Malware, Spyware, and Adware Protection

Remember when your home computer was just for gaming, checking social media, and watching cat videos? It wasn’t that long ago. But now that computer and its connection to the internet are vital to your work, your children’s schooling, and keeping in touch with the friends you can’t visit. It’d be a shame if something happened to that vital communications node. And that’s why you absolutely must make sure all your computers have the protection of a powerful, effective antivirus utility, one that’s active and up-to-date. If you’re not sure you have the right tool, or if you’re only just now getting protection installed, PCMag can help. We’ve put over 40 antivirus tools through thorough testing to help you pick the one that’s best for you.

We call it antivirus, but in truth it's unlikely you'll get hit with an actual computer virus. Malware these days is about making money, and there's no easy way to cash in on spreading a virus. Ransomware and data-stealing Trojans are much more common, as are bots that let the bot-herder rent out your computer for nefarious purposes. Modern antivirus utilities handle Trojans, rootkits, spyware, adware, ransomware, and more. PCMag has reviewed more than 40 different commercial antivirus utilities, and that's not even counting the many free antivirus tools. Out of that extensive field we've named four Editors' Choice products and honored several more with a four-star rating. If you have malware, one of the products listed in this article should take care of the problem.

Some nonstandard commercial antivirus utilities proved effective enough to earn an excellent four-star rating alongside their more traditional counterparts. VoodooSoft VoodooShield bases its protection on suppressing all unknown programs while the computer is in a vulnerable state, such as when it's connected to the internet, and also acts to detect known malware. The Kure resets the computer to a known safe state on every reboot, thereby eliminating any malware. These are interesting approaches, but not directly comparable with traditional antivirus tools.

You may notice that two listed products earned just 3.5 stars. Of the six current products rating 3.5 stars, only F-Secure and Trend Micro appear in reports from all four of the independent testing labs we follow. That distinction earned them a place in the list.

These commercial products offer protection beyond the antivirus built into Windows 10; the best free antivirus utilities also offer more than Windows does. However, Microsoft Windows Defender Security Center is looking better and better lately, with some very good scores from independent testing labs. The combination of good lab scores and a great score in our hands-on malware protection test was enough to bring it up to 3.5 stars. It doesn't appear in this roundup of commercial antivirus products, naturally.

Listen to the Antivirus Testing Labs

We take the results reported by independent antivirus testing labs very seriously. The simple fact that a company's product shows up in the results is a vote of confidence, of sorts. It means the lab considered the product significant, and the company felt the cost of testing was worthwhile. Of course, high scores in the tests are also important.

We follow four labs that regularly release detailed reports: SE Labs, AV-Test Institute, MRG-Effitas, and AV-Comparatives. We also note whether vendors have contracted with ICSA Labs and West Coast labs for certification. We've devised a system for aggregating their results to yield a rating from 0 to 10.

We Test Malware, Spyware, and Adware Defenses

We also subject every product to our own hands-on test of malware protection, in part to get a feeling for how the product works. Depending on how thoroughly the product prevents malware installation, it can earn up to 10 points for malware protection.

Our malware protection test necessarily uses the same set of samples for months. To check a product's handling of brand-new malware, we test each product using 100 extremely new malware-hosting URLs supplied by MRG-Effitas, noting what percentage of them it blocked. Products get equal credit for preventing all access to the malicious URL and for wiping out the malware during download.

Some products earn stellar ratings from the independent labs, yet don't fare as well in our hands-on tests. In such cases, we defer to the labs, as they bring significantly greater resources to their testing. Want to know more? You can dig in for a detailed description of how we test security software.

Multilayered Malware Protection

Antivirus products distinguish themselves by going beyond the basics of on-demand scanning and real-time malware protection. Some rate URLs that you visit or that show up in search results, using a red-yellow-green color-coding system. Some actively block processes on your system from connecting with known malware-hosting URLs or with fraudulent (phishing) pages.

Software has flaws, and sometimes those flaws affect your security. Prudent users keep Windows and all programs patched, fixing those flaws as soon as possible. The vulnerability scan offered by some antivirus products can verify that all necessary patches are present, and even apply any that are missing.

Spyware comes in many forms, from hidden programs that log your every keystroke to Trojans that masquerade as valid programs while mining your personal data. Any antivirus should handle spyware, along with all other types of malware, but some include specialized components devoted to spyware protection.

You expect an antivirus to identify and eliminate bad programs, and to leave good programs alone. What about unknowns, programs it can't identify as good or bad? Behavior-based detection can, in theory, protect you against malware that's so new researchers have never encountered it. However, this isn't always an unmixed blessing. It's not uncommon for behavioral detection systems to flag many innocuous behaviors performed by legitimate programs.

Whitelisting is another approach to the problem of unknown programs. A whitelist-based security system only allows known good programs to run. Unknowns are banned. This mode doesn't suit all situations, but it can be useful. Sandboxing lets unknown programs run, but it isolates them from full access to your system, so they can't do permanent harm. These various added layers serve to enhance your protection against malware.

Firewalls, Ransomware Protection, and More

Firewalls and spam filtering aren't common antivirus features, but some of our top products include them as bonus features. In fact, some of these antivirus products are more feature-packed than certain products sold as security suites.

Among the other bonus features you'll find are secure browsers for financial transactions, secure deletion of sensitive files, wiping traces of computer and browsing history, credit monitoring, virtual keyboard to foil keyloggers, cross-platform protection, and more. You'll even find products that enhance their automatic malware protection with the expertise of human security technicians. And of course, we've already mentioned sandboxing, vulnerability scanning, and application whitelisting.

We're seeing more and more antivirus products adding modules specifically designed for ransomware protection. Some work by preventing unauthorized changes to protected files. Others keep watch for suspicious behaviors that suggest malware. Some even aim to reverse the damage. Given the growth of this scourge, any added protection is beneficial.

Beyond Antivirus: VPN

Your antivirus utility works in the background to keep out any faint possibility of infestation by malware, but its abilities don't extend beyond the bounds of your computer. When you connect to the wild and wooly internet, you risk the possibility that your data could be compromised in transit. Sticking to HTTPS websites when possible can help, but for full protection of your data in transit you should install a Virtual Private Network, or VPN. This component is important enough that we're starting to see it as a bonus feature in some antivirus tools.

What's the Best Malware Protection?

Which antivirus should you choose? You have a wealth of options. Kaspersky Anti-Virus and Bitdefender Antivirus Plus routinely take perfect or near-perfect scores from the independent antivirus testing labs. A single subscription for McAfee AntiVirus Plus lets you install protection on all your Windows, Android, Mac OS, and iOS devices. And its unusual behavior-based detection technology means Webroot SecureAnywhere Antivirus is the tiniest antivirus around. We've named these four Editors' Choice for commercial antivirus, but they're not the only products worth consideration. Read the reviews of our top-rated products, and then make your own decision.

Editors' Note: We are aware of the allegations of Kaspersky Labs' inappropriate ties to the Russian government. Until we see some actual proof of these allegations, we will treat them as unproven, and continue to recommend Kaspersky's security products as long as their performance continues to merit our endorsement.