Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How Do I Pick the Right Tools to Protect Windows?

So many choices.

There are many software programs that protect your system. I'll review how I make my decisions and give you my advice.
Question: Protection against viruses, spam, spyware, etcetera, etcetera, etcetera, is becoming even more critical as time goes by. I am uncomfortable in relying solely on MS products and technology for protection. But the number of products out there today, claiming to be able to provide same, seems to be expanding exponentially, so:

  1. What criteria (aside from price) could (or should) you use in making one’s decision and security product selection?
  2. Would a bundled application (all defenses in one) be necessarily more effective than several standalone products?
  3. Finally, is there some location on the web where one could find truly valid, independent assessments/reviews of products out there today?

You ask several good questions I think many people share.

If we’re paying attention at all, we’re constantly getting told, “Protect your computer!”

Great. With what? There’s a ton of crap out there, to put it bluntly, so how should you decide what to buy?

I’ll tell you how I decide.

Become a Patron of Ask Leo! and go ad-free!


Selecting tools to protect Windows

Unfortunately, there’s no single place to go for reviews and recommendations. Instead, you’re best served by becoming familiar with a number of online resources and developing a level of trust over time. While they rarely agree on which tools to use, you’ll see common product names, trends, and specific advice that may lead you to making better selections for yourself.

I’m going to take your questions in reverse order.

Is there some location on the web where one could find truly valid, independent assessments/reviews of products out there today?

I’m a huge believer in reputation.

By reputation, I don’t mean the products you see everywhere are the ones to use. Rather, I mean that when you do a little research, they are the products recommended by real people.

Unfortunately, I know of no single location I would turn to for that information. Rather, I look for commonality or trends across several sources from which to draw my own conclusions.

The data for your research can come from a variety of places. One is recommendations.

For example many, many years ago I chose my anti-virus solution based on a very simple recommendation: Microsoft’s. When I left the company in 2001, Computer Associates eTrust Anti-Virus was the Microsoft-internal anti-virus solution distributed to all employees for installation on company machines and with license (and even encouragement) to take home and install on machines that might connect remotely to the corporate network.

That seemed like a pretty strong endorsement at the time.

Research naturally also includes mainstream tech and PC publications, but many of those have decreased in value over time as they succumb to the need to prioritize clicks and revenue over objective evaluations. They’re still worth considering, but need to be taken with a certain amount of skepticism.

Product reviews posted on sites like Amazon are another good source of information. Unfortunately, since reviews can also be faked or even purchased, skepticism must be applied here too. Remember, no product ever gets 100% positive feedback — you can’t please everyone — so a product that has 100% approval is probably something I’d avoid. I look at the negative reviews to see if they’re about things I care about. Often they’re not.

There are thousands of websites on the internet that provide forums for discussion, and there you’ll often find strong opinions as well. Once again, the problem here is identifying those sites that are legitimate and not pushing an agenda of their own.

So if there’s no one place, and all the above (and others) won’t agree on what the best is, how do you decide?

I look for trends. If more people complain about product A than B across multiple sites and sources, then I lean towards product B.

Would a bundled application (all defenses in one) be necessarily more effective than several standalone products?

I used to strongly say no.

In the past, security suites generally had one strong component and several weak ones. The combination led to less-than-optimal security.

The industry has matured significantly since those days. Honestly, it’s difficult to find something that isn’t an all-encompassing suite these days. The mainstream tools all seem to fall into this category now, and are effective.

What criteria (aside from price) could (or should) you use in making one’s decision and product selection?

Reputation is number one in my book.

I also believe in sticking with popular and well-known brands. As you research, you’ll see the same names repeatedly. That’s a good thing. If, after seeing all those names again and again, you’re suddenly presented with some solution you’ve never heard of, it’s time for some heavy duty skepticism.

One thing many people overlook is support. As you do your research, visit support forums or other solutions for the products you’re evaluating. Don’t necessarily worry if the forum is full of complaints — people using the product successfully won’t have reason to visit. Instead, look for responses from product representatives. Are they there at all? Are people’s questions being addressed or at least responded to?

