Is Avast safe to use in 2026?

After the 2024 FTC settlement over Jumpshot data sales, Avast is operating under specific data-handling restrictions and the Jumpshot subsidiary is closed. Whether the current product is 'safe' depends on the threat model. For protection against malware, Avast remains a competent product on the lab data. For privacy, the historical record is meaningfully worse than competitors with no comparable incident. We do not currently recommend Avast on Privacy History grounds; readers who already use Avast and prioritise protection over privacy can keep it through current renewal and switch at next.

What is the worst antivirus in 2026?

We do not publish a 'worst' ranking. The category is too varied — a product that is wrong for a privacy-focused buyer may be acceptable for a protection-only buyer. The five brands we currently do not recommend (Avast, AVG, TotalAV, Scanguard, PC Protect) appear on this page with the specific reason for each. Fortect appears because of marketing positioning rather than core protection. Norton appears as a 'buy with eyes open' caveat, not an avoidance.

Is Norton 360 actually safe to buy?

Yes — with caveats. Norton's protection scores in the labs are top-tier, the bundle value is real for households, and the company's current operations (under Gen Digital) are well-documented. The caveats are the Crypto Miner episode (now wound down), the LifeLock identity-monitoring component (which has more regulatory history than typical), and the steep year-two renewal hike. We currently recommend Norton 360 with those caveats explicit; cancel auto-renew on day one and re-evaluate at month eleven.

Should I uninstall Avast right now?

No urgency. The post-Jumpshot Avast operates under FTC-supervised restrictions on browsing-data handling. The current product, on a fresh install, does not appear to repeat the documented Jumpshot behaviour. Our recommendation is to plan to switch at next renewal rather than mid-cycle, unless your specific threat model requires the change immediately.

Where can I see your evidence for these claims?

Every claim above includes a source attribution at the end of the relevant section: FTC press releases, court filings, AV-TEST and AV-Comparatives published-results archives, and trade-press coverage. None of the claims rely on private documents, anonymous sources, or unverifiable allegations. We expect this page to be linked, criticised, and corrected; corrections@safescannow.com is the address for documented corrections, which are logged inline with the date.

Investigation · April 2026

5 Antivirus Brands We Don't Recommend in 2026 — and Why

Q: Why is TotalAV ranked highly on other review sites if it is not on your list?

The most parsimonious explanation is the affiliate commission rate, which is roughly 1.5–2x the commission paid by Bitdefender, Norton, or ESET. A publication that ranks TotalAV in second place earns substantially more per click than a publication that ranks Bitdefender in second place. The independent-lab data does not place TotalAV ahead of Bitdefender or Norton on protection scores. We believe the placement is commercially driven; the publications doing the placing have not published a defence to the contrary.

We don't publish a 'worst antivirus' click-bait list. We do publish, with documentation, the brands that do not currently meet our scoring threshold and the specific public-record reasons. Every claim below has a citable source. None of it is rumour.

Last updated · April 25, 2026·By Maria Volkov (Privacy Analyst)·Reviewed by Liang Chen

Direct answer

This page lists five antivirus brands SafeScan Now does not currently recommend, with the documented reason for each: Avast (and AVG, same parent) for the FTC-fined Jumpshot data-sale incident; TotalAV for high-affiliate-commission-driven placement on competing review sites and a multi-year pattern of refund-and-renewal complaints; Scanguard and PC Protect for sharing Protected.net's back-end with TotalAV; Fortect (formerly Reimage) for marketing patterns flagged by multiple consumer-protection authorities; and Norton for the LifeLock and Crypto Miner caveats that buyers should know before subscribing. This is not a blacklist — every brand on this page can re-enter our recommendations if the underlying issue changes, and we will document any such change inline.

Read this first

This page is editorial opinion based on public records, lab data, regulatory filings, and our scoring methodology. It is not a legal claim. We do not allege fraud, criminal conduct, or any specific tort against any company named below; we describe documented incidents and the conclusions we draw from them.

