major browsers
The Bad: 
  • Zero day protection (heuristic & behavioural shield) is very weak. 
  • Ineffective Browser launcher which is a memory hog (can be uninstalled)
  • Painful removal for detected files. Repeated scans from Luke Filewalker increases CPU & RAM usage. 
  • Multiple file exceptions needs to be added (real-time and on-demand)
  • No firewall/sandboxing/web shield technologies
The Ugly: 
  • Nothing for the moment
The Truth: Rating 8 of 10 4/5 stars
 Home |  Download |  v15.0 |  bit version |  Free for private use |  200 MB |  Win XP-10, Mac OSX

5. Panda Free Antivirus

The Good:

  • Low memory & CPU usage thanks to cloud protection 
  • Tiled UI with customizable interface and nicely rendered Settings interface
  • Collective intelligence cloud security - Downloading virus definitions is history
  • Good detection rates and behavioural analysis program
  • Fairly good web protection and hardware resource handling

The Bad: 

  • Dependant on internet connection leading to weaker offline protection
  • Slow scanning speed, no fingerprinting (successive re-testing same files) and at times issues with virus removal
  • Not really light, performance impact in web browsing, installation and copying
  • Certain false positives despite the information available at cloud

The Ugly: 

  • Watch out for Panda security toolbar during install
The Truth: Rating 8 of 10 4/5 stars
 Home |  Download |  v16.1.1 |  bit version |  Free for private use |  61.4 MB |  Win XP

Most Improved products of 2016:


Please help us by rating this review

Related Products and Links

Other Articles By Chiron

Related Free Antivirus Software Articles

Related Security Articles


Have Your Say

Please visit our freeware forum to share and discuss your views and get advice on free security software, including antivirus software. To post in the forum you need to register first but that's quick and immediate.



This software category is maintained by volunteer editor George.J. Registered members can contact the editor with any comments or questions they might have by clicking here.



free antivirus, best free antivirus, free antivirus programs, free antivirus program, antivirus software, free antivirus software,  antivirus program free, anti-virus programs, antivirus scanner, best antiviros, best antvirus

Back to the top of the article


Please rate this article: 

Your rating: None
Average: 4.3 (2117 votes)


I got the joke and enjoyed the irony too : )

I stand by my comments re; OC in general but fair cop, I hadn't properly looked into the situation with Avast in particular.

Not sure why anyone would be comforted by the fact that the dll is removed, when (1) the snooping has already been done at that point, (2) it leaves a permanent identifier on the computer, what OpenCandy used to call a "non-reversible identifier" [link with bad WOT rating removed as per site rules], and (3) its dossier on you is kept remotely.

Thus it is, or was, FALSE that "nothing is left behind."

In any case, you are describing the typical case in which OpenCandy comes with an INSTALLER. This is NOT the case with avast.

The dll is in fact NOT removed in the case of avast (not that it matters). You may "verify" that via the avast forum thread linked above. It remains and gets triggered repeatedly by avast's Software Updater component (which is something akin to the Secunia Personal Software Inspector).

Sophisticated users can block OpenCandy, certainly, but those are likely not the users seeking recommendations for free anti-virus programs. Also, the presence of OpenCandy gives insight into the values and ethics of the avast company.

360 Total Security Rocks!

It's like McDonald's "I'm lovin it!"

Yes I realize it is new. I've been on the net since all the others were new also. I too like to live dangerously.

* Patch windows with Windows Updates.
* Built-In System Cleaner.
* Built-In Start Remover.
* Built-In Sandbox. (similar to Avast)

One of the best guis I have seen in a while since others mucked theirs up. You ever try changing the detailed settings in newer versions of Avast?

It might just be me but it seems my machines run faster with 360 Total Security on. Probably because of the patches applied. It seems to find patches that Windows Update did not find.

* I have not run it on a purposely infected machine.
* It did remove startup items I did not want removed. (They were easily restored)

I would recommend only for an Advanced user for now. We don't know yet if their system cleaner is going to destroy something important.

