March 31, 2010, 3:22 PM — The year 2009 was a bad one for PC security: Online attackers created more malware last year than in the previous 20 years combined. Clearly, this means that in the realm of computer security, the rules have changed, and you can no longer rely solely on traditional definition-based antivirus software and firewalls to protect your PC. Instead, to meet this new breed of threats, you need a new breed of security.
Over the past few years, security suites have been improving, thanks both to the enhancement of traditional detection methods and to the addition of behavioral analysis. The latter technology detects malware based exclusively on how it acts on your PC--a good way of catching threats so new that security vendors haven't yet made definitions to identify them.
And many suites now have cloud-computing features that compare questionable programs and files against online databases to better identify the latest threats. With these cloud features working alongside behavioral analyses, suites can better detect malware they've never seen before.
Almost all the security suites we tested this year also include some form of antirootkit technology. (Rootkits--a kind of stealth malware used to hide infections--were once the concern only of big businesses, but they have gradually become more commonplace.)
All these changes mean that security suites are detecting and blocking malware faster than ever.
Nonetheless, we found some significant differences in just how well security suites protect your PC. We tested 13 suites in all. Norton Internet Security 2010 took the top ranking, owing to its strong overall malware detection. Kaspersky Internet Security 2010 was a close second. AVG Internet Security 9.0 placed third for its malware detection and speedy system performance. Closely following the top picks was a competitive middle tier of suites from Avast, BitDefender, McAfee, Panda, PC Tools, Trend Micro, and Webroot. The suites from Eset, F-Secure, and ZoneAlarm lagged, due to acceptable, but not great, malware protection.
For antimalware testing, PCWorld contracted the services of AV-Test.org, a respected security testing company. We looked not only at traditional signature-based detection but also at how well the suites cleaned infections, removed rootkits, and detected malware based on behavioral analysis.
But what if the suite slows your system performance to a crawl? This year we added a battery of tests to measure such drag: changes in boot times, application launch times, and the time to create or open a batch of documents, among other tests, both with and without the security suites running (see "The Performance Hit" below).