Best Free Antivirus Software

  Read this article in Spanish
  Read this article in Chinese


To begin with let me say this: there is no best antivirus out there. Why do I say this? Any product that you take will behave differently against various virus samples since the AV engines and other components incorporated in them are of different technologies.

While one product might have higher detection ratio, another might have better malicious URL blocking or virtualization techniques, yet another might have lesser impact on system performance and so on.

Read more about Antivirus Engine and other related details at the end of this article.


Rated Products

Kaspersky Free Antivirus/ Kaspersky Security Cloud  

The paid security giant forays into free category and outsmarts its rivals

Our Rating: 
License: Free (Limited features)
  • Similar signatures & cloud features as its paid counterparts
  • Performance impact is decent on higher end systems
  • Strong behavioral blocker
  • Attractive GUI with no ads
  • Top-notch detection and always up-to-date
  • Thorough malware removal and disinfection process
  • Privacy policy (complies with GDPR)
  • Default settings cover most users
  • Bundles with Kaspersky VPN (can be uninstalled)
  • Fairly good web protection
  • Powerful exclusion settings (even for specific modules)
  • Extensive scan logs
  • Protection settings are locked with presets in Kaspersky Free Antivirus (KFA) [is available in Kaspersky Security Cloud]
  • Long but thorough system scans
  • Performance hit becomes worse on lower end systems
  • Slow update installation
Read full review...

Avast Free Antivirus  

The only antivirus with a fully customizable installer and selection of user preference components.

Our Rating: 
License: Free (Limited features)
  • Extremely light on the system with a modern and clean UI
  • The only antivirus with a fully customizable installer, selection of user preference components
  • Works best in hardened or lock-down mode, which blocks all unknown programs (medium-expert users only)
  • Top notch detection capability, many secondary components to offer variety to a wholesome software
  • Excellent malicious URL blocking, network protection, outdated software checking, integrated password manager, and comes with a rescue disk.
  • Deep screen technology that includes Sandbox and Safe machine components for protection
  • Bloated default setup, some ads and pop'ups
  • Account creation for further protection after a month
  • Lack of an anti-ransomware module, and Deepscreen disabled by default
  • Cloud reputation, Malware signatures and HIPS module needs improvement
  • Offers Google Chrome and various bloated secondary components during install [Choose custom install]
Read full review...

Comodo Internet Security Premium  

Provides a multi-layered protection scheme with HIPS, sandbox, antivirus and firewall.

Our Rating: 
License: Free (Limited features)
  • Feature-rich with lots of options for customization along with setting tolerance against prompts
  • Tweaked settings gives the best 0-day protection among the pack
  • Multi-layered protection scheme with HIPS, Sandbox, Antivirus and Firewall
  • Industry grade firewall with options for learning and behavioural blocker
  • Low on resources with various graphical skins available and a clean user interface
  • Painful for beginners to use it, not very newbie friendly 
  • Av-module is a bit weak especially the signature based detection
  • Auto-sandboxing happens for various legitimate files, troubles with FPS games
  • Too many tweaks needed for better protection
  • Buggy software and updates are released slow.
  • Chromodo browser, Yahoo search engine, custom DNS and Geek Buddy offered during default install. [Click customize installation during install]
Read full review...

Qihoo 360 Total Security  

This free antivirus is better than most commercial ones.

Our Rating: 
License: Free
  • Totally free, light on resources, extremely fast scan times and pre-configuration protection modes
  • Smooth running installer with no adware, pleasing UI and comes with many themes
  • Fast updates/fixes and excellent customer service with immediate replies
  • Great signatures with multiple engines and in-house cloud protection
  • Web protection addon, browsing locking, webcam, sandbox and usb protection modules
  • Online shopping protection, malicious URL protection and network threat blocking
  • Includes Glasswire Firewall and Windows patch-up components
  • Great detection rates, with very high zero day protection
  • Speedup and clean-up tools might not be for everyone (not present in Essentials version)
  • Bitdefender or Avira engines not enabled by default
  • Might encounter few false positives
  • PUP [Potentially Unwanted Programs] detection needs to improve
Read full review...

