8.7 C
London
Wednesday, September 20, 2017
Home Tags Symantec Norton Security Premium

Tag: Symantec Norton Security Premium

Comodo Firewall 10

The firewall component in modern versions of Windows is quite effective, so the market for third-party personal firewall utilities is shrinking. Paying for a personal firewall seems especially silly when Windows has one built in.

Comodo Firewall 10 is free, and it does a lot more than the basics.
In addition to protecting your PC against attacks from the Internet and controlling how programs utilize your Internet connection, it includes a secure browser, sandbox-style virtualization, a Host Intrusion Protection System, and more.
It performs all expected personal firewall tasks, but not all of the bonus features worked

Comodo's main competition is Check Point ZoneAlarm Free Firewall 2017, and there are quite a few similarities between the two.

Both companies also offer a free antivirus, for starters.

And you can also get a combined firewall and antivirus from both. With ZoneAlarm, you can convert either the antivirus or firewall to the combined product with just a click. With Comodo, you upgrade to the free edition of Comodo Internet Security.

Shared with Antivirus

The majority of Comodo Firewall's features are also found in Comodo Antivirus 10.
I'll refer you to my review of the antivirus for full details on these features. Here's a summary.

Both Comodo products offer a new, attractive user interface with two similar themes named Lycia and Arcadia.

These two feature a big status panel at left and four button panels at right; they just use slightly different colors and icons.

Those who prefer the previous edition's look can choose the Modern theme.
If you're nostalgic for really old editions of Comodo, the Classic theme gets you that look.
In addition, the main window for both products can display either a Basic View or an Advanced View; the latter puts more statistics and action items in easy reach.

While both Comodo products are free, they also both push you to pay in one way or another. Unless you carefully read all screens and popups, you'll find that without realizing it you've agreed to change all of your browsers to use Yahoo as home page, new tab, and default search engine. You'll see messages offering help from the GeekBuddy tech support system, and indeed a GeekBuddy agent will happily chat with you. However, if you want the tech to perform any kind of remote repair or remediation, you'll have to pay.

Comodo Firewall does not in itself include an antivirus component, but its File Rating component checks files against Comodo's cloud database when you access them.
If the database identifies a process as malware, or as a potentially unwanted program, Comodo terminates the process and pops up a notification. You also get a popup offering GeekBuddy services.

File Rating is also a feature of the antivirus, but in testing I found that other protection layers always kicked in before File Rating had a chance.

Both the firewall and the antivirus can automatically sandbox programs that aren't recognized by the database. However, this feature is enabled by default in the antivirus, disabled in the firewall.

A sandboxed program runs in a virtual environment, unable to permanently change important system areas. When you empty the sandbox, all virtualized changes vanish. You can actively launch any program in the sandbox, or open a fully virtualized desktop, isolated from the regular desktop.
It's similar to the SafePay desktop in Bitdefender Antivirus Plus 2017.

The main feature of the virtualized desktop is the Comodo Dragon browser.

By virtualizing your online transactions, you protect them from manipulation by other processes.

The Dragon browser includes a useful collection of bonus apps, among them a media downloader, a price-comparison tool, and a tool for quickly sharing or searching text from Web pages.

Both Comodo products include a Host Intrusion Prevention System (HIPS), but it's disabled by default in the antivirus, enabled in the firewall.

This is not a tool for foiling attempts to exploit vulnerabilities in the operating system and popular programs. Rather, when it detects suspicious behavior by a program, it asks you what to do. You can allow the behavior, block it, or choose to treat the program in question as an installer.
I tested it with a collection of utilities that share certain behaviors with malware.

Comodo only blocked the installer for one, and when I opted to treat it as an installer, I had no further problem.

The HIPS quite reasonably cast suspicious on a test utility that launches Internet Explorer and forces it to open malware-hosting URLs.

It's worth noting that ZoneAlarm's OSFirewall feature functions in much the same way. When I fully enabled the OSFirewall feature, ZoneAlarm flagged behaviors by both good and bad programs.

While Comodo Firewall isn't an antivirus itself, it includes the option to create an antivirus rescue disk, and the process of creating this disk is quite easy. You can also use it to launch Comodo's cleanup-only tool to wipe out persistent malware.

Firewall Features

As you can see, this product has a lot in common with Comodo Antivirus, but don't worry; there are plenty of firewall-specific functions too.

Each time you connect to a new network, it asks whether it's a home, work, or public network. When you're connected to a public network, Comodo puts all the system's ports in stealth mode, meaning they can't be seen from outside.
It's true that Windows Firewall also accomplishes this feat, but Comodo does it just as well. Unlike Windows Firewall, Comodo lets enthusiasts get an alert on each unsolicited connection attempt.

As noted earlier, Comodo's HIPS feature does not try to block attacks that exploit vulnerabilities in the OS or critical files.

The same is true of ZoneAlarm.
Symantec Norton Security Premium is the champ in this area.
In testing, it blocked more exploits than any other recent product, and it did so at the network level, before the exploit even reached the test system.

When the firewall detects an attempted network connection by a new program, it asks you what to do about it. You can choose to allow the attempt, block it, or treat the suspect program as a browser or FTP client.
If you choose to block access, you can also terminate the program, or terminate it and reverse its actions.

Testing Comodo with my hand-coded browser, I found the firewall query appeared only after three distinct warnings from the HIPS.
I also tried a few leak tests, programs that attempt to evade firewall control by manipulating or masquerading as trusted programs.

These triggered plenty of HIPS warnings, as well as firewall warnings.
I had to turn off the File Rating component for this test, because it terminated them as potentially unwanted programs.

While Comodo's HIPS and firewall popups aren't as overwhelming as they were a few versions ago, they still give the user a lot to consider. Most user really won't know whether a program should be allowed to access the DNS/RPC Client service, or access a protected COM interface.

The firewall components in Norton and Kaspersky Internet Security track suspicious behaviors, but perform their own internal analysis rather than expecting the user to make complex security decisions.

ZoneAlarm pioneered the concept that a personal firewall must defend itself against attack.
If malware can disable firewall protection programmatically, the protection isn't worth much, right? I couldn't find any Registry entry that would serve as an off switch for Comodo Firewall, and when I tried to terminate its process I got an Access Denied message.

Security products typically rely on one or more Windows services as well—Comodo has four.
I found that I could stop three of them, but not the fourth, the most essential one. However, I managed to set its startup mode to Disabled. On reboot, Comodo offered to fix the problem, after which it was fine.
Still, I'm happier with a product like ZoneAlarm or Norton that simply prevents all modification of its Windows services.

Website Filtering

Many antivirus products include a browser-protection component that helps steer users away from malicious or fraudulent URLs.

Comodo Antivirus does not. However, the firewall adds a component called Website Filtering. My contact at the company explained that Website Filtering blocks access to URLs found in Comodo's malicious URL database, but does not attempt to block phishing sites.

To evaluate this component's efficacy, I launched the malicious URL blocking test that I apply to each antivirus.

