AV Test's October 2017 ranking: surprise at the top

Martin Brinkmann
Nov 29, 2017
Antivirus, Security

German independent IT security institute AV Test released its Windows home user antivirus ranking for October 2017 recently.

The institute tests antivirus solutions regularly, and tests the protective capabilities, performance, and usability of each program.

A few programs share the top spot usually, and some more get the "top product" award. Kaspersky Internet Security is usually the top placed program in the test. Other antivirus solutions that get recommendations regularly are BitDefender Internet Security, Avira Antivirus Pro, Norton Internet Security or Trend Micro Internet Security.

av-test ahnlab

The October 2017 ranking holds a surprise, as Kasperky's Internet Security product shared the first place with AhnLab's V3 Internet Security program for Windows. Both got a perfect 18/18 rating; the only two programs in the test that achieved that.

Kaspersky still got the edge with its 100% detection rating (opposed to 99.9% for AhnLab's product), and zero false positives (opposed to 1).

AhnLab managed to improve the company's program throughout the course of the past year. If you check results from previous test runs by AV Test, you will notice that it fared really well already, but that performance, protection and usability scores were not perfect back in 2016. This improved with every release, and it appears that the company struck gold finally.

AhnLab, Inc is a South Korean company that was founded back in 1995.  It seems difficulty to purchase the product in many countries around the world though. Amazon does not carry it for instance.

AV Comparatives, another organization that tests antivirus and security solutions, did not include Ahnlab's V3 Internet Security product in any of its tests.

Avira's Antivirus Pro, BitDefender Internet Security, McAfee Internet Security and Norten Security were awarded with the top product award as well.

Windows Defender, the built-in Windows antivirus solution did not perform as well as in previous months. Its protection test score dropped by half a point to 5/6, and performance and usability ranked 5/6 and 4/6 respectively.

While that did not make it the worst rated product in the test, this honor goes to Qihoo 360 Total Security (Default Engine) with a protective rating of 1/6, only three products in total got worse protective ratings than Windows Defender.

Closing Words

While AhnLab's rating is commendable, its availability is not really, at least not in many countries around the world.

Now You: Which antivirus solution do you use, and why?

AV Test's October 2017 ranking: surprise at the top
Article Name
AV Test's October 2017 ranking: surprise at the top
German independent IT security institute AV Test released its Windows home user antivirus ranking for October 2017 recently.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Quix said on December 3, 2017 at 8:53 pm

    No one has mentioned RogueKiller, but I would not be without it (paid version).
    Only downside is NO real time protection, but the positives make up for it.
    Excellent detection capability, weekly updates, great support and mostly same day response in paid section of Forum (English & French).
    I believe it was Martin that hooked me up a few years ago.
    Highly recommended.

    Easy read details found here-

  2. chesscanoe said on December 2, 2017 at 4:23 pm

    On latest Windows 10 FCU, I use non-free AVG Internet Security which seems to work well. I changed from OpenDNS to Quad9 and get better speed, no logging, and 1/4 the spam I formally got. This may all be circumstantial, as I do not claim a valid test environment.

    1. Anonymouser said on December 4, 2017 at 11:05 pm

      “I changed from OpenDNS to Quad9 and get better speed, no logging”

      While Quad9 may not be logging DNS info, how are you preventing your ISP from seeing and logging your DNS queries? (I looked on Quad9’s website for info on DNScrypt but couldn’t find anything–they don’t seem to support it.)

  3. KeZa said on December 2, 2017 at 3:05 pm

    For good protection and practical… full AVG (not the free one), Voodooshield, keyscrambler, Emsisoft Anti-malware, Crystal Security, the good old Sygate Firewall (yes I have three FW’s: AVG, Sygate and router FW and works perfectly) and OpenDNS and all this with my old FireFox 48 with the ghacks prefs (I’m here on Xp)

    Kevin z. from Belgium

  4. Darren said on December 1, 2017 at 6:37 pm

    I use Eset AV as I have for ages. They’ve been taking away some of it’s flexibility/tweakability over time, some of which bugs me. What do you all think is the best balance of light-weight and quality? I use Windows Firewall Control, so just prefer AV only (not a suite).