Avira Free Antivirus  

A free antivirus with high quality signatures, very fast updates and less false positives.

Our Rating: 
License: Free (Private/Educational use)
  • Pretty light on the system and runs smooth without system slow-downs
  • Clean ad-free GUI, Ad-free installer, No pop-ups or ads
  • High quality signatures, very fast updates, excellent detection on non-zero day threats
  • Deep file scans with very less false positives
  • Avira Protection Cloud makes for an excellent cloud engine
  • Browser safety Add-ons available for major browsers
  • Zero day protection (heuristic & behavioural shield) is very weak. 
  • Ineffective Browser launcher which is a memory hog (can be uninstalled)
  • Painful removal for detected files. Repeated scans from Luke Filewalker increases CPU & RAM usage. 
  • Multiple file exceptions needs to be added (real-time and on-demand)
  • No firewall/sandboxing/web shield technologies
Read full review...

Panda Free Antivirus  

Gives you antivirus protection with low memory and CPU usage, and collective intelligence cloud security.

Our Rating: 
License: Free (Private/Educational use)
  • Low memory & CPU usage thanks to cloud protection
  • Tiled UI with customizable interface and nicely rendered Settings interface
  • Collective intelligence cloud security - Downloading virus definitions is history
  • Good detection rates and behavioural analysis program
  • Fairly good web protection and hardware resource handling
  • Dependant on internet connection leading to weaker offline protection
  • Slow scanning speed, no fingerprinting (successive re-testing same files) and at times issues with virus removal
  • Not really light, performance impact in web browsing, installation and copying
  • Certain false positives despite the information available at cloud
  • Watch out for Panda security toolbar during install
Read full review...

Honorable Mention


Related Products and Links

How to make an antivirus engine

Other Articles By Chiron

Related Free Antivirus Software Articles

Related Security Articles


Antivirus Engine

It is used for Real Time malware protection of files and is the core component to scan data on your PC for detecting and removing malware from hard disk, memory, boot sectors, network drives, removable disks, or from external network traffic (internet).

  • How does an antivirus detect malware:

Firstly you got the signature-based detection which contains an offline database of known patterns of malware downloaded from the internet which can identify specific malware codes or family of malware. Then you have heuristic based detection that identifies pieces of code that are unlikely to be found in legitimate programs and hence is prone to false positives depending on the sensitivity of heuristics. Virtualization and sandboxing unpacks or executes unknown programs in an isolated secure environment so that their behaviour can be analysed and scanned using the antivirus engine. The latest one is cloud based detection that requires a reliable internet connection and sends the suspicious scanned file over the internet and the analysis is done by the vendors' machine running the cloud engine.

  • Scanning for viruses:

Most antiviruses include these basic scan types: On-demand scan/manual scan is initiated by the user from right click context menu or from within the software. On-access scan is initiated when the resource is being accessed like running an executable, copying files from external drives etc. Scheduled scan periodically ensures that the system is free from malware by setting the time and frequency for scanning. Startup scan/quick scan checks most important locations like running processes, startup items, system memory and services, boot sectors and so on.

To be Continued in the next update....... Firewall, Proactive protection, Web protection components and more.



This software category is maintained by volunteer editor George.J. Registered members can contact the editor with any comments or questions they might have by clicking here.

Back to the top of the article.


Please rate this article: 

Your rating: None
Average: 4.3 (2219 votes)


Avoid Avast ads/popups/craps, etc...

Latest Stable Avast Free
Win 10 64

Win FW - Go to Advanced Settings - Top left side click "Outbound Rules" - Top right side click "New Rule" - Check that "Program" is selected - Click next - Check that "This program path" is selected & paste "C:\Program Files\AVAST Software\Avast\AvastUI.exe" without quotes - Click next - Check "Block the connection" is selected - Click next - Check all the "3" options are selected - Click next - Paste "AvastUI" without quotes in the option "Name" - Click finish.

Comodo FW - Set CFW to "Custom" - There will be couple popups - Check the popups description - There will be a popup for "AvastUI" - Select 'Remember This" & click "Block" on the popup for "AvastUI".