This test uses a feed of very new malware-hosting URLs supplied by MRG-Effitas.
I use URLs discovered in the last day or two, so they're very new.
I launch each one and note whether the product blocked access to the dangerous URL, wiped out the malicious payload, or completely ignored the danger.

Normally I keep at this test until I have data for 100 malware-hosting URLs. However, after processing 50 without any response from Comodo, I quit.
I suspect that Comodo's blacklist database of malicious URLs isn't updated frequently enough to detect the most recent dangers.

By contrast, Avira Antivirus blocked 93 percent of the URLs in this test.

Does the Job

Comodo Firewall 10 does everything a personal firewall should do, stealthing ports against outside attack and preventing betrayal from within by programs misusing your Internet connection.
In addition, it offers sandboxing, a secure browser, HIPS, reputation-based file rating, and more. However, some of these bonus features are too techie for the average user, and they don't all contribute to the task of a personal firewall.

Our Editors' Choice in the dwindling collection of free personal firewalls is Check Point ZoneAlarm Free Firewall 2017.
It, too, handles all the basic tasks, and it resists direct attack better than Comodo.
It does offer a collection of bonus features as well, but most are easier for the average user to comprehend.

For the tech expert, Comodo can be great, make no mistake.

But ZoneAlarm is better suited for the average user.

Back to top

PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.

Steganos Privacy Suite 18

If a website's massive data breach compromises your privacy, there's not much you can do. It's out of your hands. But that doesn't mean you're completely helpless. There's plenty you can do to protect your own privacy, things like encrypting your files, and protecting your passwords. Steganos Privacy Suite 18 brings together a variety of useful privacy-related tools. However, the quality of the tools varies, and the suite lacks some useful features found in competing products.

With most antivirus tools, security suites, and password managers, you pay a yearly subscription fee. That's not the case with Steganos. For $59.95 you can install it on up to five PCs and use it for as long as you like. The only thing you don't get is a free update to the next version.

Earlier editions of this product included VPN protection, but the current product lineup makes Steganos Online Shield VPN a separate product. As I write this, Steganos is running a promotion that gives you the VPN for free when you purchase the suite. Note, though, that PCMag's Max Eddy gave this VP service just two out of five stars.

Getting Started with Steganos

After the quick, simple installation Steganos displays its main window. At the left is a three-by-three matrix of icons representing the suite's features: Safe, Portable Safe, Crypt & Hide, Password Manager, Private Favorites, E-Mail Encryption. Shredder, Trace Destructor, and Privacy. The suite is effectively a launch pad for these utilities.

The right-hand portion of the main window is a kind of security progress report. Just by installing the suite, you start with a 20 percent security level. Creating an encrypted safe for storing sensitive files gets you another 20 percent, and setting up the password manager raises it by another 20. Using the password manager's bonus ability to store private favorites adds 20 percent more. Configuring the Privacy components takes you to 100 percent. I like the way this simple report encourages full use of the product's features.

Standalone Products

Several components of the Steganos Privacy Suite are available as standalone products. I'll summarize my findings regarding those products. To get full details, please click the links to read my reviews.

Steganos Safe 18 lets you create any number of safes, which are encrypted storage containers for your sensitive files. You can create safes on your PC, on portable devices, or in your cloud storage accounts. When a safe is open, you use it exactly like any disk drive. When it's shut, its contents are completely inaccessible.

Steganos Safe is extremely easy to use, more so than most container-based encryption products. In addition, it offers some seriously sneaky techniques for hiding the very existence of your safes from prying eyes. For example, you can hide a fairly small safe inside an audio, video, or executable file. And the Safe in a Safe feature lets you dedicate a percentage of a visible safe for use as a discrete, invisible storage location, with its own separate password.

Along with the encryption tool, you also get Steganos Shredder, a secure deletion shredder utility. You can securely delete any file or folder by selecting Destroy from the right-click menu. With this tool you can also shred all of the free space on disk, effectively applying secure deletion to already-deleted files. It can also wipe any disk drive (except the active Windows drive) so thoroughly that a format is required when it's done.

Steganos Password Manager 18 handles the basic tasks of password capture and replay, and includes a password generator. Unlike most competing products, it doesn't directly handle syncing your passwords between devices; if you want syncing, you must connect to your existing cloud storage. You also get a limited ability to fill Web forms with personal data.

In testing, I couldn't get the password manager's Firefox extension to load. Also, some features worked in Chrome but not in Internet Explorer. If you get this password manager as part of the Steganos suite, you might as well use it. But if you're shopping for a standalone password manager, there are much better choices.

The two standalone Steganos products I've reviewed account for five of the suite's nine component icons. Password Manager and Private Favorites both correspond to Steganos Password Manager. Safe and Portable Safe are parts of Steganos Safe, as is Shredder. For the remainder of this review I'll focus on the rest of the privacy components.

Encrypt and Hide

The name Steganos comes from the term steganography, which is not the same as encryption. The aim of encryption is to ensure that others can't decipher your secrets. The aim of steganography is to conceal the fact that you have secrets. When you process a file through the suite's Crypt & Hide component and then shred the original, a hacker or snoop won't find any evidence that the sensitive data exists.

I don't know precisely how this tool processes files—it's not in the company's interest to reveal such information. But here's a simple example of how steganography could work to hide a file inside an image. First, picture that the file contains a list of numbers representing the exact color of each pixel in the image. Now round all those numbers so they're even. That tiny change doesn't make a visible difference in the image. Convert your secret file into a stream of bits, and step through the list of the image's pixels, leaving the color number unchanged for zero bits and making it odd for one bits. You've hidden the file in a way that's completely recoverable, but the image doesn't look appreciably different.

Steganos can use BMP, WAV, or JPG files as carriers for encrypted data. The help system advises using a carrier file at least 20 times the size of the encrypted data. You can also use it to create encrypted archives without hiding them, much as you'd do with a ZIP archive utility. Note, though, that the archives created by Steganos use the proprietary EDF format, not the standard ZIP format.

To create a simple encrypted archive, drag files and folders onto the Crypt & Hide dialog, or browse to locate the desired items. You can also enter a text description of the contents. Clicking Save lets you define the name and location for the resulting EDF file. The password entry dialog is the same as that used by Steganos Safe and Steganos Password Manager. It rates password strength as you type, with the option to use a virtual keyboard, or to define the password by clicking a sequence of pictures.

To create an encrypted file and also hide it, follow precisely the same procedure, but click the Hide button instead of the Save button, and choose a BMP, WAV, or JPG file as carrier. That's it. Your secret files are hidden within the chosen carrier. Don't believe it? Launch Crypt & Hide again, choose Open, and select your carrier. Once you enter the password, your files are back. Of course you must use the shredder to destroy the originals.

TraceDestructor

As you use your computer and browse the Web, you leave behind traces of what you've been doing. Sure, you hid your secret plans using Crypt & Hide, but if MyWorldTakeover still shows up in the list of recent documents, you're busted. In a similar way, your browsing history may reveal way too much about what you've been researching. That's where TraceDestructor comes in.

