Protection ratings
The chart on the right shows an
amalgamation of the two previous results, giving an overall score for how well
each product protected our PC from threats.
We awarded points by distinguishing between
defense and neutralization, and penalizing any product that failed to stop a
threat. A product was given three points for completely defending against a
threat, and two points if the threat was neutralized and the PC was returned to
the exact state it was in before the infection occurred. For stopping a threat
from running, but not returning the
PC back to its previous state, a product
received one point. We took five points away for each threat a product failed to
detect. Overall, this meant that the maximum possible score for a product was
300 points, and the minimum was -500 points.
Kaspersky
Internet Security 2013
Norton Internet Security 2013 comes out
top, with 291 points. It gets three points each for the 98 threats it defended
against (3 x 98 = 294), another two points for neutralizing one of the
remaining threats and returning the PC back to its original state (taking it to
296 points) but loses five points for letting one threat through.
Kaspersky is close behind, scoring 290
points, because although it neutralized one of the two threats it failed to
defend against, it didn’t completely restore the PC back to its original state.
Bitdefender also performed excellently, with a score of 288, but it lost points
for neutralizing, rather than fully defending against, the malware we subjected
it to.
AVG AntiVirus Free gets a much lower score
in this chart, despite stopping 95 of 100 threats. This is because it often
failed to get the PC back to its original state after stopping the threat from
running. Of the 31 threats it neutralized, it only restored the PC to its
original state six times.
False positives
A security product shouldn’t only be
protecting you against malware, it should also be competent at letting through
safe software. Most of us don’t know whether a particular file or program is
safe to run, so simply blocking everything and asking the user to verify every
change on a PC is not good enough. Instead, the security software should be
equipped to judge what is dangerous and what is safe.
If security software categorizes a safe
product as suspicious, it usually either warns the user or blocks the software
completely. The latter course is more serious because you get no option to
override the security software and the only way to install the program is by
fiddling around with settings, which can be time-consuming and inconvenient.
When testing for false positives, we
compiled a list of 100 downloadable programs in circulation at the time of
testing. You can see the results of this in the chart on the right.
Microsoft Security Essentials performed the
best of all the products, letting all 100 of the safe programs past its
defences. Kaspersky, AVG and McAfee only blocked one program each, while Norton
blocked two. The worst offenders were Trend Micro, which blocked 10 programs
and warned against another two; and ESET Smart Security, which blocked 13
programs and also warned against two others.
McAfee
Internet Security 2013
False-positive accuracy
We weren’t deliberately trying to trick the
security software with obscure downloads, so we took the popularity of each one
into account. After all, something that stops you installing Google Chrome, for
example, isn’t doing its job as well as one that lets you install Chrome but
blocks a rare free tool that hardly anybody uses.
To reflect this, we checked how many times
each safe product had been downloaded from Download .com in the week prior to
testing. The downloads were classified in five categories, based on this
information, which you can see in the table below. A security product was
awarded one point for letting a safe program through, but lost points for
obstructing software according to its classification.
This means the products that scored highest
were the best at detecting and allowing safe software to run. The best score
possible is 100, while the worst would be -232.9, if a security product blocked
every single safe program and stopped it from running.
Microsoft
Security Essentials
The results of this are shown in the chart
on the right. Microsoft Security Essentials keeps its top score of 100 because,
by letting everything through, it didn’t incur any penalties. McAfee gets the
second-place slot, because the one product it blocked had been downloaded less
than nine times in the previous week, making it a Very Low Impact product.
Despite blocking four products, Bitdefender
ranked third, because the products it blocked and warned against were
relatively rare. Kaspersky got pushed into fourth place, because although it
only blocked one false positive, it was a High Impact program that had been
downloaded between 1,000 and 20,000 times in the previous week.
The worst performer was ESET, which scored
only 75 points because of the large number of products it blocked.
