How to chose good Anti-Virus?
January 1, 2010
Anti-Virus is an issue in computer security. First question is that do I need an Ant-Virus or not? There are people that never use an Anti-Virus. Sometimes, they believe that it will slow down their PC or sometimes having an Anti-Virus will be useless. In my opinion you must have anti-virus in your PC, damage to a PC is something that could be happen in a few minute or second. Let me give you an example, you are a professional user and you are always run as standard user and whenever it infected just remove account and delete it, but whenever you want to install something or do administrate task you should run in administrator account. Now you are in admin to install software and you just leave your PC for two minute, your friend will come and see that your PC is free , he insert his thumbdrive that contain virus , or go to a website that infected and here trouble begin. You are infected with virus in just a few minute that you left. Anti-Virus could protect your PC. In my case your friend is not damage your PC on propose, he or she accidently do mistake and it will take some time to do full scan and remove Virus for you. In industry, we have bigger image, responsibility goes to thousands of PC and just imagine what a Worm could do to your servers and clients. And as user that always get into trap of bad guys and always download and install bad things you will need an Anti-Virus, if user be follow the best proactive they will never infected. When I reviewed the top ten Malware that damage millions of PC around the world, they are old Malware not very new and user could do several things to stop it, but they won’t. About performance, yes Anti-Virus makes performance a bit slow but if your PC infected then your performance will be terrible. Nowadays new anti-virus came with better performance and will not make your PC slow. Here you know that why you should use Anti-Virus.
Then the bigger question is which Anti-Virus I should choose. When you want to chose Anti-Virus then you should ask these questions:
For users: you have a few numbers or only one PC and want to protect it with Anti-Virus:
1) How to get support?
2) What can I do if I faced to an unknown Malware (Virus, Worm, Trojan, and Spyware)?
3) Is it protecting me against everything that I need?
4) Is it cost effective?
5) How can I trust it?
For enterprise: if you are in charge of big organization and you are dealing with large number of PCs and Servers and you have great responsibility. Same question that I said about user is applied, but there are some more to ask:
1) How it help me in emergency situation when unknown Malware spread all over network?
2) Can I get 24/7 support?
3) Does it give me a good report about what happened in my environment?
When you chose Anti-Virus software, you should make sure about support, there are several technical issue that might happen when you are using Anti-Virus such as undetected Malware, Slow PC, Hacking and several other issues, then you should call to support and ask them to help you, depend on your geographic location support for each anti-virus would be different. Then if you face to unknown Virus or Spyware or any other Malware that your Anti-Virus fail to detect it then you should call to support and ask them to help you and submit sample to them. All Anti-Virus Company come with Malware Protection Center, there are people that will analyze sample of new Malware and give new signature, signature is your update that you will get from your Anti-Virus and it will remove new detected Malware (Spyware, Virus, Worm, Trojan, Rootkit…). You should report these issues to them. Sometimes you might face scenario that an Anti-Virus detect a Virus that another one could not detect, then it might be something that we call it as false-positive, which means that Anti-Virus or Anti-Malware will detect something that is not Virus as Virus . You should not install two or more Anti-Virus in a same PC, because they might conflict and slow down you PC, sometimes they might cause risk and let Virus in. For example you install Anti-Virus A and Anti-Virus B, they both have engine that will detect application that behave like Virus and detect them, in case of protect unknown Virus and Anti-Virus A see Antivirus B as Virus and try to remove it and other Anti-Virus do a same and this conflict might stop some of protection components from Anti-Virus B and A and put your PC at risk. Also, you should make sure about what will the Anti-Malware will give you, is it protect you against everything or it will not? For example, I am sure that many of you have been used AVG Free Edition. You might not notice that AVG free edition will not protect you against sophisticated rootkits. Look at the comparison at their website. Rootkit is a dangerous threat, it could hide other Malware inside your PC from Anti-Malware. So if you use AVG Free edition you should also use an Anti-Rootkit , because AVG Free will not protect you against it. Here is what they said in their website about AVG Free Edition:
Important – here’s what you don’t get with AVG Anti-Virus Free Edition:
- Protection against identity theft
- Protection against hacker attacks
- Protection against infected instant-message exchanges
- Protection against spam
- Protection against sophisticated rootkits
- Protection for business computers, networks and servers
- Free support from AVG’s expert technicians
Same goes to other Anti-Malware solution, make sure that what are they protect and what they don’t. It is not very easy to trust any Anti-Virus in the Market; they might be fake or weak. In order to make sure you are choosing a right Anti-Virus check that it certified from trusted resources. ICSALabs and westcoastlabs are two companies that you could refer to and see whether you are choosing a trusted Anti-Virus or not? They do test base on international standard on Anti-Virus and Certify them if they pass test and whenever they pass test then they will get certificate as good Anti-Virus . If you want buy Anti-Virus, check that their name are in these website or not? if is there then they are trusted and if not, then you must do some more research on it .
Now, let’s talk about Microsoft Technology, Microsoft introduced a free Anti-Virus called Microsoft Security Essentials. It has everything on it. It protects you against Malware including Virus, Worm, Trojan, Spyware, Adware, Rootkit, Keylogger and other threads. The good thing is that it is totally free. The good thing is that whenever a new version is available , it will ask you to upgrade to new version and you don’t have to go and check whether you have latest version or not. You could have a look at it and download it from:
I also have favor to ask you, if you find a Malware (Virus, Worm, Trojan, Spyware…) that could not be detect by Microsoft Security Essential please report it to MMPC :
and sometimes , some file will accidently, detect as Malware ,sometimes a Malware incorrectly will detect, it is not Malware but will mark as Malware then you will see something that said This submission is being incorrectly detected as malware , then if you tick checkbox it will report as false detection. And here is when I say you should update your Anti-Virus, whenever you update new Malware detection for real or false detect Malware will add to your Anti-Malware. If your PC already infected and you don’t have sample, then you should contact Microsoft Security Essentials support:
For enterprise user, as long as you need to manage a big environment and you want to see what the new threats are and also you want to apply new policy and take control over Computer Security in large number of PC, then you need to use Enterprise Anti-Virus such as Forefront. If you use Microsoft Security Essentials or any other personal computer Anti-Virus in a large environment, you will have manageability problem. Just imagine you have 5000 PC and you want to see what the lasted threats are and are they all update and so on. How long does it take if you see each PC one by one? Enterprise Anti-Virus will solve this, you could view health of PC and apply policy and view report of all PC in a big environment in one location. So whenever , you chose an Anti-Virus then determine your company size and ask what you want and then see whether the product will fit you or your organization or not?