The 5 Best Antivirus (2023) // Comparison of September *

Summary

Norton has the best device, privacy, and identity protection. It has all the security features you need and a great price too.

• Malware protection: 100%. Norton averaged 6 out of 6 in the last 10 protection tests. It is excellent at detecting and removing malware.
• Speed impact: 100%. Norton averaged 6 out of 6 in the last 10 performance tests. It does not slow down your PC.
• Features: 100%. Norton offers anti-malware, anti-phishing, firewall, unlimited VPN, password manager, parental controls, and more.
• Price: 95%. Norton offers better value for money than all competitors, except for Kaspersky, which is slightly cheaper.

Discount: Temporarily save up to 70% 🔥

Summary

Bitdefender offers excellent protection and bonus features. However, it’s pricey if you want the VPN and password manager.

• Malware protection: 95%. Bitdefender averaged 5.95 out of 6 in the last 10 protection tests. It is excellent at removing malware.
• Speed impact: 100%. Bitdefender averaged 6 out of 6 in the last 10 performance tests. It does not slow down your PC.
• Features: 95%. It offers anti-malware, anti-phishing, firewall, parental controls, and more. But the VPN and password manager cost extra.
• Price: 75%. If you only want the antivirus, Bitdefender offers great value. But if you want all features, Norton offers a better deal.

Discount: Save 50% on this secret page

Summary

McAfee offers excellent device, privacy, and identity protection. However, some features are only available in the USA.

• Malware protection: 100%. McAfee averaged 6 out of 6 in the last 10 protection tests. It is excellent at detecting and removing malware.
• Speed impact: 85%. McAfee averaged 5.85 out of 6 in the last 10 performance tests. So it has a minimal impact on your PC’s speed.
• Features: 100%. McAfee offers anti-malware, anti-phishing, firewall, unlimited VPN, password manager, parental controls, and more.
• Price: 95%. McAfee offers better value for money than most competitors, except Kaspersky, which is slightly cheaper.

Discount: Save 70% on this secret page

Summary

Panda offers excellent protection and has flexible pricing. However, it’s expensive if you want the unlimited VPN.

• Malware protection: 99%. Panda averaged 99.9% in the malware protection tests. It is excellent at detecting and removing malware.
• Speed impact: 99%. Panda averaged 99% in the performance tests. So it has almost no impact on your PC’s speed.
• Features: 100%. Panda offers anti-malware, anti-phishing, firewall, unlimited VPN, password manager, parental controls, and more.
• Price: 75%. Panda offers the most flexible pricing of all brands. But, if you want all the security features, Norton is more affordable.

Discount: Save 50% on this secret page

Summary

Kaspersky has excellent protection at a low price. But the war in Ukraine raises concerns about its ties to the Russian government.

• Malware protection: 100%. Kaspersky averaged 6 out of 6 in the last 10 protection tests. It is excellent at removing malware.
• Speed impact: 100%. Kasperksy averaged 6 out of 6 in the last 10 performance tests. So it does not slow down your PC.
• Features: 100%. Kaspersky has anti-malware, anti-phishing, firewall, unlimited VPN, password manager, parental controls, and more.
• Price: 100%. Kaspersky Plus is the most affordable way to protect a Windows PC with all essential features, including an unlimited VPN.

Discount: Save up to 50%

Antivirus software buying guide

Below we cover a range of topics:

• What is antivirus software?
• How does antivirus software work?
• Do you need antivirus software?
• How do we test antivirus software?
• How to choose the best antivirus software?
• What cyber threats can antivirus protect you from?
• What cyber threats can antivirus not protect you from?
• What antivirus software have we tested?

Clicks the links to be taken to the one of your choice:

What is antivirus software?

Antivirus software, often referred to as anti-malware software, is a type of utility developed for detecting, preventing, and eliminating malicious software or “malware.” This includes viruses, which are a specific type of malware, along with other harmful threats such as worms, trojans, ransomware, spyware, and more.