Win FW - I am running Win FW. And have blocked "AvastUI" as mentioned above.
Everything seems fine i.e Realtime/WebShield alerts, databases/streaming updates, hardened mode alerts, etc...

Comodo FW - I had blocked "AvastUI" as mentioned above. And ads/popups were not there. Forgot to check Avast functioning as mentioned above for Win FW. I think Avast should work fine.

Note - Only thing I noticed that Avast help links from the GUI mention "You are offline". So online content is not available & only offline content is available.

It seems blocking of AvastUI.exe as mentioned above takes care of all the Avast craps i.e no ads/popups, no upgrade button on the main GUI, no ads on the main GUI, no Chrome/Toolbar offers options during install/upgrade, etc...

I uninstalled Avast Free. But didn't remove the block rule for AvastUI.exe from Win FW.
I had a previous installer so installed Avast Free. No Chrome/Toolbar offers options during install. I then upgraded to the latest version & no Chrome/Toolbar offers options during upgrade.

of course the internet is now abuzz with the announcement from avg that it now collects and sells your info. so another product that i am done with. added to these:
Samsung spyware on tvs plus pups on phones
Lg spyware
Lenovo spyware and not safe chinese computers
Comodo adware
SOHO Routers
Seagate harddrives...come with rootkits

I do wish when posters tout something on here -- as in this recent post about "Moon Secure AV" -- they'd do more than tout but instead amplify their contribution, in this instance with some reference to calibre of performance and provenance of producer. Last I heard, Moon Secure was an Indian enterprise which used ClamAV and then ceased business. That's about as staggeringly unimpressive as it gets -- so why is this particular "AV" being promoted in this comments thread? Looks like spam to me.

The product has not been touted or promoted... simply suggested. There's a difference. Of course, we do remain open to suggestions. Any kind of over-promotion is always removed by moderators.

It's also worth mentioning that editor Panzer is responsible for posting literally hundreds of software suggestions on the site and we are very grateful for his contribution. MC - Site Manager.

MoonSecure Antivirus:

Not sure about listing MSE Microsoft Security Essentials as unsuitable or subpar.
It is true that they rank low on the test scores.
But there's an assertion that MSE focuses on the most popular exploits.
So we might have a "real-world" vs "academic" controversy here.
Ie in an academic settings (AV tests), with contrived threats, ie, including some rare ones, MSE doesnt perform well.
But in the real-world with threats that are commonly seen, it performs just as well as the others.
Ie you have no greater chance of becoming infected with MSE than with any other AV.
MSE is also free and fast, so I would not demote it.

My personal opinion, is if you take the AV Tests, and give them a good shake (ie replace the threats tested with an different but equivalent set), then everybody's going to score differently.
So my opinion pick a fast, unobtrusive one. That's MSE or BitDefender today, but every year brings a new mix.
Actually, before coming here today i would have put Panda on that list, but people here report popups.
And supplement with Malware Bytes anti-malware and Super Anti Spyware once a week.
And use Sandboxie or VMware player or VirtualBox for risky stuff.

You make a very good point johnvk, in fact several of the people I still service use MSE and none of them are getting infected. This is because they realize an antivirus solution is only part of the strategy for staying infection free. The rest depends on the user and how they operate their system when connected to the internet. If this usage is such they think they can surf blindly into any site and install software from any source, no matter which antivirus they have, infection is a matter of when not if. Common sense together with browser add-ons such as WOT and uBlock Origin plus Sandboxie, WinPatrol Free and in my case Toolwiz Time Freeze for software testing will be perfectly adequate when used with MSE. MC - Site Manager.

Panda Free Antivirus is a PUP on my Win 7 64-bit in that it keeps popping up an ad. for Panda Pro at random times and too often in the middle of something I am doing on the desktop.

> "Panda Free Antivirus is a PUP on my Win 7 64-bit in that it keeps popping up an ad. for Panda Pro at random times and too often in the middle of something I am doing on the desktop."