    “Honestly, I consider NoScript my first line of defense” – exactly Diff Martin. Nice post above.

  5. Orestes said on December 1, 2017 at 9:00 am

    I think it’s unfair to test and compare other products at their free version and others at their paid.

    1. chesscanoe said on December 1, 2017 at 12:27 pm

      I do not trust the antivirus rating companies. I am under the impression their choices and ratings are based on the contributions the products make to them. This may not be true, but why else would Avast be rated and AVG is not, when the code seems to be essentially the same the last time I checked.

      1. A different Martin said on December 1, 2017 at 6:41 pm

        Plus, Avast acquired AVG around a year and a half ago — with the intention of integrating the two platforms, I believe — so no surprise that they’re getting the same results.

      2. chesscanoe said on December 1, 2017 at 5:58 pm

        Correction: Avast and AVG are both rated and have the same score.

  6. A different Martin said on December 1, 2017 at 12:55 am

    Honestly, I consider NoScript my first line of defense. (Well … and I suppose my router’s NAT/SPI firewall and the Windows 7 firewall, too.) The only malware or potentially unwanted programs that any antivirus has detected on my system since I began using NoScript have been false positives (a few NirSoft utilities, one or two Sysinternals utilities, and the odd installer with an OpenCandy or similar bundleware component). That must be a good ten years by now.

    In this connection, Pale Moon is my browser of choice, and I hope that Basilisk’s WebExtensions framework will be up to speed and supporting the WE versions of either NoScript or uMatrix by the time those extensions’ developers stop supporting the XUL versions. If not, I’m probably going to have to return to Firefox as my primary browser.

    As for antiviruses proper, I’m currently trying out Kaspersky Anti-Virus Free. Before that, it was Sophos Home, and before that, Avira Free, and before that, Avast Free, and before that, AVG Free, and before that … I forget. Typically, I switch AVs when something about the one I’m using starts bugging me. I’ve also been using Malwarebytes Anti-Exploit Beta for a little while, just in case. And I occasionally back up the real-time protection of whatever AV I’m using with on-demand scans by Malwarebytes Free.

    Regarding Kaspersky, readers outside the US may not be aware of how hard Russophobia (Cold War 2.0) is being pushed over here. As part of that, the US government has more or less banned Kaspersky products from government computers, for fear they would be used by the Russian government as a vector of espionage and hacking. That kind of made me smile, as my last AV was from Sophos, in the UK, and I didn’t think it out of the question that Sophos routinely passed on user data to GCHQ, who in turn routinely passed it on to NSA, who would in turn pass it on to any powerful or favored US entity, public or private, that I was unfortunate enough to piss off. I don’t work in government, in anything remotely sensitive, or in anything remotely connected to Russia. I am, however, moderately active in US politics. Consequently, I care a lot less about what “exploitable intelligence” Kaspersky might have on me than what a US-allied outfit does, because the Russian government cares a lot less about me (if that’s possible ;-) than the US government does. It’s a moot point, because I suspect that NSA already collects whatever it needs without any help from an AV vendor. I’m just saying that even if US allegations that Kaspersky works with/for the Russian government were true, I’d still choose it over a “Western” vendor, other things being equal. And Kaspersky has been very highly rated for years, so they’re really not all that equal.

    Getting back on topic, I’ve only been using Kaspersky Free for a couple/few weeks, but so far, so good.

    1. KeZa said on December 2, 2017 at 3:00 pm

      Malware Anti-Malware is behind…. It’s becoming crap and even worse than Micro’s Defender with financial malware https://www.mrg-effitas.com/wp-content/uploads/2017/05/MRG-Effitas-360-Assessment-2017-Q1_wm.pdf

    2. A different Martin said on December 1, 2017 at 6:25 pm

      Update: In a weekly scheduled scan last night (I forgot that I had scheduled those), Malwarebytes Free threw a false positive for Notepad++’s uninstaller, along with the uninstaller’s associated registry entry. I think they called it “Trojan:FakeNPP.” My Kaspersky Free gave it a clean bill of health, and according to a post I read somewhere on the Web (on Notepad++’s community forum, actually), so did every antivirus program in VirusTotal’s arsenal except for Malwarebytes. Ergo, false positive.

      In a totally unrelated note, I just discovered that Trader Joe’s is selling 4 lb. (1.8 kg) bars of Belgian milk chocolate for the holidays. I just hope the English press doesn’t get wind of it, or we’ll never hear the end of “Americans and their medium-sized chocolate bars” on Mock the Week.

  7. Doc said on November 30, 2017 at 8:23 pm

    “…and Norten Security…” It’s Norton, Martin. #corrections

  8. andy said on November 30, 2017 at 7:52 pm

    KASPERSKY Internet Security 2018/ on demand Malwarebytes free. Amen

  9. Chris said on November 30, 2017 at 4:45 pm

    used eset for donkeys across several machines never has a problem

  10. PanamaVet said on November 30, 2017 at 3:41 pm

    This year vulnerabilities were found in a large number of A/V products including top contenders. Installing their software creates vulnerabilities on your machine.

    A Firefox developer lamented that he was having difficulty securing Firefox watching A/V software inject vulnerable code. He commented that the A/V defense needed to be inside the O/S and recommended Win 10 and Defender.

    The A/V testers are ignoring the situation to the detriment of people looking for help.

    Try telling management that the A/V check box on audit compliance breaks compliance with securing data.

  11. Anonymous said on November 30, 2017 at 1:34 am

    No common sense here, no antivirus, no antimalware, just a backup. I’m still waiting for the adrenaline rush that will make me hard again. Please help.

  12. kalmly said on November 29, 2017 at 9:01 pm

    Used AVAST for a kazillion years, but then it got so annoying I uninstalled it. Tried Avira (the free version) and liked it a lot because it didn’t hog cpu and it didn’t nag. Trouble was, it wouldn’t update, and the company was disinterested in fixing the problem. Now I just use Windows Defender and run an older version of MBAM whenever the system hiccups.

  13. kalmly said on November 29, 2017 at 8:57 pm

    After using it for a kazillion years, AVAST got so annoying I uninstalled it. Tried Avira’s free version and liked it very much because it didn’t slow down my system or nag. However, it wouldn’t update, and the company seemed disinterested in solving the issue. So I uninstalled. Now I’m using only Windows Defender and I run an old version of MBAM whenever the system hiccups. I also clone and back up.

    1. AnorKnee Merce said on November 30, 2017 at 11:03 am

      @ kalmly

      When you first download and install Avast Free, you need to choose Custom install. Otherwise, a lot of crapware or crap features will also be installed.
      … The crapware can also be removed after an Express install of Avast Free through >Control Panel >Add or Remove Programs >select Avast >Repair.

      I have used Avast Free for a number of years with no problems. I forgot why I dumped Free Avira.

    2. Antivirus WorseThanVirus said on November 30, 2017 at 2:46 am

      I don’t know what version of Avira you used but I tried the latest free version last night and it was slow, bloated, and intrusive, nothing like the old Avira. Maybe it doesn’t work well with Windows 7 anymore, or maybe it was some incompatibility with Comodo firewall, but it took almost a minute to start up, and the scheduler and web-monitoring telemetry cloud stuff (AKA phoning home) stuff and taskbar icon couldn’t be disabled anymore like in older versions. I switched to Kaspersky free (Avast seems to have gone spyware too, and Bitdefender wanted registration), it’s like what Avira used to be, no intrusive processes, loads fast. All I use is on-demand scanning, real-time protection is overkill unless you download suspicious things constantly. Be aware that virus companies like to scare users with false positives to convince them to do ridiculous things like let an antivirus monitor their web usage so they can collect that priceless telemetry gold everyone seems to be after these days.

