Helping people with computers... one answer at a time.

There are many choices when looking for solutions to protect your system. I'll review how I look for things and how I make my decisions.

Protection against viruses, spam, Spyware, etcetera, etcetera, etcetera, is becoming even more critical as time goes by. I am running MS XP Professional (SP2), but am uncomfortable in relying solely on MS products and technology for protection. But, the number of products out there today, claiming to be able to provide same, seems to be expanding exponentially, so:

  1. How does one go about deciding on what product to use in removing the vermin and protecting against future infections?

  2. What criteria (aside from price) could (or should) you use in making one's decision and product selection?

  3. Would a bundled application (all defenses in one) be necessarily more effective than several standalone products?

  4. Finally, is there some location on the Web where one could find truly valid, independent assessments/reviews of products out there today?

A number of good questions that I think a lot of people share.

If we're paying attention at all, we're constantly getting told "protect yourself!". Great. With what? There's a ton of crap out there, to put it bluntly, how should you decide what to buy?

I'll tell you how I decide.

I'm going to take your questions in reverse order.

Is there some location on the Web where one could find truly valid, independent assessments/reviews of products out there today?

I'm a huge believer in reputation.

By reputation, I don't necessarily mean that the products you see everywhere are the ones to use. Rather, I mean that when you do a little bit of research, these are the products that real people recommend.

Unfortunately I know of no single location I would turn to for that information. Rather, I'd be looking at several different sources from which to draw my own conclusions.

The data for your research can come from a variety of places. For example I chose my anti-virus solution based on a very simple recommendation: Microsoft's. When I left the company in 2001, Computer Associates eTrust Anti-Virus was the Microsoft-internal anti-virus solution distributed to all employees for installation on company machines and with license (and even encouragement) to take home and install on machine that might remotely connect to the corporate network. Given the target that Microsoft is, and was, that seemed like a pretty strong endorsement. And indeed, I've been using it ever since and been exceptionally happy with the product.

Research naturally also includes mainstream tech and PC publications, like perhaps cnet.com or pcmag.com. In addition, frequently consumer publications such as Consumer's Reports will also review the current state of products. I tend to be just a little skeptical, and in fact in quickly researching current recommendations for this article I find that I don't necessarily agree with some of their conclusions. So I typically wouldn't rely on them for my only source of information, but they're a great start to at least get a sense of the products that are available.

"I'm a huge believer in reputation."

Another good resource turns out to be many retail stores like Amazon that allow product reviews to be posted on their sites. You'll frequently see a lot of feedback on any given product that you might be considering. While no product ever gets 100% positive feedback (you can't please everyone), you can quickly get a very good sense of whether a product is valuable, or simply too risky to consider.

There are thousands of web sites on the internet that provide a forum for discussion, and there you'll often find strong opinions as well. The problem here is once again identifying those sites that are legitimate and not pushing an agenda of their own. Sites like lockergnome.com, daniweb.com spywareinfo.com and others are often both great reference sites, as well as discussion forums containing the opinions of many knowledgeable users.

So if there's not one place, and all of the above (and others) won't agree on what the "best" is, how do you decide?

I look for trends. If more people complain about product A than B across multiple sites and sources, then I'd lean towards product B.

Would a bundled application (all defenses in one) be necessarily more effective than several standalone products?

In my fairly strong opinion, no.

I base that primarily on the four+ years of problem reports and feedback that I've received here at Ask Leo!. It just seems that the combined suites cause more problems and miss more malware or security issues that a well chosen set of individual solutions.

My theory is that the suites start with a really good single product - say an anti-virus solution. In order to create a suite of the manufacturer then buys or creates what I can only assume are second-rate additional components, like an anti-spyware solution or firewall. The net result is that they don't integrate well, and while one component my have you protected from one form of malware, another won't do as well.

There may be good suites out there, but my personal opinion right now is that you're better off selecting individual solutions.

What criteria (aside from price) could (or should) you use in making one's decision and product selection?

Well, I've already spoken about reputation. That's number one, in my book.

I also believe in sticking with popular and well known brands. For any of the solutions you'll quickly see the same names over and over again. That's a good thing. If after seeing all those names repeatedly you're suddenly presented with some solution you've never heard of, it's time for some heavy duty skepticism.

Many products include subscriptions. By that I mean that in order to keep your database of malware up to date you'll need to pay an annual subscription. I'm not going to argue pro or con on this just yet, only to say that be sure to realize that it may happen, various products will have different requirements and prices, and then factor that into your decision.