Then uninstall it and use something else. It is a free program. I see nothing wrong with providers of free stuff trying to get you to upgrade to something that gives them some compensation for teir work. If they do it in a way that is inttrusive to you, then just move on. Maybe buy a pay program = no ads (well, usually).

So, you are a Comodo fan, but you didn't put any links to download Comodo Antivirus, your #1 recommendation.

I personally hate Comodo, ever since my brother installed their firewall on my parents' computer and i had many many many problems with it.

I am puzzled by your comment about bloatware/opencandy with Avast. I have installed it on three laptops and there's no trace of Opencandy on any of them. I have found it very easy to avoid installing Chrome if I don't want it.
I find an increasing number of nag screens in Avast, and it does try to get you to upgrade - always at an alleged discount: does anyone ever pay the so called full price?
But the free version has been very effective in blocking all sorts of invasions... so I'm relucatant to abandon it for the reasons you give.

Yeah, me three. Been using Avast for years on a number of computers and nothing extra has ever been installed by itself. The popups are slightly annoying but are occasional and no real biggie. The only thing you have to watch out for, besides the Chrome install option (and even that didn't show when I installed it yesterday via is that during upgrades it's easy to click install for the paid version.

While it's not usually THE top AV solution in the various AV comparisons, it is usually ranks near the top, and has a reasonable memory footprint.

I'm here right now because i have Avast and as you say i never saw any Opencandy but the attempts at tricking people into upgrading instead of updating are ridiculous.

My problem with Avast is that when ever it detects something, i can't have it ignore the "threat" even if i click the false positive link.
Because of that, i'd have to disable Avast just so i can update a portable program that it has decided is Adware.

First I had AVG free when I had slow internet connection. Then Avast which consumed lot of Internet data. Then I switched to Qihoo 360 Internet Security. Recently I switched again to Baidu 'Free for ever' Antivirus. I liked this AV. Lots of features. I am interested to know why it is not included in this list here.

Panda Cloud Antivirus changed to Panda Free Antivirus a while back.

My system:
Windows XP (SP3)
Athlon XP 3000+ CPU (w/SSE but not SSE2 or above support)

I switched to Panda Free Antivirus 15.1.0 soon after Avira Free Antivirus ended official support for Windows XP on 08 APR 2015. So far, so good ...

Panda has so little impact on my system's performance that it's almost like having no antivirus program installed at all: my computer starts quickly, programs launch/open quickly, and files open/load quickly. How well Panda is protecting my system, I haven't a clue, but it tests very well in the various antivirus tests I've seen on the Web.

I do get one ScRegSetValueExW-related 7006 error on my Event Log each session because of Panda. Panda says that the error is normal (and not a problem) because of Panda's self-protection feature: "[Panda] has a self-protection feature included and this event appears because somebody or some program is trying to modify any of our registry keys, thus we are denying the modification." It causes no slowdown or problem that I can tell, so I tend to believe them. Avira (and Avast and AVG and Comodo) cause many, many Event log errors and warnings, so I'm happy to be down to just one.

Panda is easy to install and setup and allows the user a reasonable amount of control over the settings. Big items include customizable scans, a scheduler for scans, and exclusion lists. The Update feature is automatic, and I don't believe that it can be turned off(?); there's also an on-demand "Update now" button. I'm guessing that "updates" include both virus definitions and program updates. Major features -- Real-time protection, Process Monitor, and USB Vaccine -- can be turned on and off individually, as can many smaller sub-features. The Windows 8-ish control panel GUI seems more designed for fat-fingered users of devices with touch screens than for handsome, erudite users of "classic" desktop PCs, but it's straightforward if not very elegant. Power users will no doubt want more control, but Joe Average users with slight geekish tendencies will likely be happy enough. Also, I haven't noticed any pop-up ads or anything of that sort ... only some notes/links on the control panel encouraging me to upgrade to Panda Antivirus Pro (which adds a firewall and Wi-Fi protection).

I signed up for a Panda account, but I'm not quite sure if that's required or not -- the program seemed to work fine before I signed up. Signing up requires an e-ddress and password but nothing else, though Panda does politely ask for your name, address, phone number, etc. (which I did not provide). I haven't received any junk mail from them yet.

