Best Free Antivirus Software

  Read this article in Spanish
  Read this article in Chinese


To begin with let me say this: there is no best antivirus out there. Why do I say this? Any product that you take will behave differently against various virus samples since the AV engines and other components incorporated in them are of different technologies.

While one product might have higher detection ratio, another might have better malicious URL blocking or virtualization techniques, yet another might have lesser impact on system performance and so on.

Read more about Antivirus Engine and other related details at the end of this article.


Rated Products

Kaspersky Free Antivirus/ Kaspersky Security Cloud  

The paid security giant forays into free category and outsmarts its rivals

Our Rating: 
License: Free (Limited features)
  • Similar signatures & cloud features as its paid counterparts
  • Performance impact is decent on higher end systems
  • Strong behavioral blocker
  • Attractive GUI with no ads
  • Top-notch detection and always up-to-date
  • Thorough malware removal and disinfection process
  • Privacy policy (complies with GDPR)
  • Default settings cover most users
  • Bundles with Kaspersky VPN (can be uninstalled)
  • Fairly good web protection
  • Powerful exclusion settings (even for specific modules)
  • Extensive scan logs
  • Protection settings are locked with presets in Kaspersky Free Antivirus (KFA) [is available in Kaspersky Security Cloud]
  • Long but thorough system scans
  • Performance hit becomes worse on lower end systems
  • Slow update installation
Read full review...

Avast Free Antivirus  

The only antivirus with a fully customizable installer and selection of user preference components.

Our Rating: 
License: Free (Limited features)
  • Extremely light on the system with a modern and clean UI
  • The only antivirus with a fully customizable installer, selection of user preference components
  • Works best in hardened or lock-down mode, which blocks all unknown programs (medium-expert users only)
  • Top notch detection capability, many secondary components to offer variety to a wholesome software
  • Excellent malicious URL blocking, network protection, outdated software checking, integrated password manager, and comes with a rescue disk.
  • Deep screen technology that includes Sandbox and Safe machine components for protection
  • Bloated default setup, some ads and pop'ups
  • Account creation for further protection after a month
  • Lack of an anti-ransomware module, and Deepscreen disabled by default
  • Cloud reputation, Malware signatures and HIPS module needs improvement
  • Offers Google Chrome and various bloated secondary components during install [Choose custom install]
Read full review...

Comodo Internet Security Premium  

Provides a multi-layered protection scheme with HIPS, sandbox, antivirus and firewall.

Our Rating: 
License: Free (Limited features)
  • Feature-rich with lots of options for customization along with setting tolerance against prompts
  • Tweaked settings gives the best 0-day protection among the pack
  • Multi-layered protection scheme with HIPS, Sandbox, Antivirus and Firewall
  • Industry grade firewall with options for learning and behavioural blocker
  • Low on resources with various graphical skins available and a clean user interface
  • Painful for beginners to use it, not very newbie friendly 
  • Av-module is a bit weak especially the signature based detection
  • Auto-sandboxing happens for various legitimate files, troubles with FPS games
  • Too many tweaks needed for better protection
  • Buggy software and updates are released slow.
  • Chromodo browser, Yahoo search engine, custom DNS and Geek Buddy offered during default install. [Click customize installation during install]
Read full review...

Qihoo 360 Total Security  

This free antivirus is better than most commercial ones.

Our Rating: 
License: Free
  • Totally free, light on resources, extremely fast scan times and pre-configuration protection modes
  • Smooth running installer with no adware, pleasing UI and comes with many themes
  • Fast updates/fixes and excellent customer service with immediate replies
  • Great signatures with multiple engines and in-house cloud protection
  • Web protection addon, browsing locking, webcam, sandbox and usb protection modules
  • Online shopping protection, malicious URL protection and network threat blocking
  • Includes Glasswire Firewall and Windows patch-up components
  • Great detection rates, with very high zero day protection
  • Speedup and clean-up tools might not be for everyone (not present in Essentials version)
  • Bitdefender or Avira engines not enabled by default
  • Might encounter few false positives
  • PUP [Potentially Unwanted Programs] detection needs to improve
Read full review...

Avira Free Antivirus  

A free antivirus with high quality signatures, very fast updates and less false positives.

Our Rating: 
License: Free (Private/Educational use)
  • Pretty light on the system and runs smooth without system slow-downs
  • Clean ad-free GUI, Ad-free installer, No pop-ups or ads
  • High quality signatures, very fast updates, excellent detection on non-zero day threats
  • Deep file scans with very less false positives
  • Avira Protection Cloud makes for an excellent cloud engine
  • Browser safety Add-ons available for major browsers
  • Zero day protection (heuristic & behavioural shield) is very weak. 
  • Ineffective Browser launcher which is a memory hog (can be uninstalled)
  • Painful removal for detected files. Repeated scans from Luke Filewalker increases CPU & RAM usage. 
  • Multiple file exceptions needs to be added (real-time and on-demand)
  • No firewall/sandboxing/web shield technologies
Read full review...