Lenovo R60 Windows Vista 32-Bit
Acer Aspire 5532 Windows 7 Pro 64-Bit

This seems to be just an assertion. This does not necessarily mean it is true. Have you found any other sources which back this up. I found many which linked back to this same article, but are there any which have reached the same conclusion through analysis of the product itself? Thanks.
Your other post was deleted because of the racist content. Implying that something Chinese, or from any other source for that matter, must be bad will not be tolerated here. MC - Site Manager.
Thanks for providing this very helpful information. During my next re-write I will very likely be adding this AV to the article. It'll be interesting to see how it compares in tests. Thank you.
I'd be using it, if my internet was faster. To update 3 engines takes thrice as much time.

Few have commented on 360 Internet security and have told to wait until it is mature. I din't understand what it meant. I have already switched to 360 Internet security on my Windows 7(and also on my Android phone). Earlier I had Avast, AVG, Panda Cloud and Bitdefender. I liked 360 IS because it updates quickly. Also it doesn't install unwanted software during installation. I am also interested to know why it is not included in FREE AV list.

I will be considering this AV for my next re-write. Thanks.

Chiron how can we trust your review when many other sites rate Comodo very low and you stated that you are "a moderator on the Comodo forums" this seems to me to be a bias toward a product.

As a software developer i created 5 viruses for testing with and Comodo only detected 1 of them while BitDefender and avast detected all 5

How can you assure me that you are not biased

I absolutely understand your concern, and it is one which I would likely worry about for others as well. The difference between my approach towards rating these products and that utilized by other sites, is that I put protection first, and don't really care about detection unless it increases the protection. Most other sites put a premium on detection, which is not always a good indicator of the protection a product will offer. Comodo Antivirus does not have the best detection, and as you mentioned Avast and Bitdefender do tend to have better detection ratios than Comodo. However, that does not tell you everything you need to know about the security product. The main difference between Comodo Antivirus and the others in the list is that Comodo Antivirus utilizes a default-deny architecture, whereas the rest utilize a default-allow architecture. What this means is that with Comodo Antivirus any unknown application (which includes all malware not already detected) will be partially isolated from the rest of your computer. However, with a default-allow antivirus all unknown applications (which includes all malware not already detected) will be allowed to access your computer. Thus, I rank Comodo Antivirus higher than the others not because of detection, but because its ability to detect the user from real-world malware is much larger than the rest. Remember also that zero-day malware, which is what users should be most wary of, is not detected at very high rates. Thus, a default-deny architecture does provide significantly more protection, even though its detection rates may be lower. Of course, the downside to default-deny architecture is that the same isolation will be applied to legitimate programs which are not yet trusted by Comodo. Thus, the user will have to interact with it more than they would a default-allow program. This is why I mentioned that my top pick for advanced or intermediate users is Comodo Antivirus. This is because it requires some additional interaction. However, for those who do not want a piece of software which requires much interaction my top pick is Avast. I plan on making this distinction much clearer in my next re-write. I hope this explanation was helpful. If you still have questions I am more than happy to clarify/explain further. Thank you.

You have not given me any reason to think that you are not biased towards this product and only told me things i already knew about comodo and I even created one of my viruses to target programs that Comodo trusted, I was hoping it would still check these but didn't appear too, maybe there is a setting somewhere that I missed to make it check these programs if there is how do I turn it on ?

Also how can you not rate cleaning as important i don't want to have to install another program to do the clean up if i get infected, i put 20 viruses on my comp and Comodo wasn't able to clean them up for me where as even Norman got half them removed and it is well crap not worth the memory it takes up

