We've been using Trend Micro for our anti-virus software. What are you using?

I use Avast, have for several years now and like it. I've the free version.

AV, intrusion detection and threat response are my responsibilities in IT. I support businesses with over 100,000 desktops and thousands of servers. I have used multiple AV products both professionally and personally. That being said, I would not call myself an expert. Why? because the nature of the threat changes every time you take a breath. I've seen stuff engineered by foreign countries used in a targeted attack on the businesses I support and all the products out there are basically just a 'speed bump.' So there is no one 'best' AV solution. It's like dressing to go outside in the snow on a cold winter day. Which jacket is best? Well, don't rely on the jacket. Use your common sense and layer the clothing, different layers handle different parts of the bad weather. It's the same with computer security.

All the AV products have their pluses and minuses. They all slow the PC to one degree or another. They are basically viruses themselves. (As a side note, there is even malware that removes other malware, to have exclusive access to your data). They hook in to the OS at various levels, scanning everything read into memory, read in from the NIC and written to disk. All very intrusive.

The latest technology is based on heuristics and behavior, and not simply on a signature, a pattern. You want a shot at stopping the new stuff before it's identified and added to the virus signature file. I've been most impressed with the latest versions of this 'it's acting in a virus like way, even though I don't see it matching my virus database, so I'm going to block it anyway' type approach by companies like Symantec. And while you can't layer AV software products like clothing in a storm, you can couple it with one of the newer routers that is more aware of threats and will block a percentage of the bad guys. Some even have antivirus software built in, like the Zywall I have at home, which uses Kaspersky and also has active intrusion detection and blocking. You can also use a stand alone scanner regularly, like Mcafee's 'Stinger' or Symantec's 'Power Erase'. You can also use an antispyware tool like Spybot regularly.

There is another, excellent, overlooked tool that comes with all major operating systems, called the 'hosts' file. This is a great pre-emptive barrier that is just underutilized but is perfect for a home user to leverage. When you click on a URL in Google or your Favorites, for example, your computer does several things to 'resolve' the name to the site's IP address. It first checks if that link is itself. Then it checks if the URL is listed with it's IP address in the hosts file on the computer. THEN it uses the DNS server that is either set automatically via DHCP (the default setting on most operating systems, like MAC and Windows), or set manually, it's usually the address of your router (and please use a router, don't connect your pc directly to the internet). Then, that device goes out and resolves the IP address and delivers it back to your PC so it can contact the URL. Now, you see a place where malware sometimes strikes, but you can strike first. Hosts file. Some malware will insert a redirect in the host file, pointing your computer to THEIR ip address when you click on BofA, for example, as once your computer finds a match in the hosts file, it does not search further using DNS. Now if you use this to block known malicious IP addresses, your computer will never connect with them. There are actually good host files on the internet (yes I know, they can be malicious, but it's easy to tell as you can look at the file before using it, it's a text file). If you want to add this extra block on known baddies, you can read up on the hosts file first and then decide if you want to use a custom one.

Lastly, and most obviously, watch where you surf. Just the other day, while building a new PC, I went online to get the latest Adobe Acrobat reader. I punched 'Acrobat reader' into Google and up came the site. Luckily, I looked again before blindly clicking the first link, as it was NOT Adobe (this is why I rarely use Google). I did later click the link using a PC I use to test stuff, and sure enough it was a malicious site and the file had a trojan. Why Google puts such a site at the top of a search list is anybody's guess. So now I am testing Bing.

Sorry for the long post as internet security is not a simple answer. And everyone here will have an opinion, it's human nature. Just don't put all your eggs in one basket, thinking you installed AV software and now you are done. And don't forget to schedule a full scan weekly.

Wow Tzvia, thanks for that!