Panda Free Antivirus  

Gives you antivirus protection with low memory and CPU usage, and collective intelligence cloud security.

Our Rating: 
License: Free (Private/Educational use)
  • Low memory & CPU usage thanks to cloud protection
  • Tiled UI with customizable interface and nicely rendered Settings interface
  • Collective intelligence cloud security - Downloading virus definitions is history
  • Good detection rates and behavioural analysis program
  • Fairly good web protection and hardware resource handling
  • Dependant on internet connection leading to weaker offline protection
  • Slow scanning speed, no fingerprinting (successive re-testing same files) and at times issues with virus removal
  • Not really light, performance impact in web browsing, installation and copying
  • Certain false positives despite the information available at cloud
  • Watch out for Panda security toolbar during install
Read full review...

Honorable Mention


Related Products and Links

How to make an antivirus engine

Other Articles By Chiron

Related Free Antivirus Software Articles

Related Security Articles


Antivirus Engine

It is used for Real Time malware protection of files and is the core component to scan data on your PC for detecting and removing malware from hard disk, memory, boot sectors, network drives, removable disks, or from external network traffic (internet).

  • How does an antivirus detect malware:

Firstly you got the signature-based detection which contains an offline database of known patterns of malware downloaded from the internet which can identify specific malware codes or family of malware. Then you have heuristic based detection that identifies pieces of code that are unlikely to be found in legitimate programs and hence is prone to false positives depending on the sensitivity of heuristics. Virtualization and sandboxing unpacks or executes unknown programs in an isolated secure environment so that their behaviour can be analysed and scanned using the antivirus engine. The latest one is cloud based detection that requires a reliable internet connection and sends the suspicious scanned file over the internet and the analysis is done by the vendors' machine running the cloud engine.

  • Scanning for viruses:

Most antiviruses include these basic scan types: On-demand scan/manual scan is initiated by the user from right click context menu or from within the software. On-access scan is initiated when the resource is being accessed like running an executable, copying files from external drives etc. Scheduled scan periodically ensures that the system is free from malware by setting the time and frequency for scanning. Startup scan/quick scan checks most important locations like running processes, startup items, system memory and services, boot sectors and so on.

To be Continued in the next update....... Firewall, Proactive protection, Web protection components and more.



This software category is maintained by volunteer editor George.J. Registered members can contact the editor with any comments or questions they might have by clicking here.

Back to the top of the article.


Please rate this article: 

Your rating: None
Average: 4.3 (2219 votes)


Google Chrome and other popular software apps can also installed by the wrapped installers of other software so presumably you don't use any of these either? MC - Site Manager.

Wrapped installers are not the same as malware installing in the background. Google Chrome doesn't claim to be an antivirus program.

But you provide no details of what this "malware" is, where it might be obtained from, links to any of the "multiple sites" telling how to remove it, which processes were left running after the uninstall process on your system, in fact no concrete details about anything. MC - Site Manager.

You yourself posted a link of someone else who had it installed on their computer without their knowledge. A simple google search brings up multiple sites with similar stories and removal instructions. As for the processes left running, should I really be expected to remember the specific details from something multiple months ago?

amazing that I appear to be getting attacked just for relating my experience.

No one is being attacked here. If you search the various posts accurately you will see that this arrived as part of a bundled package so it did not get installed without user permission, rather, as is often the case, they just clicked yes, yes to everything during the installation of the other software and did not read the EULA beforehand. The fact some of the software bundles are from less than reputable sources is the reason why this became flagged as a PUP (potentially unwanted program) although both the software and the vendor are reputable enough. It is also worth mentioning that many of the "removal guides" for various software are themselves bogus such as these two (WOT (Web Of Trust) ratings links provided as the sites themselves are red rated). SpyHunter in particular is an infamous rogue and there are links to this all over the internet. As soon as one link goes red they set up a new domain. MC - Site Manager.

You may also find this of interest.

Certainly feels like being attacked. The post you linked to did not give any indication of being in a bundled package. I've seen other posts indicating similar. But gee thanks for the condescending link regarding bundled software.

Again, just relating my experience.

I've just uninstalled it with no problems at all. After the uninstall got a web page asking me why I had uninstalled and thanking me for trying it! Very polite :)

Hi, I have updated the article and we have a new top pick here. Any suggestions and feedback are most welcome. Good day readers!