I’ll also add one dis-recommendation: if you suddenly find yourself faced with a pop-up that says something to the effect of “You’re infected, click here to download our product to fix it”, DON’T! Any kind of ad or pop-up that looks like a warning and directs you to a specific product or website is not to be trusted, as they usually lead to a scam.

Do this

Do your research or select a source whose research you trust.

In case that’s me, here are some directions I would send you:

And finally, subscribe to Confident Computing to get the latest advice on topics like this. Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio


14 comments on “How Do I Pick the Right Tools to Protect Windows?”

  1. Great answers leo ;)
    I personally Use Avast Anti Virus, its updated twice Daily with new virus definintions, it Scans Real Time while downloading files, and It scans Instant Messaging programs, its a Web Sheild so checks each website for possible infections, For Example, The other Day it blocked a Drive By Download for me, coming from that web address!
    And best of all, its free, Completly!
    IT also uses VERY little system rescources, In fact, at the moment Windows Vista and XP both say it is using 2% CPU and 20MB of Ram, compared to Anti Virus like McAfee or Noton which can use Upwards of 200MB Ram.
    Another great feature is it scans the memory and open processes for infections before running a Virus Scan, what this means, is that if a virus is running in the background, and avast finds it, It will End the Running Process, PLUS block that process from running (so It can restart itself like most do) then once the Virus Scan of the system completes, it, Based on user preference, deals appropriatly with the infection, So if the user asks avast to delete it, there is no issues with having to Restart the computer into safe mode, just so the virus doesnt run,and can be safely removed, because avast unlike any other Anti Virus, has blocked and stopped the virus before it did the scan.
    I fully recommened to ANYONE looking for an Anti Virus program to Try
    Awils Avast Anti Virus
    Its free, Its reliable, its not a hog, and its powerful!

  2. I will second Avast.

    I had been using McAfee, my employers internal anti-virus solution. Like Leo’s past experience, McAfee is free to me My employer has a license that lets employee’s use it at home. I stopped using it six months or so ago because the latest version was way too bloated and slowed up my computer.

    Good luck.

  3. Not to turn this into a Pro Avast page, but I have had decent luck with them as well. AVG is also ok, though not as reliable I think. I would strongly advise against Macafee and Norton/ Symanetc. They hog system resources, lead to crashes, and in my experience, are always a day late and a dollar short when it comes to catching viruses. I recently did a virus sweep of a neighbors computer. He had faithfully used an updated Macafee for several years. I removed it, used Avast, and found about 200 or so infected files. Remember folks, if your University or Employer gives you an anti-virus package for free, but it doesn’t work, then you haven’t save time or money!

    Another solid piece of advice that Leo often mentions is to have MORE than one anti-virus program. They won’t all catch everything. If you buy a major program, having avg or avast around to get a second opinion once in a while can save a lot of headaches. Just don’t run them all at the same time!

  4. Well, all or nothing eh?

    I used to be an avid McAfee fan back in the day. They were
    the lean product Symantec could only once wish they were.
    Well, unfortunately now McAfee’s suite is just as bloated as
    Symantec (Norton).

    I tried a few others, Trend Micro, Sophos, AVG and so on.
    Most were decent and fairly lean. Props to AVG for being free
    by the way. Then someone turned me onto Avast. This is what I
    recommend to friends, family and coworkers. Though the
    default skin is a bit akward, the program itself is as lean
    as any of the latter mentioned. Give it a try!

  5. One thing I would recommend _against_ would be using your favorite search engine as your sole source. A search for “remove spyware”, for example, will typically give you numerous hits for rogue software which masquerades as anti-spyware, but which is actually spyware (or worse) itself.

    It’s amazing how many computers come in to our shop for cleanup which are infested by these programs, because the person tried cleaning up himself without knowing any better.

  6. Well, I use AVG Anitvirus Free Edition. It scans in real time. It always has some Defintion Files to download daily (means the Company is constantly working). I have never had any problems though & I believe in a Complete reformat of the Hard Disk in case you get infected. AVG Anitvirus is really low on resources & runs happily even with 256MB RAM with XP Pro SP2 installed.

