Best Free Antivirus Software

toggle-button
  Read this article in Spanish
  Read this article in Chinese

Introduction

To begin with let me say this: there is no best antivirus out there. Why do I say this? Any product that you take will behave differently against various virus samples since the AV engines and other components incorporated in them are of different technologies.

While one product might have higher detection ratio, another might have better malicious URL blocking or virtualization techniques, yet another might have lesser impact on system performance and so on.

Read more about Antivirus Engine and other related details at the end of this article.

 

Rated Products

Kaspersky Free Antivirus/ Kaspersky Security Cloud  

The paid security giant forays into free category and outsmarts its rivals


Our Rating: 
5
License: Free (Limited features)
  • Similar signatures & cloud features as its paid counterparts
  • Performance impact is decent on higher end systems
  • Strong behavioral blocker
  • Attractive GUI with no ads
  • Top-notch detection and always up-to-date
  • Thorough malware removal and disinfection process
  • Privacy policy (complies with GDPR)
  • Default settings cover most users
  • Bundles with Kaspersky VPN (can be uninstalled)
  • Fairly good web protection
  • Powerful exclusion settings (even for specific modules)
  • Extensive scan logs
  • Protection settings are locked with presets in Kaspersky Free Antivirus (KFA) [is available in Kaspersky Security Cloud]
  • Long but thorough system scans
  • Performance hit becomes worse on lower end systems
  • Slow update installation
Read full review...

Avast Free Antivirus  

The only antivirus with a fully customizable installer and selection of user preference components.


Our Rating: 
4.5
License: Free (Limited features)
  • Extremely light on the system with a modern and clean UI
  • The only antivirus with a fully customizable installer, selection of user preference components
  • Works best in hardened or lock-down mode, which blocks all unknown programs (medium-expert users only)
  • Top notch detection capability, many secondary components to offer variety to a wholesome software
  • Excellent malicious URL blocking, network protection, outdated software checking, integrated password manager, and comes with a rescue disk.
  • Deep screen technology that includes Sandbox and Safe machine components for protection
  • Bloated default setup, some ads and pop'ups
  • Account creation for further protection after a month
  • Lack of an anti-ransomware module, and Deepscreen disabled by default
  • Cloud reputation, Malware signatures and HIPS module needs improvement
  • Offers Google Chrome and various bloated secondary components during install [Choose custom install]
Read full review...

Comodo Internet Security Premium  

Provides a multi-layered protection scheme with HIPS, sandbox, antivirus and firewall.


Our Rating: 
4.5
License: Free (Limited features)
  • Feature-rich with lots of options for customization along with setting tolerance against prompts
  • Tweaked settings gives the best 0-day protection among the pack
  • Multi-layered protection scheme with HIPS, Sandbox, Antivirus and Firewall
  • Industry grade firewall with options for learning and behavioural blocker
  • Low on resources with various graphical skins available and a clean user interface
  • Painful for beginners to use it, not very newbie friendly 
  • Av-module is a bit weak especially the signature based detection
  • Auto-sandboxing happens for various legitimate files, troubles with FPS games
  • Too many tweaks needed for better protection
  • Buggy software and updates are released slow.
  • Chromodo browser, Yahoo search engine, custom DNS and Geek Buddy offered during default install. [Click customize installation during install]
Read full review...

Qihoo 360 Total Security  

This free antivirus is better than most commercial ones.


Our Rating: 
4
License: Free
  • Totally free, light on resources, extremely fast scan times and pre-configuration protection modes
  • Smooth running installer with no adware, pleasing UI and comes with many themes
  • Fast updates/fixes and excellent customer service with immediate replies
  • Great signatures with multiple engines and in-house cloud protection
  • Web protection addon, browsing locking, webcam, sandbox and usb protection modules
  • Online shopping protection, malicious URL protection and network threat blocking
  • Includes Glasswire Firewall and Windows patch-up components
  • Great detection rates, with very high zero day protection
  • Speedup and clean-up tools might not be for everyone (not present in Essentials version)
  • Bitdefender or Avira engines not enabled by default
  • Might encounter few false positives
  • PUP [Potentially Unwanted Programs] detection needs to improve
Read full review...

Avira Free Antivirus  

A free antivirus with high quality signatures, very fast updates and less false positives.