Which one are you using George ?

Windows Defender mostly, but it's recommended only if you have sufficient computer knowledge and practice safe computing habits. On other's computers I install any one of the five.

Please, consider adding Lavasoft's Ad-Aware Free Antivirus to your review. Although I haven't installed on my PC yet, I saw some very good results detecting and blocking internet viruses and those nasty USB infections. Couldn't find a detailed review or a lab test, though. A good review from you, would help to make things clearer.

AV-Test is not very good, they don't do much testing or use many samples and only score out of 6, they don't offer reports or show you their testing methods.

AVB100 only tests for the most common 100 viruses in the wild (WITH NO FALSE POSITIVES) and believe me i would rather be told and find out myself if its fake than them one slip through.

AV-Comparatives is a whole kettle of fish, they are certified by ISO and EICAR (others aren't) that their test procedures are solid, they also write up multiple page reports on the tests, perform many tests in comparison to the others and also score properly aswell as doing lots of various testing using 100,000-200,000 infections per test (for File Detection Tests) then you have Real World Tests, Heuristics Tests, False Alarms Tests, Performance Tests, Malware Removal Tests, Anti-Phishing Tests, Parental Control Tests, Mac Security Reviews, Firewall Reviews, Linux Security Reviews, Mobile Security Reviews, Business Security reviews -> where else do you get all this in multi-paged PDF reports that also show their testing procedures.

as it stands the best Free Security in my opinion is Avira (FREE) along with Comodo Firewall (FREE) and WinPatrol (FREE) - nothings going to get past that lot...Avira may not have much too look at and its a shame that it gets 3/5 on here as its about protecting your so Avast looks pretty and has extra options, but it doesn't protect your PC more than Avira - Avira has constantly been top for the past year or 2 for detection, real world protection, performance and False Positives.

[Moderator's note: irrelevant content about commercial software edited out]

Where exactly are you drawing your data from because over the past year Panda Free has consistently outperformed Avira Free regarding protection. MC - Site Manager.

Regarding Panda, could someone clarify what this means - "it will auto-quarantine files which it believes to be dangerous"
When it does that to a file that I do not want quarantined -
- do I get a 'heads up'
- and is it easy to undo the quarantine ?
I am leaning heavily towards installing it in my main PC, depending on the answer to those questions

I had used Avast for years, but it was getting a bit wearing.
I tried another one a few months back. Can't recall the name, but it is well known, and gives us 1 year free.
None of my PCs are new'ish, and are a mixture XP and W7.
I find networking somewhat painful, mainly with W7 being too 'nanny'.
When I installed that 'what was it's name' antivirus, my networking got much worse.
After I uninstalled that 'what's it's name', my networking returned to it's slight PIA state.

I am currently running with no antivirus (3 weeks), whilst deciding what to go with.
I can reasonably get way with this, by being careful in emails (I always am), and using FF with NoScript.
All those minimalistic Chrome lovers out there that do not use 'FF + Noscript' are unwise (I tempered that a lot)

Although I do not think only Panda does that, restoring automatically quarantined files is as easy as clicking on the main inteface button on the top (the whole interface looks like the new Windows start Interface with the squares) and then clicking on the Quarantine's "View Details" button. There you will see all the quarantined items and you will be able to restore them. If the folder the files were does not exist anymore, it will move them to a "Lost and found" folder. If it can find the folder, restoring them will also tell Panda the files are harmless so it will not redetect them ever as malware.

Actually you can always go in settings and switch on the option for the antivirus to first ask you before neutralizing a harmful file.

I am sorry if I made it sound confusing, but I can assure you it will take seconds for you to restore your files.

I consider Panda one of the two best lightweight Antiviruses and suggest it to people that want an antivirus with options. For friends and users that just want an antivirus that will kill anything and they will never care to change settings, I suggest Bitdefender. It will brutally quarantine anything that it believes it is harmful, be it you like it or not.

Both of them though have the option for the user to easily open the quarantine and restore the file.

Thanks for taking the time to respond.
I will give Panda a go


Hi, am the new editor here. This article is pending a major update for the New Year, so it's not been updated yet. Chiron, our previous editor left so I've big shoes to fill in. Unlike our previous editor, my results wont be considering the accolades that antiviruses have been getting at independent lab tests because the authenticity of these tests cannot be confirmed, as they don't show you proof. So I'll be doing my own malware tests on a virtual machine to consider the overall effectiveness of antivirus software. 

