To even be considered a full-scale antivirus, a program must sweep away all existing malware infestations and protect the system against new attacks. That’s the minimum. Trend Micro Antivirus+ Security goes way beyond that minimum. The “plus” in its name refers to a wealth of bonus features, among them a firewall booster, layered ransomware protection, and a hardened browser for online banking. Add those to an effective core antivirus system and you’ve got a product that’s well worth a look.
How Much Does Trend Micro Antivirus+ Security Cost?
For $39.95 per year, you can protect one PC with Trend Micro. That’s a normal price for a single license; Bitdefender, Kaspersky, and Webroot (among others) come in on or about this price point. McAfee AntiVirus Plus costs $59.99 per year, but that lets you protect all your Windows, Android, iOS, and macOS devices, not just one PC.
Unlike most competitors, Trend Micro doesn’t offer a three- or five-device antivirus subscription. If you want a volume discount, you must upgrade to Trend Micro Internet Security, which lists for $79.95 per year for three licenses that you can use on Windows or macOS devices. At the highest level, Trend Micro Maximum Security comes in five- and 10-license packs, and offers protection for devices running Windows, macOS, Android, and iOS.
The installer performs a check for active malware, just in case, and asks for your license key. To complete installation, you create or log into an online account. And you get a chance to enable Trend Micro’s Folder Shield ransomware protection (more about that below).
Trend Micro’s main window doesn’t look much like other antivirus products, though it’s had the current look for some years. A big, round Scan button dominates the window, with an indicator below to display security status. Above are four icons for Device, Privacy, Data, and Family. No, the presence of a Family button doesn’t mean this antivirus includes parental control, although its macOS counterpart offers a simple content filtering system. Clicking the Family icon just notes that you should upgrade to Trend Micro Maximum Security.
A lightbulb icon at the main window’s top encourages you to explore more features. It’s a little bit like the recommendations from Bitdefender’s AutoPilot. When you click the icon, it presents a few questions and points out components that relate to your answers.
Mixed Lab Results
At independent testing labs around the world, teams of antivirus researchers evaluate just how well each product protects against malware attacks of all kinds. The labs can throw serious resources at the testing process, more than I can do myself, so I monitor their results closely. All four labs I follow include Trend Micro, meaning they consider it important enough to track. However, its scores range from excellent to poor.
Experts at AV-Test Institute rate antivirus products on three distinct criteria. The Protection score is a straightforward rating of how well the product defends against real-world malware. To get a good Usability score, the product must avoid erroneously flagging legitimate programs or websites as malicious. The lower the impact a product has on system performance, the higher its Performance score. Products can receive up to six points in each category, for a maximum of 18.
In the latest test, Trend Micro took all six points in all three categories, earning a perfect 18 points. Seven other products, among them Kaspersky, Windows Defender, and Norton AntiVirus Plus, also earned a perfect 18 points.
The researchers at AV-Comparatives run security products through a wide variety of tests, assigning Standard certification to any that pass. Outstanding performance can earn Advanced certification, or even Advanced+. I focus on four tests from this lab, and Trend Micro appears in three of the reports. Like Microsoft Windows Defender Security Center, it earned one Standard and two Advanced certifications.
Those are decent scores, but Bitdefender Antivirus Plus earned four Advanced+ ratings. Avira managed three Advanced+ and one Advanced, just a bit below perfection.
At SE Labs, testers scour the internet for real-world malicious websites. Using a capture-and-replay technique, they expose each product to the same recorded attack. Products can earn certification at five levels: AAA, AA, A, B, or C. More than half the products in the latest test came in at the top, with AAA certification, and none earned less than A level certification. Trend Micro and BullGuard Antivirus were among those at the A level.
Most test labs assign scores covering a range of results. With MRG-Effitas, a product that doesn’t exhibit a near-perfect performance simply fails. Not quite half of the tested products failed this lab’s latest banking Trojans test, Trend Micro among them. In the broader all-types assessment, a product gets Level 1 certification if it utterly prevents all the malware attacks, and Level 2 if it wipes out all traces within 24 hours. Three quarters of tested products passed the latest iteration of this test with Level 1 certification. Alas, Trend Micro, along with McAfee and Avast Free Antivirus, failed this test too.
