[AI] INTERNET-SECURITY SUITES
ilovecold at gmail.com
Wed Sep 1 03:02:47 EDT 2010
While all security suites offer roughly the same functionality, their ability to
protect your PC varies tremendously.
Robert Vamosi looks at which internet-security suites you can trust
Online attackers have created more malware in the past year than in the previous
20 years combined. So it stands to reason that you can no longer rely solely on
traditional definition-based antivirus software and firewalls.
Behavioural analysis, which detects malware based on how it acts, and improved
detection methods have both made their way into the latest internet-security
suites. Behavioural analysis has proved successful in catching new threats that
security vendors have yet to make definitions.
Many suites feature cloud-based components, which compare questionable programs
and files against online databases.
Almost all the security suites we test here also include some form of rootkit
repellent. Rootkits are a type of stealth malware used to hide infections and
have gradually become more commonplace. Together, these changes mean security
suites are able to detect and block malware faster than ever.
Nonetheless, we found significant differences in how well security suites
protect your PC. Norton took the top ranking, owing to its strong overall
malware detection. Kaspersky came a close second. AVG bagged third place for
its malware detection and speedy system performance, while there was little
difference between Avast, BitDefender, McAfee, Panda and PC Tools, all of which
turned in very good performances.
As always, we called on the services of security lab AV-Test ( av-test.org) to
perform real-world benchmarks of how each internet-security suite deals with the
latest web threats. AV-Test looked at traditional signature-based detection,
and also at how well the suites cleaned infections, removed rootkits and
detected malware based on behavioural analysis.
We also took into account the impact a security program has on the operation of
a PC. If it slows your system to a crawl, you may be tempted to dump it for
something less effective or turn it off altogether - a dangerous move. A
battery of tests were used to measure drag: changes in boot times, application
launch times and the time to create or open a batch of documents, among other
tests, both with and without the security suites running.
All the suites had antivirus, antispyware and antispam components, plus a
firewall. Some, such as PC Tools, offered little beyond these core functions.
The rest offered extra capabilities, such as parental controls, online backup
and browser protection.
Here's our rundown of the top 10.
Avast 5.0 Internet Security
ukp49 (3 users; 1-year licence)
Avast 5.0 Internet Security offers all the basic PC-protection features and does
a reasonable job at traditional malware detection. It's also fast. But it fell
short at detecting new threats and lacks some extra features.
The interface has a clean, sophisticated look and is easy to use, yet it also
makes you work a bit: you must tell it how to proceed every time it finds an
infection and you can't proceed with the scan until you attend to the alert
Avast detected all infected files and Registry entries and disabled 93 percent
of the infections. But it removed all traces of malware in only a third of
cases. It found and disabled all rootkit samples, but completely removed only
60 percent. This was the worst rootkit removal score of all the suites here.
Avast's firewall works in a similar way to the Windows firewall, asking you to
designate each network as Home, Work or Public. The Public setting blocks the
most traffic, while the Home setting allows more traffic to come in. Work, a
middle ground, is the default.
The antispam function labels suspected junk with '***SPAM***' in the subject
line. It integrates with Microsoft Outlook and some email clients, and can scan
web-based email clients such as Gmail.
In behavioural detection, Avast detected, disabled and removed only about 27
percent of samples. In signature-based detection, Avast demonstrated a
respectable 96.5 percent detection rate. Avast was the top performer overall in
our system speed tests and near the top in scanning speed.
VERDICT: Avast Internet Security offers good basic protection, being both speedy
and easy to use. For all its classiness, however, we were disappointed by its
shortcomings when it came to detecting new threats.
AVG Internet Security 9.0
ukp47 inc VAT (3 users; 1-year licence)
AVG usually sells its solid Internet Security suite for ukp37 per user per year
but, at press time, it was offering protection for three PCs for ukp47.
We rate AVG Internet Security 9.0 highly, as it provides strong malware
detection and disinfection. However, it could be easier to use: its icon-based
feature labelling isn't as clear as it could be and we found it hard to locate
the tools we needed.
Performing impressively in our tests, AVG detected 93 percent of malware
infections and disabled 87 percent of these samples. It could fully remove only
27 percent of them, though. All inactive and active rootkits were identified
and 87 percent of them removed - a figure that was about average for the group.
It earned a perfect score for detecting and disabling infections in behavioural
analysis tests. It also managed to remove 93 percent of malware we threw at the
Another notable inclusion in the AVG suite is LinkScanner, a tool that looks for
and scrubs malicious content from websites before it hits your browser. This is
slightly different from McAfee's Site Advisor, which identifies and blocks
malicious sites. Linkscanner lets you view the questionable sites, but it still
blocks the malware.