That being said it's finally the users choice to choose what kind of protection that they need, because no matter what antiivrus software you use, it's a safe bet that you will be protected unless you are deliberately calling for trouble. 

Practise safe computing habits, and stay safe. 

--- George.J (Editor)

So are we to assume that one or all of the independent testers are lying or their methodology is somehow irrelevant to how I use my computer?

Maybe for instance you can explain how relying on AV-Test results is bad for me or other users?

I just hope we are not going down the YouTube track of chucking a bunch of URL's at something knowing that in a few minutes they will have disappeared and then ranking product protection qualities based on their detection?

It's also worth mentioning that a stack of malware can recognize when it is being launched in a virtual environment.
MC - Site Manager.

The above comment was not to say that the reports made by these labs are false, they are just unreliable. As for being authentic or not, all I can say is that One Man's Meat is Another Man's Poison. Everyone is entitled to their opinion about the tests but the more I see BitDefender and Kaspersky up at the top in the Performance section, when they are infact heavy on my hardware, leads me nowhere. Also the Real-World protection tests at labs are conducted with just 1600 samples (which any YouTube user can test with) that only represents a drop in an ocean filled in malware.  
Now coming to comparing these results, on a personal basis these tests can be judged reliable, if each independant laborotory adhered to these 3 factors: 1-having the same software configuration 2-having the same hardware configuration 3-having the same malware database. Then it makes sense to compare the tests indicating the various parameters like scan times/data rate which are influenced by hardware/software config. There are many other factors that determines the results like hardware paramters (compatibility, OS updated or not, softwares being used), disaster management (backups, virtualization), browsing habits, human factors (social engineering) and all these are pitted against the World Wide Web, a real-time library of viruses, different kinds of malware and zero day exploits. Moreoever the information about malware used in testing isn't mentioned, and hence with a reasonable expectation we can conclude that the tests are conducted on a different database with different results. I'd say to take these results with a grain of salt. 
It's likely the paperwork done by these labs can be tampered without any basis and add to that the reputation of a well known organization is also being involved. Nevertheless, in short the real-world test thats been conducted by ordinary users is considered far better because now we can see the overall strong points of the products and also the product is getting tested on a wide variety of different hardware/software/malware specifications. None of the Big shots like Kaspersky, BitDefender, Avira and others might be coincidentally consistent at the top due to these common tests at the labs, but who knows?
Which leads us to this, whether it be the independant tests or the standard video reviwes at Youtube, both should be taken with a grain of salt. Simply because every product has different technologies to capture malware, having a good detection in one test, doesn't mean it is great, because there are so many samples out there and with many more coming in a daily basis it's impossible to detect them all. IF one vendor comes first, the others who didn't might detect samples that the winner doesn't have in its database. 
If anyone wishes to test a security product it's important to know how different features works and start from there, leading up to the advantages and disadvantages. If Comodo may focus on behavioural analysis, ESET might focus on static (detect prior to execution) analysis. Now this if not taken into account in a proper way, it will simply make a product look bad when it's not, if it's actual strength is used as an advantage. Someone tests a security product and concludes that it's good in protecting the system. When an independant lab does this the results might be the opposite. Now we've the same statement being used in both ways. None of these tests will show if a product is really good or bad, cauz individual products react differently in different situations and across various samples. 
To conclude, the best way I can find is to test out different antivirus and finally decide which one is that you're most comfortable using. However we see it, no matter whoever these lab tests promote as winners, it doesn't mean they are the best- the real truth is that there is none.  We as an independant review site have our own ways to test our products, and not being influenced by the outside world. I rest my case. 
OK, so let's take the "opinion" part out of the equation otherwise we'll also end up disputing the news value of CNN v Fox but what about my question regarding testing in a virtual environment as opposed to a live machine connected to the real world internet? MC - Site Manager.
I agree that there have been various bugs that malware could manipulate to bypass virtual machines, but this least worries me in standard malware databases. I feel this is more on a corporate level probably, as a lot of game servers are run inside of virtual machines in large quantity. Now, if malware could be custom-designed to bypass lets say a VMware virtual machine on a Windows/Linux server, or possibly even Virtual Box on a Solaris and other systems but I doubt that would be the case. 
From the way I see it, there is a pyramid. This one goes from government made and developed malware and techniques down to consumer level. Business, Corporate etc. are in between. Business as in companies like the now extinct Blackhole create exploits and the various new ones that I don't really pay much attention to. 
I guess if you were downloading a fake crack over p2p sites, then that's actually calling for trouble and having a higher chance of being something dangerous than on a malware database, that's my opinion at least. 
My technical knowledge might be limited to understand the deeper aspects of all questions and finding answers to them, all I can do is a give an unbiased review and learn something new along the way. 

