Dan the Computer Man

Your Computer's Best Friend
In-home computer repair in the San Antonio area

Antivirus

I have become increasingly antagonistic toward antivirus software. This is for 2 reasons: (a) antiviruses introduce as many problems as they prevent, and (b) they don't do as good a job as we wish they did.

Antiviruses cause trouble

Since an antivirus becomes so tightly intertwined with the operating system, if the AV malfunctions, it can cause a lot of trouble. It might cause overall sluggishness, or prevent the internet from working (either completely or to varying degrees), or even cause strange symptoms that one wonders how they're related to the antivirus.

Antiviruses are not that effective

I have worked on hundreds of computers that you and I would say were infected with a virus, but the installed antivirus just turned a blind eye and let it happen. It is a constant horse race between the bad guys creating viruses and the good guys at the AV companies, and sometimes the bad guys are just ahead of the game. Part of the problem is that today's most common threat is usually not addressed by antiviruses. Today, usually an "infected" computer is full of advertising software, rather than a "virus" or "worm" or "trojan horse" or "rootkit" that an AV would target.

Antiviruses increase a computer's vulnerability

Over the last year or two, I have seen that security researchers have come to the same conclusion that I have about antivirus software being harmful to computers. My evidence has been anecdotal, but they have hard facts.
  • It might be time to stop using antivirus (Recommended reading.) This article discusses how AV software breaks the rules by forcibly injecting itself into the operating system and the browser, and introduces problems for both the OS and browser companies.
    "The AV software itself presents a very large attack surface. As in, without AV installed, a hacker might have to find a vulnerability in the browser or operating systemóbut if there's AV present, the hacker can also look for a vulnerability there."
    Thanks to Security Now for the info. "The problem, from the perspective of the browser makers, is that antivirus software is incredibly invasive." And of course that's why Windows Defender is an exception, because it's built into the OS. It's not a third-party add-on that is forced to do things that are unauthorized in order to hook itself in to the depth that it needs to. And then, just to finish what Sebastian wrote: "Antivirus, in an attempt to catch viruses before they can infect your system, forcibly hooks itself into other pieces of software on your computer, such as your browser, word processor, or even the OS kernel."
  • From Ars Technica: "Although [antivirus] software is often considered a mandatory part of a good security regimenóon Windows systems, at leastótheir installation often has the paradoxical consequence of opening a computer to attacks that otherwise wouldn't be possible."
  • Reconsidering AntiVirus: Steve Gibson's commentary. "Backlash from the recent sweeping Symantec kernel filter flaw evoked a reappraisal of the cost/benefit ratio of anti≠virus add≠on software."
  • Yahoo! News: Antivirus software is 'increasingly useless' and may make your computer less safe (Article reprinted on my website)
    Concordia University professor Mohammad Mannan: "I don't see any clear advantage of using them," he wrote in a followup email, noting that they can slow your machine down and introduce new vulnerabilities."
  • Security researcher Matthew Green: "Unfortunately, computer security today is about resisting attacks. We simply don't quite know how to prevent them altogether." He doubts that "many technical people" "can make a desktop operating system work perfectly safely" because there is no silver bullet (like an antivirus); and that an individual's knowledge and caution are more important.
  • "You Don't Really Need an Anti-Virus App Anymore" at Gizmodo, thanks to Security Now for bringing it to my attention.
  • Further reading, including larger excerpts from the above articles.

If you insist on using one

You may wish to use Windows Defender, which is built into recent versions of Windows. To find good paid antiviruses, see the linked reviews below. Some good free ones include AVG and avast! However, be aware that free antiviruses offer suggestions (i.e. ads) to try their paid alternatives with more features.

Use as little security as possible; more features make for a slow computer. In other words, use a plain-old antivirus, not a product that offers to do more than that. Also, as a computer reaches the end of its useful life, you may opt to use no antivirus at all due to the severe strain it will put on the computer. A computer of that age cannot have both speed and security; you must consciously choose how much of each to trade off.

You may find links to buy or download some of these products at my Software page under the Antivirus category.

Antivirus reviews can be found here: