It may not be the most exciting of subjects, but internet security software is essential for keeping your PC secure from online threats.
We use results from German testing house AV-Test.org in our security software reviews. The lab has recently released its latest batch of results from 26 antivirus vendors, including AhnLab, Avast, AVG (both free and paid-for versions), Avira, Bitdefender, BullGuard, Check Point, Comodo, Eset, F-Secure, G Data, K7TotalSecurity, Kaspersky, Kingsoft, McAfee, Microsoft, Microworld, Norman, Panda, Qihoo, Symantec, Tencent, ThreatTrack, Trend Micro and Webroot.
But it isn’t just about the numbers. We’ve taken the six highest-rated products and assessed their feature sets, usability and system impact to come up with our own ratings, looking to find the best overall package for keeping your PC safe.
Security vendors typically offer three levels of protection for Windows PCs. There is often a basic antivirus, perhaps with a firewall thrown in, usually available for free. Then there’s the internet security package, which typically adds anti-spam and parental control. Top of the range will be an all-embracing suite, with extras such as online backup, PC tune-up and identity protection.
Running in parallel with this three-tier approach is support for devices other than PCs, including Android devices. (Apple’s strict app policy means iOS devices are significantly less likely to be targeted by malware.) The mobile apps are often available for free. Some suites might add Mac antivirus software, too.
It’s likely that we’ll continue to see the extension of internet security products into areas such as online backup. Pairing malware protection and data backup is sensible, given that an infection can cause you to lose important files.
As more and more people own multiple computers, three- and five-device licences are becoming commonplace. All the prices we’ve given here cover three-PC licences, with the exception of Qihoo’s free suite, which offers unlimited licences.
It’s handy to be able to buy or renew your security cover in a single transaction. Symantec has extended this idea within its Norton products, so you can manage your licences online and transfer remaining cover from one device to another. This is useful if you upgrade one of your devices and sell on the old one.
How we test security software
Antivirus software is first and foremost about preventing malware infection on your Windows PC. It should also be adept at remedying existing problems, cleanly removing viruses, Trojans and rootkits that are already installed.
But it cannot be too trigger-happy and stop legitimate programs running, nor annoy you unnecessarily with false alarms. And all the while it's operating in the background it should not cause noticeable slowdown of the computer.
To help us evaluate these aspects of the software, we based our group test of six products on lab-test results from AV-Test.org, which indicate the antivirus software that may be the most effective at detecting and preventing Windows infections.
Over the months of July and August 2013, AV-Test evaluated 26 consumer antivirus products, from which we've selected the best six as judged by the lab's overall scoring system in three categories of protection, performance and usability. All software detailed in these pages scored at least 15.5 out of 18 points. Familiar names that were tested but did not make the grade include Avast, AVG, Avira, BullGuard, Eset, McAfee, Microsoft, Panda, Trend Micro and Webroot.
AV-Test used a computer running Windows 7 SP1 64-bit to record how well security software defended the PC against existing malware through signature matching, and new malware using behavioural analysis. It also examined how well the software cleaned infections after malware has infected Windows.
Blocking of real-world attacks: AV-Test pits each software package against live malware samples, and determines whether the software can fully or even partially block each malware example.
This test is an indicator of how capable a security suite will be at blocking brand-new malware that hasn't yet been formally logged. This is also known as zero-day malware – not to be confused with zero-day exploits, used by government agencies and cybercriminals to remotely access people's computers through design flaws in popular operating systems and software.
The most dangerous and increasingly widespread type of malware is zero-day. This is tried-and-tested malware whose code has just been subtly tweaked by its developer to avoid the traditional signature-based detection.
Malware zoo: Each product faces a collection of thousands of malware samples from the past four months. This test is an indicator of how well a security product will be able to block known malware.
False positives: AV-Test checks to see whether a security software product mistakenly flags any of 250,000 known safe files as being potentially dangerous.
System disinfection/remediation: This test determines how well antivirus software can detect, disable and fully purge active malware infections on a test PC.
Remember that the results garnered from evaluating the efficacy of all antivirus software is really just a snapshot in time, indicating how it performed only at the time of testing – in this case over a few weeks in summer 2013. As the various antivirus vendors continually update definitions, so their products will return different results in the same tests, while the test lab's sample database is also in continual flux.
System performance impact: Some products can seriously hamper system performance. AV-Test runs each suite through a series of tests to discover how much it slows common PC tasks, such as starting up and shutting down the machine, copying and downloading files, opening files, installing software and opening web pages.
Scan-speed tests: The scan-speed tests show how quickly a suite can check 4.5GB of data for malware. AV-Test checks the performance of both the ‘on-demand' scanner (which runs when you manually initiate a scan) and the ‘on-access' scanner that is always running in the background, checking every file you open or save.
Design and usability
Once AV-Test has finished its assessment, we install each product to find out how easy it is to use. We take into account each product's interface, evaluating ease of set up and use through its main control panel and settings screens.
In addition to AV-Test's performance test, we also measure the impact of installed antivirus software on the PC, by copying the same 50GB directory of assorted files on our test PC. We then note the difference in time between an active scan (on-demand) running; background (on-access) scanning; and with no antivirus installed.
All other aspects of internet security suite software are not independently tested. This includes the efficacy of firewalls,
parental control filters, ‘anti-theft' protection, spam filtering, backup and encryption features.
Best security software: Conclusion
As always, when choosing a piece of software to install on your PC, you shouldn't go just by the performance figures. What appears on paper to be the best buy can be less than ideal when you come to use the program in the real world.
By starting with these six players in the internet security field, judged the best on test in September 2013 by evaluation lab AV-Test, we know that the numbers were good on all these candidates.
The Recommended winner is perhaps an unusual choice, but Qihoo 360 Internet Security 4.3 has a huge amount going for it if you want malware protection and aren't too bothered about the extras. It's pretty quick, thorough and has a delightfully clear and simple interface. It's also free, of course, and bettered both its main free rivals, AVG and Avast, in AV-Test's benchmarks.
But if you want the best in security protection you still need to pay for your software. Bitdefender dropped only one point under test, contains all the key protection modules, including online storage, tune-up and online banking protection, and does it all without endless interruption. A worthy winner of our Best Buy.