How secure is secure enough? Avast seems to be betting that you’ll want all the security bells and whistles that you can afford, but its paid tiers seem to be offering too little for the price. With that said, the free tier of Avast offers a fantastic antivirus engine at its core. You’ll love the security of Avast, as well as the speed with which it reacts to detect and mitigate dangerous programs – just try not to get too frustrated by its incessant pleas for you to upgrade.
As mentioned, Avast went above and beyond when it came time to design the free version of their antivirus product. Even the basic virus scan offers more functionality than most. Instead of just searching for viruses and malware, it also detects out-of-date software, malicious browser add-ons, network issues, unprotected sensitive documents, and weak passwords.
My first scan detected no malware, bad extensions, or network issues, but it did find vulnerable software, unprotected documents, and weak passwords. I’m not surprised that there’s vulnerable software on my computer – I have a lot of software and it’s a pain to update it all – but these last two items gave me a little bit of pause. What does Avast count as unprotected sensitive documents and how do they find them? Furthermore, how do they check the strength of my passwords?
As it turns out, the sensitive documents scan is highly effective. It found tax records, employment documents, financial statements, and more – stuff I’ve stored on my computer without even remembering that I’ve put it there. In all, it only detected two false positives. Avast sorted these documents into categories such as taxes, payroll, employment, and travel (documents such as driver’s licenses and passports. It also gives you an easy button to the right of each entry that instantly shows you the location of each document that it finds.
Reading between the lines of the marketing copy, Avast seems to be leveraging a technology known as Data Loss Prevention (DLP). DLP is a tool that’s normally used in the context of large companies that store customer data such as credit card and social security numbers. Using DLP, companies can scan word documents and conduct optical character recognition (OCR) on PDFs in order to detect strings of numbers that resemble these sensitive bits of data. The company can then know exactly where its sensitive data is and take steps to ensure that no one moves or deletes it.
Simply knowing the location of my sensitive data is very useful and seeing DLP technology move from a corporate to a consumer context is interesting to say the least. There’s unfortunately not a lot that you can do with this information without locking yourself into a subscription, however. Once you do subscribe, you get the option to encrypt your information and store it in a secure digital locker. If any attacker attempts to move or delete these files, the program blocks access and notifies the user.
Avast’s weak password scan is frankly a bit of a letdown. I was expecting the service to tell me that I’d set one of my passwords to “123cat” or something equally simple by using some sort of futuristic hash-scanning algorithm. Instead, it just told me that I’m storing passwords in my browser (everyone does), that this method is potentially insecure (jury’s out on that), and that I should upgrade in order to use Avast Passwords, Avast’s password management service. This may certainly be useful, but it’s not worth committing to a yearly subscription when you could just use one of the many standalone password managers that are already available elsewhere. (More on this later.)
Does the Antivirus Engine Make the Grade?
All of these extras are frankly a distraction from the core of the scan itself – the malware detector. Independent lab tests show that Avast has a highly-rated antivirus engine, demonstrating advanced features and flagging zero false positives. Few antivirus engines scored higher. In addition, testing-under real-world conditions shows that Avast is efficient at detecting and mitigating the vectors – such as drive-by-downloads and code injection attacks – by which malware propagates. To summarize, Avast will detect most forms of advanced malware, and prevent most of them from even installing on your computer. If any malware gets by, an automatic scan will usually detect and destroy the infection within a day.
When malware attempts to execute on a computer, Avast springs into action. It will detect most known malware samples immediately, then quarantine and delete them. If Avast detects an unknown file that acts suspiciously, Avast kills the process and analyzes the malware sample at its corporate headquarters. If you suspect that Avast has missed a file, you can right-click on any file in your Windows Explorer panel and select the file or folder for individual scanning.
More importantly, Avast is very good at making sure that malware doesn’t get onto your computer in the first place. It detects most sites that attempt to distribute malware before they start downloading onto your computer. For the rest, Avast will interrupt the malware sites during the download stage – missing only a few files, which will usually be caught by Avast’s active protection once they attempt to execute.
Phishing sites – sites that attempt to duplicate banking login screens and social media – are far more common than malware sites, as well as being a bit simpler to produce. It’s arguably more important to protect users from these sites than it is to protect them from sites dedicated to malware. Although this is a paid feature, Avast has the ability to protect users from phishing sites with surprising efficiency. Their software doesn’t just block sites that have already been blacklisted – they also can identify phishing sites that are too new to have been identified by security researchers.
To summarize, the free version of Avast offers security that’s among the best that I’ve ever seen. You’d almost expect that its designers would have turned something off to make the paid upgrade more essential, but they haven’t. Its paid features, including a locker for your passwords and an encryption option for sensitive files, just don’t add more to the table.
Outside of the core antivirus function, Avast offers a host of features in both its free and paid versions that are designed to keep your data secure. These features range from the expected to the exotic, with many of the paid features being perhaps more useful to power users. Here’s the rundown:
Free Features are Critical to Online Security and Quality of Life
First of all, Avast offers a series of advanced security scans. This is distinct from the “Smart Scan” that you see on the program’s main menu. When you click on the “protection” tab, you’ll see a variety of options, including “Full Virus Scan” and “Boot-Time Scan.”
Full Virus Scan is both slower and more thorough than the primary smart scan. Although it takes quite a bit longer – up to a couple of hours on a slower machine – it has a better chance of detecting and resolving threats. If you suspect that your computer was infected by malware prior to installing Avast, you’ll likely want to do a Full Virus Scan in order to weed out any lingering threats.
