“A top Symantec executive has hit out at free antivirus software, including Microsoft’s Microsoft Security Essentials, warning consumers that it won’t be enough to keep them safe.” is the opening sentence of John Pospisil’s article “Symantec: it’s dangerous to rely on free antivirus” on tech.blorge.com (h/t to Slashdot).
I think they’re just getting twitchy because they believe that Microsoft’s MSE will cost them business.
In any case, it’s more dangerous to not use anything at all. My first suggestion (you knew this was coming) is to not run Windows. If that won’t work for you, at least avoid using Internet Explorer; use Firefox or some other browser instead.
My original intention for this post was to end there, but I’ve decided to provide some more information. This isn’t entirely altrustic, even though I do hope you can avoid all the problems associated with malware infecting your system and feel sympathy for you if you’re suffering from it. In “It’s Your Fault“, I note that about 25% of home machines are infected in some way and are often members of botnets that spammers (80% of spam) and criminals (identity theft, site attacks) use. So, it’s in my, and others’, best interest that everyone protects their machines.
I list some specific products below, but to get started you may want to look at these Wikipedia articles. Although they are of vastly varying quality, the will provide you basic information and, more importantly, links to other resources: Malware, Spyware, Antivirus Software (a list), Firewall, Personal Firewall, Comparison of firewalls.
Don’t expect perfection. One of the issues with any anti-malware product, whether commercial or not, is that protection is mostly reactive — some malicious software is released and the AM vendors scramble to create a detector and update their deployed software. No one product is “the best”, whatever that may mean; the better ones all get their moment of glory at the top of the ratings, but no one stays there for long.
Performance will suffer. Another issue is the abysmal performance that results from having all this network monitoring, file scanning, browser filtering, update downloading, … way too much of your computer resources are spent in this overhead rather than in accomplishing the “real work” you’re actually wanting to do.
Uninstalling can be difficult. Some behave much like the malware they’re supposedly protecting you from, being almost impossible to remove from your system, interfering with the installation of other anti-malware products, even crashing your machine.
Expect to be nagged. Some products nag you to upgrade to a more expensive version, or add additional products to the installed suite. That’s fine, I guess, but the continual in-your-face promotions with embedded ads and popups gets very old.
Suite or separate programs. Once upon a time, products tended to be single-purpose — a firewall, a virus scanner, etc. You could pick the (current) best of each category to install. Now, the trend is to offer security suites, usually a flagship module (say the original firewall product) with the other components thrown in as extras. You have to decide whether you want to go with a single vendor, or try to pick the best specific function from multiple sources. Consider how well they interoperate, and your tolerance for multiple sources of nagging (see above).
Stay up to date. This is the most import thing. You must keep your software up to date! The vast majority of products automatically check for updates; when you see an update notice, don’t cancel it; let it install. If you happen to use a product that doesn’t check, or for some unusual reason you have automatic updates turned off, be sure to manually check periodically — put a daily reminder in your calendar, for instance.
Keep in mind that I don’t generally use Windows (although at the moment I haven’t yet replaced it on my EeePC 904HA) so I’m by no means an expert on Windows anti-malware packages. However, I have helped a number of friends and acquaintenances with them, and have to deal with Windows systems at work. I’ve personally used AVG, Spybot S&D, Ad-Aware, and ZoneAlarm. The others I’ve seen repeatedly recommended on the ‘Net.
In any case, you’ll have to do your own homework. These are just suggestions to get started, not expert recommendations. Try out these or other packages, check with your friends or favorite Windows geek for recommendations, and overall, just be careful which sites you go to and what software you install.
In this list, I provide a link to the package home page, followed by a link [(WP)] to the Wikipedia article about it, although most of the Wikipedia articles need some work.
Please feel free to comment with pros and cons or suggest your favorite package.