- Good dynamic malware detection
- User-friendly interface
- Weaker signature-based detection
Despite good heuristics, PC Tools Internet Security missed two Conficker variations.
PC Tools Internet Security ($60 for up to three computers for one year as of 5/21/09) offers a decidedly mixed bag of protections. (We reviewed it for our midyear security suites roundup and security suites chart.) Symantec acquired the security vendor in 2008 to increase its worldwide market share with consumers in new and emerging regional markets. Though now part of Symantec, PC Tools continues to maintain a separate development operation from Symantec’s consumer business unit (responsible for the Norton Internet Security Suite), and its entry in the Internet security suite market comes with strong heuristic malware detection, but it’s weaker in other areas such as traditional malware detection.
PC Tools uses its own antivirus protection, and at first glance it appeared to score very well in AV-Test.org‘s extensive malware-detection tests for both the on-demand and on-access detection of 2735 files, macro viruses, and scripts, scoring nearly 100 percent in each. However, PC Tools is the only security suite to miss at least two variations of the Conficker worm in both on-demand and on-access testing. Against the zoo Trojan horses, worms, password-stealers, and other nasties, PCTools identified on average only 58 percent of the 722,372 collected samples, placing it second to last, just ahead of Comodo.
But on behavior-based detection of malware, PC Tools scored the highest of any suite tested. In overall detection, PC Tools produced a warning 93 percent of the time; detected and blocked 87 percent of the malware; and removed 80 percent of the malware. PC Tools also produced strong numbers for detecting and removing rootkits–stealth malware used to hide infections from PC users and security software alike. It successfully removed all nine active rootkits we tested it against.
For performance, AV-Test recorded long file scan times of up to 173 seconds for on-demand scans of a 741MB file. On-access file scans required 66 seconds, compared with only 41 seconds to copy the same file on a system without antivirus installed. In informal testing, PC Tools appeared to slow our Windows XP machine more noticeably after installation than other security suites.
In proactively identifying unknown malware for which it doesn’t yet have a signature, PC Tools scored below average. In tests with 2o-week-old signature files, it identified just 29 percent of malware samples. And on 4-week-old signature files it identified only 23 percent.
According to AV-Test.org, PC Tools responds moderately fast to new widespread malware attacks, typically between 6 and 8 hours. But PC Tools also produced the fewest signature updates per month of any suite tested: 34 in January 2009, 30 in February 2009, and 34 in March 2009, averaging 1.1 per day, compared with over 200 per day from Norton.
PCTools gears its interface for the average consumer; as such, it doesn’t offer many configuration options, and for some, that’s just fine–it’s user friendly; just set it and forget it. For the more advanced, however, such a simple interface will feel constraining. There is little documentation beyond a nominal Quick Start guide, so creating a firewall rule is less intuitive within PC Tools than within Windows Firewall.
The suite includes the optional PC Tools Browser Defender toolbar (for Internet Explorer only), which provides antiphishing protection. Unlike many phishing filters, PC Tools does not use lists from antiphishing sites. Instead, PC Tools relies on heuristic analysis to identify phishing attempts; the company told PC World that “blacklisting is no longer an effective method of protecting against phishing sites as in our research we found that sites were up for less than 24 hours.” Once installed, Browser Defender missed a few freshly reported phishing sites (less than 2 hours old) listed on DSL Reports Phish Track, but correctly warned against sites more than few hours old.
PC Tools Internet Security does not include parental controls or backup. The company told PC World that “these added components cater for a small [percentage] of the market and unnecessarily bloat a product, often making it cumbersome to install and run.”
Despite strong heuristics, PC Tools Internet Security compares unfavorably with other suites we’ve tested, based on its mixed test results. This is PC Tools’ first attempt at a security suite; and, like Comodo, it too could have a strong offering in the near future if it bolsters its traditional malware detection and offers more configuration options. Ironically, for about the same price, its big sister, Norton Internet Security 2009, is a much better purchase.