Using traditional signatures, AVG detected 95 percent of malware - not a bad
score, but the top performer detected 99.9 percent.
AVG took a couple of seconds longer than average to boot up. Its impact on
overall system performance was slight, but scan speeds were a bit slow. It took
6 mins 5 secs to scan a 4.5GB file when we opened it.
VERDICT: A strong behavioural analysis tool and the ability to root out and
neutralise most malware make AVG one of the best suites on offer. Single-user
licences are relatively expensive, but if you need to protect several PCs, you
can bag a great deal.
BitDefender Internet Security
ukp29 inc VAT (3 users; 1-year licence)
BitDefender provides solid protection at an appealing price, and it has a fresh
new interface that allows you to choose how much or how little information you
The basic display has three large icons and simple text; an intermediate design
shows more detail; while a third lets advanced users fine-tune many of the
settings. Colour status indicators make it easy to see at a glance whether your
PC is protected.
BitDefender was effective at detecting and disabling active infections. It
found all infected files and Registry entries and disabled 93 percent, but it
completely removed only 40 percent. It detected 97 percent of active and
inactive rootkits, disabled 93 percent of active ones and fully removed 87
It wasn't uniformly impressive, though. BitDefender wasn't great at detecting
and blocking malware based on behavioural analysis, detecting 80 percent of test
samples, blocking 40 percent and removing only six percent. It did better at
signature-based detection, finding 96 percent.
The suite did well in our performance-impact tests, but it isn't one of the most
efficient. Our test PC booted up quickly, with BitDefender improving on the
average startup time by roughly 3.5 secs, for a total of 43.46 secs. Scan
speeds were around average; it took just over 4 mins to scan 4.5GB of data in
our on-access test. BitDefender's technical support is emailbased and we found
its searchable online knowledge base limited in scope. We also found the
program's firewall rather too keen.
VERDICT: The new, user-definable interface is a welcome change to BitDefender,
while the suite has a very attractive price tag. Given the preponderance of
threats and their ability to mutate, however, we were concerned by this
program's behaviour-based score.
Kaspersky Internet Security 2010
ukp69 inc VAT (3 users; 1-year licence)
Kaspersky earned high scores for its strong malware detection, efficient
performance and well-designed interface.
Kaspersky's screens are informative without being overwhelming. The main window
includes a left pane for navigation and a right pane showing your options.
Features are organised by general topics, such as My Protection, My Security
Zone, Scan My Computer and My Update Center.
The program proved adept at detecting active malware infections. It detected
all malware samples and disabled 87 percent, but removed all files for only 47
percent of infections. This was about average for the group. Kaspersky, along
with McAfee, found and removed all active rootkits.
It was above average in detecting and disinfecting malware in behavioural
scanning, finding 87 percent of samples, disabling 73 percent and removing 60
Signature-based detection was another strong area for Kaspersky, with a
detection rate of 97.4 percent. Even so, this impressive result was bettered
Kaspersky's impact on everyday PC performance is minimal. It beat the average
startup time by 3.5 secs and the suite took 4 mins 48 secs to scan 4.5GB in our
on-access test. However, its new Safe Run mode hampers the host PC's
VERDICT: Kaspersky earns a Recommended award with a strong feature list. But it
costs appreciably more than the other suites here.
McAfee Internet Security 2010
ukp43 inc VAT (3 users; 1-year licence)
McAfee Internet Security does a good job of detecting malware, and its
combination of a fresh interface and useful features will appeal to many users.
However, its tendency to slow down the PC it's there to protect is a concern.
The suite's redesigned interface is intuitive but unusual. Sections are called
drawers; click on a section and the drawer opens to reveal the settings and
status of each component. The top portion remains fixed, offering a static
overview of the entire product.
McAfee proved effective at cleaning up active infections; it detected all test
infections, disabled 87 percent and completely removed 47 percent. It also did
well in behavioural detection, detecting 87 percent, blocking 73 percent and
removing 60 percent of samples.
McAfee tied with Kaspersky as the leader in rootkit detection, earning a perfect
score for both detection and removal.
As for old-style signature-based detection of malware, McAfee's performance was
the best of all the suites we reviewed, with a 99.9 percent detection rate.
