Windows Secrets Newsletter • Issue 243 • 2010-05-13 • Circulation: over 400,000

By Robert Vamosi

Our monthly update of the Windows Secrets Security Baseline focuses on malware suites — all-in-one commercial packages that fight viruses, spam, spyware, and malware that’s still unknown — plus suites you assemble yourself.

Regardless of your skill level — beginner, intermediate, or advanced user — you should be able to find security protection that’s right for your needs.

In the past, security suites have been roundly criticized for their deleterious effects on PC performance and because they were often difficult to uninstall. From the e-mails we receive, the dislike for paid AV suites runs deep among long-time PC users.

But over the last decade, I’ve probably reviewed almost any antivirus product you could name, and I’m here to tell you that today’s Internet security suites use fewer resources than their predecessors and most are much easier to remove. That’s an achievement, given the ever-more sophisticated threats these applications face. Though they started out combating simple viruses, they must now include tools to fight spam, spyware, and malware that’s still unknown.

Most of today’s top-rated suites charge $30 to $70 a year to protect up to three PCs. The suites discussed in this article all support Windows XP, Vista, and Win7.

The primary benefit of one-package security suites is a unified interface, so the various components are easier to access and configure. Do-it-yourself suites are more difficult to maintain but let you pick the best-of-breed software for different types of malware threats.

I’ve broken down the choices for suites into three groups: basic, intermediate, and advanced.

Suites that quietly work in the background

For PC users seeking a security suite that delivers good protection with minimal fuss, the three commercial suites listed below are best. These packages are for average PC users who do not feel comfortable delving into a suite’s sometimes-complex controls. Everything you need to know is displayed in a simple window, including whether or not you’ve received the latest product update. If that simplicity does not appeal to you, skip down to the intermediate or advanced lists below.

Our top three — Norton, Kaspersky, and Microsoft — each showed the most innovation in their 2010 offerings, with the first two sandboxing Web applications. All three scan only those files that have changed since the previous scan (as opposed to scanning the entire hard drive every time).

• Symantec’s Norton Internet Security 2010: Symantec’s suite, probably more so than any other AV software, has taken hard knocks for slowing down PCs. This time around, however, CNET, PCWorld, and PCMag.com all noted that the suite’s impact on PC performance is much improved. That and the software’s ability to block new threats earned it top scores from all three publications.
  
  Using test data from AV-test.org, PCWorld’s review noted Norton’s superior virus behavior analysis, which helps stop new malware not yet catalogued by the AV vendors.
  
  
• Kaspersky Internet Security 2010: PCMag and PCWorld both thought Kaspersky’s strength was its easy-to-use interface. A new “Safe Run” feature also lets you test new software by installing and running it in an isolated sandbox environment prior to installing it for real. However, both PCWorld and PCMag reported middling overall performance results.
  
  
• Microsoft Security Essentials: Given Microsoft’s tepid efforts at anti-malware software in the past, its free MSE security suite has received surprisingly good reviews. Windows Secrets Patch Watch columnist Susan Bradley recommends MSE for average PC users, and senior editor Fred Langa wrote a lengthy and generally positive review in his May 6 Top Story.
  
  There is little in the way of recent independent lab testing of MSE. One of the most recent is AV-Comparatives.org’s February 2010 PDF-based report, in which MSE was given high marks for malware detection and scan times. In particular, MSE scored very few false positives compared with Trend Micro, Panda, and McAfee.

What about the other household-name AV products? This year McAfee got tepid reviews and took a huge hit when it inadvertently sent out a bad virus update. CA, Panda, and Trend Micro also received mediocre scores.

Intermediate suites provide more customization

The intermediate products listed below have a large and dedicated following among experienced PC users, mostly because these suites offer more user controls. They don’t have the marketing clout of the brands in the basic group, and their interface and integration are not as polished. It’s best to combine these suites with one or more of the standalone security products listed in the advanced section.

• Alwil Avast Internet Security 5.0: This suite is worth a look, even though the suite is a brand-new offering. Its signature-based protection is solid, its interface is intuitive, but it offers just the basics — according to a PCMag.com review. PCWorld’s review stated that its behavioral detection could use more refinement. Still, there’s considerable positive buzz around this late entry to an already-crowded security market.
  
  
• Sunbelt Vipre Antivirus Premium: Although this suite has been around for a few years, when Sunbelt combined its antivirus with its anti-spyware engines, it started from scratch — producing a leaner and meaner anti-malware engine that has earned the VirusBulletin VB100 designation for good antivirus performance. Vipre includes a firewall and anti-rootkit protection but lacks sophisticated browser protection.
  

Although other middle-tier products — BitDefender, Zonealarm, PCTools, Webroot, and F-Secure, for example — have their fans, each product has its own strengths and weaknesses you’ll need to take into consideration.

Advanced security — build it yourself

Ask a dozen security experts what they’d put into their suite of anti-malware tools, and you’ll get a dozen different answers. But the following products are considered top-tier by advanced PC users. Many are also free.

Anti-malware detection and removal

• G Data Antivirus 2010: In a February antivirus test report by AV-Comparatives, G Data earned the best score for virus detection, and it had a low rate of false positives. At $25, it’s also modestly priced.
  
  
• Immunet Protect: This free, cloud-based antivirus product was created by some former Symantec engineers. Cloud-based antivirus apps take up little room on your hard drive, and their defenses against new malware outbreaks can be pushed out faster than with the conventional signature-based method. Unfortunately, this new technology has not been tested as thoroughly as more-traditional methods. You can download Immunet Protection directly from the vendor.
  
  
• Malwarebytes Anti-Malware:One of the gold standards of standalone antivirus apps, it is favored by Windows Secrets contributing editor Ryan Russell. It has not been evaluated alongside Norton, Kaspersky, or any other leading AV apps — though most advanced users consider it an important tool in their AV arsenal. It’s a free download at the Malwarebytes site.
  

Firewalls

• Comodo Firewall: A free combination firewall and antivirus app, Comodo’s product is recommended by several sources, including Windows Secrets senior editor Ian “Gizmo” Richards. In recent tests by matousec.com, the firewall’s performance was rated perfect.
  
  Comodo is also offering its new, free Comodo Internet Security suite that includes an antivirus component. A PCWorld review recommended a pass on the suite’s AV tools, stating poor malware detection and a high rate of false positives.
  
  
• Online-Armor Personal Firewall: Gizmo rated Online-Armor’s product equal to Comodo, and it’s earned accolades from many other reviewers as well. The software, available as a download at online-armor.com, comes in both free and paid versions — the latter $40-product adds a Web shield feature, anti-phishing filter, and online banking protection.
  
  
• Windows 7 firewall: If you have Windows 7 installed, you should not need a third-party firewall, according to WS contributing editor Susan Bradley. She believes that Win7′s built-in protection is best.
  

Other

• Browser protection: Linkscanner is a free browser-security product from AVG that scans Web pages and content for malicious links. Unlike most other browser-security products, Linkscanner blocks only malicious elements on a Web page — not the whole page.
  

For aspects of the Security Baseline other than security suites, see my March 18 column.

Have more info on this subject? Post your tip in the WS Columns forum.

WS contributing editor Robert Vamosi was senior editor of CNET.com from 1999 to 2008, writing pieces such as Security Watch, the winner of the 2005 MAGGIE Award for best regularly featured Web column for consumers.