Our Rating: 
4
License: Free (Private/Educational use)
  • Pretty light on the system and runs smooth without system slow-downs
  • Clean ad-free GUI, Ad-free installer, No pop-ups or ads
  • High quality signatures, very fast updates, excellent detection on non-zero day threats
  • Deep file scans with very less false positives
  • Avira Protection Cloud makes for an excellent cloud engine
  • Browser safety Add-ons available for major browsers
  • Zero day protection (heuristic & behavioural shield) is very weak. 
  • Ineffective Browser launcher which is a memory hog (can be uninstalled)
  • Painful removal for detected files. Repeated scans from Luke Filewalker increases CPU & RAM usage. 
  • Multiple file exceptions needs to be added (real-time and on-demand)
  • No firewall/sandboxing/web shield technologies
Read full review...

Panda Free Antivirus  

Gives you antivirus protection with low memory and CPU usage, and collective intelligence cloud security.


Our Rating: 
4
License: Free (Private/Educational use)
  • Low memory & CPU usage thanks to cloud protection
  • Tiled UI with customizable interface and nicely rendered Settings interface
  • Collective intelligence cloud security - Downloading virus definitions is history
  • Good detection rates and behavioural analysis program
  • Fairly good web protection and hardware resource handling
  • Dependant on internet connection leading to weaker offline protection
  • Slow scanning speed, no fingerprinting (successive re-testing same files) and at times issues with virus removal
  • Not really light, performance impact in web browsing, installation and copying
  • Certain false positives despite the information available at cloud
  • Watch out for Panda security toolbar during install
Read full review...

Honorable Mention

 

Related Products and Links

How to make an antivirus engine

Other Articles By Chiron

Related Free Antivirus Software Articles

Related Security Articles

 

Antivirus Engine

It is used for Real Time malware protection of files and is the core component to scan data on your PC for detecting and removing malware from hard disk, memory, boot sectors, network drives, removable disks, or from external network traffic (internet).

  • How does an antivirus detect malware:

Firstly you got the signature-based detection which contains an offline database of known patterns of malware downloaded from the internet which can identify specific malware codes or family of malware. Then you have heuristic based detection that identifies pieces of code that are unlikely to be found in legitimate programs and hence is prone to false positives depending on the sensitivity of heuristics. Virtualization and sandboxing unpacks or executes unknown programs in an isolated secure environment so that their behaviour can be analysed and scanned using the antivirus engine. The latest one is cloud based detection that requires a reliable internet connection and sends the suspicious scanned file over the internet and the analysis is done by the vendors' machine running the cloud engine.

  • Scanning for viruses:

Most antiviruses include these basic scan types: On-demand scan/manual scan is initiated by the user from right click context menu or from within the software. On-access scan is initiated when the resource is being accessed like running an executable, copying files from external drives etc. Scheduled scan periodically ensures that the system is free from malware by setting the time and frequency for scanning. Startup scan/quick scan checks most important locations like running processes, startup items, system memory and services, boot sectors and so on.

To be Continued in the next update....... Firewall, Proactive protection, Web protection components and more.

 

Editor

This software category is maintained by volunteer editor George.J. Registered members can contact the editor with any comments or questions they might have by clicking here.

Back to the top of the article.

 

Please rate this article: 

Your rating: None
4.265945
Average: 4.3 (2211 votes)
toggle-button

Comments

I will be considering this AV for my next re-write. Thanks.

Chiron how can we trust your review when many other sites rate Comodo very low and you stated that you are "a moderator on the Comodo forums" this seems to me to be a bias toward a product.

As a software developer i created 5 viruses for testing with and Comodo only detected 1 of them while BitDefender and avast detected all 5