Every issue described below is sourced to public records: FTC orders, court filings, regulator press releases, independent lab tests, or company press releases. Where our conclusion is editorial inference (for example, 'we infer that the placement is commercially driven'), we say so explicitly. Where our conclusion is a fact citation, we say that.

Brands appear on this page when they currently fail our six-pillar scoring threshold or when a documented public-record event creates a meaningful trust risk for buyers. Brands leave this page when the underlying issue is documented as resolved. We do not delete listings; we date and update them in place.

What lands a brand on this page

Documented privacy or data-handling incident in the last five years (regulator action, court order, or independently confirmed leak).
Pattern of refund or auto-renewal complaints documented in regulatory filings or court actions, not in single-anecdote reviews.
Marketing or distribution practices flagged by a national consumer-protection authority.
Ownership or affiliate-commission structure that creates a documented conflict with the brand's place on competing review sites.
Independent-lab detection scores that fall below our 92% protection threshold across two consecutive cycles.

Avast (and AVG, same parent)

FTC fined Avast $16.5M in 2024 for selling browsing data through subsidiary Jumpshot. AVG shares the same parent.

Documented facts

Avast Software operated a wholly owned subsidiary, Jumpshot, that sold detailed browsing-history data harvested from Avast and AVG users between 2014 and 2020.
In 2020, joint reporting by Motherboard and PCMag documented that the data being sold included 'every search, every click, every buy on every site' from millions of Avast and AVG users.
In February 2024, the U.S. Federal Trade Commission announced a $16.5 million settlement with Avast over the Jumpshot data-sale practices, requiring Avast to delete the harvested data and prohibiting it from selling browsing data for advertising purposes.
Avast and AVG were merged into Gen Digital in 2022 alongside Norton and Avira; the four products now share a corporate parent and substantial back-end infrastructure.

Source

FTC press release (Feb 2024); Motherboard/PCMag joint reporting (Jan 2020); Gen Digital corporate filings.

SafeScan Now judgement

Both Avast and AVG fail our Privacy History pillar. The Jumpshot data sale is one of the largest documented privacy incidents in consumer-antivirus history. The FTC settlement is recent enough (2024) that we treat the incident as live for scoring purposes through at least 2027. The current product is not the same product that operated Jumpshot — Gen Digital management has changed practices — but the trust deficit is meaningful and we score it accordingly.

Reader takeaway

If privacy is a meaningful purchase reason, do not buy Avast or AVG in 2026. Bitdefender, ESET, and (with Privacy History caveats noted) Norton are the alternatives. If you already use Avast or AVG and the protection is acceptable to you, the case to switch is not urgent — but plan to switch on next renewal.

TotalAV

High affiliate commissions paired with one of the worst-documented refund/renewal complaint records in consumer antivirus.

Documented facts

TotalAV is operated by Protected.net, a UK-based affiliate-marketing company that also operates Scanguard and PC Protect (see below).
TotalAV's affiliate commission rate is among the highest in the consumer-antivirus market — public affiliate-network data shows commission rates of approximately 60% with extended cookie windows, against an industry norm of 30–40%.
Multiple consumer-affairs authorities — including the UK Advertising Standards Authority — have published rulings against Protected.net for misleading marketing claims related to TotalAV.
User-complaint patterns in regulator-tracked complaint databases (Better Business Bureau, Trustpilot's reviewed ratings, FTC complaint corpus) cluster around three issues: difficulty cancelling auto-renewal, refund disputes, and aggressive on-install upsell.
On independent-lab tests, TotalAV's protection scores have historically ranged in the middle of the pack; it has not appeared in the AV-TEST top tier in 2024 or 2025.

Source

UK Advertising Standards Authority published rulings; Better Business Bureau complaint corpus; AV-TEST 2024 and 2025 quarterly reports; affiliate-network public commission disclosure.