I've tried out most of the well-regarded free antivirus programs -- AVG, Avast, BitDefender, Comodo, Panda, and one or two others -- and Panda is clearly the least performance robbing of the bunch on my ancient machine. BitDefender is quite good while it works, but it's a bit touchy and quits auto scanning after a week or so on my machine -- though it works without a hitch (and has for over a year) on my dad's newer Windows 7 machine with up-to-date (SSE2+) CPU. Avast, AVG, and Comodo slow my computer quite dramatically, with even the simplest things (opening the Start menu or Windows Explorer or Notepad) being annoyingly delayed. I suspect that my ancient CPU's lack of support for SSE2 and above may be the problem in some of these cases, as a lot of newer software works better with, or even requires, a CPU with SSE2+ support, so users with a newer CPU may not encounter these problems.

Any comments about Amiti Free Antivirus?

Uses Clam AV engine and signatures so detection rates will be very poor in comparison to other products. Will not be featured here. MC - Site Manager.

Qihoo explains the misunderstandings, and requests for furthur investigation.

Nothing to worry about here. Innocent until proven guilty. Interestingly it's 2 other Chinese antivirus vendors that reported the issue. We already know about the competition in China among antivirus vendors, and all this has been blown out of proportions from jealousy. Even if proven guilty, it's a minor issue because the only contradiction in the results was because their own engine was enabled and BitDefender engine enabled "by default" for the product they've given for testing. Hence calling it "manipulation of scores". Weak statement :D

There is more to this than which engines are used by default. From the report:

On requesting an explanation from Qihoo 360 for their actions, the firm confirmed that some settings
had been adjusted for testing, including enabling detection of types of files such as keygens and cracked
software, and directing cloud lookups to servers located closer to the test labs. After several requests for
specific information on the use of third‐party engines, it was eventually confirmed that the engine
configuration submitted for testing differed from that available by default to users.

I hope AV Comparatives check only for those keygens and cracks that are malicious - as in having a unwanted effect on the OS and user software/connections - many keygens/cracks are actually clean.

More info at their FB page. 
Qihoo: " many popular software add-ons in China that are flagged as malware by the AV-C definition are in fact performing proper functions and not malicious ... (they) are flagged as malware by the AV-C definition ... To satisfy the security needs of both the domestic market and the need for foreign lab testing, all Chinese security product vendors make modifications to standard domestic versions for foreign lab testing to showcase the effectiveness of the basic protection capabilities of these products"
My thoughts about this: If AV-C even all considers keygens and cracked softwares as malicious, and Qihoo tweaked the settings for the lab results to find them as malicious, I'm personally offended by the first statement. Many of these cracked softwares aren't infact malicious. They are just pieces of reverse engineered code to revoke the licensing of the softwares. We're talking about ethics here, but definitely not malware. On many torrent sites popular uploaders specifically state the fact that if you certainly like a product, you should go and buy the product and the ones that they have uploaded are basically for testing the software for longer periods of time.
In my own testing Qihoo's own engine is extremely good if you are connected to the internet. When BitDefender's engine built into Qihoo is enabled, I've found that it detects patches, keygens as malicious among the one's which actually aren't malicious. However when disabled, the same isn't the case. This means that although these files can be considered safe in an average amount of cases, doing so would cost them a place at these lab results. This leads to more false-positives when BitDefender's engine is enabled, hence the reason why Qihoo hasn't turned on these engines by default during installation. They have no choice but to enable them for the lab results.  
We should add this isn't just an ethics argument. No matter what the intention or purpose of the act, it is illegal to alter the software code of copyright material where this is not permitted in the EULA and it is illegal to download it. MC - Site Manager.

I too can understand why this was done by Qihoo although many will still make an argument for it being wrong. There is also a danger that this sort of issue diverts users from the real reasons why they get infected and towards complicit reliance on test results.