How can you assure me that you are not biased

I absolutely understand your concern, and it is one which I would likely worry about for others as well. The difference between my approach towards rating these products and that utilized by other sites, is that I put protection first, and don't really care about detection unless it increases the protection. Most other sites put a premium on detection, which is not always a good indicator of the protection a product will offer. Comodo Antivirus does not have the best detection, and as you mentioned Avast and Bitdefender do tend to have better detection ratios than Comodo. However, that does not tell you everything you need to know about the security product. The main difference between Comodo Antivirus and the others in the list is that Comodo Antivirus utilizes a default-deny architecture, whereas the rest utilize a default-allow architecture. What this means is that with Comodo Antivirus any unknown application (which includes all malware not already detected) will be partially isolated from the rest of your computer. However, with a default-allow antivirus all unknown applications (which includes all malware not already detected) will be allowed to access your computer. Thus, I rank Comodo Antivirus higher than the others not because of detection, but because its ability to detect the user from real-world malware is much larger than the rest. Remember also that zero-day malware, which is what users should be most wary of, is not detected at very high rates. Thus, a default-deny architecture does provide significantly more protection, even though its detection rates may be lower. Of course, the downside to default-deny architecture is that the same isolation will be applied to legitimate programs which are not yet trusted by Comodo. Thus, the user will have to interact with it more than they would a default-allow program. This is why I mentioned that my top pick for advanced or intermediate users is Comodo Antivirus. This is because it requires some additional interaction. However, for those who do not want a piece of software which requires much interaction my top pick is Avast. I plan on making this distinction much clearer in my next re-write. I hope this explanation was helpful. If you still have questions I am more than happy to clarify/explain further. Thank you.

You have not given me any reason to think that you are not biased towards this product and only told me things i already knew about comodo and I even created one of my viruses to target programs that Comodo trusted, I was hoping it would still check these but didn't appear too, maybe there is a setting somewhere that I missed to make it check these programs if there is how do I turn it on ?

Also how can you not rate cleaning as important i don't want to have to install another program to do the clean up if i get infected, i put 20 viruses on my comp and Comodo wasn't able to clean them up for me where as even Norman got half them removed and it is well crap not worth the memory it takes up

Please do create a bug report for this vulnerability in this area: https://forums.comodo.com/bug-reports-cis-b132.0/ of the Comodo forums. I can then better evaluate this there and, if it does turn out to be a vulnerability, forward it to the Comodo devs for consideration. I believe that the architecture of any software intended to protect a computer is of utmost importance. Sadly, most free products which refer to themselves as Antiviruses do not utilize a default-deny architecture. If there are any others I am not aware of please do let me know. However, realize that this article ties my hands when it comes to products other than those which refer to themselves in the name as Antiviruses. As for cleaning, I considered including that in the comparison. However, the truth is that if a product has already allowed the system to be infected I would recommend using multiple products for cleaning. No one product can be trusted to entirely clean a computer. Therefore, I do not include cleaning because my main focus is on prevention of infection, not in cleaning an infection which is already there. Perhaps I should update the article to make this more clear. Thank you.
These types of comments hold no authority at all because absolutely no details are provided. This is the very reason why Wilders forum now disallows posts about home made "tests" because they are meaningless. Please provide details of the code you are referring to, how the tests were conducted and on what system using our site PM facility to so that Chiron can pass this on the the Comodo developers. Once this has been done, we will be able to respond here correctly, but not until. MC - Site Manager.
Sometimes I'm concerned about lab tests too. I mean AV-Comparitives doesn't test the free versions of AVG and Avira, and compares it against the free versions of Avast, Panda, Forticlient, Qihoo, which is an unfair comparison. Infact Avira came out first in the latest results, but they tested the IS version, not the free one.
Agreed, it is very frustrating. However, in order to try to introduce more impartiality to the review I stuck to using these reviews, which have stated methodology, and use only the results for the Free versions. Thus, I am not judging them with respect to each test, but over all three labs for the previous three times the Free version was tested. I also take into account AV architecture, meaning default-deny and default-allow, and use that in my recommendations. I use default-deny being higher, but less user-friendly. That is why Comodo AV is rated number one (as my main criteria is protection) but Avast is rated just after because of higher user-friendliness and detection rates. If you believe there is a better way to go about this please do let me know. I went through a lot of ideas before I came up with this one, but I also realize that there are issues with it. Thank you.
I've always been concerned about reliance on test results when choosing an antivirus solution but at least with the reputable labs you have access to the methodology. MC - Site Manager.
I've had the latest FortiClient running on several machines for a while now, one of which is mine, and everyone including me is very happy with the results. http://www.forticlient.com/ It's getting good results from AV Comparatives and VB for those who follow such things. https://www.virusbtn.com/vb100/rap-index.xml Be aware that the update process will kill you if you have a slow connection, but it's no worse than a lot of others. Also, the stated Application Firewall is disabled unless you are registered into their FortiGate system. The parental control/web filter is truly class leading and the configuration options are many, allowing for a considerable amount of fine tuning if needed. IMO in combination with WinPatrol and say ZoneAlarm free firewall for those who must use something other than Windows, this is an efficient solution. MC - Site Manager.
Thank you for pointing this out to me. I will evaluate this AV and consider it for my next re-write. Thanks again.
The updates for FortiClient are on demand (manual) which won't suit everyone but if your habits are such high risk that you need updates every hour then IMO you should be using Linux anyway. MC - Site Manager.