SafeScan Now judgement

We do not currently recommend TotalAV. The combination of high affiliate commissions and a documented refund-and-renewal complaint pattern is precisely the conflict our methodology is designed to penalise. We note for transparency that several major affiliate review sites — including SafetyDetectives — have ranked TotalAV inside their top three; we believe that ranking is not technically defensible against the lab data and is more parsimoniously explained by the commission structure than by the protection.

Reader takeaway

If a review site ranks TotalAV in the top three of a 2026 'Best Antivirus' list and does not disclose its commission rate, treat the entire list with scepticism. Bitdefender, Norton, and ESET are the brands TotalAV is usually placed ahead of, and the lab data does not support that ordering.

Scanguard and PC Protect

Same parent (Protected.net) and shared back-end with TotalAV; the same complaint pattern applies.

Documented facts

Scanguard and PC Protect are both consumer-antivirus brands operated by Protected.net, the same UK-based parent that operates TotalAV.
Independent technical reporting has documented that Scanguard, PC Protect, and TotalAV share substantial back-end infrastructure, suggesting the underlying scanning engine is the same product distributed under three brand names.
The complaint patterns documented for TotalAV (auto-renewal disputes, refund difficulty) appear in similar form for Scanguard and PC Protect in regulator-tracked complaint databases.
Neither Scanguard nor PC Protect appears in the AV-TEST or AV-Comparatives published rankings as of 2025.

Source

Protected.net corporate filings; independent technical reporting (multiple outlets); AV-TEST published-results archive.

SafeScan Now judgement

Scanguard and PC Protect inherit the same trust deficit as TotalAV. The fact that all three are operated by the same parent, with what appears to be a shared back-end engine, means a problem with one is functionally a problem with all three. We do not currently recommend any of the three.

Reader takeaway

If you encounter Scanguard or PC Protect on a review site, the disclosure to look for is whether the publication notes the shared parent with TotalAV. Most do not. We treat any 'review' that ranks any Protected.net brand without that disclosure as commercially compromised.

Fortect (formerly Reimage)

Marketing patterns flagged by multiple consumer-protection authorities; positioning blurs antivirus and 'PC repair' in ways that confuse buyers.

Documented facts

Fortect is the rebrand of Reimage, a Windows-utility product that has been marketed for over a decade as a combined PC-repair-and-antivirus tool.
Reimage and its successor Fortect have been the subject of consumer-protection attention from multiple national authorities for marketing practices that present routine system maintenance as urgent malware threats.
Independent reviewers — including PCMag and several IT-trade publications — have repeatedly flagged Fortect's scan-result presentation as exaggerating routine cache files, registry entries, and ordinary Windows artefacts as 'threats requiring immediate attention.'
Fortect is not currently in the AV-TEST or AV-Comparatives published-results panels, and its protection performance against actual malware has not been independently validated by the labs we trust.

Source

PCMag and trade-press coverage; consumer-protection authority bulletins (multiple); AV-TEST and AV-Comparatives published-results archives (absence).

SafeScan Now judgement

Fortect is not in the same category as Avast or TotalAV — those are real antivirus products with documented issues; Fortect's primary issue is positioning. We do not recommend Fortect for the same reason we do not recommend any product whose marketing relies on alarming the user about routine artefacts. If you want PC cleanup, use Windows Disk Cleanup or a focused tool with a transparent feature list. If you want antivirus, buy antivirus.

Reader takeaway

Treat any product that combines 'antivirus' and 'PC speed-up' marketing in the same scan flow with scepticism. The two functions have nothing technical in common, and the combination is a long-standing red flag in the Windows-utility market.

Norton 360 — caveats, not avoidance

We currently recommend Norton with two specific caveats buyers should weigh before subscribing.