And finally, the basic stuff: make sure that the product's system requirements match your system's capabilities.

I'll also add one disrecommendation: if you suddenly find yourself faced with a popup that says something to the affect of "you're infected, click here to download our product to fix it", DON'T! Any kind of add or pop-up that looks like a warning and that directs you to a specific product or website is simply not to be trusted.

How does one go about deciding on what product to use in removing the vermin and protecting against future infections?

So far we've talked about my approach to specific product selection, but just what products do you need?

Here's the short list:

  • You must have a firewall of some sort. Software or hardware matters less than just making sure you have one in place.

  • Anti-virus protection. At a minimum a product that you can configure to scan periodically, and perhaps one that includes real-time protection, for example scanning as you download files.

  • Anti-spyware protection. While it seems like viruses and spyware are kinda sorta the same thing (and they kinda sorta are), the fact is that they are different in many respects, and the best approach to detect them is quite different. Hence, a separate anti-spyware tool is a requirement as well.

I'm also assuming some common sense here - things like don't execute attachments you don't know are safe - but that's not something you can purchase at your local computer store.

So what do YOU run?

You didn't ask explicitly, but a real quick shortcut to deciding all this is to find someone you trust, and just do what they're doing. In some ways that's how I arrived at my anti-virus solution, as I described above.

So, on the chance that you might trust what I'm doing, here's what keeps the computers at Ask Leo! world headquarters safe:

  • CA Anti-Virus 2008 (I'm actually running older versions, but this is the current equivalent.) On most computers it's configured to scan nightly, though on some where the risk is perhaps a little higher, real-time scanning is also enabled. This is a subscription product, and to me worth it.

  • Microsoft Windows Defender is my anti-spyware solution. It's free.

  • My NAT router is my firewall. There are no software firewalls enabled on most of my computers. When I travel I use the built-in Windows firewall, which sometimes gets left on by mistaken when I return home with no ill effects.

And that's it. Well, that and the other steps outlined in my earlier article Internet Safety: How do I keep my computer safe on the internet? Things like keeping Windows up to date, understanding physical security, and so on.

And that whole "common sense" thing as well. It's not as common as we'd like to think.

Article C3224 - December 1, 2007 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

14 Comments
Sgt. D. Pilla
December 2, 2007 6:47 AM

Great answers leo ;)
I personally Use Avast Anti Virus, its updated twice Daily with new virus definintions, it Scans Real Time while downloading files, and It scans Instant Messaging programs, its a Web Sheild so checks each website for possible infections, For Example, The other Day it blocked a Drive By Download for me, coming from that web address!
And best of all, its free, Completly!
IT also uses VERY little system rescources, In fact, at the moment Windows Vista and XP both say it is using 2% CPU and 20MB of Ram, compared to Anti Virus like McAfee or Noton which can use Upwards of 200MB Ram.
Another great feature is it scans the memory and open processes for infections before running a Virus Scan, what this means, is that if a virus is running in the background, and avast finds it, It will End the Running Process, PLUS block that process from running (so It can restart itself like most do) then once the Virus Scan of the system completes, it, Based on user preference, deals appropriatly with the infection, So if the user asks avast to delete it, there is no issues with having to Restart the computer into safe mode, just so the virus doesnt run,and can be safely removed, because avast unlike any other Anti Virus, has blocked and stopped the virus before it did the scan.
I fully recommened to ANYONE looking for an Anti Virus program to Try
Awils Avast Anti Virus
Its free, Its reliable, its not a hog, and its powerful!

John Hileman
December 2, 2007 2:43 PM

I will second Avast.

I had been using McAfee, my employers internal anti-virus solution. Like Leo's past experience, McAfee is free to me My employer has a license that lets employee's use it at home. I stopped using it six months or so ago because the latest version was way too bloated and slowed up my computer.

Good luck.

Mark
December 2, 2007 3:36 PM

Not to turn this into a Pro Avast page, but I have had decent luck with them as well. AVG is also ok, though not as reliable I think. I would strongly advise against Macafee and Norton/ Symanetc. They hog system resources, lead to crashes, and in my experience, are always a day late and a dollar short when it comes to catching viruses. I recently did a virus sweep of a neighbors computer. He had faithfully used an updated Macafee for several years. I removed it, used Avast, and found about 200 or so infected files. Remember folks, if your University or Employer gives you an anti-virus package for free, but it doesn't work, then you haven't save time or money!


