Q. What's the difference between free anti-virus programs and those you pay for? Is the protection different, or is it just the support? - Matt
A. Now more than ever, we're all looking for ways to save money. But in this area, it may not be in your best interest, depending on how your computers are used.
Your question is about anti-virus (AV) programs, but the proper reference should really be anti-malware programs. Viruses, trojans and worms are dealt with by anti-virus programs, while spyware and adware are generally addressed by anti-spyware programs. A proper defense will always include both of these programs, so I'll address them separately.
With free anti-virus programs, you may notice that most of the companies offering them also sell a commercial version of the same thing. This clearly indicates there is a difference, and you would be correct to assume that support is one of the big differences.
With the free programs, support is limited to frequently asked questions and, in some cases, e-mail support. But, for the most part, you will have to rely on the rest of the Internet community for any detailed help. Free programs are also only free for personal use, not for businesses (although a few companies are playing with this concept).
At the core of paid and free AV programs, the basic anti-virus engine is the same. They search for "signatures" of known virus code to detect and remove infections. If you are a fairly conscientious surfer and don't engage in activities such as file sharing, warez cracks, adult content, online gambling or other high-risk behaviors, the basic free protection is likely to be adequate.
The "signature" updates are generally the same, although some companies offer them less frequently for the free version than the pay versions.
The real difference in most cases is the sophistication level of additional protection against the newest types of exploits. Signature-based AV programs can only update signatures once a new strain is discovered. That means that until the new threat has been discovered, a new signature string has been developed and you download it to your computer, you won't be protected against the new threat.
Most higher-level AV programs incorporate both signature-level detection and behavioral analysis to help spot new threats for which there are no signatures. That's important because "obfuscation" code - used to confuse signature-based AV - is a common practice with malware writers. In addition, many free programs don't have much protection against the growing threat of "rootkits." (See http://bit.ly/z0OjQ for more info on rootkits).
When it comes to protecting yourself against adware and spyware threats, the parameters are a little different. Unlike AV programs, only one of which can be installed, anti-spyware programs can co-exist and provide a better blanket of protection.
One of the differences that can be significant in the anti-spyware arena is proactive versus reactive protection. Most pay versions of anti-spyware have a more sophisticated "proactive" component that helps prevent ever getting infected in the first place. Many of the free programs aren't that good at preventing the spyware from getting into your computer, but they are very good at detecting and removing it once you are infected.
Installing a pay version with good prevention capabilities along with a couple of the free programs gives you the best of both worlds. No single anti-spyware program is capable of detecting and removing everything on the Internet, so by periodically running scans from several programs, you will have a better chance of keeping your computer clean.
Ken Colburn is president of Data Doctors Computer Services and host of the "Computer Corner" radio show, which can be heard at noon Saturdays on KTAR 92.3 FM or at www.datadoctors.com/radio. Readers may send questions to email@example.com.