Buying Guide: Anti-Virus Software

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

If you’re reading this article, chances are you don’t need to be convinced about the importance of anti-virus software. But since the “Do I really need it?” question does frequently come up, let’s address it right off the bat.

If you don’t use anti-virus software, does it mean your system will pick up an infection the moment it hits the Web? Probably not. But especially if you’re on a Windows PC (we’ll talk about Mac OS a bit later)—and even if you’re the conscientious type who eschews dodgy Web sites and refrains from opening unfamiliar files or e-mails—anti-virus software is still a must, because threats are not always readily apparent. Being careful certainly reduces the risk, but doesn’t eliminate it.

Free vs. fee?

We’re all familiar with the adage “you get what you pay for,” and there’s often a tendency to think that a free product must be woefully inferior to one that requires you to open up your wallet. Fortunately, that need not be the case when it comes to anti-virus software. It turns out that you don’t need to part with any cash to get reasonable—even good—protection against online threats, such as viruses, worms, Trojans, or spyware.  For simplicity’s sake, we’ll refer to all of this stuff as malware for the rest of the article. (For a full explanation of the differences between viruses, worms, and Trojan Horses, read this article from Internet.com’s Webopedia.)

One of the more notable and recent entrants to the free anti-virus arena is Microsoft Security Essentials 1.0. It’s available for any Windows system (XP through 7) that passes Windows Genuine Advantage validation (i.e. the OS isn’t counterfeit or pirated); it’s quick and easy to install and has an extremely simple user interface. Most importantly, it does nearly as good a job of detecting, removing, and protecting against malware as many commercial products, according to the well-regarded and independent testing lab AV-Comparatives.org. (Incidentally, all of the anti-virus options we cite in this article—which is not a comprehensive list—received favorable ratings from AV-Comparatives.org most recent report, which you can read here (in .pdf).)

Other good anti-virus options available gratis include AVG Free Edition 9.0 with its LinkScanner feature that checks sites you visit (or see listed in search results) against a database of those known to be unsafe; Internet Explorer 8 includes a similar feature called SmartScreen, though it doesn’t check sites until you actually try to visit them. Also good and free, the recently updated avast! Free Antivirus 5.0, which claims to be the world’s most popular free anti-virus tool. The latest version boasts a much-improved UI (which wasn’t a big strength of its predecessor), more judicious use of system CPU/ RAM, and speedier scans. 

When considering any free anti-virus program, keep the following caveats in mind. First, they’re usually entry-level versions of a company’s commercial products. As a result, when downloading a free version you should expect to endure a bit of a sales pitch for the paid version, and possibly periodic admonitions to “upgrade” after you have it installed. Also, free anti-virus software often carries significant license restrictions—often it’s only provided for home or non-commercial use, which precludes you from installing it on any work or business-related computer. AVG Free’s license agreement further restricts use to a single PC, for example, and even though it’s free, you must register avast! Free to keep using it beyond 30 days.

Cloudy with a chance of malware

Panda Security’s Panda Cloud Antivirus Free Edition 1.0 represents a relatively new approach to anti-virus protection. Conventional anti-virus tools identify malware predominantly by consulting a vast database of “signatures” that must be downloaded to a PC and regularly updated there. By contrast, Panda’s cloud-based anti-virus takes advantage of information continually gathered from a large network of connected users, which can translate into timely identification of and protection against both existing and emerging threats despite the lack of a locally stored malware database. The catch is that no connection means no protection, though for the duration your Internet link is down, your risk of infection is pretty negligible anyway. 

When and why to pay

So given the relatively high quality and availability of free anti-virus software, is paying for it automatically a waste of money? Not necessarily—it all depends on your personal needs or preferences.

For example, many commercial anti-virus products, including security industry mainstays McAfee VirusScan Plus and Symantec’s Norton AntiVirus 2010 offer advanced forms of threat detection, such as heuristic analysis, which looks for specific behaviors that might better detect an unknown virus—or a new version of an existing one (this can come in handy if you frequently troll the dark corners of the Web). 

Commercial anti-virus programs also typically provide supplemental protection features not available in free versions.  Case in point: opting for avast! Pro Antivirus over the free version gives you the ability to visit questionable Web sites or run unknown programs in an isolated “sandbox” where they can’t damage your system. Similarly, Kapersky Anti-Virus 2010 (which isn’t available in a free version) includes a virtual keyboard that lets you enter sensitive info including passwords or PINs without fear of interception by a keylogger.

Most commercial vendors offer comprehensive security “suites” with additional features beyond anti-virus that are security-oriented, but not strictly malware-focused, that you may or may not find useful-- such as spam filtering or parental controls. Then there’s the issue of support--for free software, it’s generally limited to community-driven message boards, but if you’re a paying customer, support via e-mail, chat, and/or phone are often available.

If you do decide to shell out for anti-virus software, take vendor claims with a generous helping of salt. Security software is big business, and companies spew forth lots of marketing bluster to convince you that their products are sui generis when it comes to effectiveness, ease of use, and so forth. Before plunking down your hard-earned cash, check for the availability of a 30-day trial version (most vendors offer one), so you’re not locked in if, say, you find the software’s interface incomprehensible or that it bogs down your computer’s performance.

When you do pull the trigger to purchase, be mindful of what you’re buying. Some vendors automatically allow you to install the software on three PCs, others just one, with additional available licenses at extra cost. Also, many vendors automatically tack on up to $7 for “extended download service” in case you need to grab it again in six months. Our advice: skip this gratuitous charge and make a backup of the download yourself. 

What about Macs and Linux?

There’s a common notion that Mac OS is an inherently more secure operating system than Windows, and thus, less susceptible to malware. It’s true that malware is less prevalent on Macs, but what makes it so is the relatively small market share (about 5% according to the latest data from Net Applications). This translates into far less incentive for malware creators to find and exploit security holes, and limited potential for nasty stuff to propagate if they do.

That said, Mac-based malware does exist, as do tools that provide protection from it. ClamXav is free and open-source antivirus software for OS X 10.3 and above, PC Tools’ iAntivirus is a free/pay offering, and many of the aforementioned commercial Windows anti-virus vendors offer Mac versions too.

As for Linux, the same general rule applies—safer than Windows, but not categorically safe.  AVG offers a free Linux version and ClamAV is available for, and sometimes included with, many Linux distros.

Additional tips

Regardless of what kind of anti-virus software you choose or whether you paid for it or not, it’s important to note that none of it is guaranteed to be 100% percent effective. Nevertheless, stick to a single anti-virus program—using more than one doesn’t augment protection, it just causes big headaches due to conflicts.

Also, be on the lookout for rogue security software, also known as scareware, which uses official-looking pop-up warnings about non-existent infections and offers to remove them if you install their handy software. Bottom line: don’t touch these unsolicited offers with a ten-foot pole. 

To maximize your protection, it’s important to not only keep current with all operating system security updates, but those for third-party applications, as well—especially ones like Adobe Acrobat and Flash, or Sun’s Java, where vulnerabilities are regularly discovered and patched. One way to make the latter task easier is to use Secunia Online/Personal Software Inspector to scan your system (either via browser or a downloadable app—both free) for insecure versions of software.

So let’s recap. Always run anti-virus software, don’t discount the efficacy of free tools, and if you decide to buy, do it because you want or need the extra features (and take it around the block first).

Joseph Moran is a veteran technology journalist and frequent contributor to many Internet.com sites. He does his safest computing from his office in Florida.