TraceDestructor clears various types of browsing traces from Chrome, Firefox, Internet Explorer, and Microsoft Edge. For Edge, it just clears cookies and cached files. For the others, it can also wipe out such things as history, autocomplete data, and passwords. It can also empty the Recycle Bin and eliminate Windows temporary files, recently used file lists, and other traces.

Cleaning up traces doesn't take long. When the process has finished, Steganos advises you to log off and on again, for full cleanup. Simple!

Privacy Settings

Clicking the Privacy icon brings up a simple settings dialog with four on/off switches, all off by default. I couldn't test Webcam protection, because my virtual machine test systems simply don't have webcams. In addition, every time I opened Privacy Settings I got a notification from Windows that the webcam privacy component crashed.

Webcam protection does nothing but deactivate your webcam, so you must turn that protection off if you want to use the cam for videoconferencing. A similar feature in ESET Internet Security 10 lets you disable the webcam in general but enable specific programs. That would prevent webcam spying while still letting you Skype, for example.

Kaspersky Total Security also offers webcam blocking for all but permitted programs. It extends similar protection to the microphone, to head off the possibility of a snoop listening in on your activities.

Internet advertisers work hard to profile your personal surfing habits, so they can target ads based on your interests. If you've ever bought (or looked at) a product on one site and then seen an ad for that product on a different site, you've seen this process in action. You can set your browser to send a Do Not Track header with each request, but sites aren't compelled to obey this header. The Prevent tracking option in Steganos filters out tracking activity before it reaches the browser.

Some trackers skip the usual techniques for tying together all data about your online activity, instead trying to create a fingerprint of your devices and activity, including precise data about the browsers you use. Steganos lets you replace your actual browser details with a generic fake set, to anonymize your browser type. Finally, you can choose to block advertisements altogether. The Block ads, Prevent tracking, and Anonymize browse type settings are simple on/off switches.

In testing, these three privacy elements initially didn't work. I confirmed this using various online tests. I reinstalled the product, to no avail. I installed it on a physical system, thinking that it might be incompatible with running in a virtual machine. Here, too, the privacy elements just didn't work. Tech support determined this was due to the absence of a proxy process that provides all three types of filtering.

Going back and forth with tech support, I determined that the installer failed to create a necessary configuration file. Even after I manually copied the config file that tech support supplied, it did not launch the proxy process. After more back and forth, I got the proxy running on both systems. It seemed to be running smoothly on the physical system, but its output on the virtual system contained many error messages. That being the case, I focused on the physical system.

There's no way to tell if the Prevent tracking feature is working, but Anonymize browser type should change the user agent string that your browser sends to every website. It did not do so. And although the filter's output log contained tons of ad blocking reports, the ads visibly weren't blocked.

The worst thing about this component is that even when its proxy failed to load, it didn't display any kind of error message. The privacy features work silently, so you'd have no idea that they weren't functioning, unless you noticed its failure to block ads.

There is one icon I haven't covered, E-Mail Encryption. I've skipped this one for several reasons. First, it is not a Steganos product; it's from another company, MyNigma. Second, on a PC it only functions as an Outlook plug-in, and my test systems don't have Outlook. Third, it only works to encrypt email between other users of MyNigma, so it's not useful for general-purpose encrypted communication.

Another Take on Privacy

Abine Blur is another suite of tools aimed at protecting your privacy. Its active Do Not Track component goes way beyond just sending the DNT header, which websites can ignore. Furthermore, unlike Steganos, it makes its activity visible. It includes a simple password manager, but goes beyond Steganos by offering a safety report that flags weak and duplicate passwords.

Blur protects your privacy by masking email accounts, credit cards, and (on a smartphone) phone numbers. Suppose you make a purchase from a merchant using a masked email account, and a masked credit card. Mail from the merchant reaches your inbox, but you can delete the masked account if it starts getting spam. And a merchant who doesn't have your real credit card number can't sell the card data or overcharge you. Read my review for a full explanation.

Blur doesn't block ads, and it doesn't include file encryption, but all of its components are directly aimed at protecting your privacy. Even if you do install the Steganos suite, consider trying Blur's free edition for additional protection. Note that if you do opt for a $39-per-year premium subscription, you can use Blur on all your devices.

Do You Already Have It?

You may also find that you've already got significant privacy protection courtesy of your security suite. For example, Kaspersky and AVG Internet Security include an active Do Not Track system, like what Blur offers, and Kaspersky can block banner ads. Webcam protection in Kaspersky and ESET goes farther than what you get with Steganos.

As for encrypted storage, the core of Steganos Privacy Suite, you can find a similar feature in many suites, among them McAfee LiveSafe, Bitdefender, Kaspersky, and Trend Micro. Admittedly, none of the suites build out this feature into the comprehensive encryption system that is Steganos Safe.

As for password management, it's becoming a common bonus feature in larger suites. Webroot includes a version based on award-winning LastPass, and McAfee comes with all the multi-factor authentication glory of True Key. Symantec Norton Security Premium, Trend Micro, ESET, Kaspersky, and Bitdefender are among the other suites with a password manager built right in.

Before you purchase a set of privacy tools, check to see what you already have right in your existing security suite.

A Mixed Bag

Steganos Safe is easier to use than other container-based encryption programs, and has some nifty features to both encrypt and hide your files. However, Steganos Password Manager lacks advanced features, and some of its features didn't work in testing. The Crypt & Hide component is a kick, as it truly hides your secrets, leaving no trace. But the browser-related privacy filters just didn't work in testing. Steganos Privacy Suite is a mixed bag, for sure.

There aren't many utilities specifically devoted to privacy. Abine Blur Premium remains our Editors' Choice in this interesting field. I look forward to seeing more competition in the specific area of privacy protection.

Back to top

PCMag may earn affiliate commissions from the shopping links included on this page. These commissions do not affect how we test, rate or review products. To find out more, read our complete terms of use.

F-Secure Safe (2017)

With the proliferation of devices and platforms these days, an old-fashioned local security suite just won't do the job. You need something that can protect all your devices, preferably with a central management console.

F-Secure Safe is such a servic...

Quick Heal Total Security 17

The difference between a basic security suite and a mega-suite is simply that the mega-suite adds features above and beyond the minimum.

Backup is one common addition, as are PC tuneup and some form of encryption. Quick Heal Total Security 17 adds dev...
An avid audiophile might pore through mountains of specifications looking for the very best in every component category. Why not? But looking for the best antivirus, best firewall, and so on just doesn't sound like much fun, especially when you can't be sure they'll all play nicely together.

Getting your security in the form of an integrated suite is both easier and smarter. You don't have to scour the Internet for multiple components, and your all-in-one suite causes less of a performance hit than an unrelated gaggle of separate tools. The top security vendors offer security suites that integrate a variety of features.
Some stick to the basics, while others pile on tons of useful extras. Just read through PCMag's reviews of security suites and select one that has the features you need.
I've rounded up a collection of top-notch suites, varied enough that one should be just right for you. This article briefly mentions the many tests we use to evaluate security suites and determine which ones are best.
If you want more details on the torture tests we perform on every product we review, please read the full explanation of how we test security software. Basic and Advanced Security Suites Most security vendors offer at least three levels of security products, a standalone antivirus utility, an entry-level security suite, and an advanced suite with additional features. Most entry-level suites include antivirus, firewall, antispam, parental control, and some sort of additional privacy protection such as protection against phishing sites, those frauds that try to steal your passwords.