    About Spyware, I am not much bothered because I know my Browsing Habits (and will surely identify if some spyware has struck on me) & am pretty much an advanced User to completely reformat the System from scratch. Moreover I am behind a NAT router, so feel pretty much safe. But I run ZoneAlarm Firewall & it does its job well (though the Free Edition does not allow you to configure Individual Ports).

    Rest, MS products are really great and I believe in sticking to the Original Versions (Unpirated ones) but in my opinion, they are pricey. You have a lot of Free options if you scour the Internet which work equally well as the professional ones but yes, you must have the skills to know how they are performing.


  7. I use AVG, ZoneAlarm Firewall, AdAware and Spybot Search & Destroy. All free versions. I also have MS Defender installed (as it was free) and still find that AdAware & Spybot pick up odd things that Defender misses.

  8. Another thing everyone needs to do to keep their system secure is to download the latest windows updates related to security every month so that their systems are not exposed to known vulnerabilities.

    I have used several antivirus and antispyware apps over the past several years – both full time use in home and office as well as in the field cleaning up over a thousand infected pc’s. In my opinion I have found that AVG anti-virus gives the best combination of both capability and simplicity for the end user as far as antivirus goes. I think avast is a great product and use it personally at home, but I won’t use it for clients because it is not as simple to explain and set up for the clients – this leads to more of my time being used for support. I would say that avast and avg are very close in their abilities to clean up infected systems. Having tried both on a large number of infected systems, (I tried avg then avast, or avast and then avg) I would say it was pretty rare when one would pick up a virus that the other did not see.

    Do not install more than one anti-virus at a time unless you know how to disable one of them completely and only activate it for a manual scan. Having more than one AV running at a time can lead to problems.

    As far as anti-spyware, I rely on Webroot Anti-Spyware (not the version with Antivirus in it) as well as PCTools Spyware Doctor. They both seem to be about equal in their abilities. The only thing I do not like about webroot is that you cannot program the time when it will do it’s updates – it does cause the system to slow down quite a bit for a minute or so when it is doing its updates and I would prefer to program it to update at night just before it scans. Other than that, it is a great program and I recommend it to clients.
    I have used spybot search and destroy and ad-aware and I feel they are pretty good programs but that they do not get anywhere near removing all infections. Generally I have found that spybot removes some, ad-aware will remove some more, but if you really want to clean the system well I would use webroot and/or pctools. Also, if you have been infected by the WinAntivirus, etc programs that give constant popups telling you that you are infected and asking for you to buy their software you can get rid of that for free with a good little program called “Rogue Remover”.

    Firewalls – OK, number one, if you are using DSL or cable or other broadband fast internet connection you NEED (URGENTLY NEED) to have a router installed between a cable/dsl box and your pc. (some isp’s provide a combo modem/router). If you don’t have the router, then your PC is CONSTANTLY UNDER ATTACK. Your system is being scanned every day by probably dozens of hackers looking for a way to break into your system to use it for criminal purposes. A hardware firewall such as is found in some routers is some protection, but most professionals will argue for LEVELS of protection in depth. So go for the hardware, and software as well. Number two, an extra software firewall is a very good idea as well. PCTools offers a free one, and so does Zone Alarm. Just beware, you do not want to block everything that pops up saying it is trying to connect to the internet. STOP, read the message and find out what is trying to connect and then go to google or yahoo and search on that progam name – find out what it is before you block it. Be careful with firewalls becuase you can really mess up the normal operations of your system if you are not careful.

    If you have a very bad infection that these products will not clean, you will need to back up your data files, and then completely wipe your system and reinstall everything.

    Thanks Leo, for this great, informative article.

    I hope this has been helpful for you.
    Rob Cox, Owner
    Cox network & PC Services

  9. One more thing, since this article is under the heading of Malware Prevention. Stay off of sites with adult or pirate content, and you will avoid a lot of the hassles.

    One other thing you can do is turn off the preview pane in your email program if you use a program to get your email.

