Rating free antivirus software

Topic

New Reply

Many people use free antivirus software, so I thought a review of the more popular products might be helpful. These are ranked by highest to lowest user scores from various websites that compile those scores, such as cnet, softpedia, fileforum, etc. Such a ranking is based on usability since most users have no way to properly test antivirus capability, and thus the reason for the editorial comments. The sample size for these compiled scores range from hundreds of users to tens of thousands. Editorial comments are from testing by PC Magazine, MaximumPC, Consumer Reports, etc. User scores and editorial comments were, for the most part, from the past year. All have real-time protection and automatic updates, unless otherwise stated. Blocking refers to real-time protection; detection and removal refers to cleaning an infected computer.

1. avast! Free Antivirus (http://www.avast.com/free-antivirus-download): Average malware blocking. Above average malware detection and malware removal. Did not completely clean up some malware detected. Scan may not finish without user interaction.

2. Malwarebytes Anti-Malware Free (http://www.malwarebytes.org/products/malwarebytes_free): No real-time protection. Very fast scan. Below average malware detection – especially rootkits. Above average removal of most malware types. Some rootkits still running after alleged removal.

3. Spybot – Search & Destroy (http://www.safer-networking.org/en/home/index.html): Tendency to lock up at times. Several errors during install process. Produces errors by flagging false positives. Manual definition file updates.

4. SpywareBlaster (http://www.javacoolsoftware.com): Most useful with Internet Explorer. Above average spyware blocking. No spyware detection or removal capability. May occasionally block access to legitimate websites. Manual definition file updates.

5. Microsoft Security Essentials (http://windows.microsoft.com/en-US/windows/products/security-essentials): Simple to use. Average malware blocking, detection, and removal. Left some malware installed after alleged removal. Full scan is slow.

6. Avira Free Antivirus (http://www.avira.com/en/avira-free-antivirus): Above average malware blocking, detection, and removal. Did not completely clean up some malware detected. Below average against rootkits. Erroneously identified a utility as malware. Persistent nagging to buy the pay version. Poor Help function.

7. AVG Anti-Virus Free (http://free.avg.com/us-en/homepage): Fast scan. Above average malware blocking, detection, and removal. Did not completely clean up some malware detected. Easy access to Help function. Rootkit scan is separate scan.

8. SUPERAntiSpyware (http://www.superantispyware.com): No real-time protection. Fast scan. Repairs security settings changed by malware. Below average malware detection and removal – especially rootkits. Left some malware installed after alleged removal. Manual definition file updates.

9. ClamWin Free Antivirus (http://www.clamwin.com) Open-source antivirus software. No real-time protection. Below average malware detection and removal. Scan is slow.

10. Panda Cloud Antivirus Free (http://www.cloudantivirus.com/en/download/cloud-antivirus/free): Simple to use. Minimal system impact. Below average malware blocking and removal – especially rootkits. Above average malware detection.

11. Immunet Free Antivirus (http://www.immunet.com/free/index.html) Cloud-based protection. Fast scan. Below average malware blocking, detection, and removal. Failed rootkit removal test. Intended as a complement to existing antivirus software, not as a replacement.

12. Comodo Antivirus (http://www.comodo.com): Above average malware blocking. Below average malware detection and removal – especially rootkits. Sandbox technology may prevent valid programs from installing or running correctly. Many alarming and confusing popups.

13. Windows Malicious Software Removal Tool (http://www.microsoft.com/security/pc-security/malware-removal.aspx) Included in the monthly Windows Update from Microsoft. Checks for specific, prevalent malware and helps remove any found. Intended as a complement to existing antivirus software, not as a replacement.

14. Ad-Aware Free (http://www.lavasoft.com/products/ad_aware_free.php): Simple to use. Scans quickly. Above average malware blocking, detection, and removal. Did not completely clean up some malware detected. Performance based annoyances.

15. PC Tools Antivirus Free (http://free.pctools.com/free-antivirus/download/): Below average malware blocking. Average worm detection and malware infection cleanup. Does not detect spyware.

16. Windows Systernals RootkitRevealer (http://technet.microsoft.com/en-us/sysinternals/bb897445) No real-time protection. Above average detection of rootkits, but does not remove them. User must review results and determine which is a rootkit and which is not. Manual updates.

17. Agnitum Outpost Security Suite Free (http://free.agnitum.com/): Below average malware blocking. Above average malware detection and removal. Erroneously identified a utility as malware.

Reply | Quote

Replies

Many of these are not AV apps per say, they are AM apps. There is a difference with these type apps. 2,3,4,8,11 are Anti Malware apps. The remaining are AV apps or suites that include both AV and AM components.

Reply | Quote

Many of these are not AV apps per say, they are AM apps. There is a difference with these type apps. 2,3,4,8,11 are Anti Malware apps. The remaining are AV apps or suites that include both AV and AM components.

Ted, with the utmost respect, I think your differentiation between AM and AV is a thing of the past from when the separation between virus and spyware removal was distinct. For example do you truly believe that Malwarebytes does not remove viruses? I would be very surprised if that’s the case. It’s my go-to tool when cleaning other people’s hard drives. Removes stuff that Norton and AVG leaves behind.