Please do create a bug report for this vulnerability in this area: of the Comodo forums. I can then better evaluate this there and, if it does turn out to be a vulnerability, forward it to the Comodo devs for consideration. I believe that the architecture of any software intended to protect a computer is of utmost importance. Sadly, most free products which refer to themselves as Antiviruses do not utilize a default-deny architecture. If there are any others I am not aware of please do let me know. However, realize that this article ties my hands when it comes to products other than those which refer to themselves in the name as Antiviruses. As for cleaning, I considered including that in the comparison. However, the truth is that if a product has already allowed the system to be infected I would recommend using multiple products for cleaning. No one product can be trusted to entirely clean a computer. Therefore, I do not include cleaning because my main focus is on prevention of infection, not in cleaning an infection which is already there. Perhaps I should update the article to make this more clear. Thank you.
These types of comments hold no authority at all because absolutely no details are provided. This is the very reason why Wilders forum now disallows posts about home made "tests" because they are meaningless. Please provide details of the code you are referring to, how the tests were conducted and on what system using our site PM facility to so that Chiron can pass this on the the Comodo developers. Once this has been done, we will be able to respond here correctly, but not until. MC - Site Manager.
Sometimes I'm concerned about lab tests too. I mean AV-Comparitives doesn't test the free versions of AVG and Avira, and compares it against the free versions of Avast, Panda, Forticlient, Qihoo, which is an unfair comparison. Infact Avira came out first in the latest results, but they tested the IS version, not the free one.
Agreed, it is very frustrating. However, in order to try to introduce more impartiality to the review I stuck to using these reviews, which have stated methodology, and use only the results for the Free versions. Thus, I am not judging them with respect to each test, but over all three labs for the previous three times the Free version was tested. I also take into account AV architecture, meaning default-deny and default-allow, and use that in my recommendations. I use default-deny being higher, but less user-friendly. That is why Comodo AV is rated number one (as my main criteria is protection) but Avast is rated just after because of higher user-friendliness and detection rates. If you believe there is a better way to go about this please do let me know. I went through a lot of ideas before I came up with this one, but I also realize that there are issues with it. Thank you.
I've always been concerned about reliance on test results when choosing an antivirus solution but at least with the reputable labs you have access to the methodology. MC - Site Manager.
I've had the latest FortiClient running on several machines for a while now, one of which is mine, and everyone including me is very happy with the results. It's getting good results from AV Comparatives and VB for those who follow such things. Be aware that the update process will kill you if you have a slow connection, but it's no worse than a lot of others. Also, the stated Application Firewall is disabled unless you are registered into their FortiGate system. The parental control/web filter is truly class leading and the configuration options are many, allowing for a considerable amount of fine tuning if needed. IMO in combination with WinPatrol and say ZoneAlarm free firewall for those who must use something other than Windows, this is an efficient solution. MC - Site Manager.
Thank you for pointing this out to me. I will evaluate this AV and consider it for my next re-write. Thanks again.
The updates for FortiClient are on demand (manual) which won't suit everyone but if your habits are such high risk that you need updates every hour then IMO you should be using Linux anyway. MC - Site Manager.

I switched to FortiClient a few weeks ago too. The signature updates are automatic.
By default the software itself will only display an alert when a software update is available, but there is an option in File > Settings "Automatically download and install updates". Note that this option does not refer to the signature updates--which are always automatic in my experience--but to FortiClient itself.
So far I think FortiClient is worth a look - high detection rates, fairly lightweight and needs virtually no user interaction. The web filter is a nice bonus too. But I would like an option to not install its VPN component because it's useless for an average home user and it installs unnecessary virtual network adaptors.

I'll need to take another look at this as soon as I have the time but the updates were certainly not automatic on my machine. Furthermore, the FortiClient 5 documentation (page 69) refers only to the use of the manual "update now" button, unless the software is being used in conjunction with their commercial FortiManager. MC - Site Manager.

In the current version of FortiClient ( the UI has been changed so that there is no longer an "Update now" button. Version 5.0 also updated automatically for me though, except when my firewall (Privatefirewall) blocked it and needed some configuration to allow the various FortiClient processes.

Is there any offline installer for Forticlient?

I don't think that there is unfortunately. At least not for the free FortiClient.

Allright, do they provide offline database definitions updates like Avast, Avira, AVG? Also I couldn't find a way to pause/stop definition updates...

I don't know, sorry. I couldn't see it on their website. You could try asking at the Fortinet forums.

Actually, for the purposes of this article I may still consider reviewing it, but without automatic updates it would certainly not be ranked too high. That would significantly lower the provided protection level. Thank you for the additional information.

I've been using comodo since it became top recommendation. other than seeming a bit slower than avast my previous,it seems to work fine.

my main query and slight worry about it is that when I run a ccleaner registry scan it always shows up a registry entry that cannot be deleted. HKCR\CIS.CisDebugInjector is this safe? What is it? can it be deleted?