This software forms a crucial part of a defense-in-depth strategy for cybersecurity, designed to provide protection at multiple layers. These tools offer real-time scanning of data as it arrives at your system, perform scheduled and on-demand system scans, and provide remediation services to remove or quarantine detected threats.

By doing this, antivirus software helps keep your devices safe from cyber threats, thereby securing your personal and sensitive information.

For more, read our blog post on what antivirus software is.

How does antivirus software work?

Antivirus software operates using a range of detection strategies to identify harmful threats. These methods usually incorporate signature-based detection, heuristic analysis, and behavior-based detection. Let’s explore each of these mechanisms in detail.

Signature-based detection

Signature-based detection is one of the oldest and most common methods used by antivirus software. It works by comparing files against a database of known malware signatures – essentially, unique pieces of code identified in previous malware samples.

When a file is scanned, the antivirus software searches for sequences of code that match these stored signatures. If a match is found, the file is flagged as malicious.

This method is highly effective against known threats but struggles with newly emerging malware, for which no signature exists yet. Therefore, antivirus vendors constantly update their signature databases to stay current with evolving threats.

Heuristic analysis

Heuristic analysis is a more sophisticated approach designed to detect new or modified malware that might evade signature-based detection. Instead of relying on known signatures, heuristic analysis looks at the structure and characteristics of a file to determine if it behaves like malware.

Heuristics can identify suspicious or abnormal behavior patterns, such as code that attempts to hide itself, manipulate other programs, or exploit system vulnerabilities. While this method is potent against previously unknown threats, it can sometimes result in false positives, where legitimate files are incorrectly marked as malicious.

Behavior-based detection

Behavior-based detection, also known as behavioral analysis, focuses on the actions and behaviors of programs rather than their code. This method monitors program activities in real-time, looking for behaviors typical of malware, like attempts to modify system settings, delete essential files, or monitor keystrokes.

If a program begins to act suspiciously, the antivirus software can block it immediately, potentially preventing an infection. This method can effectively tackle zero-day threats and ransomware, which are often missed by other detection techniques. However, as with heuristic analysis, behavior-based detection can also yield false positives.

For more, read our blog post on how antivirus software works.

Do you need antivirus software?

The question of whether you need antivirus software is one that invites varied opinions. However, looking at the current digital landscape, the argument favoring antivirus software becomes more compelling. Here’s why:

In an increasingly connected world, the risk of encountering malware, viruses, and other cyber threats grows exponentially. Every day, new forms of malware emerge, designed to infiltrate systems, steal personal data, or cause harm to software and hardware. And while built-in security features in modern operating systems have improved significantly, they often fail to counter advanced threats.

This is where the role of antivirus software becomes crucial. Antivirus programs offer a comprehensive security layer that goes beyond the capabilities of built-in protections. They employ advanced detection techniques, like heuristic and behavior-based analysis, to identify and block emerging threats that could otherwise bypass standard security measures. By providing real-time protection, antivirus software minimizes the risk of infection and shields sensitive data from cyber threats.

Additionally, antivirus software comes with features designed to improve your digital security further. This includes firewalls to monitor network traffic, VPNs for private browsing, password managers to secure your online accounts, and parental controls to ensure a safe online environment for kids.

Regular system scans conducted by antivirus software can also help optimize system performance. They can identify and remove unwanted software or ‘bloatware’ that may be slowing down your system.

However, it’s also important to remember that antivirus software is just one part of a holistic approach to online safety. It cannot substitute for responsible online behavior, such as avoiding suspicious links, regularly updating software, or using strong, unique passwords for online accounts.

In conclusion, while antivirus software might not be a foolproof solution to all digital threats, it serves as an essential protective layer in the fight against malware and cybercrime. Given the rapid evolution of online threats, the value of this additional layer of defense is hard to overstate.

For more, read our blog post on whether Windows 11 needs antivirus.

How do we test antivirus software?

