What Are Viruses, Malware, and Ransomware?
We call it antivirus, but in truth, it’s unlikely you’ll get hit with an actual computer virus. Malware these days is about making money, and there’s no easy way to cash in on spreading a virus. Ransomware and data-stealing Trojans are much more common, as are bots that let the bot-herder rent out your computer for nefarious purposes. Modern antivirus utilities handle Trojans, rootkits, spyware, adware, ransomware, and more. As noted, PCMag has reviewed more than 40 different commercial antivirus utilities, not counting the many free antivirus tools we’ve looked at. We’ve named an Editors’ Choice antivirus app out of that extensive field and honored others with four-star or better ratings. One of the utilities listed in this article should address the problem if you have malware.
What About Windows Defender?
These commercial apps offer protection beyond the antivirus built into Windows. However, Microsoft Defender Antivirus is looking better and better lately, with some solid scores from independent testing labs. The combination of good lab scores and a great score in our hands-on malware protection test was enough to bring its rating up to 3.5 stars. As a free, built-in utility, however, we’re not including it in this roundup of commercial antivirus apps.
We Listen to the Antivirus Testing Labs
We take the results reported by independent antivirus testing labs seriously. The simple fact that a company’s antivirus shows up in the results is a vote of confidence, of sorts. It means the lab considered the program significant, and the company felt the cost of testing was worthwhile. Of course, high scores in the tests are also important.
We follow four labs that regularly release detailed reports: SE Labs, AV-Test Institute, MRG-Effitas, and AV-Comparatives. We’ve devised a system for aggregating their results to yield a rating from 0 to 10.
How We Test Malware, Spyware, and Adware Defenses
We also subject every antivirus app to our own hands-on test of malware protection, in part to get a feeling for how the app works. Depending on how thoroughly the antivirus prevents malware installation, it can earn up to 10 points for malware protection.
Our malware protection test necessarily uses the same set of samples for months. To check a program’s handling of brand-new malware, we test each antivirus using a large collection of extremely new malware-hosting URLs supplied by MRG-Effitas, noting what percentage of them it blocked. Apps get equal credit for preventing all access to the malicious URL and for wiping out the malware during download.
Some apps earn stellar ratings from the independent labs yet don’t fare as well in our hands-on tests. In such cases, we defer to the labs, as they bring significantly greater resources to their testing. Want to know more? You can dig in for a detailed description of how we test security software.
What’s the Best Antivirus for Malware Protection?
Antivirus utilities distinguish themselves by going beyond the basics of on-demand scanning and real-time malware protection. Some rate URLs that you visit or that show up in search results using a red-yellow-green color-coding system. Some actively block processes on your system from connecting with known malware-hosting URLs or with fraudulent (phishing) pages.
All software has flaws, and sometimes those flaws affect your security. Prudent users keep Windows and all programs patched, fixing those flaws as soon as possible. The vulnerability scan offered by some antivirus apps can verify all necessary patches are present and even apply any that are missing.
Spyware comes in many forms, from hidden programs that log your every keystroke to Trojans masquerading as valid programs while mining your data. Any antivirus should handle spyware, along with all other types of malware, but some include specialized components devoted to spyware protection.
You expect an antivirus to identify and eliminate bad programs and leave good programs alone. What about unknowns, programs your AV can’t identify as good or bad? Behavior-based detection can, in theory, protect you against malware, so new researchers have never encountered it. However, this isn’t always an unmixed blessing. It’s not uncommon for behavioral detection systems to flag many innocuous behaviors performed by legitimate programs.
Allowlisting is another approach to the problem of unknown programs. This type of security system only allows known good programs to run. Unknowns are banned. This mode doesn’t suit all situations, but it can be useful. Sandboxing lets unknown programs run, but it isolates them from full access to your system so they can’t do permanent harm. These various added layers serve to enhance your protection against malware.
Where Did Kaspersky Go?
Kaspersky Anti-Virus topped the antivirus lab testing charts for many years, garnering perfect or near-perfect scores. It has also held PCMag’s Editors’ Choice honor for countless years. It’s both attractive and effective. And it no longer appears in our list of best antivirus apps. Here’s why.
For years, Kaspersky has faced accusations and censure based on its Russian origins, though none of the allegations have come backed by hard evidence of malicious behavior. We at PCMag focused on the capabilities of the apps, not on the brouhaha around the company. However, the current war in Ukraine has raised the stakes. Governments and third parties have cut ties with Kaspersky. The FCC labeled Kaspersky a national security risk.
After consideration, we can no longer recommend you purchase Kaspersky security programs. We’ve left the reviews in place, with a warning, since they provide useful information. But, at least for now, we’re removing Kaspersky programs from our “Best of” lists.
What’s the Best Antivirus for Ransomware Protection and Firewalls?
Firewalls and spam filtering aren’t common antivirus features, but some of our top picks include them as bonuses. Some of these antivirus programs are even more feature-packed than certain security suites.
Among the other bonus features you’ll find are secure browsers for financial transactions, secure deletion of sensitive files, wiping traces of computer and browsing history, credit monitoring, virtual keyboards to foil keyloggers, cross-platform protection, and more. And, of course, we’ve already mentioned sandboxing, vulnerability scanning, and application allowlisting.
We’re seeing more and more antivirus apps adding modules specifically designed for ransomware protection. Some work by preventing unauthorized changes to protected files. Others keep watch for suspicious behaviors that suggest malware. Some even aim to reverse the damage. Given the growth of this scourge, any added protection is beneficial.
Beyond Antivirus: Install a VPN
Your antivirus utility works in the background to keep out any faint possibility of infestation by malware, but its abilities don’t extend beyond the bounds of your computer. When you connect to the wild and wooly internet, you risk the possibility your data could be compromised in transit. Sticking to HTTPS websites when possible can help, but for full protection of your data in transit, you should install a VPN (virtual private network). This component is important enough that we’re starting to see it as a bonus feature in some antivirus tools.
What Is the Best Antivirus?
Which antivirus should you choose? While you have a wealth of options, one stands out from the rest. Bitdefender Antivirus Plus routinely takes perfect scores from four independent antivirus testing labs, and it has more features than some security suites, among them password management, multi-layered ransomware protection, a hardened browser for online banking, and a secure deletion file shredder. We’ve named Bitdefender Editors’ Choice for commercial antivirus, but it’s not the only antivirus app worth consideration. Read the reviews of our top-rated programs, and then make your own decision.
I wrote my first story about the perils of SQL injection more than 20 years ago, and even demonstrated how anyone using a simple Google search could pull this off. Sadly, things haven’t changed. Unit42’s report found these two old chestnuts are still ranked in the top three most disclosed types of vulnerabilities in their report.
