A common question we hear all the time is “What security software should I use?” security software such as Anti-Malware or AM software is commonly provided in two forms – Freeware and Purchased/Paid Subscription. The decision to go with Free Software or Paid Subscription is dependent upon the user and how much they use their PC.
For Light PC users, those who use their PC for emails, Office applications, and occasional web surfing, Freeware AM tends to be the preferred choice since they are using applications either preloaded on their machine or applications that are installed from an OEM CD or DVD. Light PC users tend to logon to their machines for a specific purpose, complete their task and log-off, and like logon and logoff quickly. Freeware AM usually has a light load on the PC and enables fast logon and logoff since there are fewer services initiated during startup.
For heavy PC users, those who are constantly surfing the web, downloading applications and files from the web or use their computer for office work on a constant basis, commonly use subscription Anti-Malware. With a subscription Anti-Malware, more services are available which protect the system from various forms of attacks and many of these services are loaded during OS startup so they tend to slow the system down during startup. However heavy PC users tend to leave their systems logged on most of the time and rarely restart their machines since; well… they tend to be in heavy use.
Tips for getting the right software even when it’s free:
Free Anti-Malware programs provide a basic level of protection against malware programs and Trojans commonly downloaded from the internet. Many of these AM programs also update their virus definitions regularly without having to purchase subscriptions and some even provide support for their free software. Many of these free AM programs also tend to be stripped down versions of their Paid-for full release programs which state to offer greater protection and more features.
Malware is becoming more sophisticated and easier to acquire – Zeus for example has been in the wild since 2007 and collects data through keystroke logging and form grabbing and often targets smaller organizations. Avoid getting Free AM software from unknown websites and pop-ups that run “automatic scans”; many of these sites are infected with Malware programs and Spyware most of them are Malware programs themselves. Many of these Fake AM programs state to be a part of Windows Security software and tend to look very authentic – using Window logos and decals. Once this malware gets onto the system, it may even prevent real AM programs to run or install, forcing user to boot in safe mode and in some cases requiring a full format and reinstallation of the OS. Programs such as these can end up costing a very heavy price, and in most cases could cost a lot more than paying for an AM subscription.
Malwarebytes (MB) - http://www.malwarebytes.org/
Malwarebytes offers both a free and purchase versions of their security software; we have found the free version of Malwarebytes to be very effective against Malicious and debilitating Trojans, Trojan worms, Sytem32 Hacks and fake windows security AV Trojans. Malwarebytes Free provides malware detection and removal tools, Clean-up technologies which eradicate existing Malware infections, rapid response Malware database and heuristics updates and access to their expert community and support team via email and forums. Another effective tool MB offers, is their Chameleon Technology, which is used to remove nasty Trojans that tend to lock up the system and prevent older AM scanners to run. Malware of this type prevent any executables listed in their blacklist to run on an infected system, sometimes common OS and system executables are also blacklisted, preventing stable PC operation. Malwarebyte’s Chameleon Technology works by renaming its executables and running as system services, proving to be highly effective on systems infected with such malware. There are also manual scans that can be run on Windows OS under safe mode for better performance and greater effectiveness. However please note that the scan’s can only prevent the Trojan from causing any more damage, the scans cannot repair the damage caused by Malware.
Pros: Removes majority of common malware found on systems and can be run in safe mode, fast scan speed in quick scan mode, in-depth scanning in full scan mode. Chameleon technology allows MB scan’s to run on the heavily infected systems.
Cons: Has to be manually updated and does not run in the background - scans have to be executed manually.
Bottom line: Great Free AM scanner when executed, catches and eliminates the majority of malware on an infected system. However this AM should be used in conjunction with an active AM scanner or a full AM product since Malwarebytes only scans when executed.
Spybot S&D (SpyS&D) - http://www.safer-networking.org/en/home/index.html
Spyware tends to be a lesser malicious form of Malware that runs in the background, spying on the end user and gathering information on frequently visited websites. Spyware works with web browsers to capture information regarding frequently visited sites by caching the site and sending the data to a remote host. This process constantly puts a load on network bandwidth and CPU cycles and eats up computer memory, which slows down overall PC performance. Common forms of spyware are loaded from E-commerce sites, shopping sites, and market survey sites, these sites tend to utilize spyware to capture data from the user that can be used for targeted marketing and advertisement pop-ups. Spybot offers a completely free Spyware detection and removal tool and is found to be very effective against spyware programs such as spyware tool bars and browser hijacks. Spybot monitors registry settings and provides Windows security integration for spyware notifications. Spybot also utilizes a tea-timer functionality that actively monitors and changes a program is trying to make to the system registry and prevents those changes until the user acknowledges that change.