When testing antivirus software, we apply a thorough and systematic methodology, which includes six factors, each with a different weighting:

• Anti-malware protection (30%)
• Security and privacy features (30%)
• Speed impact (10%)
• False positives (10%)
• Price (10%)
• Ownership and reputation (10%)

Each of these factors plays an essential role in our overall assessment of an antivirus software, thus enabling us to present a comprehensive, well-rounded review for our readers.

Anti-malware protection (30%)

When it comes to testing antivirus software, our process is comprehensive, rigorous, and designed to mimic the real-world threats that users face every day. Our approach is two-fold, encompassing both our own proprietary in-house tests and an analysis of independent test results from the respected AV-Test institute.

In-house testing

In our own in-house tests, we recreate the conditions under which a typical computer might come under attack. We expose the system, which is guarded by the antivirus software under test, to hundreds of malware samples. These malware samples are delivered via a USB drive to simulate threats from external storage devices, a common source of infections.

After introducing the malware, we check if the antivirus software’s malware scanner successfully identifies and eliminates each threat. This test is crucial in understanding the antivirus’s ability to detect and neutralize threats present in a system.

In a separate test, we conduct what we term as ‘active attacks.’ These involve running malware files and launching ransomware attacks on the system. Our aim here is to gauge the software’s real-time protection capabilities. We’re looking to see whether it can promptly identify and halt these attacks, thus safeguarding the system.

Analyzing AV-Test Results

In addition to our in-house tests, we also factor in results from the AV-Test institute. AV-Test is a highly reputable independent testing organization that evaluates antivirus software across multiple platforms, including Windows, Mac, and Android.

AV-Test scores antivirus software on three key parameters: Protection, Performance, and Usability. Protection assesses how well the software shields a system from malware attacks. Performance looks at the system slowdown caused by the antivirus, while Usability measures the frequency of false alarms and interruptions caused by the software.

By incorporating both our in-house tests and AV-Test’s comprehensive evaluations, we ensure our antivirus software reviews are as accurate, reliable, and thorough as possible. Our goal is to provide readers with a comprehensive view of the capabilities and potential shortcomings of each antivirus software.

Security and privacy features (30%)

When it comes to antivirus software, the range of security and privacy features is critical. These features contribute to a comprehensive defense strategy, bolstering the primary function of malware detection and removal. Here’s a breakdown of the major features we examine and how we go about testing them:

Web protection (anti-phishing)

Web protection is all about safeguarding you as you navigate the internet. Anti-phishing tools are especially important, as they help thwart attempts to steal sensitive information through deceitful websites or emails. We test this feature by attempting to visit known phishing sites or opening phishing emails to see whether the software alerts us to the danger.

Firewall

Firewalls monitor all incoming and outgoing network traffic and can block unauthorized access. We test this feature by attempting to access the protected system via different network protocols. The software should detect and block these attempted intrusions.

Password manager

Password managers securely store all your passwords, often with encryption, and can auto-fill forms when you log in. We assess the password manager by storing multiple passwords and checking how effectively and accurately it auto-fills login forms. We also examine how secure the encryption process is.

Virtual private network (VPN)

A VPN encrypts your internet connection, ensuring your online activities remain private and protecting you from snooping. To test a VPN, we evaluate the speed, encryption technology, server locations, privacy policies, and whether it effectively masks our IP address.

Parental controls

Parental controls allow parents to monitor and control their child’s internet usage. We evaluate these features by setting various restrictions and observing if they’re correctly enforced. We also assess how detailed and helpful the monitoring reports are.

Identity theft protection

This feature monitors personal information online to detect potential identity theft. We test it by checking how effectively it alerts us when our personal information appears in a risky context online, such as on data breach databases or the dark web.

Secure cloud storage (cloud backup)

Secure cloud storage provides an offsite backup for your valuable data, protecting it from local threats like ransomware or hardware failure. We test it by backing up and restoring various types of files, assessing both the ease of use and speed of the process.

