Antivirus FAQ's

The million dollar question!

Ideally, you want your antivirus software to clean the infected files or remove them completely.

How it does that will be dependent upon which program you have installed but, in general, most security software will try and move suspicious files into a quarantine area to swiftly eliminate the risk of an infection spreading. Once there, the software will probably give you the option of trying to remove the infection or just deleting it altogether.

Running any program on your computer will slow it down and antivirus software is no exception.

Whenever you run a scan, especially a thorough one, the program will use CPU cycles to get the job done. If you happen to be running other programs at the same time which, between them, are using a significant amount of processing power, then you may notice some slowdown.

Overall, the impact should be negligible, especially if you are using a modern computer, but some antivirus programs are bigger resource hogs than others. Fortunately, that is something we cover in our in-depth antivirus reviews.

Nowadays antivirus programs are an extremely low maintenance option, requiring very little interaction from you in order to continue working effectively.

Assuming you’ve set it up correctly, the only tasks you should engage in on a regular basis are:

  • Checking the status of your antivirus program daily – many offer a colour-coded scheme to alert you to any issues. If the program says everything is ok then all is good. Otherwise, delve deeper to learn what the problem is and then rectify it
  • Manually run an in-depth scan on a regular basis, maybe once a week, or use the functionality of the antivirus program itself to schedule a detailed scan, perhaps at a time when you are away from the machine
  • Checking that the program is fully up to date. This should happen automatically but I would advise confirming that all updates have been downloaded and installed from time to time

It is also worth leaving a note somewhere prominent to remind you when your subscription runs out so that you never find yourself in the position of not having a valid license.

Elvis is dead, man did land on the moon and antivirus vendors do not write viruses.

This old nugget is a conspiracy theory that has been doing the rounds for quite some time now. Though it still makes us chuckle to think of the consequences if it were true, the fact that anyone still thinks it could be is also a source of extreme frustration.

There are, quite literally, millions of pieces of malicious code out in the wild and no company would have the time to write it all.

Criminals and other attackers are responsible for creating thousands of new viruses every day though and they do so with the aim of making far more money that an antivirus vendor could ever hope to from offering the cure to a problem some foolishly believe is of their own making.

The only conspiracy – or shady practice – surrounding the creation and use of malware is the way in which certain government agencies have deployed it, i.e. the US government’s use of Stuxnet to target nuclear centrifuges in an Iranian facility.

For the most part, antivirus programs rely on databases of virus signatures to identify malicious code on your computer.

Even though these are now largely stored in the cloud rather than on your hard drive, they are still vendor specific for the most part.

Thus, one company may have identified a threat that another has missed.

The chances of a reputable company not having a signature for a new piece of malware for any length of time is slim but it does happen in the short-term.

Absolutely, yes.

Although there are always exceptions to the rules, two antivirus programs should typically never meet up on the same system – they don’t play nicely together and may even detect each other’s database of virus signatures as a threat.

The answer, therefore, is to always delete one antivirus program before installing another.

It’s just good practice.

You can read more here on running additional security programs if you already have antivirus installed.

With hundreds of new malware strains being created every day, antivirus software is, for many people, the primary means of protecting both themselves and their computers from an ever-growing range of threats.

But what features should an antivirus program have?

Some, such as an ability to detect and neutralize malware, are obvious. Ease of use goes without saying. But what technical features should you be looking for? Here are a few key features along with a brief description of what they do:

  • Real-time Scanner – One of the key components, the real-time scanner will be on the lookout for newly introduced malware as it tries to take hold of your system.
  • Scheduled Scans – Most antivirus programs give you the option of setting up a schedule for your scans. It’s worth checking which scans can be scheduled though as some only give the option of planning full scanning routines rather than quick or user-configured ones.
  • Automatic Virus Updates – This is important – if your antivirus program is not updated regularly it will be nowhere near as effective as it should be. Considering how forgetful many of us are, automatic updates are essential in my opinion.
  • Automatic Program Updates – Likewise, the ability of the program to update itself is also extremely useful. While the majority of protection comes in the form of virus updates, sometimes the program itself will be upgraded to give it more functionality or the ability to detect new threats. Good antivirus programs will have the ability to check for updates automatically.
  • On-access Scanner – This scanner is fairly self-explanatory – it performs a quick scan of any program or file as it is opened.
  • On-demand Scanner – An on-demand scanner does just what it implies – it gives you the ability to scan a file or folder whenever you choose to.
  • Heuristic Scanner – Increasingly important as the volume of new malware increases, heuristic scanners can detect threats based on what is known about existing malware and its behaviour rather than relying on specific signatures.
  • Compressed File Scanner – Such a scanner will allow the antivirus program to scan files contained within compressed files such as zip files.
  • Script Blocking – Script languages are often used to execute malicious code directly from web sites. Good AV programs will come with the ability to monitor Java, ActiveX, Visual Basic and other types of script files and detect and block malicious activity.
  • POP3 Email Scanning – This gives antivirus software the ability to monitor incoming and/or outgoing POP3 email traffic along with any associated file attachments in order to detect viruses and other malware threats.
  • Webmail Protection – An essential protection for anyone using web-based email such as Hotmail or Yahoo! Mail, it acts in much the same was as POP3 email scanning.
  • Instant Messaging Protection – Instant messaging services continue to be a popular platform for spreading malware. A good antivirus program will monitor such services to detect and block malicious threats.