I switched to FortiClient a few weeks ago too. The signature updates are automatic.
By default the software itself will only display an alert when a software update is available, but there is an option in File > Settings "Automatically download and install updates". Note that this option does not refer to the signature updates--which are always automatic in my experience--but to FortiClient itself.
So far I think FortiClient is worth a look - high detection rates, fairly lightweight and needs virtually no user interaction. The web filter is a nice bonus too. But I would like an option to not install its VPN component because it's useless for an average home user and it installs unnecessary virtual network adaptors.

I'll need to take another look at this as soon as I have the time but the updates were certainly not automatic on my machine. Furthermore, the FortiClient 5 documentation (page 69) refers only to the use of the manual "update now" button, unless the software is being used in conjunction with their commercial FortiManager. MC - Site Manager.

In the current version of FortiClient (5.2.0.0519) the UI has been changed so that there is no longer an "Update now" button. Version 5.0 also updated automatically for me though, except when my firewall (Privatefirewall) blocked it and needed some configuration to allow the various FortiClient processes.

Is there any offline installer for Forticlient?

I don't think that there is unfortunately. At least not for the free FortiClient.

Allright, do they provide offline database definitions updates like Avast, Avira, AVG? Also I couldn't find a way to pause/stop definition updates...

I don't know, sorry. I couldn't see it on their website. You could try asking at the Fortinet forums.

Actually, for the purposes of this article I may still consider reviewing it, but without automatic updates it would certainly not be ranked too high. That would significantly lower the provided protection level. Thank you for the additional information.

I've been using comodo since it became top recommendation. other than seeming a bit slower than avast my previous,it seems to work fine.

my main query and slight worry about it is that when I run a ccleaner registry scan it always shows up a registry entry that cannot be deleted. HKCR\CIS.CisDebugInjector is this safe? What is it? can it be deleted?

Wekslap, about the registry entry, you don't need to worry about that. The key seems to be from Comodo and you are using Comodo. I remember experiencing something similar when I used Avira 9 about 5 years ago, the best solution is for you to exclude that registry key in CCleaner Options > Exclude, Click Add, add registry key. Doing this, CCleaner wont scan for that key or delete it.

Bo

Assuming that entry only started showing up after Comodo was installed, it seems that it is likely related to CIS. As for why it can't be removed, I do know that Comodo protects many of its files, and resists even trusted programs, such as ccleaner, from removing them. Thanks.

I like you list Chiron, and the update is right on spot. However, I would like share my view based on my constant AV installation / uninstallation process, if you don't mind.

Avast! => Was very good detecting viruses, but the other free antiviruses improved a lot. Also, some free-although-limited extras like the "sandbox" were removed. Expect some false positives

AVG => This is my AV for the time being. It had some compatibilty problems with certain programs, but nothing serious. Works on systems with low-RAM and does a great job removing scum such as OpenCandy while installing programs that contain it.

Avira => Good against viruses, but can cause some damage on infected systems. Its functions are very limited for such a big installation file.

Bitdefenter => Works effortlessly on the background and does a great job detecting and cleaning viruses. Its configuration options are almost non-existent, but has a small installation size.

Comodo => Great antivirus engine, maybe too good, as its Behavior Blocker can get too intrusive. It can become a resource hog depending on your PC configuration.

I just read MidnightCowboy's thoughts on the new 360 Security and I faced the same problems. He's definitely right on his recommendation to wait for it to get more mature before setting it as your default AV.

Thank you for sharing your experiences. The difficulty in creating a ranking system, such as is used in this article, is that it can be very subjective. That is why I narrowed down what I believe to be the most important criteria, and evaluated the programs based on comparable protection level. I will, however, consider your experiences for adding more information about each product during my next rewrite. As for 360 security, please do let me know if you believe it is mature. The scores for the previous version were quite good, and I am planning on adding it to the list, assuming the protection scores remain decent, once it is more stable. Thank you.

Thanks for considering my suggestions, Chiron. Your list is great, and I really appreciate your efforts.

Warmest regards

Thank you.
Thank you.
New antivirus. SkyShield Antivirus: http://skyshield.com/

Pages