The advanced "mega-suite" typically adds a backup component and some form of system tune-up utility, and some also add password managers and other security extras. When a new product line comes out, I start by reviewing the antivirus.
In my review of the entry-level suite, I summarize results from the antivirus review and dig deeper into the suite-specific features.

And for a mega-suite review, I focus on the advanced features, referring back to the entry-level suite review for features shared by both. Your choice of a basic or advanced security suite depends entirely on what features matter to you. Symantec is an exception to this pattern. Previously the company offered various antivirus and suite products for PC, Mac, and Mobile.

All the standalone Norton products you may remember were retired a couple years ago, rolled into Symantec Norton Security. However, Symantec recently brought back a standalone antivirus product, Norton AntiVirus Basic. One more thing: The suites we've rounded up here are aimed at protecting consumers, for the most part. You can definitely use any of them in a small business, but as your company grows you may need to switch to a SaaS endpoint protection system.

This type of service lets an administrator monitor and manage security for all your company's computers. Core Antivirus Protection Antivirus is the heart of a security suite; without an antivirus component, there's no suite. Naturally you want a suite whose antivirus is effective. When evaluating an antivirus, I look for high marks from the independent antivirus testing labs.

The fact that the labs consider a product important enough to test is a vote of confidence in itself.

The very best antivirus products get high ratings from many labs. I also perform my own hands-on testing.

For one test I use a relatively static set of malware samples that's replaced once per year.
I note how the antivirus reacts when I try to launch those samples and score it on how well it protects the test system.

For another, I try to download very new malicious files from URLs no more than a few days old. Lab test results, my own test results, and other aspects like ease of use go into my antivirus rating. Firewall Choices A typical personal firewall offers protection in two main areas. On the one hand, it monitors all network traffic to prevent inappropriate access from outside the network. On the other, it keeps a watchful eye on running applications to make sure they don't misuse your network connection.

The built-in Windows Firewall handles monitoring traffic, but doesn't include program control.

A few security suites skip the firewall component, figuring that Windows Firewall already does the most essential firewall tasks. The last thing you want is a firewall that bombards you with incomprehensible queries about online activity.
Should OhSnap32.exe be allowed to connect with 111.222.3.4 on port 8080? Allow or Block? Modern firewalls cut down the need for these queries by automatically configuring permissions for known programs.

The very best ones also handle unknown programs by monitoring them closely for signs of improper network activity and other suspicious behaviors. Have Some Spam These days, most of us hardly ever see spam messages in our inboxes because your email provider filters them out.
If you don't get this service from your provider, it can be hard to even find your valid mail amid all the offers of male enhancements, Russian brides, and quick-money schemes. If your provider doesn't squelch spam, it's smart to choose a suite that has spam filtering built in. Look for one that integrates with your email client.

Client integration lets it divert spam into its own folder, and sometimes let you train the spam filter by flagging any spam messages that get through or, worse, valid messages that wound up in the spam pile. Privacy Protection The best antivirus in the world can't help you if a fraudulent website tricks you into giving away your security credentials. Phishing sites masquerade as bank sites, auction sites, even online game sites. When you enter your username and password, though, your account is instantly compromised.
Some clever ones will even pass along your credentials to the real site, to avoid raising suspicions. Steering users away from phishing sites definitely helps protect privacy, but that's not the only way suites can keep your private information out of the wrong hands.
Some offer specific protection for user-defined sensitive data, credit cards, bank accounts, that sort of thing.

Any attempt to transmit sensitive data from your computer sets of an alarm.
Some contract with third-party vendors to offer credit protection.

And some supply a hardened browser that lets you do online banking in an environment isolated from other processes. What About Parental Control? I don't penalize a suite for omitting parental control. Not everyone has kids, and not every parent feels comfortable about controlling and monitoring their children's computer use. However, if parental control is present, it has to work. Blocking inappropriate websites and controlling how much time the child spends on the Internet (or on the computer) are the core components of a parental control system.
Some suites add advanced features like instant message monitoring, limiting games based on ESRB ratings, and tracking the child's social networking activity. Others can't even manage the basics successfully. Don't Bog Me Down One big reason to use a security suite rather than a collection of individual utilities is that the integrated suite can do its tasks using fewer processes and a smaller chunk of your system's resources. Or at least, that's what ought to happen.

Few modern suites have an appreciable effect on performance. For a hands-on measure of just what effect installing a particular suite has, I time three common system actions with and without the suite installed, averaging many runs of each test. One test measures system boot time, another moves and copies a large collection of files between drives, and a third zips and unzips that same file collection repeatedly.
Suites with the very lightest touch have almost no effect on the time required. Backup and Tune-Up Utilities In a sense, having a backup of all your files is the ultimate security.

Even ifransomware destroys your data, you can still restore from backup.
Some vendors reserve backup for their mega-suite offering, while others include it in the entry-level suite. Read my reviews carefully, as backup capabilities vary wildly.

At the low end, some vendors give you nothing you couldn't get for free from Mozy, IDrive, or another online backup service.

At the high end you might get 25GB of online storage hosted by the vendor, along with the ability to make local backups. Tuning up your system performance has no direct connection with security, unless it serves to counteract the security suite's performance drag. However, tune-up components often include privacy-related features such as clearing traces of browsing history, wiping out temporary files, and deleting lists of recently used documents.

For a dedicated system-cleaning app, read our roundup of the Best Tune-Up Utilities. What's Not Here We have more high-scoring suites than can fit in a top-ten chart, so a few had to be cut.
Symantec Norton Security Deluxe is identical to Symantec Norton Security Premium, except with half as many licenses and no online backup; that was an easy choice. McAfee Total Protection and McAfee LiveSafe differ only in their selection of high-end bonus features; unusual biometrically secured storage won LiveSafe a spot in the top ten. Then there's Webroot SecureAnywhere Internet Security Plus (2016), which lacks the backup and tune-up components found in Webroot SecureAnywhere Internet Security Complete (2016). Naturally I gave the nod to the more complete suite. What's the Best Security Suite? The chart at top details ten security suites that we definitely recommend, including multi-device suites, mega-suites, and entry-level suites.
If you're looking for a suite that covers the basics without getting in the way, Bitdefender Internet Security and Kaspersky Internet Security are our Editors' Choice winners.
In the mega-suite range, Editors' Choice goes to Bitdefender Total Security and Kaspersky Total Security, with more features than you can imagine.
Symantec Norton Security Premium protects up to 10 devices, and McAfee LiveSafe doesn't put any limit on the number of devices—these two are our Editors' Choice products for cross-platform multi-device security suite. With one of these powerful tools protecting your devices, you can relax and enjoy some time off. FEATURED IN THIS ROUNDUP

McAfee LiveSafe (2017)

Would you rather have 10 cookies, or all the cookies you want? Unlimited cookies clearly seems better, even though you probably wouldn't even eat 10 of them at one sitting.

