Thursday, January 10, 2013

Anti Virus / Malware Protection - The Big Question.

I am frequently asked by my customers what anti-virus program I recommend. My answer tends to surprise most people because there is no clear-cut answer. The truth of the matter is, no security is going to be effective unless you let it do its job.

Many people assume that the big security suites like Norton 360 and McAfee Security Suite are the top-of-the-line because they offer so many value-added features such as a Firewall, Spam Protection, Parental Controls, Identity Protection and the like. Some of the more advanced suites even offer maintenance utilities such as defrag programs and registry cleaners as part of their package.

The problem with these "full featured" security solutions is twofold:
  1. They provide a false sense of absolute security that tends to leave users feeling like they don't have to use any common sense at all. Users of these programs often feel like since they paid for a full featured security program, they should be able to click on whatever they want with total abandon. Unfortunately, this is far from being the case - no matter how much you pay for your protection, it can only do what you tell it to do. - More on this later.
  2. They become TOO restrictive and users disable functionality or ignore warnings. Like the boy who cried wolf, if users get a warning every time a legitimate program tries to do something they tend to start ignoring the notifications and when an actual problem occurs, they may disregard it assuming it is another false positive.

Why does my computer still get infected even though I have anti-virus protection?

Many malicious programs install like a normal program, so the computer (and security suite) treat it as a normal program. These are known as MALWARE as opposed to a virus because they trick you into performing a legitimate installation. If you choose to install a program and just click past the normal warnings (Windows User Account Control, Are you SURE?, etc.) the computer assumes that you know what you are doing.

Most anti-virus programs only stop actions that are being taken without approval from the user. That is where anti-malware programs become effective, but only if they are used properly. Most free anti-malware programs only run when the user initiates a scan. If the user does not regularly scan for malware, the computer can become increasingly infected over time. Some paid versions of anti-malware programs such as Malwarebytes and AdAware Pro run in real-time and are much more capable of detecting known threats, but no program can be 100% effective without also hindering the user experience.

More protection is NOT always better!

One thing that many users fail to realize is that running multiple security applications can actually detract from the safety of your system. If multiple anti-virus programs are running, not only is it likely to drastically decrease the performance of your computer, they may actually conflict with one another's ability to remove threats.

If, for instance, one program is trying to move an infected file to quarantine and another program detects the threat during the process, it may deny access to the file from the first program and thus leave the threat untouched where it can continue to infect your system.

So what is the best Security Solution?

User common sense and safe surfing habits is the ONLY way to guarantee a secure internet experience. That being said, there are several free programs out there that can help: 

Anti-Virus

  1. Malwarebytes Anti-Malware - I HIGHLY recommend purchasing the full version of this for real-time malware protection. It really is one of the best programs out there and I have been using it on my personal computers for several years.
  2. Ad-Aware
  3. Spyboy Search and Destroy
  4. CCleaner
Do NOT use more than ONE of any of the programs from each category at the same time! This is very important. It does not matter which ones you use (Though my preferences are Microsoft Security Essentials and Malwarebytes Anti-Malware) but do not use any other programs in conjunction with them. It will only hinder your computer's ability to protect itself.

2 comments:

  1. I find that using any type of anti-virus. if it says that the site isn't safe, then don't go to that site. Your just asking for trouble if you ignore that warning... what stupid people would continue going to a site that isn't safe.

    ReplyDelete
  2. The problem is some of the more "full featured" security suites tend to have a lot of false positives... they flag safe sites as unsafe for simple issues like a security certificate being expired or a minor communication issue with a database. If the program is too aggressive, the warnings become routine and go unheeded even when there is a legitimate problem. It is not uncommon for people to decide that they know better than the program they pay to protect them, then are shocked when they get infected.

    ReplyDelete