Reply | Quote

As Ted said not all are really anti-virus tools, but thanks for compiling the list with the brief comments and links. This would be a good starting point for someone to evaluate several options.

Joe

--Joe

Reply | Quote

I’d also be careful copying information from web sites and publishing without permission or giving proper credit.

Copyright lawyers don’t come cheap.

Reply | Quote

Malwarebytes removes malware but is not an Anti Virus program such as MSE is an Anti Virus program. Java Cools Spyware Blaster is also not an Anti Virus program, nor is Super Anti-spyware. I use the these three malware programs in conjunction with my Microsoft Security Essentials Anti Virus program. This I feel gives me a very safe machine. Since 1993 I have used various programs for AV and Malware to prevent getting infected, I have been attacked (it was caught and removed) but never infected!!!

Reply | Quote

Malwarebytes removes malware but is not an Anti Virus program such as MSE is an Anti Virus program.

Perhaps what you meant to say was, Malwarebytes (in the free edition) is not real-time protection. It is indeed a highly regarded anti-virus, but in the free to download version, not actively running all the time i.e. scan by request only.

Reply | Quote

…differentiation between AM and AV is a thing of the past…

It’s an interesting debate. Working with many lay people in the field, there is very little differentiation between Trojans, Spyware, Rootkits, Scareware, or Viruses. Users invariably refer to them as Viruses. However, they are very different things and the real nature of the beast is important as it directly affects the clean-up process.

For what it’s worth, this is the kind of non-technical description I try to walk users through:
[INDENT]

[*]Malware – a general term for malicious software, which includes all the following nasties.
[*]Virus – Malware that is capable of self replication. Sometimes it requires user interaction, other times not. Viruses are in fact less prevalent now than when in their heyday as AntiVirus software is quite effective and there is little monetary return for delivering a virus. In their heyday, they were destructive tools written to perform damage to user data. Although much less prevalent now, an example of a recent high-profile virus is Stuxnet which self-replicated to attack specific embedded systems componements used un the Iranian nuclear industry.
[*]Trojan – like the wooden horse of Troy, outwardly it is a benign gift, inside however their lurks something rather nasty that will attempt to introduce Malware of one sort or another. Often the Trojan will come wrapped in a small downloaded application that gives additional functionality for example smillies, or animated desktops or videos etc..
[*]Spyware – a piece of software that will attempt to steal sensitive user data such as logon credentials or banking details. Spyware is by its very nature highly stealthy and attempts to hide deep in the system undetected. It does not advertise itself by plaguing the user with pop-up messages or other overt indications of activity.
[*]Rootkit – a Highly stealthy delivery mechanism that acts as a wrapper for many of the above. It uses elevated privileges to embed itself in the boot sector of the hard drive, or inject itself into critical Windows processes. As far as many anti-virus tools are concerned, a rootkit can disappear until it is triggered to deliver a payload.
[*]Scareware – an increasing trend of malware that attemtps to fool the user into thinking they are infected by a particularly insipid form of attack. Often implying that the machine is infected by dozens of infections, it is attempting to scare the user into paying the tool to fix the issue. The tool will then attempt to steal the users financial data as well as potentially installing further infections. Some Scareware has been known to hide user data in an attempt to make the victim think that their data has been destroyed.

Most often the victim has been subject to a multipartite attack: perhaps a Rootkit or Trojan has been injected through vulnerabilities in 3rd party applications. The Rootkit or Trojan then drops a Spyware or Scareware infection onto the machine. In these cases, cleaning the Spyware or Scareware will do nothing to clean the root cause which will return undaunted.[/INDENT]

Of course the above description may not stand up to the full rigors of a technical analysis, but it serves to differentiate between various types of malware.

With the bullet points in mind, I now firmly believe that a layered approach to anti-malware is the best. I know a lot of lurkers here in the Lounge also subscribe to such an approach. In particular, a recent personal research project convinced me of the benefits of using a HIPS based firewall as well as Anti-Malware. For my own use therefore, I use MSE and Online Armour

Reply | Quote

Scareware – an increasing trend of malware that attemtps to fool the user into thinking they are infected by a particularly insipid form of attack.

I suggest correction to invidious

Reply | Quote

I suggest correction to invidious

Quite correct.

The important aspect of Scareware is that it’s sole purpose is to defraud the victim.

Reply | Quote

T.T.

Very nicely put! :cheers:

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

Reply | Quote

Of the 17 products on the list, 13 are antivirus products. The exceptions are Spybot – Search & Destroy, SpywareBlaster, and SuperAntiSpyware, which I included simply because of their ubiquitous use, and Windows Systernals RootkitRevealer. The remaining 13 products are really antimalware software which can, theoretically, handle any malicious program, but there is confusion over the words antivirus and malware because they are often erroneously used interchangeably. Also, some of these products have old brand names or trademarks that don’t reflect the evolution of threats, so just reading the name of the product doesn’t always tell you what it’s really capable of doing. Formally, the word malware includes viruses, worms, trojans, spyware, adware, rootkits, or any other malicious program. To fully understand each product, you have to go to its website and read the details, but even there you may find some confusion, too, as software publishers themselves don’t always use correct terminology.