The same holds for security suite licenses. Rather than limit you to protect...
Do you know how many Internet-connected devices are in your household? Now, how many of them have an antivirus or security suite installed? With one subscription to McAfee Total Protection, you can install protection on every single one of those devic...
It's not at all uncommon for a small purveyor of antivirus software to license the actual antivirus engine from a bigger, more-established vendor. It's also fairly common for those small vendors to switch engines occasionally. But PC Pitstop PC Matic with Super Shield is the only recent product I can think of that has stopped licensing another company's engine and bring all development in house. It looks all but identical to the version product I reviewed in March, but under the hood it's quite different. It scored reasonably well in my tests, but not in a way that inspired confidence, as I'll explain. Previously, PC Pitstop licensed antivirus technology from ThreatTrack Vipre Antivirus 2016, running it in conjunction with the company's own Super Shield. With this update, Super Shield takes over the entire job of protecting your system from malware. PC Matic also contains numerous components that work to maintain and optimize your system's performance. This review focuses on the antivirus. With straight antivirus programs, the current trend is toward simplicity, displaying only what's important on the main window and using a limited range of calming, flat colors. PC Matic's main window doesn't follow that trend at all. Colorful images represent all of your protected computers—your $50 per year subscription lets you install the product on five PCs. And a large status area at the bottom is bursting with colorful icons representing past successes, such as patched vulnerabilities and Registry problems fixed. The buttons to launch a scan or check antivirus status don't dominate the screen the way they do with most antivirus products, though they're still prominent. Simple InstallationYou don't have to purchase PC Matic to try it out, so I started by installing the free edition. After a quick install it gave me a choice: log in with my PC Pitstop account or continue on a free trial. I chose to continue, which brought me to a page of scan options. Here I retained the defaults, meaning I allowed it to scan disks, run benchmarks, and check for malware. The scan included four parts: Internet Speed, Stability, Security, and Performance. On completion, the scan displayed a busy, colorful report of its findings, with a button to fix all the problems it found. When I clicked the button, it prompted me to purchase the full program; I did not do so. I did, however, reboot a few times to see if I'd get ransomware-like demands for payment, as described in one of the negative videos. I observed no such behavior. Of course, this review is about the full, commercial edition of the product. Before going any further, I discarded the free edition and reinstalled, attempting to create a PC Pitstop account and register my license key. Surprise! Apparently I already had an account, but I didn't know the password. I was slightly shocked to find that the password recovery email simply displayed my password in plain text. I notified the company about this back in March, and they said they were fixing this glaring security problem. However, it's not fixed as of this writing. Too Little From LabsI'm always pleased to get confirmation of an antivirus product's abilities (or lack of same) from the independent antivirus testing labs around the world. Alas, there's not a lot of lab test information about PC Matic, certainly not enough for me to come up with an aggregate lab score. Here's what I do know from the labs. PC Matic has received certification from ICSA Labs for malware detection. Certification is not a matter of percentages—if a product doesn't hit the goal, the lab reports what went wrong and gives the product another try. Achieving certification is clear confirmation that the product works. Since that earlier review, I've changed the way I track the independent labs slightly. I used to count up how many VB100 awards each product got from Virus Bulletin. To reach VB100, a product must detect all malware samples and refrain from flagging any valid programs as malicious. A single false positive means no award. In several of these tests, PC Matic threw hundreds of false positives, but that seems to have stopped in the most recent tests. For my current lab aggregate score, I look at Virus Bulletin's RAP (reactive and proactive) test, which assigns scores up to 100 percent. With 95.95 percent, TrustPort Antivirus 2015 currently has the best score in this test. PC Matic's 87.07 is very close to the average for programs that I track. My contact at PC Pitstop tells me that the company is submitting PC Matic for testing by at least one major lab, but the results won't be available for a while. Right now, I don't have enough info from the labs to declare an aggregate score. The labs reveal a lot more about programs like Bitdefender Antivirus Plus 2016 and Kaspersky Anti-Virus (2017), which get excellent marks in numerous lab tests that go into detail about actual antivirus capabilities. Good Malware Blocking, But…Given the dearth of lab results, my own hands-on tests take on more importance. Many products start real-time scanning the moment I open the folder containing my samples. Not PC Matic. It doesn't scan files on every access, unless you modify its default settings. Doing so can conceivably slow normal file manipulation actions, and this product is about speeding up your PC, not slowing it. When I tried to launch my samples, PC Matic prevented every single one of them from executing. It blocked some right away, but for others there was a noticeable delay before the blocking notification appeared. In a few cases, this delay ran to more than 20 seconds. My PC Pitstop contact explained that PC Matic checks each file's reputation with the company's servers, and the time required can vary depending on server load. After that initial check, known good or known bad programs don't need to be checked again. Note that PC Matic didn't delete or quarantine the samples; it just blocked execution. That's slightly worrisome to me. What happens if the antivirus crashes? I prefer to see known bad files locked away or deleted. Per my contact at the company, unknown files get uploaded for categorization, which typically takes less than six hours. Knowing that, I ran my test again a day later, checking the Super Shield log to see each file's disposition. The results were puzzling. Poring over the log, I found 55 percent of the samples marked as bad, and 22.5 percent still marked as unknown. Another 22.5 percent didn't appear in the log at all, although PC Matic actively blocked them from launching. Do I say that PC Matic detected 100 percent of the samples, because it blocked them all from loading? Or do I call its detection rate 55 percent, because it only identified that many as bad? I'm leaving the score at 100 percent, but with a mental reservation. Webroot SecureAnywhere AntiVirus (2016) also detected 100 percent of the samples, and also earned 10 of 10 possible points, but it did so in a very different way. Webroot wipes out known malware on sight and runs unknown programs in a special mode that prevents them from taking any irreversible actions, like sending your credit card number to Boris RipYouOff. It journals all activity by the suspect program and, if it proves to be malicious, rolls back everything the program did. For every sample, Webroot either eliminated it on sight or wiped out its changes after detecting malicious activity. PC Pitstop recommends that after a detection you should run a full scan. When I did so, the results were also puzzling. The scan actively identified three of my testing tools as viruses, which was just wrong. It only quarantined a couple of the actual malware samples. The final screen of the scan recommended rebooting and scanning again. That second scan caught a few more of the malware samples. Why didn't it catch them the first time? My PC Pitstop contact suggested a server load issue, and pointed out that in any case unknown programs wouldn't be allowed to execute. A third scan brought no more changes. PC Matic's scan only identified a quarter of the samples as malware, which is peculiar, given that Super Shield marked 55 percent of them as bad. I'm beginning to miss the licensed antivirus engine. PC Matic doesn't include a Web protection component, other than a simple ad blocker. You won't see it blocking access to malware-hosting websites or phishing sites. My malicious URL blocking test does give equal credit for wiping out downloads and for blocking all access to bad URLs, but it does not include launching downloaded files. In order to perform this test, I had to right-click PC Matic's icon and choose Protection Level > Monitor File Access. This triggered a warning that monitoring file access might slow file system activities. The URLs I use for this test, kindly supplied by MRG-Effitas, are no more than a day old, quite different from my relatively static malware collection. Their newness seems to have worked to PC Matic's advantage, as it flagged 98 percent of the malware payloads. However, a scan only quarantined two of the downloaded samples; the rest were merely unknown. I don't see that result as comparable to a product like Avira Antivirus 2016, which actively prevented the browser from even visiting 99 percent of the malware-hosting URLs. McAfee AntiVirus Plus (2016) and Symantec Norton Security Premium both blocked 91 percent of the malware downloads. McAfee's protection skewed strongly toward blocking URLs, while Norton mostly wiped out the downloaded malware. About Those False Positives…PC Matic did throw some false positives during my earlier testing. It permitted installation of the 20 PCMag utilities that I use for a false positive sanity check, but blocked three of the installed utilities from executing. This time around it let them all install and run, though I observed some lengthy pauses. In one case, PC Matic's examination caused a 25-second delay before the installer actually launched. See How We Test Security Software Of course, PC Matic did see all those files back in March, so they're probably in its database of known programs now. For another quick sanity check, I downloaded 20 of the countless free utilities available from Nirsoft. All of these ran without any complaints from PC Matic. And, as I noted earlier, in the four most recent tests by Virus Bulletin, PC Matic didn't display any false positives (though it also didn't receive the VB100 award). Malware Scanning with PC MaticGetting a precise handle on how long a PC Matic malware scan takes isn't easy. Even when I unchecked all scan choices except malware, the scanner still performed a number of optimizations such as searching for junk files. I found that it finished in about 30 minutes, well below the average of current products, but nothing like the speedy 10-minute scan I timed with the previous version. As noted, I also found that it only quarantined a quarter of the malware samples, though the real-time protection stopped them all from launching. It still quarantines files by appending the extension .pcpquar. My company contact told me back in March that the developers were working on a more robust quarantine system, but clearly it isn't here yet. For now, if a file is quarantined in error you can simply remove the added extension and run a new scan. When the scan finishes, dig into to the list of alleged malware and check off any that you want whitelisted. I did find that PC Matic also quarantined some of my hand-coded analysis tools. To be fair, those exist nowhere but on my virtual machines, so they're unlikely to show up in any whitelist. PC Matic didn't quarantine any other files beyond those tools and the actual malware samples. I also maintain a folder containing hand-modified versions of my malware collection. For each sample, I changed the filename, appended nulls to change the file size, and tweaked a few non-executable bytes. As before, PC Matic's scan didn't detect a single one of these, which suggests its malware definitions may be too rigid. Competing antivirus products typically detect almost all of the hand-tweaked samples just the same as they detect the originals. System OptimizationThis review focuses on the antivirus capabilities of PC Matic, but there's a lot more to the product than that. In fact, most of PC Matic is designed to keep your PC optimized and up-to-date. My concentration on the malware-blocking features got me a polite admonition from the program, saying, "We noticed that you have not run a scan and clean on this computer." The full scan runs through dozens of analyses, grouped into four parts: Internet Speed, Stability, Security, and Performance. Specific tasks include scanning for junk files, optimizing the Registry, and running system benchmarks, among many others. When the scan finishes, it displays a page loaded with color-coded result summaries. You can click on any of them for details, or just click the big Fix All button. The full scan and fix took a while, mostly because it includes the slow process of fixing disk fragmentation. Even so, it was all done in less than 40 minutes. After a scan, the program advises rebooting and re-scanning. This repeat scan didn't result in a perfect score; there were still a few minor problems. I find that result encouragingly realistic. A program that doesn't actually perform system optimizations (as some denigrators have claimed) would surely display utter perfection after completing its spurious activity. Once you've run a scan, you can click for details about the particular PC you're using, and optionally schedule regular scans. A trio of slightly confusing dials indicate something about the system's CPU, RAM, and disk usage. You can also click for details on specific performance trends. However, I didn't find the trend graphs terribly informative. They seemed to show wild swings in things like used hard drive space, memory speed, and processor speed. It Works Based on my hands-on testing, PC Pitstop's PC Matic does seem to block malware from launching, but I'm a bit concerned about its ability to actually identify and quarantine malicious programs. Yes, it blocked all of my samples, but only identified 55 percent of them as bad, and its scan only quarantined 25 percent. It's also worth noting that if you search for PC Matic online, you'll turn up a raft of negative reviews (along with a few testimonials). It doesn't help that the company's hype-happy website contains items that are patently false, like most of the page comparing PC Matic to other software. At $50 for five licenses, PC Matic is inexpensive, and it optimizes your system performance. However, it lacks the Web-level protection that allows many products to steer your browser away from malicious and fraudulent URLs, and it didn't detect any of my hand-modified malware samples in testing. You'll do better spending your money on one of our Editors' Choice antivirus products, Webroot SecureAnywhere Antivirus, McAfee AntiVirus Plus, Kaspersky Anti-Virus, or Bitdefender Antivirus Plus. Back to top PCMag may earn affiliate commissions from the shopping links included on this page. These commissions do not affect how we test, rate or review products. To find out more, read our complete terms of use.
When you're shopping for a new appliance, you probably look for one that gets a good rating from consumer research agencies. When you're shopping for an antivirus program, you want to see excellent scores from the independent antivirus testing labs.