Pros: Highly rated Anti Spyware by industry standards, actively Detects and eliminates spyware running on system and provides registry back-ups before making changes to any settings
Cons: Focused more on Spyware than viruses and other malware. Tea-timer functionality tends to become a bit annoying on reporting false positives
Bottom line: Versatile Anti-Spyware program that runs actively in the background that monitors registry changes. Also provides basic protection against Malware programs making changes to the system registries.
Tips for getting the best coverage for your money:
Many PC manufacturers such as Dell, HP, Lenovo and Gateway offer a trial based commercial AM software suites with a trail subscription period which can be renewed at the consumer’s discretion. Renewing the subscription of the pre-installed software is usually recommended since the software is optimized for the machine’s performance. Majority of these programs tend to offer extra services with their initial products but at a greater price, some even offer solutions such as cloud backups and cloud monitoring, which may be unnecessary and could possibly be detrimental to the system performance due to higher consumption of system resources. The corporate versions of these AM programs tend to be the better choice since they offer the same level of protection at a fraction of the resources when compared to their commercial counterparts.
Trend Micro Titanium– http://us.trendmicro.com/us/home/index.html
Trend offers a great deal of protection with their AV suites such as Titanium Maximum security, offering services that monitor emails, social websites and links, parental controls, data theft prevention, and vaults that safeguard sensitive materials. However all of these services are not without a price, both fiscally and in system resources, these services are usually loaded on startup and tend to drastically slow down machine performance during startup. Trend AV provides a great in-depth active scan that runs in the background in real time and notifies user of any Malware programs or virus infections as they infect the system and in many cases before the virus starts to infect the system.
Pros: Trend has most if not all of the features provided by a Free Scanner along with a complete AM suite that protects in real time. Trend also provides protection for social media sites as well as parental controls.
Cons: Delay of machine startup times, extremely resource hungry and puts a constant load on the processor. Expensive when adding security features that can tend to slow down machine performance over time.
Bottom line: Trend proves to be a great example of high security at a high price both in computer resources and on the user’s wallet. A majority of the features are rarely used by the common pc users however features such as parental controls and Social website monitoring can be useful. The corporate version; Trend OfficeScan looks to be a better choice while comparing security features and PC performance, however OfficeScan does tend to be higher in price.
AVG – http://www.avg.com/us-en/homepage
AVG provides a free version as well as a Paid subscription for antivirus protection. The freeware protection provides a great basic initial scan that scans through files and folders for any worms and viruses that may have infected system files and programs. AVG provides a subscription software as well that provides a comprehensive level of protection with various levels of threat protection. One great tool that AVG utilizes is that it preprocesses files on the system and files that seem unnecessary for virus analysis are excluded for faster scanning. AVG also utilizes the following methods to efficiently detect and clear infected files:
Signature based detection – AVG attempts to match files know to virus signatures. Polymorphic based detection – Used to determine new variants of recognized viruses, particularly effective in detecting Macro viruses and script viruses. Heuristic based analysis - looks at the way software behaves in order to identify whether or not it is malicious which allows AVG to detect a virus that are not be included in the internal virus database.
Pros: AVG is a complete AV program that offers active real time protection against viruses, worms and other malware and automatically updates its virus definitions regularly. AVG utilizes system resources very efficiently and only consume small amounts of system resources during its active real time scanning.
Cons: AVG is limited to viruses’ signatures and worm signatures and is very limited in dealing with other forms of Malware such as spyware.
Bottom line: AVG is a great AV program that provides a lot of the security a paid AV program would offer. If combined with one of the Free AM software, there would be very little need to go and purchase additional AV software.
Free vs Paid:
The type of Anti-Malware software should be based on the type of user, for the light browser, utilizing free Anti-Malware software such as Malwarebytes, Spybot, AVG Free or even a combination of software may be best suitable. For the average user, a combination of Free AM and AV software would be ideal for system security. For the heavy user, using a combination purchased/subscription software will provide a through security solution and would be the complete solution. Keeping in mind the advantages and drawbacks of each:
Free software – Light on system resources, inexpensive and lower level of security
Paid software – Heavy on system resources, expensive and heavy on security
Ideal Solution - A combination of Paid and free software may be beneficial to all types of users; where the security features of each program supplements the other and thereby providing a high level of security without consuming PC resources and keeping the cost to a minimum.