      1. A different Martin said on December 1, 2017 at 7:14 pm

        … web-monitoring telemetry cloud stuff (AKA phoning home) stuff …

        I do my best to uninstall or de-activate “web protection” on any antivirus I install, and I’m sure Comcast and Google appreciate my efforts to defend their market share in tracking and data-mining. :-( However, I do leave real-time protection enabled, in case I download a compromised installer and don’t remember to do a manual scan before running it. (I keep the software on my system pretty up to date, so I do a lot of downloads and installs, and checking file hashes is already enough extra manual work.)

        I’m curious. Does any anti-virus’s “web protection” component extend to Tor Browser (a portable program)? If so, it could track you even more effectively than your ISP can. Ditto for VPNs. (Just did a quick Web search and saw that the web-protection component of Sophos Anti-Virus for Mac Home used to prevent Tor Browser from loading. I guess that’s one way to make sure you can track everything your users do on the Web! But on the other hand, you share it with your users’ ISPs. What to do? ;-)

  14. Ray said on November 29, 2017 at 7:24 pm

    I’m still waiting for AVTest or AVComparatives to put Kaspersky Free onto their testing matrix.

  15. jasray said on November 29, 2017 at 5:57 pm

    Interesting . . . I used the AV program from South Korea years and years and years ago, and it was great. The program was tops. Most likely, I still have the old setup disc.

  16. cianoz said on November 29, 2017 at 5:53 pm

    I’m using Bitdefender for a couple of years. It’s quite good in regards of performance but not much in usability.
    Worst thing: support. I tried to contact the support a couple of time for the product blocking some website and downloads. Both times the “technical support” replied with “Please, disable ALL the modules and see if problem is resolved”. Precisely: non followed by a “if so, then…”. Just “keep all modules disabled”. Can’t comment.

  17. Arcionquad said on November 29, 2017 at 5:22 pm

    MBAM + Windows Defender.

  18. lowlife said on November 29, 2017 at 5:02 pm

    I use McAfee
    Because it is cheap and available in my area
    and Unlimited Devices PC, Laptop, Android 6
    Other Programs: Bitdefender and kaspersky

  19. Sophie said on November 29, 2017 at 4:17 pm

    Personally, I prefer not to use any AV at all, for some time now. I’ve gone from thinking of one as a “must have”….to a “must not have”.

    -All AVs track you by design, (by virtue of where you go and what you do).
    -They often nag you or popup, especially if they are free
    -They can be a resource hog, or get in the way in other ways

    I prefer to do a Malware Bytes scan every few days, check everything with Online scanners, Check Web URLs if there’s uncertainty, and otherwise just use common sense.

    I’ve even disabled Defender. Just don’t need it or want it. I’m cloned to the hilt, and feel emancipated to be nag free and AV free.

    Just my take on it, not right for everyone of course.

    1. KeZa said on December 2, 2017 at 2:58 pm

      Sorry but Malware Anti-Malware is behind. It’s becoming crap and even worse than Micro’s Defender with financial malware https://www.mrg-effitas.com/wp-content/uploads/2017/05/MRG-Effitas-360-Assessment-2017-Q1_wm.pdf

    2. Tom Hawack said on November 29, 2017 at 9:43 pm

      Same here, no anti-virus, no anti-malware. I’ve often heard and read that the firewall was the main security component to focus on. I’ve never encountered a problem throughout maybe 20 years or so minus 2 years whare Kaspersky was installed. I believe, I hope, I orchestrate my computer to have good walls but should an intruder make its way that I could face problems, undoubtedly. I behave on the Web accordingly, avoiding porn and casinos not because I’d condemn either but because they are often mentioned as being war zones which would require the helmet anti-virus armies provide, I guess. Like driving without a license, I try to remain cleaner than clean :)