    Lastly, many of the drive by download attacks and script attacks only work on Internet Explorer. Download firefox and use it instead for most of your web surfing.

    Rob Cox

  10. I have a lot to say, but i guess this is supposed to be a comment only so i will be as brief as posssible. The products i recommend are chosen after examining nearly every review and comparative available and 5 solid years of installing, testing and uninstalling various antimalware software.
    *FREE- Avira Antivir Personal Edition Classic.
    *PAID- Kaspersky, NOD32.
    *FREE- Spyware Terminator, Spyware Doctor Starter Edition(via Google Pack).
    *PAID- Webroot Spy Sweeper, Spyware Doctor.
    *FREE- Comodo, Online Armor Free.
    *PAID- Outpost, Online Armor.
    Norton Security Scan(via Google Pack),BitDefender Free Edition 8(not 10 though its the current version coz it interferes with Windows Security Center, via, Kaspersky S.O.S.
    AVG Antispyware(free version drops resident protection after 30 days), AdAware 2007 Free, a-Squared Free Edition.
    If you disagree with any of the above recommendations, their relative ordering or have any doubt as to the authenticity of these claims,
    please feel free to mention it here.

  11. For many years I have been using F-Secure from my cable company. It does not seem to me to be very common name when looking for these things. I once worked for a multinational corporation that had it on all of our computers and laptops. I have not had a virus problem for many years despite the fact that I do many things I shouldn’t. I has been catching everything. Here is something interesting. One time, years ago I got a virus and called the cable company Tech Support. They took over my laptop and had me download a bunch of programs, 5 or 6, and scanned with each one. The problem was solved. What I found, so interesting was that there was no magic bullet, exotic, super virus killer program as I expected from tech support experts. Rather every one was a familiar name that has free versions such as Malwarebytes, Super Antispyware, Panda etc. Stuff I could have downloaded from FileHippo. Although I don’t know if these were the free or paid versions. In any case, it worked and then they removed the programs.

  12. Oh my goodness! We’re Oct. 2022 so how things have changed since the first reply (2007)!
    I used to have McAfee, then Avast, then Norton, then…. name it! I was using what pundits considered the “best” protection.

    About a year ago I decided to follow Leo’s advice… I’m only using Microsoft Defender in Windows 10 with it’s firewall counterpart. It updates automatically, doesn’t bother me much when working relentlessly behind the scene. And I don’t have to worry about the latest fad from one of the “free/paid” vendors. I don’t care if it’s ranked at 98.3% (pick your number) compared to another one at 99.2%… From my experience, I don’t think this would make any difference… for the kind of work I am doing on a PC.

    I’m not a pro, but I’ve been using computers, from Mac to PC, since the first one I build myself, TRS-80 by Radio Shack…. oh, so many memories!

    Nowadays, I look for a simpler life! Thanks Leo for your always judicious tips!

  13. For the past several years I have been using Microsoft/Windows Defender, since I began hearing how it has improved so significantly (a bit after the pre-release of Windows 10 – circa January 2015 or so). Since I started using it, I have not suffered any malware infections, and I check with a full offline system scan using Microsoft Defender, and a Malwarebytes scan on the first day of each month.

    If you ask me, the most important part of any system’s security is the user. I consider myself (the user) to be the single greatest danger to my computer’s security. For that reason, I approach the Internet with a very healthy dose of skepticism because everyone on the Internet is a stranger (you cannot be certain that someone representing themselves as someone you know is actually that person).

    I take everything I encounter on the Internet with a strong dose of salt (skepticism – I question everything). I never trust that a hyperlink will take me where its label says it will. I hover my mouse over the link to see the web address within to verify it. If the address matches the label, I may take a chance, and click, if not (or if in doubt) I use a web search to get to the purported destination. I do the same for links on the Internet and in emails (after all, email comes from the Internet).



  14. Another vote for Avast – been using for more than 15 years.
    McAfee has “messed up” every computer I’ve ever owned.
    Why does Windows Update almost never update my machine(s) – I can find new updates almost every time I manually check?


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.