There’s always someone out there who wants to ruin a good thing, and malicious people have been making malicious code since the very first boom in computer technology, back in the 1970s. Back then you had to copy malware onto a floppy disk and manually install it on someone’s machine, but with the rise of the Internet, scammers and persistent troublemakers all around the world have found it easier and easier to spread viruses online.
Luckily, for as long as there have been malware makers, there have also been Antivirus innovators. Rudimentary commercial AV packages have been around since the 1980s and they’ve got more sophisticated and comprehensive year on year since then. Today, AV is used to run and schedule scans on all your devices to detect potential malware, remove malicious code and viruses, check the general health of your system and even manage your privacy and security online.
What is Antivirus Software?
Antivirus software (AV) is any program that you use to detect, remove or prevent malware from getting into your system. When we say malware, that includes viruses, worms, trojans, ransomware, spyware, file-less malware, and hybrid attacks, although not all types of AV are powerful enough to tackle all of these.
To do that, they need to know how to recognize a virus or other intruder, which means comparing every file or item that your computer attempts to download against a database of known threats. Typically, AV software comes with auto-updating features that help the system stay up to date with profiles for new viruses, helping the system to check for emerging problems so that it never gets caught out. The very best on the market have extra abilities to deal with “zero-day threats”, though – as in, they’re trained to recognize the signs of a virus even if it’s only just been created that day.
When it comes to top-of-the-range AV, these go well beyond simply spotting malware from getting into your devices. These are complete internet security packages offering tools and services like VPNs, online buyer protection, security enhancement, performance tune-ups, device monitoring, and many others. We’ll go into more detail about this in a moment.
How Does it Work?
AV software trawls through the hard drive on your computer (or phone, tablet or any other device) as well as any external drives or media you have attached, searching for suspicious files that could turn out to be viruses, worms or spyware. If you have it set up to protect you in real-time it will also scan anything you try to download, or that tries to spark an automatic download, to make sure it isn’t dodgy, either.
It does this by adopting one of two general strategies (or both). The first is the Dictionary Approach we mentioned above, whereby the AV program cross-references the file against a huge list (or dictionary) of known viruses to see if it sends up any red flags. If it shows up in the dictionary, the software will then quarantine, delete or, in some cases, repair the file.
The second is the Suspicious Behaviour Approach. Here, the AV software keeps an eye on what all your programs are doing at all times, monitoring them to see if they do something weird like attempting to change any settings in your operating system or write to a particular directory. If the AV spots something suspicious, it alerts you to the problem.
AV is getting more powerful and effective all the time. Increasingly, artificial intelligence and machine learning algorithms also play a big part in helping AV programs detect zero-day threats, learning as they go to get smarter day by day.
Types of Antivirus
The core functions of AV programs tend to work in much the same way, at least when you’re dealing with best-in-class varieties. They adjust according to the type of operating system and device you’re using, and some deploy an Apple-style sandboxing tool, which stops programs from talking to each other directly so that malware can’t hop easily from one to another.
While virus-detection performance certainly varies from brand to brand, the biggest differences are not in the AV part of the package but in the additional tools and projects they offer, such as VPNs and device monitoring, and whether you opt for a free subscription or a more comprehensive paid version.
Why Should You Use an Antivirus?
If your device gets infected, the fallout can be huge. Your files may be destroyed, corrupted, or ransomed for an extortionate fee. Your system may be so overwhelmed that it grinds to a halt and you can barely do a thing with it. You may get lumbered with such pernicious malware that it can’t be removed and you need to replace your computer and any other connected infrastructure. You may fall victim to identity theft or scams, or have hackers access and clear out your bank account after harvesting your data through spyware.
In short, it simply isn’t worth the risk. You should never leave any device unprotected.
What Antivirus Can Do for You
AV tools are essential for keeping your devices safe, but they vary wildly in quality. It’s important to make sure that you choose a top of the range one that’s genuinely capable of keeping you safe.
At the very least, an AV program will flag up known malware threats, quarantining these and checking that you really want to execute the file before you have a chance to accidentally infect your system. Real-time scanning improves your chances of catching these immediately, while system scans track down malware that’s already on your device and will help you remove these.