The labs uniformly rate Kaspersky Anti-Virus at or near the very top, giving it the best aggregate lab score I've seen.

The 2017 edition doesn't ace all of my hands-on tests, but given the vast resources the labs can bring to bear on testing, their results hold more weight than my own small-scale tests. Kaspersky remains an Editors Choice this year. A year of Kaspersky protection covers up to three PCs and lists for $59.99, though special offers often yield a much lower price.

Typically, you make your purchase online, then log in to the My Kaspersky portal to download and install the product.

Don't forget to let it download the latest antivirus signatures. Note that volume discounts are available.

A five-PC license lists for $79.99, and a ten-PC license for $129.99. The program's main window still uses a light green and white color scheme, but its layout has changed a bit since last year.

Four large icons let you scan for malware, update the signature database, view reports, or open the on-screen keyboard. However, they're now bigger and arranged in a two-by-two matrix, where they used to be in a single row.

The top banner still represents security status.
If there's a problem, it turns bright red.

Clicking the Details button lets you quickly fix whatever is wrong. A full antivirus scan of my standard clean test system took 24 minutes, which is quite good.

The average for current products is 43 minutes, with Microsoft Windows Defender 4.9 and a few others taking more than an hour.

Clearly this initial scan performed some degree of optimization, as a repeat scan finished in just four minutes. Labs Love ItMost of the independent testing labs that I follow include Kaspersky in their testing, and, as noted, they uniformly rate it at the very top.
I track five different tests performed by researchers at AV-Comparatives, among them static detection, dynamic protection, and performance.
In every test, Kaspersky earned Advanced+, the highest rating. Of the products I cover, only Bitdefender Antivirus Plus 2016 has equaled that feat. AV-Test Institute rates antivirus tools on three criteria, protection, performance, and usability, assigning up to six points for each. Kaspersky earned six points for protection against malware, six points for low performance impact, and another six for usability, meaning that it didn't flag valid programs or websites as malicious.

