Choosing an Anti-Virus Program

antivirus-program

Choosing an anti-virus is a matter of personal preference, your needs, your technical ability and experience, features offered, user friendliness, ease of updating (and upgrading to new program release), ease of installation/removal, availability of quality/prompt technical support from the vendor and price.

There is no universal “one size fits all” solution that works for everyone and there is no single best anti-virus. Every vendor’s virus lab and program scanning engine is different. Each has its own strengths and weaknesses and they often use a mix of technologies to detect and remove malware.

You may need to experiment and find the one most suitable for your needs. For more specific information to consider, please read SANS Institute Choosing Your Anti-virus Software.

No single product is 100% foolproof and can prevent, detect and remove all threats at any given time.

The security community is in a constant state of change as new infections appear and it takes time for them to be reported, samples collected, analyzed, and tested by anti-virus vendors before they can add a new threat to database definitions.

Further, if you’re dealing with zero-day malware it’s unlikely the anti-virus is going to detect anything. Malware writers have the advantage since no matter how hard security vendors attempt to stay on top of new threats, there is always a short time-frame in which a new malicious file goes undetected and can infect a computer without detection.

Just because one anti-virus or anti-malware scanner detected threats that another missed, does not mean its more effective. Every security vendor’s lab and program scanning engine is different. Each has its own strengths and weaknesses and they often use a mix of technologies to detect and remove malware.

Security vendors use different scanning engines and different detection methods such as Heuristic Analysis, Behavioral Analysis, Sandboxing and Signature files (containing the binary patterns of known virus signatures) which can account for discrepancies in scanning outcomes. Depending on how often the anti-virus or anti-malware database is updated can also account for differences in threat detections.

Further, each vendor has its own definition (naming standards of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another.

Thus, a multi-layered defense using anti-spyware products (I recommend the paid version of Malwarebytes) to supplement your anti-virus combined with common sense. 

Good Security Habits and safe surfing provides the most complete protection.

Free Antivirus programs: (choose and install only one).

* avast! Free Antivirus <- includes Dropbox or Google Chrome pre-checked by default during installation

* Microsoft Security Essentials <- includes the option to join the customer experience improvement program

* Bitdefender Antivirus Free Edition

* Avira Free Antivirus <-I recommended this free version and use it myself

* AVG Anti-Virus Free Edition <- includes AVG Security Toolbar – AVG Secure Search pre-checked by default during installation

— As noted above. many anti-virus vendors are bundling toolbars and other software with their products as a cost recoup measure. In fact, all free Anti-virus programs now come with toolbars or other bundled software except Bitdefender Free…see Has the antivirus industry gone mad?! If pre-checked by default that means you need to uncheck that option during installation if you don’t want it.

This practice is now the most common revenue generator for free downloads by many legitimate vendors and is typically the reason for the pre-checked option.

Note for Windows 8 users: Windows 8 integrates Windows Defender on Windows 8, a more robust version of Windows Defender (and uses that name) for its anti-virus (and anti-malware) protection. Although it uses the same name, it is not the same as Defender in previous operating systems. Windows 8 Defender provides the same level of protection against malware as Microsoft Security Essentials (MSE), therefore, you cannot use MSE with Windows 8.

Since Windows 8 Defender includes anti-virus protection, it may be disabled by the installation of a third-party anti-virus program. If a trial anti-virus came preinstalled on your computer, it most likely turned Windows 8 Defender off (disabled) to avoid conflicts. Windows 8 Defender will remain disabled until the third party anti-virus has been completely uninstalled and then Windows 8 Defender needs to be activated if you choose to use it.. If you want to use Windows 8 Defender you need to completely uninstall the third-party anti-virus and activate it.

If you want to use another anti-virus it is recommended to disable Windows 8 Defender before installing a different antivirus software.

If you are looking for a paid for program, I generally recommend Kaspersky Anti-virus

IMPORTANT NOTE: Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to Windows resource management and significant conflicts that can arise especially when they are running in real-time protection mode simultaneously. Even if one of them is disabled for use as a stand-alone on demand scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up regardless of whether real-time protection is enabled or not. Thus, using multiple anti-virus solutions can result in kernel mode conflicts causing system instability, catastrophic crashes, slow performance and waste vital system resources. When actively running in the background while connected to the Internet, each anti-virus may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

When scanning engines are initiated, each anti-virus may interpret the activity of the other as suspicious behavior and there is a greater chance of them alerting you to a “false positive“. If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights on dealing with that threat. Each anti-virus may attempt to remove the offending file and quarantine it at the same time resulting in a resource management issue as to which program gets permission to act first. If one anit-virus finds and quarantines the file before the other one does, then you may encounter the problem of both wanting to scan each other’s zipped or archived files and each reporting the other’s quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a threat has been found after it has already been neutralized.

Anti-virus scanners use virus definitions to check for malware and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, many anti-virus vendors encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus. Further, dual installation is not always possible because most of the newer anti-virus programs will detect the presence of another and may insist that it be removed prior to installation. If the installation does complete with another anti-virus already installed, you may encounter issues like system freezing, unresponsiveness or similar symptoms as described above while trying to use it. In some cases, one of the anti-virus programs may even get disabled by the other.

To avoid these problems, use only one anti-virus solution. Deciding which one to remove is your choice. Be aware that you may lose your subscription to that anti-virus program’s virus definitions once you uninstall that software.

Microsoft and major Anti-virus vendors recommend that you install and run only one anti-virus program at a time

Quote

“You don’t need to install more than one antivirus program. In fact, running more than one antivirus program at the same time can cause conflicts and errors that make your antivirus protection less effective or not effective at all.”

 

If you need any help removing viruses or malware or computer repairs contact: Bob The Helper PC Doctor 0418 530 133