This suite made for somewhat longer boot times on our test machine. And McAfee
had the slowest on-access scan speed: it took more than 9 mins to scan 4.5GB of
VERDICT: One of the best-known security brands, McAfee does a decent job of
protecting a PC from harm, but its services come at the expense of system
Norton Internet Security
ukp49 inc VAT (3 users; 1-year licence)
Norton has a comprehensive set of features, top-notch malware detection and fair
speed. It was one of the top performers in detecting and cleaning up active
malware infections and earned itself our Best Buy award. Norton found all the
dangerous software, disabled 93 percent of it and removed all traces of two
thirds of it. It detected 93 percent of inactive rootkits and detected and
removed all active rootkits. In fact, our main criticism is of its interface,
which is nicely laid out but hard to read, with orange text on a black
The left panel displays a CPU performance gauge, the middle column has sections
labelled Computer, Network and Web, while configuration options are on the
Norton impressed us with its ability to detect, disable and remove every
instance of malware we threw at it using its behavioural scanner - a stunning
When it came to malware detection based on old-style signature-based tests, it
found 98.4 percent of samples - a figure beaten only by McAfee and Panda.
Norton took 3.9 secs longer than the average startup time, but we experienced
minimal drag in day-to-day operations. Scan speeds were decent, however, with
Norton taking 4 mins 14 secs to scan 4.5GB of data in our on-access test.
We didn't take to Norton's use of proprietary names for security technologies
such as Quorum, Sonar and Insight. These tags poorly explain their use. Quorum
is Symantec's cloud-based detection engine and assigns a reputation to programs
based on several factors; Sonar is Symantec's behavioural-detection technology;
and Insight provides up-to-the-minute data on malware collected from other
VERDICT: The protection afforded by Norton Internet Security is second to none.
Some elements of its design could be clearer - we'd like Symantec to offer
straightforward explanations of its features. Overall, however, Norton is the
best product here and easily earns its Best Buy spurs.
Panda Internet Security 2010
ukp49 inc VAT (3 users; 1-year licence)
Panda Internet Security offers all the basic features, and then some. It
includes 2GB of online backup space and the ability to protect USB devices.
However, its interface is more complicated than it needs to be, using multiple
combinations of both tabs and grouped items. Configuration settings are easy to
More importantly, Panda's detection of unknown malware falls a little short: its
behavioural detection of new threats was unimpressive. It found 73 percent of
our samples, blocked 53 percent and removed 33 percent.
Conversely, when asked to detect malware using traditional signature files,
Panda gave the second-best showing, with a 99.8 percent detection rate. This
result was just a hair behind the leader, McAfee.
Panda found all active infections on our test PC and rendered 93 percent of
infections inert. It completely removed all files and Registry changes for 33
percent of infections - a lower figure than we'd like. Panda also detected 93
percent of active rootkits and 80 percent of inactive ones.
It was able to completely remove only 87 percent of this stealthy malware,
whereas the top performers in this regard, McAfee and Kaspersky, were able to
detect and remove all rootkits.
The antispam feature adds a toolbar and a spam folder to Outlook and Outlook
Express. Its backup feature can grab documents based on their file type or from
selected folders or drives, and you can back up to Panda's online service. The
parental controls require an account for each individual; by logging in, you
activate the security set for that individual.
Panda slowed down boot times more than any other suite here; our test PC took
54.68 secs to boot up with Panda's suite installed. It had minimal drag on
ordinary operations, but scan speeds were significantly slower than average;
Panda took 5 mins 30 secs to complete our on-access scan test.
VERDICT: Panda's interface needs some work and its detection of new malware
doesn't keep pace with the top performers. However, its parental controls and
USB drive scanners are welcome additions to what is a middle-ranking internet
PC Tools Internet Security
ukp49 inc VAT (3 users; 1-year licence)
ukp29 inc VAT instore at PC World
PC Tools Internet Security is a barebones suite with strong malware detection,
but it lacks the parental controls and online backup features of comparable
The interface is geared up for the average consumer and the dashboard is
straightforward to navigate. More advanced users may find the simple interface
PC Tools, now owned by Symantec, detected and disabled all active infections and
also removed 60 percent of active malware - a better rate than that of most of
the suites here. PC Tools also produced fairly strong scores for rootkit
detection; it detected all inactive and active rootkit samples, and removed 87
percent of samples. Although a strong showing, other suites equalled it and
Norton, Kaspersky and McAfee beat it.
We were impressed by the respectable 93 percent score PC Tools racked up when it
came to detecting, blocking and removing unknown malware. In signature-based
malware detection, it caught more than 96.3 percent of samples. We were pleased
to see that having PC Tools installed didn't weigh down our test machine. Our
PC took 43.1 secs to boot, several seconds faster than the average. We found
applications a mite slow to launch and software took a bit longer to install
than it would otherwise, but in day-to-day use we noticed little impact on how
the computer performed with PC Tools protecting it.
