This posting will discuss which of the following three programs deserves the title of “best freeware antivirus program”: Avira Antivir, Avast, or AVG.
My conclusion: all three are very worthy contenders that can hold their own or surpass any heavyweight for-pay antivirus; however Anitvir and Avast are definitely in the first tier, while AVG is a close second tier.
There’s been a vigorous debate going on in the little “cbox” message box (in the sidebar) over which freeware antivirus program is best.
This posting will explore this issue more closely. The objective is to go beyond the ubiquitous “I have used program x for y years now and it has kept me completely virus free” to a more substantial comparison.
The findings presented here are not my original work but come from a single source: AV-comparative.org’s antivirus comparison tests conduced in Nov 2008 (test #20) and Feb 2009 (test #21), which are the latest as of this writing. It is somewhat difficult to reference these as sources because the av-comparatives site disallows direct linking to the test results and requests that all links be to its root domain (presumably because new tests are always published and they do not want links to results that may be obsolete).
The choice of programs: Antivir, Avast and AVG are the most used and most well known freeware antivirus programs, and I use or have used all three for long periods of time. They are also most likely the top three best freeware antivirus programs. The reason I am not expanding this discussion to other programs is because it is much easier to limit the scope to software tested in AV-comparative.org’s tests, where there are hard numbers to back up any claims. Having said that I would have personally liked the addition of at least two more: Comodo Antivirus and Rising Antivirus(both of which have a lot of fans).
By way of comparison and to provide some perspective I will also include some of the numbers for two of the best paid antivirus programs: Kaspersky and ESET NOD32.
Summary of findings: Antivir and Avast and both have excellent and comparable detection rates. Not only are these on par with the best commercial program, Antivir in fact has the best detection of any program free or paid according to AV-comparatives.org’s numbers. AVG, however, lags behind the other two somewhat in that area (although it is still by all means an excellent program). Antivir has what seems to be a significant advantage in terms of predictive, behavioral-based “heuristic” detection (for brand new threats that are so new they have not yet been added to the antivirus program’s database).
Where AVG has a good advantage is in the number of false positives (lower than both Antivir and Avast, both of which exhibit comparable numbers of false positives). However, AVG scores another strike against it in terms of its scanning speed, which is significantly slower than the other two.
The freeware version of Antivir displays an advertisement on every update, which is rather undesirable; however, this can be easily disabled (look here, here, or here). It also “does not support email scanning”; however, this is also a non-issue in my opinion, a red-herring designed to scare less tech-savvy users into purchasing the paid version. The reason I say this is a non-issue is because although Antivir may not scan your email for virus as it downloads, it will still protect you from it afterwards, not just during normal scans as it will also intercept it once it is on-disk and/or if and when it tries to act up. In fact email scanning as such may be completely redundant and a waste of time; see this article for more info.
Antivir is my favorite freeware antivirus. It is best in terms of performance and, with the recent addition of an antispyware component it has become even more desirable. However, if asked to recommend a freeware antivirus Antivir comes with too many caveats and explanations (the nag screen, the email scanning (non)issue). It is easier to recommend Avast, as it provides comparable protection and performance, and is an excellent product.
AVG is my third choice. It also provides excellent protection and has the edge with respect to the least number of false positives, but its performance and detection rates lag behind the other two.
The numbers (and other issues considered):
- Detection Rate / on-demand scans
- Detecton Rate / predictive “heuristic” detection
- Number of false positives
- On-demand scanning speed
- Versions tested
- Links and downloads
1. Detection Rate / on-demand scans: this data comes from AV-comparative.org’s Feb 2009 test (#21). The programs tested were subjected to 1,274,928 instances of malicious code collected between Apr 04-Apr 08. The reason: any malware collected prior to this is considered fairly well known by now
- Avira Antivir: 99.7% detection rate
- Avast: 98.2%
- AVG: 93.0%
- Kaspersky (*): 97.1%
- ESET NOD32 (*): 97.6%
* Note: no free version of these offered. They are listed here to give ’perspective’.
The data seems to show that overall the detection rates are very similar (the differences are unlikely to be meaningful), with the exception of AVG which has a somewhat lower rate of detection than the others.
2. Detection Rate / predictive “heuristic” detection: this measures the program’s ability to detect new threats (based on their behavior), before they becomes known and are included in the program’s updates. The data in this section comes from AV-comparative.org’s NOV 2008 test (#20). The programs tested were subjected to 45,831 “new” instances of malicious code collected between Aug 4th-31st 2008 (4 weeks in total).
- Avira Antivir: 71% (over 1 week), 67% (over 4 weeks)
- Avast: 40% (over 1 week), 39% (over 4 weeks)
- AVG: 43% (over 1 week), 40% (over 4 weeks)
- Kaspersky(*): 71% (over 1 week), 60% (over 4 weeks)
- ESET NOD32(*): 54% (over 1 week), 51% (over 4 weeks)
The results above seem to show that when handling yet unknown threats (malicious code that is so brand new that it has not been added to the program’s database), Antivir and Kaspersky have an advantage over the others.
3. Number of false positives : false positives can be as much of a problem (or even more) than undetected malware, in that deleting innocent files can cause unpredictable errors and problems. This data comes from AV-comparative.org’s Feb 2009 test (#21).
- Avira Antivir: 24
- Avast: 28
- AVG: 17
- Kaspersky (*): 14
- ESET NOD32 (*): 13
Interestingly, Avast and Antivir have significantly higher false positives than the two paid programs, with AVG having the lowest number of false positives of all three freeware antivirus programs.
4. On demand scanning speed : this data comes from AV-comparative.org’s Feb 2009 test (#21). The throughput rate is in MB/sec.
- Avira Antivir: 13.6 MB/sec
- Avast: 15.4 MB/sec
- AVG: 6.8 MB/sec
- Kaspersky (*): 13.3 MB/sec
- ESET NOD32 (*): 13.2 MB/sec
On this metric AVG significantly lags behind the others, who are otherwise very similar, with Avast having a slight overall advantage.
5. Versions tested: note that the versions tested were the paid versions. I am assuming that the basic engine is the same in the free version as well, and that the results apply there. For Antivir, the freeware version is different in that it does not perform email scanning and displays a nag screen, but these have already been addressed above. Also, as of this writing the newer version of Antivir includes an antispyware component.
- Avira Antivir: 8.2.0.374 (test 21), 8.1.0.362 (test 20)
- Avast: 4.8.1335 (test 21), 4.8.1229 (test 20)
- AVG: 8.0.234 (test 21), 8.0.156 (test 20)
- Kaspersky (*): 8.0.0.506a (test 21), 8.0.0.454 (test 20)
- ESET NOD32 (*): 3.0.684.0 (test 21), 3.0.669.0 (test 20)
6. Links and downloads: go to the respective program pages to download the latest version. Note that the freeware versions are for single computer home use. License(s) required for commercial use.
- Avira Antivir free: see my Mar 2007 review of Antivir here.
- Avast free: free registration required
- AVG free.