When I first began servicing live customers, the folks that could afford to pay for these services were at least 75% installed with the “leading” :D commercial antivirus products, so why were they infected? The reasons of course were as diverse then as they are now but the bottom line is folks still think they can install security software and then surf the internet with impunity. Naturally they seek guidance about these products and use test results as a basis for choice. It's a pity therefore that next to no effort is made to research the methodology of individual tests to see how these might apply to their own usage habits. Take the following for instance which is an extract from one of the much lauded PC Mag tests.

“FortiClient is only the sixth product I've put through this particular test, so I can't say precisely what its score means. Still, having another product block nearly twice as many suggests that 40 percent isn't great. Do note that of necessity the products aren't tested using precisely the same samples. Rather they're all tested with samples detected no more than a day earlier—the newest samples I can get”.

Really? So car “A” fails the crash test but the wall it was driven in to was different to that used for cars “B” and “C”.

At the extreme end of this mess are the YouTube garbage in, garbage out tests where amateurs chuck a handful of URL's at something and then rate it based on the results. YouTube is entertainment folks, not a consumer testing authority.

If people believe Qihoo's actions were a deliberate attempt to deceive, they are free to use another product. I have Panda on both of my dual booted desktops and nothing nasty has bothered me yet. MC - Site Manager.

Odd, the AV comp. report stated: "As part of the investigation into Qihoo 360, counter‐accusations were levelled by the company against
two fellow Chinese security firms, Baidu and Tencent.".

"Investigations by the three labs found that all products submitted for testing by Qihoo had one of the
product’s four available engines, provided by Bitdefender, enabled by default, while a second, Qihoo’s
own QVM engine, was never enabled."

Default public AV engine is Qihoo's own, version submitted used BitDefender's = apples vs. oranges. In my book, that's cheating - entering a tweaked version of 'their' AV to be compared to stock versions of other AVs.

Not too sure if this is the right place to ask this question but here goes.

I recently downloaded the free version of "Malwarebytes Anti Exploit free" purely because of the good reputation of their free "Malwarebytes Anti Malware" which we are all familiar with.

This new offering, "Anti Exploit" is working as an add-on with my SRWare Iron (Chrome) and the only time I know that it's working is when I open my browser, a small window on the task bar tells me that it's operating.

Do any of you have experience with this ? .... and if so, can you tell me how it works ?

To me, it doesn't seem to be doing anything at all and I'm left wondering if it's smoke & mirrors.

Pleast post such queries in the freeware forum, which is the suitable place for such discussions and queries.

After your query has been answered here satisfactorily, will delete the comments, as they are out of topic.

Thanks Anupam !

Malwarebytes Anti-Exploit Free (MAEF) provides protection from exploits in the main web browsers (Chrome, Firefox, Internet Explorer, and Opera) and their add-ons and in the Java engine that is the basis for much web technology. The paid version extends this to other popular products and technologies including PDF files, media players, Microsoft office, etc.

I have been using MAEF because it provides a layer of protection that will supplement many antivirus products. The basis for much anti-virus protection is detecting known signatures whereas zero-day exploits have, by definition, no known signature so monitoring the behaviour of program code is a better way to detect new exploits that have not previously been detected.

I'm actually a low-risk Web user so I will be surprised if MAEF does detect anything. I would probably be better of using other products to harden my computer, Sandboxie and EMET are two good examples. But I am using MAEF because I wanted to see how it operates. Other products I have tried recently have been disappointing for not being unobtrusive (e.g. Kaspersky Software Updater) whereas MAEF's lack of visible effectiveness is reassuring given the excellent reputation of their other products. It also doesn't appear to use a lot of resources. Later in the year, I will probably give it a good run on my test system by comparing performance with and without MAEF running, and  going to websites with known exploits.

For those who aren't familiar with the terminology. Malwarebytes Anti-Exploit Free is designed to defeat exploits. An exploit is program code that has been written to make malicious use of design flaws and other vulnerabilities in computer systems so as to defeat your computer's security. The worst exploits are those that make use of flaws that are not known to the developer/vendor of the software. The vulnerabilities are unknown so the developer/vendor has no time to remedy the situation hence the use of the term zero-day.