Curiously, the suite's on-access scanner was the fastest, scanning 4.5GB of data
in under 3 mins. However, its on-demand scanner was by far the slowest.
VERDICT: PC Tools pairs some strong malware detection and disabling abilities
with a good price and an easy-to-use interface. This makes it ideal for users
who are happy to stick to the basics. Its on-demand scanning is slower than it
ought to be, however, and it doesn't offer many customisation options.
Trend Micro Internet Security Pro
ukp49 inc VAT (3 users; 1-year licence)
Trend Micro offers a competitive and complete package for internet security, but
its malware detection lags somewhat. Its interface is easy to read and use and,
while the configuration options can get quite advanced, first-time users will
find the defaults sufficient.
Trend Micro found all the active malware infections on our test PC and disabled
87 percent. It completely removed 47 percent.
The suite was strong at detecting rootkits, but it was a little behind the pack
at removing them. It detected all inactive rootkits and 93 percent of active
rootkits, and it removed 73 percent of the samples, versus the average of 87
Trend Micro also put in an average performance for detection and disinfection
through behavioural scanning, detecting 93 percent of samples, blocking only 60
percent and removing 40 percent.
Trend Micro was the worst of the group at signature-based malware detection,
catching 89.4 percent of samples. On average, the internet-security suites in
this group test were able to detect between 96 and 97 percent of samples.
The suite's impact on system performance was mixed. Our test PC started up in
42.4 secs - about 4.5 secs faster than the average boot time. We saw little
drag in the PC's daily operations. On-access scans were much slower than
average, however; Trend Micro Internet Security Pro scanned 4.5GB of data in 7
mins 26 secs.
Trend Micro includes a full range of technical support options with how-to
videos, a searchable knowledge base, and PDF manuals for download. Free email,
chat and telephone support is available during business hours. The Pro version
also includes Wi-Fi hotspot authentication and the ability to warn you if a web
link you're about to click on is suspicious.
VERDICT: Trend Micro Internet Security Pro has plenty of features and is easy to
use. However, it falls short of the top contenders at malware detection. It's
a decent security suite but is bettered by the rest of the pack.
Webroot Internet Security Essentials
ukp39 inc VAT (3 users; 1-year licence)
This suite is in essence Webroot's SpySweeper antivirus/antispyware software
with a firewall, an antispam utility, backup software and web browsing
protection thrown in. But it lacks the parental controls that are common in
other internet-security suites and falls well short when detecting and
disinfecting new malware threats. Its interface is generally serviceable, but
can be cryptic and unintuitive.
Webroot detected and disabled all active malware infections on our test machine
and it removed all traces of 60 percent of the samples, an above-average result
compared to the rest of the suites. Webroot detected 93 percent of inactive
rootkits and all active ones, but removed only 87 percent of rootkit samples.
Although it detected all the samples in our behavioural-analysis tests, Webroot
blocked only 27 percent of samples and completely removed only 13 percent. In
traditional signature detection, it found 96.2 percent of samples.
Webroot generally had a low impact on our test system's performance, but bootup
time (48.4 secs) was a little on the slow side. However, on two performance
tests (repeatedly copying a file and creating a file), Webroot took longer to
complete the task than almost any other suite in this round-up.
Scan speeds were on the slow side, too: it took 5 mins 34 secs to scan 4.5GB of
data in our on-access scan test.
Webroot offers free technical support by phone, but only on weekdays from 7am to
6pm. The company also offers PDF versions of the suite's manual online, as well
as a video tutorial for the installation process.
VERDICT: Webroot Internet Security Essentials provides built-in backups and is
competent at detecting and disabling active malware. It's not so adept at
spotting new threats, however, and its slow on-demand scans are a drawback.
THE PERFORMANCE HIT
We included a battery of tests to evaluate how internet-security suites affect
your PC's speed. Our testing, conducted by German security lab AV-Test,
measured 11 key aspects of a suite's impact on PC performance: boot time,
application launch time, file copy operations, application-installation time and
more. We also looked at how quickly a suite will scan your PC for viruses and
Avast 5.0 Internet Security had the least impact on system performance, with
faster-than-average scores in all tests and very good scan speeds.
While top-ranking Norton Internet Security didn't do as well as Avast, it put up
very good scores overall, although performance dragged a little more than
average in a couple of tests. Norton also had faster-than-average scanning
Another big name, McAfee Internet Security, was one of the weaker performers
here. It had a heavier-than-average impact on PC performance in most tests and
its on-access scan speed (which simulates how well a suite can scan for malware
when files are opened or saved to disk) was the slowest of all the suites we
Technical telepathy: 09969636745
Saints are not always saints; sinners are not always sinners.
More information about the AccessIndia