Documented facts

Norton 360 includes Norton Crypto, a feature that briefly enabled cryptocurrency mining inside the antivirus product itself between 2022 and 2023 before being deprecated. Norton retained a percentage of mining revenue. The feature is no longer the default and has been substantially wound down, but it remains a documented episode in the product's recent history.
Norton 360 in the United States bundles LifeLock identity-theft monitoring. LifeLock has been the subject of multiple regulatory actions over its history (most notably an FTC settlement in 2010 over identity-theft service marketing claims). The current LifeLock service operates under a court-supervised order; that does not make it unsafe, but it does mean the identity-monitoring component has more regulatory history than is typical for a bundled antivirus add-on.
Norton's renewal-pricing pattern (typical 2.5–3x increase from year-one promo to year-two) is among the steepest in the consumer-antivirus market. We score it accordingly in the Pricing pillar.

Source

Norton press releases; FTC consent orders (LifeLock); Norton public price page (current snapshots).

SafeScan Now judgement

We currently recommend Norton 360, with caveats. The caveats are: be aware of the Crypto Miner episode, understand what LifeLock is and is not, and plan for the year-two renewal hike. Norton remains one of two paid products we recommend (alongside Bitdefender) on protection grounds, and the bundle value is real for households that need cross-platform coverage and a VPN. We list Norton on this page so the caveats are not buried.

Reader takeaway

Norton 360 is not on the avoid list — it is on the buy-with-eyes-open list. If you buy Norton, buy a one-year subscription, cancel auto-renew on day one, and re-evaluate at month eleven.

How These Brands Get Promoted Anyway

The mechanism is straightforward and well-documented. Affiliate-network publishing pays publications a commission when a reader clicks a link and purchases. Commission rates vary by brand: Bitdefender pays roughly 30–40%, Norton pays a similar range, ESET pays a similar range. TotalAV and brands in its category pay closer to 60% with longer cookie windows. A publication that ranks TotalAV in second place earns roughly 1.6x as much per click as a publication that ranks Bitdefender in second place.

The honest version of this is to disclose the commission and let readers decide. Most publications do not. The dishonest version is to bury the commission disclosure in a generic 'we may earn commission' footer and to write the ranking copy as if it reflects independent testing. We believe that is what is happening with TotalAV's persistent top-three placement on several major review sites, including SafetyDetectives.

This is not a problem unique to antivirus. It is a problem in every affiliate-publishing category — VPNs, hosting, password managers, web tools — and the antivirus version of the problem is well-documented because the lab data is precise enough to make the placements visibly indefensible.

What to Use Instead

For Windows 11: Microsoft Defender (free) for careful users; Bitdefender Total Security or Norton 360 for users who want a paid product, with the caveats described above.

For Mac: Bitdefender for Mac, ESET Cyber Security, or Microsoft Defender (via Microsoft 365 Family). For Mac-specific reasoning, see /best-antivirus/mac/.

For Android: Bitdefender Mobile Security or Microsoft Defender for Android. Stay away from any Android antivirus app that requests payment for routine permissions or that bundles 'speed booster' utilities — the reasoning is the same as the Fortect critique above.

For iOS: A reputable browser-side phishing filter (Safari + iCloud Private Relay, or Brave) and the iOS App Store's existing review process is meaningful protection. Most 'iOS antivirus' products are positioning rather than protection, because iOS's permission model genuinely prevents most of what desktop antivirus is designed to block.

Disclosure

SafeScan Now earns affiliate commissions when readers click certain links and purchase. We disclose those relationships individually on every review and listicle, and collectively at /affiliate-disclosure/. We do not earn commission from Avast, AVG, TotalAV, Scanguard, PC Protect, or Fortect — partly because we do not currently recommend them, and partly because we have not pursued affiliate relationships with any brand on this page. The methodology that ranks brands is locked before any affiliate negotiation. Corrections to this page are logged inline; write to corrections@safescannow.com if a documented fact is missing or wrong.

FAQ

Antivirus to Avoid — FAQs

If a question is missing, write to corrections@safescannow.com and we will add and answer it on the page.

Bottom line

Five brands we do not currently recommend (Avast, AVG, TotalAV, Scanguard, PC Protect), one we recommend with caveats (Norton), and one we flag for marketing rather than protection (Fortect). Each entry on this page has a documented public-record reason. Re-evaluate when documentation changes. Read accordingly.

See brands we recommend How we are funded