How well is your antivirus software (AV) working today? Hopefully better than mine.

Of course, I didn’t pay anything for mine, maybe that’s the problem; maybe not.

Either way as I first sat down to write this blog on my work-issued (and far more heavily protected) laptop, my home PC – a nice fresh six-month old Dell – sat useless, totally fouled with a rogue antispyware infection.

Since then I’ve been able to isolate the attack (an antimalware Trojan dubbed “Antispyware Soft”) and remove it (Windows Defender is good for something!) but such an experience – undoubtedly incurred via a bout of ill-advised scanning of the Web for “unofficial” Formula 1 racing videos – certainly leaves one wondering – how well does my AV system really work and could I do anything to make it work any better?

As noted, in a semi-masochistic self-exercise, I have decided to see how far I can get with this machine using only freeware. This was the first major infection I’ve contracted so far, and, while some might argue that refusing to invest in paid AV significantly heightens my chances of getting nailed, I’d say my problem was tied far more closely to my own shoddy usage habits.

It’s also worth noting that the latest head-to-head AV engine tests published by Austrian nonprofit AV Comparatives found that many lesser known brands – such as GDATA, AVIRA and PC Tools – generally equaled or outperformed better known rivals – like McAfee and Symantec.

And, as researchers have repeatedly proven, even the best AV programs can often be circumvented by truly advanced attackers when they try hard enough.

So, if it’s not about money, how do you know how well your AV is working, or at least performing at its peak?

To get a far more educated opinion I asked (Dr.) Adam O’Donnell, director of Cloud Engineering and co-founder of AV start-up Immunet, what he thinks people should do to ensure that their AV systems work.

His first tip was predictable but important – you simply have to make sure that you have all the latest updates to your AV package. Now perhaps some of you, like me, can’t stand updating our AV every stinking time we log on to our computers, as we seemingly are prompted to, but that is still job no. 1.

“If for no other reason beyond building brand loyalty, AV companies do work hard to give you some indication that your software is up to date and working,” O’Donnell said.

Beyond that, taking a layered approach, or using multiple AV engines rather than just one, is obviously a good idea, said the expert (and there are many respected free products so you don’t have to keep buying more products).

And then there’s the human element; unlike me, try not to shoot yourself in the foot by letting your online objectives subvert your secure computing practices.

“There aren’t too many countermeasures against a truly advanced attack beyond running multiple, different AV packages, including at least one that has a heuristic engine that can detect that level of compromise,” said O’Donnell. “But the most important point is that knowing that you are protected (by AV) isn’t sufficient to guarantee that the data you work with is protected; and ensure that those you communicate and work with on a regular basis are using functional AV as well.”

Because you never know, you may be in touch with someone like me.

Now how do you know that your AV isn’t working?

That’s one I can answer for sure.

Related posts:

1. Reflections from a Black Hat Hackers’ Conference (Part Two)
2. Saving Facebook: Perspectives on New Privacy Policies
3. The IDGuardian Podcast: Episode #005 — Threats Facing Consumers Online
4. Reflections from a Black Hat Hackers’ Conference (Part One)
5. The IDGuardian Podcast: Episode #007 — Concerns with Small Businesses