Wednesday, 3 October 2007

Don't let the bugs bite!

INQ Guide to free anti-virus software
Windows for Doughnuts Free anti-virus
Liam Proven: Wednesday, 03 October 2007, 5:25 PM

THIS IS ONE of the most critical components of the setup of any PC today. A machine doesn't need to be on the Web to be at risk; there are decades-old viruses that can still spread by disk transfer, and new ones that can infect USB thumbdrives.

Direct infection across local-area networks is also a common problem; someone takes a laptop outside the company LAN, picks up something nasty in an Internet Café, later on reconnects in the office and the bug is on the rampage.

Companies such as Symantec and McAfee make good money selling anti-virus solutions, both to big businesses and to home users. If you buy a new PC from one of the big vendors, it's quite likely to come with some kind of anti-virus preloaded, but all too often, it's only a trial or demonstration version, and after a month or three it will stop working. Generally, the program still runs but it no longer gets updated definitions.

A common misconception is that an anti-virus program will protect against spyware too. Most do not. We'll look at anti-spyware in a later article.

But my old copy of Norton works fineA common trap to fall into is to just keep renewing the updates subscription for a commercial program. In a word: don't. Get a new version.
New types of virus appear constantly, as today, they're big business: collections of infected, remotely-controlled computers are used for sending spam and for organizing "distributed denial of service" attacks, where business sites such as online betting shops are held to ransom. It's not a lucrative business on a per-PC basis, but today,
one of the biggest supercomputers in the world is a "botnet" - a team of millions of compromised PCs, remotely controlled from illegal websites and chatrooms. With such resources at their disposal, crooks can make a good profit. If you can send several million spams a day, even a success rate of 0.01% can make a lot of money from hapless idiots who think that a pill can make them taller or a bodypart grow bigger.
The snag is that an out-of-date anti-virus program, even with the latest definitions, can't catch the new viruses that later versions have been rewritten to spot and remove. Obsolete anti-virus is worse than none, because it imbues you with a false sense of security. Users think they're protected - the past-it program may be giving their PC a clean bill of health - but actually, they could be infested.

Many of the leading commercial anti-virus tools can be upgraded over the counter for half the cost of buying that years' new update, but why bother, when you can get protection for free?
When choosing a free anti-virus program, there are some important things to watch out for. The essential features of a full anti-virus program are real-time monitor and some kind of virus removal procedure. Several companies offer free scanners, but a scanner alone is not enough. For one thing, while it's useful to be able to scan your computer as a check, a simple scanner doesn't sit in the background and monitor file activity on your PC, so it won't notice if you receive an infected file by email or instant message, or insert an infected disk. This is called real-time monitoring and it's a must-have.

Secondly, some free programs will tell you that you've caught something nasty, but they lack any ability to remove what they've found. There are three main ways to treat an infected file: simply delete it, the easiest and safest; or to quarantine it, move it into a protected safe storage area where it can do no harm, for later inspection or salvage; or finally disinfection, which attempts to remove the virus from a document or program and leave you with a safe, usable file. This last is the hardest to do successfully, and whereas it can sometimes work, it's safer and better to bin the dodgy doc and get a clean copy from elsewhere - like your backups. You do keep backups, don't you?

There's no harm in having a scanner, but it can only be a second line of defence, to be used to verify that your main program is telling the truth and that you really are clean.
Czech this outFor some reason, the Czechs dominate the world of free antivirus. Both the best-known program,
AVG Free from Grisoft, and the highly-regarded runner-up, Avast Home from Alwil, are from the Czech Republic. In the country next door is Avira in Germany with its free AntiVir.

All have the same snag: they're only free for non-commercial use. For home, personal or nonprofit users, they're a bargain, but business users must pay a modest fee or look elsewhere. Avast has, if anything, the best reputation, but has the slight snag that the free download only works for a couple of months. To use it for longer, you must register with a valid email address, and re-register annually.

Along with their free firewalls, both PC Tools and Comodo also offer a free antivirus program. Both cover the essentials and the websites don't mention any riders about business use.
The only big open-source offering in anti-virus is
ClamWin, the Windows version of ClamAV, the popular Linux scanner used on many email servers. It's kosher for use in corporate environments, but it doesn't do real-time monitoring, as this isn't a problem on Linux.

An example of the hazards of spyware is VCatch, a rather ineffective free antivirus program with a nasty payload. Avoid.

AVG Free 7.5 from GrisoftAvast Home from Alwil
PC Tools Free Antivirus Comodo Free Antivirus - note, still in beta test.
Avira AntiVi

For belt-and-braces security, here are some decent scanners to check that you really are clean.
BitDefender Free (Download here.)

Online scanners. These run inside Internet Explorer, so need no download or installation.
McAfee FreeScanPanda ActiveScan

No comments: