Our new antivirus group test reveals shocking Windows Defender deficiencies. Mike Plant reveals which free and paid-for antivirus protection you can actually trust to keep your PC safe.
There was a time when your antivirus (AV) simply had to keep your PC free of threats lurking on the internet to keep you happy. These days you have greater expectations of your AV. We receive as many letters from readers complaining that their AV is slowing their PC, as we do about how well (or otherwise) the software is protecting their computer.
We considered all these concerns when we planned our current AV test. The level of protection provided by each product is of course the main criterion, but we wanted to make sure the software runs smoothly, and that any extras - system cleaners, firewalls, etc - don’t have a negative impact on Windows and other programs. This is reflected in the ‘system-impact’ scores you’ll see throughout the feature.
We chose AV-Test to run this year’s test - a technology lab that has specialised in antivirus research for 15 years. AV-Test bombards the leading antivirus programs with the most dangerous malware and viruses around. It also uses new and old computers to see how each AV behaves across a range of devices to better mimic how it might affect your home PC.
Of all of the findings AV-Test came up with, the most shocking was how little protection Windows Defender provides. In fact, the AV ‘protection’ that comes bundled with Windows only managed to protect our test PC from 74 of the 84 viruses and malware threats inflicted.
At first glance, this may not seem too bad. But, if you were told there was a 12 per cent chance that a smoke alarm would fail to go off in the case of a fire, you wouldn’t trust it to protect your home and family. Why then, would you trust Defender with your PC’s security?
Here, we reveal the best AV you can buy, the runners-up and the best free alternative.
HOW DOES AV SOFTWARE ACTUALLY WORK?
There was a time when antivirus software worked by simply checking the programs and processes on your computer against a list of known ‘signatures’. All valid software has a registered signature – a unique code – that identifies it.
That was then, but today’s malware is far more sophisticated. It can pose as signed software and bury itself into the depths of your hard drive. When it first arrived, this new type of threat reduced the effectiveness of AV software, forcing security developers to adapt.
The result is that current antivirus software now monitors the behaviour of the processes on your PC. If a program, a browser or a line of computer code does something unusual, your antivirus software will recognise this activity as a potential threat. Even the cleverest virus will eventually fall into this trap – usually when it attempts to access the internet in order to upload the contents of your hard drive. Alternatively, it will try to give hackers control of your PC and thereby reveal itself to your antivirus program.
That’s why some of the antivirus software we tested detected and neutralised all the threats posed. And why it’s inexcusable that Windows Defender looked the other way while all kinds of internet nasties invaded our test PC.
KASPERSKY INTERNET SECURITY 2017
Our current ‘Buy It!’ recommendation maintains its position at the top of the pile for an eighth consecutive test. Kaspersky Internet Security blocked all 84 threats we subjected it to. It also reported zero false-positive warnings, so you can rest assured that Kaspersky won’t waste your time by crying wolf over non-existent threats.
We’re happy to report that Kaspersky will have a minimal impact on the performance levels of your PC. We barely noticed the impact when opening programs or browsing the internet. To put this into numbers, Kaspersky has a system-impact rating of 9.54 per cent. This represents the percentage increase in time you’ll have to wait for Windows and your programs to load and complete tasks. So, for example, a program that takes five seconds to load may take 5.5 seconds with Kaspersky installed on your computer. All in all, we think that’s a small price to pay for its excellent protection.
Kaspersky scored similarly well when it came to its tools. Upon first installing Kaspersky you’ll see a main menu with six options: Scan, Database Update, Safe Money, Privacy Protection, Parental Control and ‘Protection for all devices’. Safe Money, Kaspersky’s hacker-proof browser extension, activates whenever you visit banking websites (you’ll see a green frame around your browser window to show it’s enabled). The idea is that Safe Money (once switched on) shields your browser to an even greater degree when it’s activated so that no one can snoop on your account details.
Privacy Protection has two parts to it. Webcam Access lets you control the programs that can use your webcam to thwart hackers aiming to exploit it. The Private Browsing tool, meanwhile, protects you against websites intent on gathering and storing your browsing data. This is enabled, but by default only counts attempts to collect data. However, click the ‘Block data collection’ button and your activities will be all but invisible. We also advise unticking ‘Allow data collection on the websites of Kaspersky Lab and its partners’.
The Parental Control settings will be of interest to anyone with kids or grandchildren. It can be used to schedule times when the internet is accessible on your computer. It also has options to enforce screen breaks, which locks the computer so that your kids don’t spend all day in front of the PC. You can prevent certain programs from being opened, or certain types of file (videos or programs, for example) from being downloaded.
The ‘Protection for all devices’ tool lets you monitor the security of other PCs, tablets and phones that have Kaspersky installed. Just click ‘Connect to My Kaspersky’ and sign into (or create) your account to see the other devices registered to your My Kaspersky profile.
Click the More Tools button and you’ll find even more useful additions. Browser Configuration scans your browser for vulnerabilities and plugs any holes. And the Trusted Applications tool blocks any program or background process from running if it hasn’t been approved by Kaspersky. We also found the System Watcher to be particularly useful. It monitors the programs on your PC and reports any unusual activity. This lets you carry on using old, unsupported programs without worry because if they are hacked, you’ll be alerted by Kaspersky.
If Kaspersky detects malware or a virus it displays a warning message with two options: ‘Disinfect and restart the computer’ and ‘Try to disinfect without computer restart’. We’d recommend the former option to be sure of removing the malware – just make sure you save what you’re working on before clicking.
OUR VERDICT
Kaspersky Internet Security barely puts a foot wrong and is, once again, a worthy winner of our antivirus test and remains our ‘Buy It!’ recommendation. We can’t find fault with a program that offers 100 per cent protection while barely impacting the speed of your PC.
NORTON INTERNET SECURITY 2016
Norton came closer to toppling Kaspersky than ever before. It proved just as good at stopping malware in this test (blocking all 84 threats). Norton also matched Kaspersky in terms of system impact with an identical score (9.54 per cent). The one area where Norton lagged behind was that it reported four false positives and therefore seems a little trigger happy in blocking legitimate programs.
Over the years Norton has added to its ever-expanding toolkit. Aside from the scanning tools you would expect, there’s a password and financial information manager as well as a performance-monitoring tool that checks the impact of the programs that load when your computer boots. One useful feature here is the ability to delay some of those programs for five minutes to guarantee a smoother start-up. To access these settings double-click Performance in Norton’s home screen and click Startup Manager. Then tick the box in the Delay Start column next to every program you want to delay and click Apply.
Norton also offers a CCleaner-type system cleaner, though we still prefer the ever-dependable CCleaner. There’s also a browser toolbar, but we’d recommend you don’t enable this during Norton’s installation because it may slow down your web browser. Most of the popular browsers already incorporate similar malware-detecting features anyway.
Norton Internet Security Deluxe and Security Premium are also available, but cost more (£35 and £40 respectively). Both use the same basic protection as the cheaper Internet Security, but add extra features, including phone and tablet security apps and online (cloud) storage. We’d recommend going with the standard Norton Security as the additional features aren’t essential for the average user.
OUR VERDICT
If you currently use Norton on your computer then you’re in safe hands. It’s an effective AV that’s also undemanding of system resources. Only a few false positive warnings prevented it from taking top spot in our test.
TREND MICRO INTERNET SECURITY
Bronze medallist Trend Micro Internet Security also detected and contained all 84 threats thrown at it and only reported one false positive. But its system-impact score of 11.65 per cent kept it below Kaspersky and Norton.
However, we also disliked Trend Micro’s interface. Its menus are irritatingly animated so that they unfold and jump about the screen as you click. Of course, you won’t need to access these menus all the time, but easy-to-use, unobtrusive settings are an important part of all software.
It’s a shame because Trend Micro has several useful tools. For example, click Device in the home screen to access PC Health Checkup. This scans your PC for programs that are slowing its startup time and junk files taking up space on your hard drive. What we liked about Health Checkup is that it’s not overly paranoid – it won’t suggest your PC is about to explode due to these problems. Instead, it provides practical advice that you can follow to prevent any potential setbacks from occurring in future.
The Family button on the home screen will be useful for households with younger family members. It lets you set time limits on internet access and how long certain programs (such as games) can be used. You can also generate a report showing what your children do when your back is turned.
