Personal conclusion; For general users, clickers, kids, and non-techies I have found more automated solutions, and solutions with reputation blocking to be the most effective. That includes products like Webroot, Trend, Norton, where healthy reputations are required for most activities with programs. My conclusion has been reached in monitoring thousands of systems, nearly 3,200 personal/corporate malware removals over the last 6 months. That is -- tickets assigned to me directly as a Level 2 IT Engineer. Also this includes my experiences at home with having kids. I checked my daughters machine today and found 4 quarantined files in Norton 2015 from the last couple of days. Now realized these files made it through double Layer-7 UTMs (Kaspersky+ClamAV). They were flagged by Norton's download insight and sonar reputation. So I removed these samples, and ran them through a few scanners, and they were generally missed by ALL of the big name traditional AV's.. She would be hosed without a reputation AV. For safer folks, techies, and people that generally have more experience with computers, I often find solutions like Kaspersky, ESET, Bit Defender, Emsisoft and others better for them. These folks are generally not 'fooled' by dumb downloads, double packed archived files, two extension files, and other things. In doing so they rarely need reputation based systems, and these may actually be an impediment to them because techie types tend to be involved with development, beta testing, and other things to which reputation systems could drive them insane. I'm scared to death to not have a reputation based AV on my daughters system. But I wouldn't hesitate for a minute not having one on my machine, or my network engineer 20 year old sons system. Kaspersky or something is perfect for us. Clickers, Non-Techs, Kids, Newbs - Run, don't walk to Trend, Norton or Webroot type of products. Techie, Developer, Engineer, Hobbyist - Stick with stuff like Kaspersky, Eset, Emsisoft. It's personal opinion at this point, but I figured worth sharing. What I find funny(and ridiculous) is.. My daughter managed to push 4 pieces of malware through the following; 1) ZyXEL USG NGFW (Kaspersky UTM, Bluecoat, Commtouch) 2) Untangle UTM (ClamAV, and other databases) 3) Adguard w/Malware Blocking Database 4) Chrome Malware Database 5) Kerish Doctor (w/Limited Malware Database) Finally Norton nailed it with the reputation of 'rarely seen file, less than 100 machines, unsigned'. I pushed the samples up to the major honeypots, and only 2-3 traditional AV's detected it.