That sums to a perfect 18 points.

Avast, Norton, and Trend Micro Antivirus+ Security 2016 managed 17.5 points. Earlier this year I started tracking tests by MRG-Effitas.

This lab's tests are unusual in that quite a few of the tested products just flat-out fail. Kaspersky and Webroot SecureAnywhere AntiVirus (2016) were among the few to pass a test specifically focused on financial malware. This lab's 360 Assessment exposes test systems to several hundred in-the-wild malware samples and rates how well they protect on their own, without any user interaction.

To get Level 1 certification, the product must completely prevent every sample from installing on the test system.
If some of the samples manage to run initially but get eliminated within 24 hours, that's worth Level 2 certification.

Anything else is a failure. Kaspersky dropped from Level 1 to Level 2 in the latest test, but that's still very good.
Symantec Norton Security Premium and Webroot were among the few others to receive this certification. Kaspersky doesn't participate in the certification programs offered by West Coast Labs and ICSA lab, and hasn't appeared recently in the RAP (Reactive and Proactive) test by Virus Bulletin.

Dropping the RAP score actually raised Kaspersky's rating in my aggregate score chart to an impressive 9.8 of 10 possible points.

The labs are clearly impressed by Kaspersky's technology. Hands-On Test Results As initially configured, Kaspersky handles found malware without any user intervention and refrains from deleting "probably infected objects." For testing purposes, I turned these settings off, so I could see what it was doing. When I opened my folder of malware samples, Kaspersky went into action, deleting those it recognized on sight as malware.

The process took a while, because it first attempted disinfection on each item, quarantining it only if disinfection failed.
It wiped out 71 percent of the samples at this stage. I observed an interesting feature when I launched the remaining samples.
In a couple of cases, Kaspersky reported suspicious behavior after the malware was installed and running.
It offered to roll back the malicious program's activity and perform advanced disinfection.

Each time it wiped out every trace of the malware.

A similar detection and rollback feature is a mainstay of the way Webroot handles unknown processes. However, the real-time protection didn't react at all to several of the samples, giving Kaspersky an overall detection rate of 84 percent.
It scored 8.4 of 10 possible points in this test, lower than several other products tested using the same sample set. My malicious URL blocking test uses a daily feed of malware-hosting URLs supplied by MRG-Effitas.
I launch URLs from the current day's feed and observe whether the product blocks all access to the URL, wipes out the downloaded malware, or does nothing.
I keep at it until I've recorded data for 100 URLs. Kaspersky blocked 65 percent of the samples, almost all of them by steering the browser away from the dangerous URL.

That's not a great score.

Avira Antivirus Pro 2016 blocked 99 percent, all at the URL level. Norton and McAfee AntiVirus Plus (2016) came in second, with 91 percent. Some antivirus products don't participate in lab testing, making these hands-on tests my only way of rating their effectiveness. Others do equally well with the labs and in my own tests. Year after year, Kaspersky blows it out of the park with the labs, but doesn't do as well in my tests.
It's puzzling, but given the huge amount of resources the labs can bring to bear, I defer to their results when there's a difference. Amazing AntiphishingThe same browser plug-in that blocks access to malware-hosting URLs also serves to keep users from falling for phishing sites, fraudulent sites that try to steal login credentials for sensitive websites. However, it proved vastly more effective against phishing than against malware-hosting URLs. For this test, I scour the Web to find newly reported fraudulent sites, many of them too new to have made it onto phishing blacklists.
I launch each URL simultaneously in five browsers, one protected by the product under testing, one by Norton (a long-time antiphishing winner), and one each by the built-in security in Chrome, Firefox, and Internet Explorer.
I discard any that don't load properly in all five browsers, or that aren't actually phishing sites. Because the URLs are different every time, I report the product's success relative to that of Norton and the three browsers.

Almost every product I've tested lags behind Norton, and quite a few can't even beat the built-in browser protection. Bitdefender and Webroot did slightly better than Norton in this test, but Kaspersky beat them both.
Its detection rate came in 5 percentage points higher than Norton's, the best I've seen. See How We Test Security Software Bonus ToolsSome antivirus products just stick to the task at hand, with few extras; F-Secure Anti-Virus 2016 is an example. Others, like Kaspersky, add quite a few security-related bonus features. One bonus in particular gets top billing—the On-Screen Keyboard.

The first time you click its icon, featured prominently on the main window, it needs a restart for full functionality.

Thereafter you can invoke it any time to enter passwords without the possibility of capture by a keylogger, even a hardware keylogger. You access the rest of the bonus tools by clicking the main window's More Tools button.

From the resulting menu, you can view files in quarantine, check the status of the Kaspersky Security Network online, or create a Kaspersky Rescue Disk.

The rescue disk can clean malware that prevents you from accessing Windows or launching the regular Kaspersky malware scanner. Wise users will create a rescue disk right away and stash it against future need. When you choose Vulnerability Scan, Kaspersky performs two rather different system checks.
It reviews your Windows configuration to report settings that aren't the best for security, with the option to fix them.

Don't like what it did? You can roll back the changes.
It also looks for applications that don't have the latest security patches. Unlike the Software Updater in Kaspersky's full security suite, the Vulnerability Scan leaves you to manage necessary updates yourself. A couple times during my hands-on testing, the Microsoft Windows Troubleshooter popped up and offered to change system settings that might have been tweaked by malware. You can also launch this scan at any time from the More Tools menu.

There's a certain amount of overlap with the Vulnerability Scan; for example, both offered to turn off AutoRun for various drive types. The Privacy Cleaner wipes out various traces of browsing and computer use, and the Browser Configuration Checker looks for problems with your Internet Explorer configuration (it didn't find any on my test system).

As with the other bonus scans, you can roll back changes made by either of these. Still a Winner The fantastic scores awarded to Kaspersky Anti-Virus by the independent testing labs far outweigh its uneven performance in my hands-on tests.
Its malware scan is fast, and it includes numerous security-related bonus features.
If an unknown program exhibits malicious behaviors, the antivirus can roll back that program's actions completely. Kaspersky is an Editor's Choice for standalone antivirus protection.
It shares that honor with Bitdefender Antivirus Plus, McAfee AntiVirus Plus, and Webroot SecureAnywhere AntiVirus. Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.
The newest big thing in security is the cross-platform multi-device security suite.
Instead of seeking out different products for your Windows, Mac, and mobile devices, you use the same multi-device subscription on all of them, and you can manage them from a central console.
Some offer a specific number of licenses, others aren't limited.

AVG Protection Free (2016) has the distinction of offering multi-device protection at no cost. However, that great price point can't outweigh the fact that the security protection it offers doesn't measure up to that of the top products in this field.