OUR VERDICT
Trend Micro is held back by its system-impact score and its cluttered interface – just let us click the settings we want without the animations, please. If Trend Micro can fix these before our next test there’s every chance it could jump higher in our rankings.
BEST FREE ANTIVIRUS
Avast Free Antivirus
Our test included three free AV programs: Avast Free, Panda Free Antivirus 2017 and Microsoft’s Windows Defender.
Of these, Avast Free was by far the best and therefore remains our free AV of choice. It blocked an impressive 83 of the 84 threats and produced no false positives.
On the downside, Avast did slow our PC considerably more than Kaspersky and Norton. In fact, with a system-impact score of 28.59 per cent, it was one of the most resource-sapping programs we tested. This lag was noticeable and affected all tasks, from opening programs to browsing the web. But don’t turn the page just yet. There are ways to limit Avast’s impact on your computer without compromising its levels of protection.
For example, try uninstalling SafeZone Browser, ‘Security browser extension’ and ‘SafePrice browser extension’. These really aren’t necessary because your browser is very likely to have similar features built in (Edge uses SmartScreen Filter to flag up unsafe sites, for example).
To uninstall the above components click the cog icon on Avast’s home screen, Components (on the left), then scroll down and expand the three components in turn. Click Uninstall Component followed by OK each time. While you’re here, scroll further down and turn off SecureLine VPN, uninstall Passwords (under Privacy) and turn off Cleanup (under Performance).
The other obvious disadvantage of using Avast Free is how it constantly urges you to buy its paid-for version. It will bombard you with pop-ups to upgrade, and try to trick you into buying other Avast products when you run a scan. Unfortunately, there’s no way to switch off these upgrade-nagging pop-ups without paying for the full version (though you will quickly learn to ignore them). There is, however, something you can do about the promotions for other Avast products.
To sample these nags, simply open Avast’s home screen and click the Smart Scan button. When it finishes you will undoubtedly see a few disapproving white crosses. One of those will, inevitably, sit next to ‘Performance issues’. Irritatingly, this is because Avast wants you to buy its Avast Cleanup system-cleaner. In our tests Avast provides this result no matter how fast your computer is.
To stop this warning click the cog icon on the home screen, then click General and scroll down and click the Smart Scan dropdown menu. Next, slide ‘Scan for performance issues’ to the Off position and click OK. From now on Avast will skip the ‘Performance issues’ section of the scan and you will no longer be subject to these promotional nags.
OUR VERDICT
Avast Free’s pop-ups and poor systemimpact ratings shouldn’t necessarily put you off. It still provides a stout defence against viruses and malware and there are ways and means to minimise the irritating nags.
WINDOWS DEFENDER – FREE, BUT NOT VERY GOOD
Windows Defender came rock bottom of our antivirus test, allowing 10 of the 84 threats to infect our PC. This simply isn’t good enough, and so you shouldn’t use Defender as your main AV. Defender failed to redeem itself when it came to the effect it had on our PC’s speed. A system-impact score of 23.38 per cent is a lamentable return from a Microsoft product. We expected it to integrate perfectly with the rest of Windows, but this wasn’t the case.
Defender offers a couple of silver linings. First off, it’s free. Second, it’s the only AV program here that you can run alongside others without any conflicts. This means you can use it as a second line of defence behind your existing AV software, letting you take advantage of Defender’s one genuinely useful feature: its Scan Offline tool. It looks for malware while Windows isn’t running, which exposes viruses that can hide within the operating system.
To run Defender alongside your main AV, click the Start button, then Settings, ‘Update & security’ and choose Windows Defender (on the left). Click ‘Turn on Windows Defender’ and click the ‘Turn on’ button in both windows that pop up. Assuming you have a separate AV installed, you’ll be left looking at a Defender home screen that says ‘Real-time protection: Handled by another AV program’ and ‘Virus and spyware definitions: Up to date’.
Now return to Settings, ‘Update & security’, then Windows Defender and make sure the Limited Periodic Scanning slider is set to On. Scroll down the settings page and turn off ‘Cloudbased Protection’, ‘Automatic sample submission’ and ‘Enhanced notifications’ to stop Defender slowing your PC any more than it has to. Carry on scrolling to the bottom of the page and you’ll see the Scan Offline tool at the bottom. We suggest you run this 15-minute scan once a month to ensure your PC isn’t carrying any malware – just be sure to save anything you’ve been working on first as your PC will restart during the process.
OUR VERDICT
If you’re using Windows Defender as your sole AV software we suggest you switch to one of the other programs covered in this feature immediately. Defender simply isn’t robust enough to fend off the threats facing your computer. That said, you can still take advantage of its Scan Offline tool by following the instructions above.
THE BEST (AND WORST) OF THE REST…
G Data Internet Security
Like the best AVs in our test, G Data blocked all malware and was caught out by only one false positive. What stopped it troubling the top three was a slightly higher system-impact score (16.66 per cent) and its price – £35 may not seem that much to pay for peace of mind, but G Data has fewer tools on offer than our test winners.
ESET Internet Security
ESET repeated its high performance of recent tests, matching Kaspersky with a 100 per cent success rate at stopping threats and recording no false positives. Its system-impact score of 27.73 per cent was, however, markedly higher and we found that websites were particularly slow to load. We did like ESET’s Anti-Theft tool, which lets you track your laptop if it’s stolen. It will even attempt to take a photo of the thief and email it to you, as long as the laptop is connected to the internet.
Bitdefender Internet Security
Bitdefender also did well in our test, and we expect it to make a real push for the top three next time. It too had a perfect score in repelling threats, though it did flag three false positives. It made up for that with a low system-impact score of 15.15 per cent, meaning it shouldn’t slow your PC noticeably. The software also includes plenty of useful tools, such as its Vulnerability Scan, which looks for potential security holes in your system, and an Autopilot mode that automatically makes security decisions on your behalf – perfect for anyone irritated by pop-ups constantly telling them what tweaks they must make to bolster their PC’s defences.
BullGuard Internet Security
Alas, BullGuard let itself down badly in our test. It let through four of the 84 threats and wasted our time with three false positives. It’s a shame because otherwise BullGuard is a flexible and comprehensive program with good parental controls that even let you stop your kids buying in-app purchases in games and software.
McAfee Internet Security
The once mighty McAfee hasn’t challenged Kaspersky and Norton for years. True, it had a low system-impact score (11.79 per cent), but it let through one piece of malware. That’s not a terrible result, but given that Avast performed equally well for free, why pay for McAfee?
While we’re talking price, £70 is more than double what you’d pay for some of the top AVs in our test. McAfee does boast a raft of tools – including password manager, parental controls, encryption software and protection for your tablet and phone – but we don’t think they are worth the extra money.
WHICH AV IS BEST IF YOU HAVE AN OLDER PC?
Part of our test was to run each AV product on an old computer (running Windows 10) to measure its impact on performance. We wanted to find out how much it would slow down everyday tasks such as opening programs and browsing the web.
We’ve put the results into a chart (right) showing how all the programs fared on the older PC. These figures differ from the system-impact scores quoted earlier in this feature because they were an average of all the PCs (including new ones) used during testing. Norton just pips Kaspersky on older PCs, while the disastrous impact of Windows Defender is clear for all to see.
WHAT YOU SHOULD DO NOW
Upgrade your antivirus
Without realising it, you may not be using the most current version of your antivirus. Most companies release a new version of their AV each year and you can usually upgrade for free using your existing licence. As a rule, you need to download the latest version then uninstall your current one (saving the activation code), before immediately installing the latest version (and re-entering the activation code). If in doubt, contact your AV’s customer support.
Move to one of our recommendations
If you don’t currently use one of our top three AVs (and we also recommend G Data Internet Security, ESET and Bitdefender) we strongly advise you do so. Don’t rely on Windows Defender alone because it’s just too much of a security risk. If you want to go with a free alternative then we suggest moving to Avast Free Antivirus.
Give your AV a helping hand
You can never be too careful with your PC’s security. We recommend you install Malwarebytes (go to www.malwarebytes.com and click the Free Download button) and run it every month to double-check your AV hasn’t missed anything. You can also use Kaspersky’s free TDSSKiller (download directly from www.snipca.com/22947) to check for rootkits buried among your files. We suggest you use it once a month to ensure your PC’s security and enjoy peace of mind.