At a Glance
- Helpful setup
- Good malware protection
- Subpar behavior-based detection
AVG stays within its core competencies to deliver a strong suite.
AVG Internet Security Version 8.5 (one-year subscription for one computer: $55; one year for three computers: $75, as of 5/21/2009), has been steadily building a solid following for its protection products. We reviewed it as part of our midyear security suites roundup. Unlike some security vendors, AVG allows you to opt in to various partnerships (as opposed to opting out), such as the Yahoo Search box, during installation.
AVG has other strengths beyond its opt-in policy, of course. Like the CheckPoint ZoneAlarm Extreme Security suite, AVG walks you through the setup and configuration process with a few helpful tutorial screens. It also stays within its core competencies, offering various shields for e-mail filtering, Web-site filtering, spam filtering, and so forth.
Using its own malware detection engine, AVG did superbly in both the on-demand and on-access detection of 2735 malware files, macro viruses, and scripts, scoring 100 percent against each. And AVG did well against the 722,372 collected samples of Trojan horses, worms, password-stealers, and other nasties, identifying 95 percent of samples on average. That means this suite did reasonably well among the security suites tested.
AVG removed 80 percent of the malware files and Registry changes that malware had put in place, but it failed to scrub test infections from 40 percent of the Registry. It detected 100 percent of inactive rootkits (stealth malware used to hide infections from PC users and security software alike), detected 90 percent of the active ones, and removed eight out of nine active rootkits. Those results still put AVG among the best we’ve tested.
Through its acquisition of Sana Security, AVG says it has improved its behavioral-based malware detection, since it can now monitor up to 290 distinct behaviors to determine whether a file’s activity is malicious. However, this technology didn’t work as AVG might have hoped in our tests: Overall, AVG earned slightly-below-average scores for behavior-based detection of malware. In detection, AVG produced a warning 53 percent of the time, and detected and blocked 33 percent of the malware, but removed only 20 percent.
In proactively identifying unknown malware for which it doesn’t yet have a signature, AVG scored below average. In tests using 2-week-old signature files, it identified only 37 percent of samples. And on four-week-old signature files, it identified only 30 percent. On the positive side, AVG responds fairly quickly to new widespread malware attacks, typically within 4-6 hours according to AV-Test. However, AVG signature updates per month were low; the company issued only 50 in January 2009, 58 in February 2009, and 58 in March 2009, for an average of 1.9 per day, compared with more than 200 per day from Norton.
AVG scans archive files on demand by default, and AV-Test reported somewhat long on demand scan times of up to 88 seconds on a 741MB file, with on-access scans of 65 seconds, compared with only 41 seconds to copy the same file on a system without antivirus installed.
AVG scans e-mail for viruses, and provides IM protection as well. Antispam protection comes from MailShell. For antiphishing, AVG uses a combination of sources, including the Anti-Phishing Working Group and Phishtank. The real Web protection, however, comes from LinkScanner, a tool that looks for and scrubs malicious content from Web sites before it hits your browser.
In our informal use tests, the behavior-based AVG Firewall displayed a high learning curve; it requested permission for every Internet-facing application, a process that gets tiresome and invasive quickly. By comparison, ZoneAlarm recognizes many popular programs, eliminating unnecessary messages.
Overall the AVG interface is clean and straightforward. Want to know more about the firewall, for instance? Click the Firewall icon to see configuration settings.
AVG did very well with traditional and zoo malware, but it didn’t do so well using just heuristics, missing the 2- and 4-week old signature file tests. Still, for the money, AVG Internet Security 8.5 is a good value that will do a strong job at protecting your computer.