Anti-ransomware

Anti-ransomware tools protect your files from being encrypted and held hostage by ransomware. We test this feature by running ransomware simulations and checking if the antivirus can detect and block them before any files get encrypted.

Dark web monitoring

Dark web monitoring services scour dark web forums and databases for your personal data, alerting you if it’s found. We test this feature by observing how promptly and accurately it alerts us when our information appears on the dark web.

Bonus features

An antivirus program can come with various entry-level functions, such as spam filters and secure browsers, and premium options like online storage with enhanced security. We consider the following bonus features worthy of your consideration:

• Ad Blocker
• Anti-theft
• Email protection
• File encryption
• File shredder
• Gaming mode
• Microphone protection
• PC maintenance features
• Secure browser (hardened browser to protect your online banking)
• Spam filter
• Startup optimizer
• Tune up tools
• Virtual keyboard
• Webcam protection

Speed impact (10%)

A vital aspect of antivirus software is the impact it has on a device’s performance. The most effective antivirus software offers robust protection without noticeably slowing down your device.

To evaluate this, we rely on the performance tests conducted by AV-Test, a reputable independent organization. These tests simulate everyday activities like launching programs, downloading and installing applications, copying files, and browsing websites while the antivirus software is running.

From these tests, we get a clear understanding of how each antivirus software might affect the performance of your device during daily use.

False positives (10%)

The term “false positive” refers to when antivirus software incorrectly identifies a harmless file or action as malicious. While it’s crucial that antivirus software is vigilant, too many false positives can be disruptive and lead to a user potentially overlooking a genuine threat.

To assess the frequency of false positives, we refer to the usability tests conducted by AV-Test. These tests monitor the antivirus software as it operates on a system, taking note of how often it mistakenly flags safe files or activities. A low rate of false positives is an indicator of a precise and reliable antivirus program.

Price (10%)

The cost of antivirus software is a key consideration. While protection is important, it’s also crucial to achieve good value for money. In our evaluation, we analyze the pricing structure of each product, bearing in mind that there can be significant differences between the first and second-year prices.

Some antivirus providers offer significant discounts for the first year, which can increase substantially in the following years. We present a transparent and comprehensive overview of these costs to help you make an informed decision.

Ownership and reputation (10%)

An antivirus company’s reputation and ownership are fundamental aspects to consider. After all, you are entrusting them with the security of your sensitive data.

Not all companies operate with the same level of transparency and respect for user privacy. For instance, Avast faced a significant scandal when it was discovered they were selling user data through a subsidiary called Jumpshot. This violation of trust significantly tarnished their reputation.

We take a close look at the ownership structure and past conduct of each company to provide a detailed perspective on their ethical standing in the industry. By examining these factors, we ensure that the recommended antivirus software comes from reliable and trustworthy sources.

For more, read our blog post on how we test antivirus software.

How to choose the best antivirus software?

Selecting the ideal antivirus software can feel like a daunting task, given the multitude of options available in the market. However, by focusing on a few critical aspects, you can make an informed decision that suits your specific needs and circumstances. Here are the primary considerations:

Reliable protection from malware

At the core of any antivirus software is its ability to reliably protect your devices from a wide variety of malware. This includes viruses, trojans, worms, ransomware, spyware, and more. An efficient antivirus solution will consistently detect and neutralize these threats. Checking independent test scores, like those provided by AV-Test, can provide a clear picture of an antivirus program’s efficacy against various types of malware.

Security updates

Cyber threats are continuously evolving, and new malware is being developed daily. To keep up with these threats, your antivirus software must offer regular and prompt security updates. These updates ensure that your antivirus software is equipped with the latest virus definitions and can protect against the newest threats.

Security features

In addition to basic malware protection, look for antivirus solutions that offer additional security features. These can include web protection (to guard against phishing attacks), a firewall (to monitor network traffic), a password manager (to safeguard your online credentials), a VPN (for anonymous browsing), and more. Choose a solution that offers the security features that best fit your requirements.