For an overall comparison I use an algorithm that maps all the lab scores onto a 10-point scale and generates a single aggregate score. Trend Micro is one of nine products with results from all four labs, but its aggregate score of 8.0 points is the lowest of that group. Norton and Avira Antivirus Pro top the list, with 9.8 points, and Kaspersky is close with 9.7. With ratings from just three of the labs, Bitdefender came in at 9.9 points.
Speedy Malware Scanning
I always advise running a full scan immediately after installing a new antivirus. After that initial cleaning, real-time protection should defend against any new attacks. For suspenders-and-belt protection, Trend Micro schedules a weekly quick scan. Tested on my clean virtual machine, the quick scan finished in less than four minutes.
You can tweak the day and time for the scheduled scan, and optionally make it a full scan. A full Trend Micro scan on my standard clean test system required 44 minutes, well below the current average of 67 minutes.
Many antivirus products use that initial full scan to optimize for subsequent scans by flagging trusted files that don’t need another scan. For example, a repeat scan with ESET NOD32 Antivirus finished in seven minutes, down from 66 for the first scan. K7 took 48 minutes the first time around but finished a second scan in 10 minutes. By observation, Trend Micro does no such optimization. A second scan took just as long.
Uneven Malware Protection
Not every antivirus has the wealth of lab results that Trend Micro boasts. Some aren’t tested by any of the big labs. I put every antivirus utility through my own hands-on malware protection tests both to capture another set of results and to get a feel for how the product does its job. In my tests, as in the lab tests, Trend Micro’s scores were mixed.
My basic malware protection test uses a folder of malware samples that I collected and analyzed myself. Like most antivirus tools, Trend Micro started picking these off as soon as I opened the folder. Unlike most competitors, it only wiped out half the samples on sight. Most products detect 80 percent or more at this point. G Data Antivirus wiped out 98 percent of these samples at this stage.
To finish this test, I launch the samples that made it past the initial scan by real-time protection. That gives the antivirus a chance to exercise behavior-based detection and any other protective layers it has available. Trend Micro picked off more samples at this stage, for a total of 80 percent detection. A few slips like letting detected malware place executable files on the test system dragged its overall score down to 7.8 of 10 possible points, the lowest score among products tested with this set of samples. Webroot SecureAnywhere AntiVirus detected 100 percent of the samples and scored a perfect 10 points.
Trend Micro’s reviewers’ guide states that testing with samples more than a week old is not real-world testing. Given that it takes me four weeks or more to gather and analyze a new set of samples, there’s no way I could manage their suggested one-week cutoff.
Fortunately, I have another test that gives a very up-to-the-minute view. I challenge each product with a collection of malware-hosting URLs discovered in the last few days by researchers at MRG-Effitas. I launch each URL in turn, noting whether the antivirus diverts the browser from the dangerous site, eliminates the malware download, or fails in its protective task. Skipping any URLs that are already defunct, I continue until I have 100 data points.
Trend Micro did almost all its work at the URL level. In most cases it displayed a big Dangerous Page warning in the browser, though for some the browser just showed an error, with a pop-up explanation from Trend Micro. In a handful of cases, the download started but got derailed by Trend Micro’s protection.
Trend Micro’s score of 94 percent protection is very good, but others have done even better. McAfee, Sophos, and Vipre Antivirus Plus all managed 100 percent protection. The URLs used in this test are always different, of course, but they’re always the newest available.
Impressive Protection Against Phishing
Where malicious websites and downloads must run the gauntlet of multilayered antivirus detection to perpetrate their chicanery, phishing websites only need to bamboozle the hapless user visiting the site. These frauds masquerade as sites that require a secure login, anything from financial sites to online gaming. If you enter your credentials, you’ve given away the valuables from that account, whether it’s the money from your bank or that character you’ve been buffing for a year. You can learn to spot phishing frauds, but it’s smart to use the automated phishing protection from your security software as backup.
Phishing sites typically get caught and blacklisted quickly, but if the fraudsters duped a few victims before the takedown, they don’t care. They just pop up another fake and keep on trolling. For testing purposes, I scrape reported frauds from sites that track such things, making sure to include plenty that are too new for any blacklist. I launch each possible fraud in instances of Chrome, Firefox, and Edge, relying just on the browser’s built-in protection and in a browser protected solely by the antivirus.