I’m afraid I cannot just name one product and tell you to go get it – antivirus is a personal choice and the best for you is likely to be the one that offers the features you need and works well on your system while coming in at a price point that works for your budget.

That said, you’ll almost certainly want to stick to software offered by the largest, most well-known, companies in the industry, such as BitDefender, ESET, F-Secure, Kaspersky, McAfee, Symantec and Trend Micro, to name but a few.

Something we cannot stress strongly enough is to do your own research before buying or otherwise downloading an antivirus program.

They are not created equal and chances are you will be using the same program for at least a year so it’s important to make an informed decision.

To get started, you will need to narrow your search down to antivirus programs that are compatible with your operating system. If you are using Windows that will leave you with a much larger pool that if you are using a Mac or Linux so you will need to add in more criteria.

Are you, for example, a heavy gamer who will want an antivirus program that is either light on resources or which has the ability to suspend scans during gaming time? Are you an occasional surfer who never logs into sensitive sites or stores personal data on their machine, thus making a free antivirus program an attractive proposition?

When you have evaluated your needs and matched programs to your operating system you will then need to narrow things further by checking independent lab results, focusing primarily on detection and removal scores.

Once you have identified your top two or three choices it’s time to read detailed reviews which give an honest assessment of each program’s pros and cons, as well as the feedback left by other owners of the same software

Only then can you make an informed decision on which antivirus program will be best for you’re unique situation.

There’s an old adage that says you get what you pay for and in the case of antivirus software that’s kind of true.

That’s not to say free antivirus programs should be dismissed out of hand though – some are actually very good and may well be sufficient for some people.

In terms of independent testing, AV-Test.org results over a period of time show that free antivirus programs do, on the whole, score lower than the paid-for alternatives in the marketplace and our own experience has taught us that free programs also tend to suffer from a lack of additional features, less than stellar support, an obsession with up-selling, or a combination of all three.

Whether or not any of those issues are a deal breaker for you will likely depend upon what you use your computer for, how you value your data and your personal financial position.

Either way, installing any antivirus program is preferable to having none at all, though you do want to be on the lookout for free but fake antivirus programs that are no better than the viruses your are trying to avoid in the first place.

Yes!

Is the answer I would like to give to that question but the truth is that, for the vast majority of people, it really isn’t a good idea to use an interconnected device without some sort of security protection installed.

Sure, you’ve read about or heard from security experts who never install antivirus and never pick up any malware on their devices, but are you an expert?

If not, you’ll be taking a huge risk with your data if you don’t protect it.

And if you’re not using Windows, that doesn’t make you immune either – just because Microsoft’s operating system was historically the most targeted, it doesn’t mean other operating systems are completely overlooked. Malware on the Mac, for instance, really is a thing and it is becoming increasingly prevalent.

So, whatever system you are using, antivirus can help by dramatically reducing the chances of your system being infected with a virus, Trojan or other malicious code.

That’s not to say that any antivirus program will offer you 100% protection against all current and future threats – it won’t – because some malware is specifically designed to circumvent security software and/or make itself hard to detect.

You can improve your chances of avoiding viruses and other threats though. Here are some quick tips:

  • Choose an antivirus program that’s highly regarded by independent testing labs such as AV-TEST and AV Comparatives and read our reviews which explain both the pros and the cons of the leading antivirus programs.
  • Ensure that your antivirus program updates regularly – at least once per day is recommended. The same also goes for your operating system – if security updates are available, install them immediately
  • Run full scans on a regular basis. Most antivirus programs will check newly installed programs but a full scan can help detect anything that may have sneaked past your defenses
  • Pay attention to your computer – if it starts behaving strangely, operating slowly, or you start seeing a large number of web ads, chances are you have picked up something unwanted so run a scan straight away

When computers first started appearing in households they were a luxury item, often costing a small fortune. As such, they did not represent a juicy target to criminals, due to their limited numbers and the difficulty of targeting them in those pre-internet days.

As prices dropped and more people bought PCs, they became a little more interesting to bad actors but the only way to infect a computer was through cumbersome removable disks. As a result, early malware did not spread far and tended to be limited to aggravating rather than destructive code. Written primarily by lone bedroom coders, early virus writers did much to form the future stereotype for a ‘hacker’ that still persists today.

It’s only more recently that malware evolved into the significant threat it is today and we can thank the internet for that.

As computers went mainstream, and households connected to the web in droves, malware seized the opportunity to go mainstream. Unshackled from the floppy disk, and with millions of potential victims to infect, it suddenly became a viable means of causing mass destruction or perpetrating crimes that could net huge sums of money.

So how does this malware get on your system?