Trust online is something harder to get than it is in real life for sure. I am not paranoid myself when it comes to tests, but I never cared enough if one antivirus has 10 and the other 5 labs points. There are plenty sources that show more detailed tests, which feel more trustworthy, since there are details. Indeed though knowing what the test tool does is something that would help us, not so much understand, but see results as even more trustworthy.

For better or worse, some malware do not hide only in virtual environments, but also are able to hide in the system and stay inactive, waiting for a chance when for whatever reason the antivirus will not be active and sneak up on the user.

All antivirus tools have some misses and quite some of them have a good killing ability. I am not sure if Avira is still one of the best, but that one and Bitdefender seem to prefer to hit more false positives, so they they will miss less viruses, rather than being more lax and miss more viruses.

Of course nowadays, at least to me that I am an experienced user, antiviruses all feel the same to me. [Commercial product reference removed as per site rules]

With that said though, Antiviruses are not anymore the perfect shield. Users should definitely use a browser addon to add a first wall of protection, be it like me an adblocker or any other addon, that can block malware and afar from that use occasionally an antimalware solution.

Although this is not the "Best Free Spyware And Adware Remover" list, I wonder why in the current one tools like RKill, TDSSKiller, AdwCleaner and Junkware Removal Tool are not mentioned, at least in a "products that are worth mentioning" list.

What privacy concerns might there be with free antivirus software? What are these companies getting from me by offering their "free" services?

For any software that connects to the internet (most of them do) there are privacy concerns involved. Hence each software has a privacy policy. It's a general misconception that, in return for the free products offered by developers they are selling your personal information. Most antiviruses that offers you a free product normally has a paid version, so their free version promotes their paid-for product, so that these satisfied consumers can think about buying them. 

But this is mostly not necessary for home users, because basic protection provided by freeware antivirus is well and good for them. Add together a couple of other free security products you are rock-solid. Others who doesn't offer a paid for service, has other sources of revenue. 

I have been repairing computer systems since 1989 and if there is one thing I have observed, the antivirus tests run in labs are significantly different than what happens to users' computers. Basing a choice of anti-virus upon the results of lab tests shows the media wants to avoid assuming any liability - they blame it on someone else. What good is advice where no liability was assumed? There are some informed comments here and I appreciate those who offer such responses. It is obvious because they are not concerned about themselves, they express concerns for all of us. KUDOS to them.

I've been using Bitdefender Free for about 6 months now and while I'm an advanced [cautious] user, I've had no issues with it. It took a while to get used to just leaving it alone, as in the past I'd go in and tweak all the settings of my commercial antivirus.
As the author wrote, there's no conclusive evidence that the Bitdefender Free engine is the same as the paid, but it's pretty likely. One area that the free is much better than the paid is in usage of system resources. This is likely due to all the supplemental features the paid versions have. At idle, the Free version uses about 25 MB of memory as opposed to close to 250 MB for the paid Bitdefender AV Plus 2015. Consequently, the paid Bitdefender uses as much memory as McAfee! But I digress.
My point is, the free Bitdefender is a great product for either A) a total set it and forget it user like an elderly relative; or B) a power user who has trust in the product and who'd be able to tell if something were not right on their system.

Here's the simple, layered security setup I use on my Dell (every day) laptop:
1) Bitdefender Free A/V - set & forget
2) Windows Firewall - set & f9rget
3) Mcafee Web Advisor (aka Site Advisor) - for supplemental URL blocking and search engine result ratings (Mcafee has the best product in this category IMO, by far - far better than Bitdefender "Traffic Light" )
4) Malwarebytes Free - manual scan every 2-3 weeks

Dates for the current Bitdefender Free filters/drivers:
avchv.sys System Driver BitDefender AntiVirus Active Virus Control Hypervisor driver BitDefender AVC 02/11/2012 13:17:46
avc3.sys System Driver Active Virus Control filter driver BitDefender AVC 17/04/2013 14:59:56
avckf.sys System Driver Active Virus Control Kernel Filtering driver BitDefender AVC 17/04/2013 14:59:58
gzflt.sys System Driver BitDefender Gonzales FileSystem Driver BitDefender Gonzales 22/04/2013 13:21:00
trufos.sys Dynamic Link Library Trufos Kernel Module BitDefender Antivirus 28/05/2013 12:12:19

I'd be very surprised if the Bitdefender paid versions used drivers as old as those.

Most of these are free for only personal use. Which of these are free for small businesses?

Comodo and Microsoft Security Essentials (limited) is free for Business use. Whereas Panda is free for non-profit organizations.