      1. Doc said on November 30, 2017 at 8:26 pm

        If you’re not using ANY anti-virus or anti-malware programs, how do you **know** your PC is clean? These days, there are malicious ads served up to otherwise “clean” websites, websites infected with malicious components (especially WordPress blogs, but there are lots of other frameworks and CMS’s with flaws, either in the framework or in plugins that haven’t been rigorously vetted), and other infectious things like viruses and worms that can and *do* get through a firewall.
        If you’re not protecting yourself properly, **you’re part of the problem.** Your PC could be infected by coin miners, spambots, or part of a DDOS botnet…unless you’re protected by a trusted antivirus *and* antimalware to warn you the moment an infected file is opened.

    3. J.F. Paquet said on November 29, 2017 at 6:21 pm

      I don’t use any antivirus at all, sooner or later they slow my 3 computers
      and, by the way, I had only 2 occurrences : a small virus and a worm in 20 years,
      working and browsing close to 8 hours a day 6 days a week.
      And I got rid of these bugs by myself (and the search on some forums)

  20. Steve said on November 29, 2017 at 2:43 pm

    I fail to understand the sense in evaluating an AV that’s Not available in Most countries and that’s virtually unknown to the masses.
    I’ve been in IT for over 36 years and have Never heard of AhnLab, but Kaspersky who has been ranked No. 1 for decades, is the most popular and reliable AV/IS on the planet.
    Perhaps, the South Korean company needs to work on their Marketing if they want the rest of the world to be aware of their products.

  21. Yuliya said on November 29, 2017 at 1:51 pm

    >Now You: Which antivirus solution do you use, and why?
    I use something called Common Sense (: It has never failed me.

    1. Gabriel said on November 30, 2017 at 6:57 pm

      “Common Sense”. Someone ALWAYS has to bring this up.
      You know… sometimes even legit files get infected too, like ccleaner a few months ago.
      Did you “common sense” protect you against that?

      1. Gabriel said on November 30, 2017 at 11:02 pm

        Don’t try to patronize me, man
        I’m just saying that “common sense” is not enough nowadays. Maybe it was 10 years ago.
        What about unknown threats? Like websites with bitcoin mining scripts? Did y’all know about that before it exploded on the news?
        That’s all I’m saying.
        Unlike you, I truly hope you have a nice day.

      2. Rush said on November 30, 2017 at 10:54 pm

        Wow man, tough crowd.

        Common sense for me has a lot to do with not engaging in sites that could have a high risk…call me prudish, but as I mentioned above…no major viruses or system stopping malware in probably 10 years.

        Forgive me, but your attitude appears fearfully fraught with glass half empty , perhaps you have had quite few stinky bugs and viruses and to hear of others success sets you at unease.

        Just a guess.
        Hope your day sparkles

      3. Gabriel said on November 30, 2017 at 8:40 pm

        @Yuliya I have no idea what posting a screenshot of the latest ccleaner has to do with common sense and not getting infected. have to do with one another.
        You mean your “common sense” told you to skip the infected build?
        Damn.. you should play roulette and win money.

      4. Yuliya said on November 30, 2017 at 8:36 pm

        Garbriel, yes, my common sense did protect me against the infected CCleaner a few months ago (;

        I can tell you that common sense also protected me against exploits such as wannacry, in many different ways actually, to the point where my PC even unpatched (it is) would not be explotable, be it remotely or via LAN. Did your A/V protect you against that? I guess not.

      5. Gabriel said on November 30, 2017 at 7:58 pm

        @Thilo You’re funny

      6. Thilo said on November 30, 2017 at 7:28 pm

        People with common sense don’t use CCleaner…

    2. Rush said on November 29, 2017 at 7:41 pm

      I’m with Yuliya,

      * Common sense # 1

      * Not a fan of WinDefend, runs too much…but I use it.