Unfortunately, there are a great many ways in which that can happen. To list them all here would be well beyond the scope of this article but, to give you an idea, here are some of the more common ways in which it sneaks onto your system:

  • By not using antivirus software – With the sheer volume of malware on the web these days the chances of avoiding it all are slim. While security professionals and other tech savvy users may be able to get away with not using antivirus software, the majority of people can not. So, if you don’t already have an AV program installed, do yourself a favor and download one now.
  • By not having a firewall installed – If you connect your computer to any kind of network but don’t have a firewall in place then you are effectively leaving all your doors and windows open. Finding a firewall is easy – they come bundled with internet security suites, are occasionally included with antivirus programs and are bundled free with many versions of Windows.
  • Via unpatched operating systems – With Windows 10, Microsoft has begun rolling out operating system updates automatically but earlier versions of Windows still need a certain level of user involvement to ensure that the latest security threats are patched out as quickly as possible. If you do not install updates quickly after they become available, you are giving malware a chance to enter your system.
  • Through other unpatched programs – Malware doesn’t just take advantage of unpatched operating systems – it can leverage flaws in other programs too. If any file or application on your computer says it needs updating pay attention. That is especially true for programs from the likes of Adobe and Java which remain a top target for hackers and other cyber criminals.
  • By opening email attachments – If you’ve received an email from an unknown source then you should be incredibly wary about opening any attachments in the message. Hiding viruses and other threats in attached files is an old but still highly successful tactic for malware authors.
  • Clicking on popups that claim your computer is infected – This is another old scam that continues to be successful for those behind it. By claiming your computer is infected, the person behind the ruse will attempt to con you into buying an ineffective solution or, worse, will offer you an antivirus scanner that itself is malware.
  • By clicking links in emails – If you receive an email containing a link to a website be sure you know what you are about to click on – some websites are designed to infect your computer as soon as you visit them. Not only that, some links to ‘banks’ and other services where you need to log in are designed to steal your login credentials so beware of that threat too.

An antivirus program (AV) is a piece of software designed to protect your desktop computer, laptop, netbook, Mac or mobile device from malicious software (more commonly referred to as “malware”).

Malware – more on that later – is the name given to any piece of code designed to disrupt your system in some way, be if for the purposes of causing you grief, stealing your money, or any other type of mischievous or criminal behavior.

Antivirus software is designed to thwart that threat, typically via signature-based detection methods. Virus signatures are based on unique portions of code found within the malware and are typically check-summed/hashed and distributed in the form of regular antivirus signature updates. In other words, researchers at the antivirus companies delve into a new computer virus or other piece of malicious software, analyze it and then tell their security software what to look out for in order to detect it.

Since the antivirus industry was born in the 1980s, the technology has come on leaps and bounds, primarily in response to the growing number of threats.

When the internet was in its infancy, the number of viruses and other types of malware were minuscule in comparison to today. As a result, AV vendors could keep their customers safe by simply sending out updates monthly on floppy disks. Nowadays, the number of threats is vast and new malware appears every minute of the day. Infrequent updates are no longer enough and so the security programs of today offer near continuous updates, often delivered via the cloud.

Also, the way in which viruses are detected has changed. Simply matching signatures is not sufficient to deal with the evolving threat – modern antivirus programs now tend to incorporate additional tools such as behavioral-based detection and intrusion prevention technology.

In the early days of computing the humble PC was considered to be nothing more than a number-crunching device – a glorified calculator, if you will – and, to be honest, that was a fair assessment of the earliest machines and their capabilities.

Bought only by the most affluent in society, the earliest computers were often seen storing recipes and being used for household budgeting.

Some were even used for work, though it really was a bind having to carry all those 5.25″ floppy (yes, they really were floppy back then) disks back and forth between the home and office.

On the flip side, the slow adoption rate of computers, and the lack of connectivity (there was a time when the internet was not a thing), meant that security threats were almost non-existent.

As Graham Cluley recently explained in an interview with Tripwire:

When I first started out, about 200 new computer viruses were discovered every month (we thought that was a lot back then).

Most of our customers received updates via the post on 5¼ inch floppy disks every three months.

For those who were really paranoid, they could connect their modem to an antivirus company’s bulletin board and download an update about once a month.

Things have changed though and modern computers are far more powerful than ever before.

Heck, even the latest phones are a bazillion times more powerful than the PCs of the last millennium.

Computers, tablets, phones and even TVs and fridges have found new meaning in their lives too, removed from the shackles of single housedom and allowed to roam the global superhighway known as the worldwide web.

And that changes everything.
As Mr Cluley says:

Now 400,000 new malware samples are discovered each day, which equates to about 3-4 malicious programs uncovered per second.

Not only that, but the stereotypical spotty basement-dwelling hackers of yesteryear have also been replaced – by organised criminals looking to make as much money as possible.

With great connection comes great risk

The home computer of years gone by has been replaced by quicker, leaner devices which have, literally, opened up a new world for those people who use them.

Ask anyone today, especially kids, and they will tell you that a computer is the internet.

The old overpriced calculator has been superseded by new technology that can fit in your pocket or be strapped to your wrist and it all connects to the same electronic space, allowing almost instant communication with other people, and other devices, anywhere in the world.

Such a gateway to the outside world doesn’t come without its problems though.

While your computer, smartphone or smartwatch will allow you to communicate with other people, so they will try to communicate with your device… and not all of them want to play nicely.