As in the malicious URL blocking test, Trend Micro turned in a very good performance. It detected and blocked 96 percent of the verified phishing frauds, matching the current score held by Kaspersky Anti-Virus. McAfee owns this test, with 100 percent protection; at 99 percent. Bitdefender and Norton aren’t far behind.
Phishing is platform-agnostic—you can foolishly give away your password on any platform that has a browser. Phishing protection, however, can vary by platform. I tested Trend Micro Antivirus for Mac simultaneously with the Windows product and got the same results, thankfully.
Multifaceted Ransomware Protection
Your antivirus should be able to fend off any known malware, and behavior-based detection can foil some unknowns. But for every new malware attack there’s a Patient Zero, the machine that gets hit before any other. Antivirus may not catch that zero-day situation. Sure, an antivirus update will probably wipe out the attacker before too long. But if ransomware was involved, that still leaves your files hopelessly encrypted.
Because missing a ransomware attack is so serious, many antivirus companies have started adding protective layers focused on ransomware protection. Some defend your files against all unauthorized changes. Others watch for behaviors that suggest encrypting ransomware. Still others maintain encrypted backups of your most important files, for recovery after clearing up a ransomware threat. Trend Micro does a little of each.
You may remember that Trend Micro offered to enable Folder Shield during installation. If you skipped it then, be sure to turn it on later. Folder Shield prevents unauthorized programs from making any changes to your protected files. By default, it protects your Documents, and Pictures folders—you’re free to add Desktop or other folders that are important to you. Trend Micro also protects files on USB drives, at least, while they’re mounted, and files in your OneDrive, Google Drive, and Dropbox folders (if present).
Folder Shield can’t directly access folders belonging to accounts other than the one that’s logged in, so each user account needs to set up Folder Shield separately. Once they’ve done so, you can see (but not change) their settings.
Folder Shield doesn’t interfere when you edit protected files using a trusted program, but it warns when an unknown process tries to make any modifications to files in protected locations. If the program in question is legit, you can trust it with a click. But if you don’t know why you got the warning, block that access! In case you’re not around to see the warning, Trend Micro blocks unknowns automatically after a short while.
I used two hand-coded very-unknown programs to test Folder Shield, one of them a simple text editor and the other a super-simple ransomware emulator. It successfully prevented both from making any changes to files in the Documents folder.
I also tried configuring my ransomware emulator to launch at startup, because I’ve encountered a few ransomware protection systems that failed in that situation. Trend Micro correctly handled the emulator even at startup.
I like to test ransomware protection by turning off other layers of protection, to simulate an antivirus tool’s handling of zero-day ransomware. Unfortunately, turning off Trend Micro’s real-time protection turns off everything, including the ransomware layer. Looking closely, I found I could manage a limited sort of test. Two of my ransomware samples were among those that the antivirus didn’t wipe out on sight, as were hand-modified versions of two others. When I launched them, it blocked them all, identifying two as suspicious and two specifically as ransomware.
I also ran the RanSim ransomware simulator from KnowBe4. I had to trust the main program and restore its launcher and data collection processes from quarantine, else I couldn’t run the test at all. It launched 10 scenarios simulating ransomware activity and two simulating legitimate crypto utilities. The best score, of course, involves blocking the 10 simulated nasties and leaving the two innocuous ones alone. Trend Micro blocked all 12. In a real-world situation where it offered to block a legitimate crypto app, you’d simply tell it to trust the program.
Besides blocking unauthorized access to sensitive files and detecting ransomware-like behavior, Trend Micro keeps a secure backup of all protected files. If ransomware does manage to encrypt some of these before the antivirus kills it, the Damage Recovery Engine restores those files from backup. Not surprisingly, I didn’t find a way to reproduce that situation to see this feature in action.
See How We Test Security Software
Trend Micro’s Bonus Features
Trend Micro’s Pay Guard isolates your default browser from possible attack, to protect your financial transactions online. It’s a lot like Banking and Payment Protection in ESET, though it uses a sky-blue border instead of green to identify the protected browser, and it puts its banner at the bottom of the window instead of in the title bar.