      * Along with Kaspersky TDSSkiller Anti-rootkit w/no monitoring, I open it, every couple of days, for a quick and easy scan, or if I suspect something. Just close it, when the scan is complete…scan is like 30 sec. I does flag and quarantine from time to time, and I can control the deletion.

      Haven’t used the junky Mbytes for well over a year. I have tried a few AV’s to no satisfaction, resource hogs, all of them. Even Geek cannot possilbly un-stall all leftover traces..I usually have to refresh my system, or insure that i have created a restore point.

      So with the above mentioned 1-2-3 punch, I haven’t had a virus since ole’ Shep was a pup.

    3. Marcin said on November 29, 2017 at 3:03 pm

      This ! Best security tool ever.
      Unfortunately, there is not so much tuto when I search for common sense in Google…

  22. Anonymous said on November 29, 2017 at 1:42 pm

    Hello, Martin – Malwarebytes AntiMalware is nowadays claiming that their actual product protects like any other antivirus. I’m trusting them and therefore using MbAM together with Windows Defender. No complaints after a 4 weeks test. Merry Christmas and a happy 2018!!

    1. Sylvio Haas said on November 29, 2017 at 2:52 pm

      Sorry, not anonymous!

    2. throkr said on November 29, 2017 at 2:52 pm

      Same combination here : Windows Defender with Malwarebytes (since Malwarebytes Antimalware became Malwarebytes) AND common sense.
      Strictly no problems.

  23. KeZa said on November 29, 2017 at 12:55 pm

    Not so quick Martin :)

    We cannot get a good view of AV with one. Everyone that will find the best for their systems must check it all:


    With these three you will see what the AV’s really are…

    Kevin z. from Belgium

  24. Jan said on November 29, 2017 at 12:42 pm

    Here Eset is (like always) the performance winner: http://www.av-comparatives.org/wp-content/uploads/2017/10/avc_per_201710_en.pdf

    Honestly I have to say that I use an AV just to feel good. I cannot remember when I had avirus. I would say never or at least 10 years ago. I prefer to use a fast and not annoying solution. And 98% recognition is enough for me. I hope ESET keep the AV in silent mode. I like the clean UI.

    For a Firewall I switched to only use the Win7 FW with the Windows Firewall Control UI.

    1. calliopes_pen said on November 30, 2017 at 8:19 pm

      I have actually been thinking of trying ESET out to see how it does on my desktop. Do you happen to know if ESET is compatible with Emsisoft Anti-Malware?

      (if not, I can temporarily uninstall the latter.)

  25. justin said on November 29, 2017 at 12:21 pm

    AV test is nowadays a rather poor test
    there are more threats than simple viruses
    so that doesn’t mean a thing

    1. Harushi said on November 29, 2017 at 1:59 pm

      And do you ever read how did that “simple” test perform?

  26. Marek said on November 29, 2017 at 12:15 pm

    They gave 5/6 to Avast in performance category? Great joke.

  27. joe said on November 29, 2017 at 11:33 am

    Hi, I use Eset (internet security) and is very powerful antiv

    1. Luther said on November 29, 2017 at 11:39 am

      No it isn’t. Stop fanboying over snake oil.

      1. A different Martin said on November 30, 2017 at 11:17 pm

        @ Anonymous:

        For your snake? ;-)

      2. Anonymous said on November 29, 2017 at 12:33 pm

        I use snake oil every day! It is the best for my ****.

  28. Kim Jong Un said on November 29, 2017 at 11:27 am

    north korea. best korea.

    1. Tom Hawack said on November 30, 2017 at 10:06 am

      Rocket-Man would rather say “North Korea, the only Korea” :)
      I like to start the day with a big laugh :)

    2. kuyou said on November 30, 2017 at 5:52 am

      korea fanboy. Japan best

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.