That said, with AV software getting ever more competitive and powerful, there’s no need to settle for the basics. There are whole suites of additional functions you can choose to help you improve internet security and device performance. More on that in a moment.
Types of Malware – and Their Dangers
As we’ve seen, AV isn’t just about viruses – although these can be nasty, virulent things to get into your machine. There are actually 8 distinct types of malware you need to look out for. Here’s what they are, how they work, and why you should worry about them.
First, of course, is the classic virus. These work by altering host files that are on your system legitimately, so that when you launch that file, you also launch the virus. These are the only types of malware that actually infect existing files on your device.
While viruses are very hard to get rid of, they now only make up around 10% of all the different types of malware out there. That doesn’t mean you don’t need to be careful, though. It’s extremely important to prevent them from having a chance to get into your system, as once they do even a top-of-the-range AV program will struggle to remove them – especially without deleting the infected file along with it.
So-called because they burrow deep into your system destroying everyone in their path, worms are a nightmarish type of malware that not only replicate and spread themselves but do so without the end user having to perform any action to set them off. They’re highly contagious, too – it only takes one person on your network to accidentally download a worm and it will clone itself, jumping from program to program, infecting your whole system and wrecking any unprotected devices and infrastructure you have connected along the way.
Named after the Trojan Horse of Greek mythology, these work by pretending to be benign programs, but inside they’re full of malicious code. As soon as you download and execute the program, they get to work causing mayhem. These are super sneaky, too – they usually spread from infected websites or emails, and get you to launch them by pretending to be virus scans themselves!
Spyware is designed to watch what you’re doing and send information back to the hacker. Sometimes it’s specifically targeted at a particular person the hackers want to spy on, but usually, they’re simply monitoring your keystrokes and online behavior to collect personal information, passwords and banking details. While this can be disastrous, the good news is that spyware is pretty easy to remove once spotted.
You’ll know about it pretty fast if you have adware. This is when your internet browser bombards you with popups, diverts automatically to weird websites search engines, or other fake or malicious advertising. It’s very annoying but, thankfully, also easy to remove.
This is a scary malware trend that quickly takes over a whole network or organization. While the malware doesn’t infect files, it locks them up and encrypts them, then demands a ransom for their release. If you refuse – or sometimes even if you pay – and you can’t get rid of the program, your precious files may then be destroyed.
All the malware we’ve talked about so far gets into your system through the file system, but this kind of malware is unique – and dangerous – because it bypasses this. Instead, file-less malware spreads through system memory or non-file objects on your operating system. These tend to be targeted at a particular operating system, exploiting weaknesses and running through their legitimate tools, so they’re really hard to detect and prevent.
And finally: what happens if you mix together different types of malware in a single attack? Well, it’s not exactly good news, of course. Hackers increasingly experiment with creating attacks that are, for example, part-virus, part-worm, or that initially act like a Trojan but turn out to be another kind of malware, in order to confuse internet security and AV programs and throw them off the scent for long enough to infect.
With attacks like these getting more and more complex all the time, it’s never been more vital that you opt for robust, effective AV that’s capable of dealing with emerging threats.
How to Choose the Right AV
There are dozens of great AV companies to choose from that you can really trust to handle your malware protection. The top rated ones offer a roughly even standard of basic protection, but there are variations, so if you’re worried about one particular type of malware you may want to check their performance in independent tests.
AV protection is only the baseline, though. The real differences come in the extras these companies offer as part of their total internet security package. With so much high-quality competition, the best companies are falling over each other to develop attractive features that address all kinds of online threats to your security and privacy, as well as improving the performance of your devices.
This means that, rather than comparing the tiny details between AV protection, you’re better off thinking carefully about what kinds of tools would serve you and your household/business best overall.
Start with the type and number of devices you use. How many do you want to cover? Providers vary wildly in terms of how many you can cover with a single subscription, and what kind of devices they’re compatible with. While iOS and Macs have a robust sandboxing system in place that largely makes AV an overkill, you will still benefit from tools like VPNs and online payment protection, so if you use a mixture of device types make sure your provider covers Apple products, too.