Kaspersky offers a similar feature, while Bitdefender puts the protected browser in a separate desktop. Pay Guard is meant to offer protection automatically when you visit a financial site, and it worked for most sites in my testing. If you don’t see the blue border, just launch PayGuard manually from the browser toolbar before banking online.
It’s now common for security programs to offer a no-interruptions mode for when you’re running a game or other full-screen app. You don’t want drop frames because of a background scan, or get fragged because the antivirus proudly announced a successful update, right? Trend Micro’s Mute Mode goes beyond the basics. Yes, it activates automatically when you enter full screen. But you can also invoke it as needed from the system tray menu. When you do so, you can set a time for it to turn off, have it suspend Windows Update while active, and even terminate specific other programs that might get in the way.
As noted above, Trend Micro did a great job replacing fraudulent and malicious pages with a warning in the browser. If you install its extension in Chrome, Edge, Firefox, or Internet Explorer, it helps you avoid clicking on dangerous links in the first place. A green icon and highlight means that all’s well—if it’s red or yellow, don’t click! You can also set the extension to rate links on mouseover. Now if you hover the mouse over any link, on any page, Trend Micro will double-check it for you.
Social Networking Protection applies similar analysis to links in the “most popular social networking sites.” According to Trend Micro, these are Facebook, LinkedIn, Mixi, MySpace, Pinterest, Twitter, and Weibo. So, it includes MySpace and Mixi, but leaves out Instagram, WeChat, and TikTok? This feature needs an update.
Note that this link analysis is unrelated to the Check Social Network Privacy feature found in the macOS edition and in Trend Micro’s suite products. That feature actively examines your privacy settings and recommends changes if necessary.
Fewer and fewer users need a local spam filter, given the prevalence of webmail services that handle spam automatically. Trend Micro’s spam filter works strictly with Outlook, and all settings except the on/off switch are embedded in its Outlook add-on. My test systems don’t have Outlook, so I couldn’t see this limited component at all.
The personal firewall is a typical component in security suites, not in a standalone antivirus, though some antivirus tools include a firewall. Trend Micro relies on the sturdy Windows Firewall to protect against outside attack, but supplements it with a Firewall Booster whose main aim is to prevent botnet-type attacks. It can also optionally display a warning when you connect to a non-secured wireless network.
Fraud Buster analyzes your webmail to filter out scams and frauds. It very specifically works with Gmail and Outlook webmail using Chrome or Firefox. To perform this service, it necessarily sends all your mail to Trend Micro for analysis. I’m not sure I like that; I didn’t enable this feature.
Trend Micro Antivirus comes with quite a collection of invisible enhancements. It includes special protection against coin-mining malware, file-less malware, and tech support scams. An artificial intelligence component adapts to new malware and new conditions. Alas, I couldn’t tease these components into having any visible effect, but I don’t doubt they’re present.
Beyond Antivirus
Trend Micro Antivirus+ Security earns excellent scores in our malicious URL blocking and antiphishing tests, but fares poorly in our hands-on malware protection test. It also gets a range of scores from excellent to poor in independent lab tests. Its multilayered ransomware protection proves effective in testing. Fraud Buster for webmail, browser protection for financial transactions, and an Outlook-specific spam filter all help justify the “plus” in this product’s name. Remember, though, that there’s no volume discount. If you need to protect multiple devices, you’ll have to upgrade to a Trend Micro suite, or choose a different antivirus.
Which different antivirus should you choose? The labs routinely award top scores to Kaspersky Anti-Virus and Bitdefender Antivirus. A subscription to McAfee AntiVirus Plus protects all your devices, whether they run Windows, macOS, Android, or iOS. And Webroot SecureAnywhere Antivirus, which also offers strong ransomware protection, is the smallest and lightest antivirus I’ve seen. These remain our Editors’ Choice products for antivirus protection.
Trend Micro Antivirus+ Security Specs
| On-Demand Malware Scan | Yes |
| On-Access Malware Scan | Yes |
| Website Rating | Yes |
| Malicious URL Blocking | Yes |
| Phishing Protection | Yes |
| Behavior-Based Detection | Yes |
| Vulnerability Scan | No |
| Firewall | No |