Another solid piece of advice that Leo often mentions is to have MORE than one anti-virus program. They won't all catch everything. If you buy a major program, having avg or avast around to get a second opinion once in a while can save a lot of headaches. Just don't run them all at the same time!

Aaron
December 2, 2007 8:50 PM

Well, all or nothing eh?

I used to be an avid McAfee fan back in the day. They were
the lean product Symantec could only once wish they were.
Well, unfortunately now McAfee's suite is just as bloated as
Symantec (Norton).

I tried a few others, Trend Micro, Sophos, AVG and so on.
Most were decent and fairly lean. Props to AVG for being free
by the way. Then someone turned me onto Avast. This is what I
recommend to friends, family and coworkers. Though the
default skin is a bit akward, the program itself is as lean
as any of the latter mentioned. Give it a try!

Ken B
December 4, 2007 10:29 AM

One thing I would recommend _against_ would be using your favorite search engine as your sole source. A search for "remove spyware", for example, will typically give you numerous hits for rogue software which masquerades as anti-spyware, but which is actually spyware (or worse) itself.

It's amazing how many computers come in to our shop for cleanup which are infested by these programs, because the person tried cleaning up himself without knowing any better.

Ravi Agrawal
December 8, 2007 4:12 AM

Well, I use AVG Anitvirus Free Edition. It scans in real time. It always has some Defintion Files to download daily (means the Company is constantly working). I have never had any problems though & I believe in a Complete reformat of the Hard Disk in case you get infected. AVG Anitvirus is really low on resources & runs happily even with 256MB RAM with XP Pro SP2 installed.

About Spyware, I am not much bothered because I know my Browsing Habits (and will surely identify if some spyware has struck on me) & am pretty much an advanced User to completely reformat the System from scratch. Moreover I am behind a NAT router, so feel pretty much safe. But I run ZoneAlarm Firewall & it does its job well (though the Free Edition does not allow you to configure Individual Ports).

Rest, MS products are really great and I believe in sticking to the Original Versions (Unpirated ones) but in my opinion, they are pricey. You have a lot of Free options if you scour the Internet which work equally well as the professional ones but yes, you must have the skills to know how they are performing.

Ravi.

Buffet
December 8, 2007 4:54 AM

It's unanimous - Avast rules! As for Windows Defender, it's absolutely worthless, just like Windows firewall, or any of the rest of Microsoft's junk. Never install anything that phones home!

Stephen Lee
December 8, 2007 9:16 AM

I use AVG, ZoneAlarm Firewall, AdAware and Spybot Search & Destroy. All free versions. I also have MS Defender installed (as it was free) and still find that AdAware & Spybot pick up odd things that Defender misses.

Rob Cox
December 8, 2007 9:58 PM

Another thing everyone needs to do to keep their system secure is to download the latest windows updates related to security every month so that their systems are not exposed to known vulnerabilities.

I have used several antivirus and antispyware apps over the past several years - both full time use in home and office as well as in the field cleaning up over a thousand infected pc's. In my opinion I have found that AVG anti-virus gives the best combination of both capability and simplicity for the end user as far as antivirus goes. I think avast is a great product and use it personally at home, but I won't use it for clients because it is not as simple to explain and set up for the clients - this leads to more of my time being used for support. I would say that avast and avg are very close in their abilities to clean up infected systems. Having tried both on a large number of infected systems, (I tried avg then avast, or avast and then avg) I would say it was pretty rare when one would pick up a virus that the other did not see.

Do not install more than one anti-virus at a time unless you know how to disable one of them completely and only activate it for a manual scan. Having more than one AV running at a time can lead to problems.

As far as anti-spyware, I rely on Webroot Anti-Spyware (not the version with Antivirus in it) as well as PCTools Spyware Doctor. They both seem to be about equal in their abilities. The only thing I do not like about webroot is that you cannot program the time when it will do it's updates - it does cause the system to slow down quite a bit for a minute or so when it is doing its updates and I would prefer to program it to update at night just before it scans. Other than that, it is a great program and I recommend it to clients.
I have used spybot search and destroy and ad-aware and I feel they are pretty good programs but that they do not get anywhere near removing all infections. Generally I have found that spybot removes some, ad-aware will remove some more, but if you really want to clean the system well I would use webroot and/or pctools. Also, if you have been infected by the WinAntivirus, etc programs that give constant popups telling you that you are infected and asking for you to buy their software you can get rid of that for free with a good little program called "Rogue Remover".