Performance impact

Even the most secure antivirus software is of little use if it significantly slows down your device. Look for software that offers robust protection with minimal impact on your device’s performance. Check the performance test scores provided by independent testing labs like AV-Test to understand the potential impact on your system.

Customer support

Even the most technologically adept users may sometimes need assistance with their antivirus software. Reliable and accessible customer support is essential. Look for antivirus providers that offer multiple support channels (like phone, email, live chat) and provide 24/7 assistance.

First-year and second price

Last but not least, consider the cost. While it’s important not to skimp on security, it’s also vital to ensure you’re getting good value for money. Look closely at the first-year and subsequent year prices, as they may differ substantially. Some providers offer a discounted introductory price that can increase dramatically in the second year. Understanding the long-term cost can help you make a more informed decision.

Operating system

If you have a specific operating system that you would like to protect, we probably have a dedicated antivirus comparison for it:

• The best antivirus of 2023 – For all OS.
• The best antivirus for Windows 11 – For Microsoft’s latest desktop OS.
• The best antivirus for macOS – For Apple’s desktop OS.
• The best antivirus for Android – For Google’s mobile OS.
• The best antivirus for iPhone – For Apple’s mobile OS.
• The best antivirus with a VPN – For both security and privacy.
• The best VPN providers – For a dedicated privacy solution.

Click the links to be taken to your comparison of choice.

What cyber threats can antivirus protect you from?

Antivirus software is a critical tool in your defense against various forms of cyber threats. While it’s important to note that no solution offers absolute protection, antivirus software can significantly reduce your risk from a vast range of harmful software or malicious activities. Let’s take a closer look at some of these threats:

Malware

Malware, short for malicious software, is a broad term that encompasses various types of harmful software. This includes viruses, trojans, worms, ransomware, spyware, and more. Malware typically aims to damage or disrupt computers, networks, or servers, or to gain unauthorized access to systems to steal, encrypt, or delete your data.

For more, read our blog post on malware or malware examples.

Adware

Adware is a type of software that automatically delivers unwanted and intrusive advertising material, such as pop-up ads, to a user’s computer or browser. While not always harmful in itself, adware can be incredibly annoying, disrupt your user experience, and sometimes come bundled with spyware, which can track your online activities.

For more, read our blog post on adware or adware examples.

Botnets

A botnet is a network of compromised computers, which are controlled by a third party and used to carry out coordinated functions. This might include spreading malware, launching Denial of Service (DoS) attacks, or sending spam emails. Antivirus software can detect and remove botnet malware before it takes control of your system.

For more, read our blog post on botnets or botnet examples.

Keyloggers

Keyloggers are a type of spyware that tracks and records your keystrokes. Cybercriminals can use this data to steal sensitive information, such as usernames, passwords, credit card numbers, and other confidential information. Antivirus solutions with anti-spyware capabilities can detect and eliminate keyloggers.

For more, read our blog post on keyloggers or keylogger types.

Ransomware

Ransomware is a type of malware that encrypts a user’s files or locks the computer, then demands a ransom to restore access. Antivirus software can help prevent ransomware infections by blocking the malware before it can encrypt files and by removing the malicious software.

For more, read our blog post on ransomware or ransomware examples.

Rootkits

Rootkits are a type of software designed to provide unauthorized access to a computer or an area of its software that would not otherwise be allowed (for example, to an administrator). They are hard to detect, as they can camouflage themselves as necessary parts of the operating system. Antivirus software with rootkit detection can uncover these threats.

For more, read our blog post on rootkits or rootkit examples.

Spyware

Spyware is software that secretly monitors and collects information about users without their knowledge or consent. It can gather a variety of information, such as internet surfing habits, and can interfere with user control of the computer in other ways. Antivirus software can help detect and remove spyware, keeping your data secure.

For more, read our blog post on spyware or spyware examples.

Trojans

Trojans are malicious programs that disguise themselves as legitimate software. Users are typically tricked into loading and executing Trojans on their systems, and once activated, cybercriminals can access your systems to steal sensitive data or harm your computer. Antivirus software can scan for and remove Trojans from your device.