When I first posted this list a month ago, the comments were extracted from bullet points from professional reviews. Since then, I realized that wasn’t the best way to handle that, so I went back and thoroughly read each professional review and revised the comments accordingly and reposted the list. The revised list has some additional product listings and I removed comments about pay versions to keep this focused on free. During the revision process I discovered the comments for Spybot – Search & Destroy were for two different versions (1.5 and 1.6), so I deleted the comments related to the older version. I apologize for the error. I put forth quite an effort to find more recent professional testing of Spybot – Search & Destroy, but there doesn’t appear to be anything of significance since 2009. There seems to be little interest among professional reviewers in covering any software that is strictly antispyware because all the leading antivirus products now include spyware protection, so separate antispyware isn’t necessary. Since 2008, PC Magazine did over 60 reviews of antivirus software, but only two reviews of antispyware, so that gives you a clue of how little significance they place on antispyware. In fact, some products that were previously only antispyware have even added an antivirus component to make themselves relevant.

Reply | Quote

As a working computer tech, who has to protect hundreds of PC’s, I need to give my customers some programs that are not going to nickel and dime them to death.
The Security Software I use must first be FREE and secondly it must do what it says it will do.

I see many inaccuracies and falsehoods in the total list in post #1. I don’t blame the OP, but the source of the info.

In this post, I’d like to address just one (or two) of the programs mentioned. OK?

For many years and several new versions, I’ve run Spybot Search & Destroy on my own PC’s and I’ve installed it on every one of my Customer’s PC’s.
* It only runs, when you run it. It cannot load down your CPU because it does not run in the background, like a TSR or Service.
** DO NOT let the “Tea Timer” load during the install process. It’s been known to drive users CRAZY! :rolleyes:

So to date, I’ve installed it several hundred times, at least.
It was apparently written by an engineer for engineers and not for casual users.
The setup alone is VERY specific, if you’re ever going to get the best out of the program.

After several years and after setting up my own web site, where I list all my favorite Security Software,
I realized that to advise people to use Spybot S&D, I also needed to tell them how to set it up.
Ergo, my Spybot S&D setup instructions on my web site.
You would need to download and print out the instruction sheet, before ever even starting the install.

As for the comment about problems with the setup or operation of the program, that is something I’ve NEVER seen.
The program is safe, efficient and very stable, on all platforms. I’m even running it on Windows 8/DP and it’s running great.

They also have a portable version, for tech’s or IT specialists. It can be run and even get its updates right from a Flash Drive.
If there is any downside to the program, it’s that it has to be run by hand. There are virtually NO automatic functions.
Weekly, on Wednesday when the updates are posted, the user needs to open the program, get the updates, then run the Immunization app and then run a scan. It’s a three step process. It posts it’s thousands of Immunizations to either I.E. or Firefox.
Every customer of mine, gets a full sheet of instructions, on how to do the above three step process, once a week.
I won’t post that here, but I’ll gladly share it with anyone who wants it, via PM or email.

The Doctor

PS: Spyware Blaster is not a spyware removal program…..it has no scan or removal function. It’s essentially a “Blocker” that performs an Immunization function to your Browsers, much like the Immunization app in Spybot S&D. Just get updates once a week, and that’s it. Just make sure that all downloaded Immunizations are applied.
It does make a good partner for Spybot S&D. I never install one, without the other.

Reply | Quote

Dr. Who noted his website and the detailed installation instructions he wrote for Spybot Search & Destroy. Is the doctor willing to share this with the rest of us? I did a Google search for his web site but had no luck.

Reply | Quote

With his permission DrWho

Reply | Quote

I suggest looking at Immunet AV (free or paid) which can run along side other AV programs thus adding extra protection. It has “real time” and scan capabilities.

Available from http://www.immunet.com/free/index.html

Reply | Quote

Just as a note, the main knock against Anti-Vir (its persistent nag screen) can be eliminated simply by telling your firewall not to allow avnotify.exe to run or otherwise disabling it (e.g., via changing its permissions). I’ve been doing so for the past half-dozen years or so and found no noticeable side-effects (and Anti-Vir is fast, provides great detection, and is light on use of system resources).

Reply | Quote

Just as a note, the main knock against Anti-Vir (its persistent nag screen) can be eliminated simply by telling your firewall not to allow avnotify.exe to run or otherwise disabling it (e.g., via changing its permissions). I’ve been doing so for the past half-dozen years or so and found no noticeable side-effects (and Anti-Vir is fast, provides great detection, and is light on use of system resources).

Thanks for the tip. Another knock is the poor Help function, but a complete User Manual can be downloaded here: http://www.avira.com/en/support-documents-download/63/documents/products/pdf/en/man_avira_free_antivirus_en.pdf

Reply | Quote