You’ll also want to run a Boot Time Scan. Many advanced kinds of malware now have the ability to persist even when their files are deleted from your computer’s operating system. That’s because these viruses exist outside the primary OS. When they’re deleted, they simply reinstall themselves from files that are outside the operating system. A Boot Time Scan restarts your computer and watches for suspicious programs that try to execute while the computer is running, and then stops them in their tracks.
Lastly, Avast offers a full-featured WiFi scanner designed to protect you at your home and on the go. When I ran it, it discovered every device connected to my WiFi in under a minute – my desktop, laptop, console, cellphone, and kitchen speaker. If my devices were unsecured, it would have pointed out vulnerabilities such as ports exposed to the internet, default passwords, and other weaknesses.
Paid Features Don’t Add Enough Value
Outside of these advanced virus scanning features, Avast doesn’t offer much – but it’s not clear that you’d need much more anyway. For example, there’s a utility that’s supposed to clean your computer’s hard drive, for example, but it’s paid for. Meanwhile, CCleaner is free. Want to get rid of particularly sensitive materials? Avast offers a secure erase function that can delete a file by writing over it many times, removing all trace of it from your computer. The system works as advertised, but it’s hard to see who needs it other than security researchers. There’s a VPN add-on that you can pay for, but other standalone VPNs offer similar features for less.
To summarize, Avast has won me over with its free version, but it has lost its balance when it comes to paid and premium pricing. The features here won’t make you much more secure than the free software, and you can replicate most of their functionality with free or lower-cost third party software.
Ease of use
This is an area where Avast frustrated me. I realize that if you’re an antivirus company, you need to make money by converting your free users to paid subscribers. I really shouldn’t mind that Avast takes every opportunity to get me to upsell – and for the most part, I don’t. What irks me, however, is the liberal use of dark-pattern UI in order to get me to pay up.
If you’re unfamiliar with dark-pattern UI, here’s a quick example.
When you boot up Avast, you get a splash screen a big “scan now” button in the middle and a white box offering you a welcome gift.
The “gift” turns out to be a steep discount on a subscription. What if you don’t want a subscription? As you can see from the screenshot below, there’s no “back” button, only a “buy now” option. In order to back out of the upsell screen you actually have to click the red X in the top right corner, something that’s counter-intuitive to most users who think that button just closes the program.
When you hit that X, by the way, another pop up comes after it, offering you a free trial.
Again, this is not a huge disappointment – because again, the service needs to make money – and if that were the only example of that in the program, I probably wouldn’t mind. With that said, Avast goes a long way towards burying its goodwill by offering other confusing and intrusive upsells buried in its software.
Here’s another example. In Avast’s “privacy” menu, you can see some options that are closed off with a big orange lock, and some that aren’t. You’d expect that you’d have to pay to unlock features that are locked, and that the features that are unlocked would be free. That’s unfortunately not the case. When you click on SecureLine VPN, for example, a separate program installs itself on your computer, and then asks you for money. If you click on “Performance” and choose “Driver Updater,” the same thing happens. Avast takes you all the way into installing a new program on your computer, and then asks you for money.
The most egregious example happened with the password manager, which is free but not great. The password manager operates as a Chrome or Firefox extension that stores your password and is secured with a master password, but it neither suggests strong passwords nor warns you about weak or duplicate passwords – something that’s a must in other products. You can’t even implement two-factor authentication.
Anyway, when I clicked through the menus that led into the password management function, I decided to decline to import my passwords into Avast’s password manager. Imagine my surprise when Avast started to import my passwords anyway! Although I was able to cancel the transfer, Avast also installed their proprietary secure browser on my machine – again without my permission.
This is a bit worrying. It doesn’t speak ill when it comes to the functionality of the antivirus engine itself, but for long-term users, the constant reminders to upsell – plus the misleading menu options – may eventually become frustrating
Avast offers premium support services for its antivirus product at every pricing tier. There’s an extensive knowledgebase that explains how its features work and what they’re supposed to do. These walk inexperienced users through the operation of the product and allow them to do some basic troubleshooting on their own.
The organization also boasts a 24/7 call center for more serious problems. The tech support specialists are able to provide detailed and helpful information within a short amount of time. This information should be helpful for both inexperienced users and power users alike.
When compared to other antivirus programs, Avast is roughly average in terms of expense. There are four main pricing tiers – Free, Internet Security, Premier, and Ultimate. If you’re determined to pay for Avast, Internet Security is probably the best option for you. It includes several useful quality of life features that the free tier lacks – a Real Site option that protects against phishing sites, a Ransomware Shield to protect your files from encryption, a firewall that stops intrusion attempts, and an anti-spam feature.
Internet Security also includes one of the coolest features that isn’t included in the free version – the Sandbox mode. This lets you open files and programs in a virtual machine that doesn’t have access permissions to your desktop. If the file contains malware, then the malicious program will execute in an area where it can’t do your computer any harm. This is a really neat little bonus, and it’s great for anyone who’s constantly receiving phishing attempts.
Meanwhile, the more expensive pricing tiers contain more of the software that’s nice to have, but not vital. Upgrading to Premier gets you the superfluous data shredder and disk cleanup features, while upgrading to Ultimate gets you the VPN and the password manager. None of these are necessarily essential to your data security, and if you must have them, they’re available from third parties at a lower price for the same effectiveness.
Once again: the free tier of Avast gives you all the information security you’re likely to need, but if you must upgrade, the Internet Security tier gives you most of everything else.