AVG Protection Free helps you manage installations of AVG's free antivirus products for Windows, Mac OS, and Android (sorry, no iOS support). You can choose a 30-day trial of the non-free AVG Protection (2016).
If you do so and then decide you want to keep the Pro features, you'll pay $59.99 per year for unlimited devices. McAfee LiveSafe (2016) lists for $89.99 per year, for unlimited devices, but it adds support for iOS and Blackberry, and its Mac support is a full suite, not just antivirus like AVG.

For that same $89.99 you could also choose a 10-license subscription for Symantec Norton Security Deluxe, with 25GB of hosted online backup as a bonus. None of the competing services offer a free edition, though. Very ZenAs with the paid edition, installation of AVG Protection Free starts with AVG Zen, the management tool. You also need to create an online management account.

This account is what links all your devices through Zen. Like most of AVG's products, Zen uses color-coded circles to report your security status in various areas.

Four panels represent Protection, Performance, Safe Surf, and Web Tuneup.

A complete circle means you've got all available protection in the specified area; a partial circle means there's more you could add. When the circle is green, all's well with the world.
If it's yellow or red, the specified component needs attention. I installed AVG Protection on a Windows 8.1 test system, opting to go straight to the free edition rather than start a 30-day trial of the paid version.

As soon as Zen was installed, it started a background installation of the free antivirus. Once that installation completed, I got a three-quarter green circle in the Protection panel.

Completing that circle would require upgrading to the paid edition, so I left it alone. Clicking the Web TuneUp panel smoothly installed that feature on my browsers, giving me a complete green circle in that panel. Web TuneUp warns when you're about to visit an iffy or dangerous site, actively prevents tracking of your Web surfing habits, and lets you clear your browser history with one click. Safe Surf, AVG's VPN, is an extra cost, so that panel stayed blank.

As for the Performance panel, clicking that one installed AVG PC TuneUp. Note, though, that this is a one-day free trial, so don't start it until you have some free time to exercise this tool's powerful performance enhancement features. Extending protection to additional devices is a snap. You click a button to start the process, choose Windows, Mac OS, or Android, and send an email to an account used on the device in question.

The email contains a link to download the appropriate app.
Install Zen, install the antivirus, and link the installation to your account by logging in.

That's it.

The new device shows up in Zen's lineup across the top. You can check the status of any device by clicking it, and you can even remotely launch a scan or an update. Protection for WindowsOn your Windows devices, AVG Protection installs AVG AntiVirus Free (2016).

Do please read that review for full details on the antivirus.
I will summarize my findings here. All five of the antivirus testing labs I follow include AVG in their evaluations. My aggregate lab test score calculation for AVG gives it 8.4 of 10 possible points. Kaspersky holds the best aggregate score, 9.7 points. In my own hands-on testing, AVG earned 8.8 of 10 possible points, which is good, but not at the top.

Top score among products tested with the same samples goes to Bitdefender Total Security 2016, with 9.3 points.

Tested against a newer sample set, Webroot SecureAnywhere Internet Security Complete (2016) managed a perfect 10. In my malicious URL blocking test, AVG blocked 73 percent of the samples.
Symantec Norton Security Premium blocked 91 percent of the malware downloads, and Avira Antivirus Pro 2016 fended off 99 percent.
In my antiphishing test, AVG lagged 28 percentage points behind Norton. This product's antivirus protection isn't quite as good as the very best commercial antivirus tools, but it's impressive for a free antivirus.

AVG AntiVirus Free is an Editors' Choice for free antivirus, sharing that honor with Avast Free Antivirus 2016 and Panda Free Antivirus (2016). Protection for AndroidTo get a feel for AVG's Android protection, I sent a link to a Nexus 9 that I use for testing.

The user interface has changed since we reviewed AVG AntiVirus Security (for Android); no more color-coded circles! But the feature set remains effectively the same; refer to that review for additional details. Zen on the tablet retains those familiar circles, and works just as it does on Windows. For a complete installation, you need enable Anti-Theft and make AVG a Device Administrator. You'll probably also want to click the link that installs the free AVG Cleaner for Android.

As with AVG Protection itself, you can opt to get a 30-day trial of the paid edition.
I chose not to do so, and therefore found myself viewing banner ads across the bottom of the app's display. AVG scans your apps for malware and can optionally scan external storage.
It also finds and flags problems with security settings, offering instructions for correcting configuration errors.

The Safe Web Surfing feature steers your browser away from malicious and fraudulent URLs. Performance features include a task killer, to save battery life by ending unnecessary tasks, as well as a battery power tracker with an option to automatically turn off power-hungry features when battery power gets low.

AVG can also track your storage usage and monitor use of your data plan by apps. There's probably a better chance your Android device will be lost or stolen than that it will suffer a malware attack.

AVG offers a full-scale anti-theft component. You can use coded text messages or the online console to remotely locate, lock, or wipe the device, or trigger a noise to help you find a mislaid tablet.

That's it for the free edition.

The for-pay edition adds Camera Trap, which snap a thief's photo, and can also lock the device if a thief removes the SIM card.
It can protect private data and user-specified apps with a PIN code.

And it can back up your apps to an SD card. The free app installed by AVG Protection Free includes antivirus and anti-theft, the pillars of an Android security product, but lacks a number of useful features from the paid app. Our Editors' Choice products for Android antivirus are Norton Security and Antivirus (for Android) and Bitdefender Mobile Security and Antivirus (for Android). Like AVG, both of these offer a free edition with only the most necessary features. Mac ProtectionAVG AntiVirus (for Mac) is a free product. You could download and install it without any connection to AVG Protection, but then you'd miss out on the remote-control power of AVG Zen. This free, simple product offers protection against viruses and other types of malware.
It scans on demand and in real time.

To make sure your other devices don't get infected by way of the Mac, it looks for PC and Android malware as well.

And of course you'll find the user interface familiar. Keep those circles green! Norton gives Mac users rather more in the way of features.
It includes a firewall, a vulnerability scanner, and password protection for files, among other things. McAfee LiveSafe is somewhere between, with antivirus, firewall, Web reputation reporting, and password management. Free Isn't EnoughI rated the paid AVG Protection three stars, meaning it's good, but not outstanding.

For Windows devices, the paid edition installs AVG Internet Security, which doesn't rate as highly as the free antivirus because other components don't measure up.

Android protection in the paid edition is good, but Macs just get a simple always-free antivirus. With AVG Protection Free, the Android app loses Pro-only features and PCs just get a free antivirus—a good one—rather than a full security suite.
It's great that this product is free, and you still get the helpful remote management of AVG Zen, but competing (paid) cross-platform suites offer so much more.
In this instance, you really do get what you pay for. Symantec Norton Security Deluxe excels in just about every area and comes with 25GB of hosted online storage.
It protects PCs and Macs with a full security suite, and its Android version is an Editors' Choice. Where Symantec lets you protect 10 devices, McAfee LiveSafe puts no limit on the number of Windows, Mac OS, Android, iOS, and Blackberry devices you can connect.

These two are our Editors' Choice cross-platform multi-device security suites.