Next: what do you do when you go online? If you use online banking, do a lot of online shopping, access work files remotely or needs to enter a lot of sensitive or financial information, password managers and two-way firewalls will add an extra layer of security.
Meanwhile, if you’re at all worried about being snooped on, you need to conduct sensitive research, you want to access sites blocked in your country, you prioritize your anonymity or you regularly connect to public WiFi in cafes, airports or anywhere else, you’d be wise to consider opting for an AV package that comes with a built-in VPN.
And finally, who (apart from you) is using the devices you want to cover? If you have kids in the house, for example, you might want to keep them safe with an internet security package that includes parental controls and social media protection. There are so many options out there that, with a bit of time, you can find one that ticks all the boxes for you.
Top Antivirus Section
Here are 5 of our top-rated AV providers, all of which offer comprehensive anti-malware protection as well as a broad range of additional features.
Norton comes with spectacular antivirus and malware protection, and the company is so confident in their product that they offer a money-back guarantee if anything was ever to slip through the net. The package also comes with a solid two-way firewall, anti-spam, phishing and intrusion protection, WiFi protection, mobile security, identity theft protection, computer performance tune-up tools and safe search.
Subscriptions are reasonably priced and easy to scale up – you can add up to 10 devices for just $5.99 each per year. Bear in mind, though, that installation can take a while, as does the initial malware scan. Also, Norton doesn’t yet support Linux operating systems.
Please read our extensive Norton Antivirus Review Here.
McAfee has made sharp improvements to its lab results recently, adding advanced threat detection analysis into the mix, and has returned to pole position among the best AV software. What’s more, it’s compatible across all platforms, has a wide range of budget-friendly pricing tiers (although no free version), and comes with a great selection of additional features, including parental controls and online transaction protection. Plus, the 24/7 support is very good.
On the downside, scans are slow and real-time protection can be a drag on your operating speeds. The installation process for Windows is a bit clunky, too.
Please read our extensive McAfee Antivirus Review Here.
Avast is another strong contender for antivirus, anti-malware and phishing protection and even has a sandboxing tool to safely test suspicious files. Extra features include the SafeZone Browser and password protection, while the more comprehensive packages include a firewall, permanent file shredder tool, VPN and adblocker. There’s also a free trial and 30-day money-back guarantee if it turns out not to be right for you.
Bear in mind, though, that you need to buy a new license for every device. Also, getting help removing a virus isn’t included – you need to pay for their specialist tech support, which does not come cheap.
Please read our extensive Avast Antivirus Review Here.
As well as great malware protection, Panda comes with some unusual tools that can help you get more out of your devices. The application’s control feature helps you protect older computers and there are a bunch of performance tune-up tools, plus more for data protection and backups. Other perks are the password manager, parental controls, WiFi protection and 30-Day money-back guarantee.
There are some drawbacks, though. The firewall is poor compared to others on the market, you can’t opt out of data sharing, and while the premium technical support is excellent, the free service is not.
Please read our extensive Panda Antivirus Review Here.
BullGuard is an easy-to-use platform that’s great if technology terrifies you. Its robust AV protection is reasonably priced and available for subscriptions as short as 6 months, with a 15-day trial and a 30-day money-back guarantee, so you have plenty of no-risk chances to try out additional tools like the spam filter, safe browsing features, social media protection, parental controls, and a firewall.
One downside is that you need to get a new license for every device, though. Also, unusually, there’s no ransomware protection.
Please read our extensive BullGuard Antivirus Review Here.
As you can see, these AV packages each offer very different perks, tools and features. Basically, the right AV software will do much more than just keep a few viruses at bay, so feel free to be choosy and select a vendor that’s a perfect fit for your needs.
Bear in mind, though, that these providers typically offer free trials and 30-day money-back guarantees. If you’re unsure which would suit you best, go ahead and try a few different ones out to get a feel for how they work. You may discover, for example, that some features that sound ideal actually slow your devices down, you can’t get your head around the product dashboards or control panels, you need to cover more devices than they allow for, or you don’t like the type of technical support that’s on offer. It’s well worth testing these things out for yourself before you commit.