For more, read our blog post on trojans or trojan examples.

Viruses

A computer virus is a type of malicious code that replicates by copying itself to other programs, computers, or files. Viruses can damage your system software, corrupt or delete your data, and spread to other computers via network connections or email. Antivirus software can prevent, detect, and remove viruses.

For more, read our blog post on viruses or virus examples.

Worms

Worms are a type of malware that can replicate and spread themselves to other computers over a network, without any user action. They can consume bandwidth or overload a system’s resources, slowing it down or causing it to crash. Antivirus software can help detect and eliminate worms, preventing their spread and the damage they can cause.

For more, read our blog post on worms or worm examples.

What cyber threats can antivirus not protect you from?

While antivirus software plays a vital role in securing your digital environment against various types of malware, it’s crucial to acknowledge its limitations.

There exist several cyber threats which an antivirus may not effectively protect against. These threats often revolve around tricking the user rather than directly exploiting system vulnerabilities, making human awareness and vigilance crucial. Here are some examples:

Phishing

Phishing is a type of online scam where cybercriminals impersonate legitimate organizations in emails, text messages, or other communication forms, aiming to trick individuals into providing sensitive data. This could include login credentials, credit card numbers, or social security numbers.

Antivirus software can sometimes detect phishing attempts if they involve known malicious websites or file attachments. However, they can’t fully protect against phishing because this threat primarily exploits human vulnerabilities rather than technical ones. Therefore, education about recognizing and avoiding phishing attempts is essential.

For more, read our blog post on phishing or phishing examples.

Online Scams

Similar to phishing, online scams often rely on deception and manipulation rather than malicious software. These can range from advanced fee scams, where you are promised a large sum of money in return for a small upfront payment, to romance scams, where the scammer forms a relationship with their victim to exploit them financially.

While antivirus software can block known scam websites, it can’t protect you from scams that occur via email, social media, or other platforms, or make judgments about the trustworthiness of online offers or relationships. This is where personal vigilance and internet safety knowledge become critical.

For more, read our blog post on online scams.

Social Engineering

Social engineering attacks exploit human psychology to trick users into revealing confidential information or performing actions that compromise security. These manipulative tactics can occur via phone, email, social media, or even in person. Examples include pretexting, baiting, and tailgating.

While antivirus software can offer some protection against malware that might be used in conjunction with social engineering, it can’t protect users from the manipulation tactics themselves. Once again, user awareness and education play a crucial role in defending against these threats.

For more, read our blog post on social engineering.

Zero-Day Exploits

Zero-day exploits are attacks that take advantage of a security vulnerability on the same day that the vulnerability becomes generally known. There are zero days between the time the vulnerability is discovered and the first attack. Since antivirus software relies on known threat signatures for detection, it often struggles to protect against zero-day exploits.

Some advanced antivirus solutions offer heuristic analysis and behavior-based detection techniques to catch such threats, but these methods are not always successful. To minimize the risk of zero-day exploits, regular software and system updates, along with a robust security infrastructure, are highly recommended.

For more, read our blog post on zero-day exploits.

What antivirus software have we tested?

We have tested 67 antivirus software companies, ranging from entry-level free antivirus programs, to mid-range paid antivirus software and full-featured internet security suites. Below is the list of the 20 most important brands:

• Avast
• AVG
• Avira
• Bitdefender Antivirus
• ESET
• F-Secure
• Intego
• Kaspersky
• MacKeeper
• Malwarebytes
• McAfee Antivirus
• Microsoft Defender (Windows Defender)
• Norton Antivirus
• Panda
• PC Matic
• Sophos
• TotalAV
• Trend Micro
• VIPRE
• Webroot

The best antivirus programs are Norton 360 Deluxe, Norton 360 Advanced, and Bitdefender Total Security. By comparison, the other antivirus software cost too much, offer less capable protection from malware threats, or have no unlimited VPN access.