Firewalls - OK, number one, if you are using DSL or cable or other broadband fast internet connection you NEED (URGENTLY NEED) to have a router installed between a cable/dsl box and your pc. (some isp's provide a combo modem/router). If you don't have the router, then your PC is CONSTANTLY UNDER ATTACK. Your system is being scanned every day by probably dozens of hackers looking for a way to break into your system to use it for criminal purposes. A hardware firewall such as is found in some routers is some protection, but most professionals will argue for LEVELS of protection in depth. So go for the hardware, and software as well. Number two, an extra software firewall is a very good idea as well. PCTools offers a free one, and so does Zone Alarm. Just beware, you do not want to block everything that pops up saying it is trying to connect to the internet. STOP, read the message and find out what is trying to connect and then go to google or yahoo and search on that progam name - find out what it is before you block it. Be careful with firewalls becuase you can really mess up the normal operations of your system if you are not careful.

If you have a very bad infection that these products will not clean, you will need to back up your data files, and then completely wipe your system and reinstall everything.

Thanks Leo, for this great, informative article.

I hope this has been helpful for you.
Rob Cox, Owner
Cox network & PC Services

Rob Cox
December 8, 2007 10:07 PM

One more thing, since this article is under the heading of Malware Prevention. Stay off of sites with adult or pirate content, and you will avoid a lot of the hassles.

One other thing you can do is turn off the preview pane in your email program if you use a program to get your email.

Lastly, many of the drive by download attacks and script attacks only work on Internet Explorer. Download firefox and use it instead for most of your web surfing.

Rob Cox

John
December 9, 2007 9:45 AM

Im a firm believer in comodo-firewall pro.
Easy to configure-and is getting more popular
by the day.
Comodo also has anti-virus & anti-malware programs to.
Just adding my 2 cents worth.

abhinav
December 10, 2007 10:42 PM

hmm..! I am using quickheal for more than 2 years and didn't get a single virus. though avast , avg and avira are also good but i doubt that they will not repair most of the files which have virus even made in year 2003. I think avira is also good and detection rate (which matters most) is also good. the most reliable source to see detection rate of anti viruses,I think is virus bulletin. others like panda is also good. but i will always recommend quickheal antivirus which provides all basic protection that is firewall + antispyware + antivirus and of course it is less costlier than other as it is of just 30$(US). this is my personal experience.

Scott Evans Harker
December 14, 2007 7:31 AM

As the originator of the question Leo responded to, I would like to thank him, publically, not just for his complete, in-depth response, but for the invaluable service he is providing (Leo, I would buy you a Latté if I knew how I could get it to you in one piece).

For the record, I have experienced many of the same situations described elsewhere in these comments, and at a, not insignificant, cost while on a limited budget. In fact, it was those rising costs, with no satisfaction that led to the question in the first place. I did the Symantec and McAfee routes with the same observations – bloated. Then, three months ago the manager of a Hospital IS department in our area clued me into the existence of AVG and, thus far, I’ve been impressed by it’s KISS approach to product design and development, and of course “Free is Good”. As with the experiences of others, it has already saved me once by picking up a virus that had slipped through my other defenses.

I applaud its developers for their decision to release it, at no charge, to the general computing public.

I also happen to agree with Rob Cox re: the need for more than one product in any given category, and will be looking at the suggestions he and others here have offered.

Thank you, all.

Ravi Gupta
February 17, 2008 1:39 AM

I have a lot to say, but i guess this is supposed to be a comment only so i will be as brief as posssible. The products i recommend are chosen after examining nearly every review and comparative available and 5 solid years of installing, testing and uninstalling various antimalware software.
RESIDENT ANTIVIRUS:
*FREE- Avira Antivir Personal Edition Classic.
*PAID- Kaspersky, NOD32.
RESIDENT ANTISPYWARE:
*FREE- Spyware Terminator, Spyware Doctor Starter Edition(via Google Pack).
*PAID- Webroot Spy Sweeper, Spyware Doctor.
SOFT FIREWALL:
*FREE- Comodo, Online Armor Free.
*PAID- Outpost, Online Armor.
NON RESIDENT ANTIVIRUS:
Norton Security Scan(via Google Pack),BitDefender Free Edition 8(not 10 though its the current version coz it interferes with Windows Security Center, via filehippo.com), Kaspersky S.O.S.
NON RESIDENT ANTISPYWARE:
AVG Antispyware(free version drops resident protection after 30 days), AdAware 2007 Free, a-Squared Free Edition.
If you disagree with any of the above recommendations, their relative ordering or have any doubt as to the authenticity of these claims,
please feel free to mention it here.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.