Voxy, every few months, I see a new "Best AV tests reveals" study, and I can't tell one from the other - in the Paid Programs. I've got customers with Kasp in which units take so long to load upon system start-up, and they'll spend 2-3 minutes wondering if their units are infected simply because Kasp hasn't loaded promptly. (And because they have 80 other oddities loading, du-uh...)
But I don't believe any of the AVs can address the main attacks these days - the "invited-in hijacker" types that pretend to find a virus and then warn the customer "If you want to save your system, I'll save you-! Just click on the SAVE ME NOW button". They'll conveniently offer a CANCEL button, too. But they both do exactly the same process - infect the computer.
Nothing prevents this EXCEPT an alert and disciplined user that recognizes this as a wolf-attack in sheep's clothing. And on POP machines, I suspect it's too late. "Better hope we can remember the Other Admin User's password to see if we can defeat this."
The paid-for products do offer one thing that the Freebies don't - access to an updated bootable Rescue ISO.
None of these "AV Polls" ever address this issue and, for me, this is the central feature - "Can I download a Rescue ISO, and is it updated at least monthly?" Every other claim is merely a leap-frogging, chest-beating marketing declaration.