Five rules for protecting Windows with antivirus software

Good antivirus software is a critical part of any Microsoft Windows system that communicates with other computers, particularly if it is connected to the Internet and deals with browser, email, or instant messenger traffic. It seems like everybody has his or her favorite antivirus solution and it is different from everyone else’s. For personal desktop systems, however, there are some rules of thumb that seem to be fairly universal among security experts:

1. Install your AV software before connecting to the Internet. Any MS Windows computer should have antivirus software installed before connecting to the Internet. I have seen malware insinuate itself onto a computer in less time than it took to download antivirus software to use on the computer. If you have not seen that, and you use that as evidence you do not need to worry about antivirus until after you have opened a browser and navigated to a Website where you can download AV software, you are just playing Russian roulette with your computer’s security.
2. Don’t use default AV software. Norton and McAfee, once among the most trusted brands for home antivirus, have taken significant damage to their reputations. These days, most home desktop security experts recommend that any computer that comes with either of these brands of antivirus software get something else installed instead, as quickly as possible. Regardless of what you think of Trend Micro’s enterprise antivirus offerings, the free AV software from Trend Micro that comes with some new computers has never been regarded by many as good enough on its own. In general, the “free” antivirus software you get with your computer will come from a big-name vendor that has more money for marketing than any of the others, and is not the best option for your purposes.
3. Get AV with a real-time scanner. You need an on-access, real-time scanner to ensure that some of the most common infection vectors for viruses and worms are checked “live”, to prevent an infection from spreading when your computer first encounters the virus or worm. Real-time scanning can be a real burden on system performance, and there may be times when you will want to turn it off to get your performance back, but be very careful about that. Browsing the Web and checking email are not the times to turn off your antivirus real-time scanner for extra performance.
4. Perform regular full-system scans. A real-time scanner is not enough. You should also make sure you perform full-system scans often, and automate the process with a scheduled nightly scan if possible. Real-time scanners only detect an incoming virus before it infects your system if it happens to pass through a point of access that the scanner can effectively protect, and even then sometimes something might get through before there is a virus signature available for your AV software.
5. Don’t use two AV programs. Using two antivirus programs at the same time is just asking for trouble. Whether it is because their real-time scanners fight over access and between the two of them can slow your computer to a crawl, or because one might misidentify virus signature files maintained by the other as actual virus infections, many problems can crop up that make using two desktop antivirus applications effectively incompatible with each other.