Why pay for antivirus software?

Microsoft Security Essentials has protected my desktop computer from viruses, spyware and other malicious software for more than nine months. I’ve had no security problems in that time – and I’m a heavy-duty internet user spending hours online each day working in my freelance writing business.

It does the job so well, I barely notice the application. There have been a few occasions when I’ve seen warning messages, but dealing with them means a simply click or two and the problems go away.

Microsoft Security Essentials is free, but that’s not the only reason I think it beats paid-for security applications from companies like Symantec.

When I first looked at Microsoft Security Essentials in October 2009, I described it as "barely there" saying the software sips system resources so sparingly there was no noticeable effect on the computer’s performance. This contrasts with  Norton Internet Security which slowed my computer down from the moment I installed the application – then proceeded to get worse over time.

Better still, Security Essentials is unobtrusive. It never gets in my way. There’s no work full stop, no set-up, no tweaking and no worrying.

In my earlier report I said I wasn’t yet certain if Security Essentials was better than Avast. Since then, I’d say the results are in, and Microsoft Security Essentials has the edge.

We’ve run Avast over the same period on one of the family computers and the applications works just fine – although there is an annoying database update message. However, I’m planning to install Security Essentials on that machine too because independent tests show the Microsoft tool beats Avast on detection.

I’m still running Panda Cloud Antivirus on my laptops – it is at least as good as Microsoft Security Essentials – more about that later.

Panda Cloud Antivirus is hard to beat when it comes to free PC security.

Unlike other security tools, Panda does most of its work in the cloud – it is software-as-a-service. Panda sends data about dangerous looking files to its servers for closer inspection.

Because your computer doesn't do the hard work, Panda imposes almost no overhead.

When I benchmarked my PC there was no performance difference between the system running the software and having the software switched off. If there's a network overhead, I couldn't measure it.

Panda's other big advantage is the malware checking database is always up-to-date. There are no signature files to download.

One issue I have with Panda is the program is so trouble-free, it is easy to forget. You barely notice it. I previously described Microsoft's Security Essentials as "barely there" – Panda Cloud is even less noticeable.

Panda is better than other free anti-virus products at trapping malware. I previously ran it for a month without any issues and have run it for the past three or four days with no ill effects.

I'd say it is the most promising free anti-virus application on offer. At some point the developers will need to make some money. I'll be interesting to see how. For now, this is possibly the best free choice.

Of course, you may prefer not to leave your computer's protection in the hands of free software makers.

Symantec's SMB director for the Pacific Region Steve Martin says crooks duped millions of customers into buying fake security software products. And the middlemen peddling the dodgy wares have grown fat on the proceeds.

At best the programs do nothing to protect computers from viruses and other threats. However, some of the fraudulent applications on offer contain malicious code which can give crooks access to data or worse.

Martin warns the companies selling these programs online have a plausible-sounding sales pitch. In some cases they place advertising with Google and other ad networks. But more often visitors to web sites stumble across pop-ups delivering what looks like a legitimate message telling people their web site security needs updating.

Perhaps the most frightening aspect of the scam is the way people are lead to a safe-looking payment page asking for credit card and other details. Many unwitting consumers who have handed over these details find their private information is then passed on to other crooks who can extract more money from their accounts.

Symantec's warning stems from an internally produced study report on rogue computer software.

Security products can help protect your computer. Some are traditional packaged software, others are online services. Here are the types of security applications you are most likely to need:

Anti-virus

Designed to keep your PC free of infection, anti-virus programs generally use two different approaches. First, they match databases – known as signatures – against incoming files to spot potential threats and block them.

Vendors update signature files regularly, some run daily updates, others update signatures every hour or so. This isn’t always enough. Virus writers aim to ‘fly under the radar’ with fresh malware.

The worst codes spread faster than signature updates. So most antivirus programs now include tools designed to spot suspicious virus-like behaviour from unknown files. These files are flagged as potential threats and treated.

Anti-virus is a misleading name these days. Almost every anti-virus program provides protection from a range of different mal-wares.

Firewalls:

Firewalls control the flow of internet traffic to and from your computer. Some are hardware devices – if you use a router it may have a built-in firewall – but in most home set-ups they are software.

Firewalls have two main functions. They act as a gate, stopping unwanted traffic from entering your system. At the same time, they should stop unapproved traffic from leaving your system. For example, if there’s a spyware program on your computer monitoring your activities, a properly configured firewall will stop that information from being sent. Equally, if a worm infects your computer, a worm, a firewall will stop it getting out and infecting others.

The firewall in Windows XP only stops incoming traffic; so it will only protect you up to a point. You should invest in a commercial firewall product – they are all bi-directional.

Unlike antivirus programs, which are forgotten once install, firewalls are complex. If you set things up incorrectly, you may leave your computer vulnerable. Alternatively, you may hinder legitimate traffic – this is especially difficult if you use a home network. The best firewalls will automatically configure themselves, but they tend to err on the side of caution blocking any unusual application.

Anti-spyware

Also known as spyware blockers. There’s a thin line between antivirus and anti-spyware tools – in fact some commercial security products now combine the two functions in a single application. Good anti-spyware products will detect and remove both spyware and adware from your computer. It should also block this kind of software from being installed. Firewalls may detect spyware it first attempts to send data back to base.

Spam Filters

A program designed to stop, or at least drastically reduce, the amount of spam turning up in your email in-box. Spam filters can save you time and money sorting through rubbish emails but most home and small business computer users don’t need to worry about filtering spam. That’s because many ISPs and web-mail providers now use anti-spam filters to check mail before downloading it to your computer or read in your web browser. Also, modern email programs, like Microsoft Outlook 2007, have built-in spam detection tools.

Online security problems facing home users and small businesses are different from those facing larger companies and corporations.

Here are threats you may meet:

• Malware: Is the generic name for all malicious software. Some people also talk of greyware which refers to software that’s annoying but not dangerous.
• Virus: A small program designed to automatically copy itself from one computer to another. Viruses attach to other pieces of software or hidden inside images, games and music files. They usually travel from machine to machine by email, instant messaging or file transfers. Although some viruses are harmless, most are disruptive, the worst can stop a PC from working.
• Worm: Also a self-replicating program, but unlike viruses, worms can automatically travel from machine to machine without being attached to other pieces of software. This means in addition to any other damage they slow networks because they can consume bandwidth.
• Trojan: The name given to a program which looks harmless, but has an unexpected malicious purpose. Some start their mischief immediately, others may wait, possibly collecting data without the computer owner’s knowledge.
• Spyware: A program designed to collect information about a computer and its user that the spyware author can use to make money. Typically spyware may watch your web browsing and target pop-up advertising at you or divert you to other web sites.
• Rootkit: A program designed to change a computer’s operating system to hide the behaviour of other malware.
• Keylogger: Software that collects keyboard data – possibly to collect passwords or important account information. Keyloggers can then send this information back to criminals allowing them to impersonate users and, for example, robbing their online banking accounts.
• Botnet: Programs used to control, update or trigger activity in previously infected systems.
• Backdoor: A way of getting undetected access to a computer system.
• Zombie: A computer being controlled by another user to perform some malicious online tasks.
• Spam: Unwanted email, instant messages or other form of electronic communication. Spam clogs email inboxes and the sheer volume of spam (as much as 95% of all email traffic) slows networks.
• Phishing: is when someone fraudulently tries to get hold of important information such as passwords and bank account details by pretending to be a trustworthy source. Phishers may send authentic-looking emails asking for the data or with links to a fake web site.
• Adware: Strictly speaking this isn’t a threat, but an annoyance. It refers to any software that bombards you with unwanted advertising.