Many of the regularly published magazines and journals devoted to computing offer regular comparisons of the various AV programs, and the "leaders" shift around quite a bit from one month to the next. With respect to AntiVirus programs, it should be somewhat reassuring to know that the AV software producers are well organized and share information on new threats so that anything really significant can be incorporated into virtually all the reputable programs soon after each new thing appears.

Even for AV threats, there's no such thing as a "perfect" program, since new stuff comes up with annoying regularity. The best one can do is to pick a program that provides, generally, a level of protection that you're comfortable with, and to try to get your program from someone who responds quickly and reliably when there are new threats.

Because sometimes a virus may be loose "in the wild" for some time before it's reported and documented, it is always possible that you might have picked up a new one before its signature was found and incorporated in the files for your AV program. It is thus good practice to scan at least as often as you update your signature files - hence the valid recommendation that you run scheduled scans just as you run scheduled updates.

In recent months, most of the "new threats" have been discovered by "white hat" hackers who have responsibly reported them to program manufacturers and to AV producers before they have appeared where they can infect any significant number of users. Of course once a public disclosure is made, each new vulnerability gets a flood of exploits from those attempting to use it for illicit purposes. Those who update their AV signatures and run AV scans regularly are unlikely to be too much affected, since they'll have the detection means available before the exploits appear. It is also important to get the patches to vulnerable programs promptly when they are offered, since a known vulnerability can probably be exploited in more than one way. Those who don't update AV and program software and/or don't scan regularly are the ones who get hurt.

Many of the AV program publishers have begun to add other forms of protection(s) such as popup blockers and AntiSpyware (AS) features. For the most part, popups are more annoyance than real threat; but popups can and often do incorporate threats so blocking the gratuitous ones contributes something to security. True AS protection is still an evolving art, although some progress is being made. Spyware removal programs probably are more reliably available than spyware blocking programs, and getting the extra features usually requires that you get something more than the "baseline" (free?) programs.

It is much more important that you get and keep updated with one good AV program, preferably one incorporating a decent firewall if you don't have one in hardware, and that you keep it up to date and run it regularly, than that you pick one or the other particular program.

Currently the greatest threat is from a loophole called "operator stupidity." Spyware and "botware" is widespread on the 'net, with large numbers of machines infected. In nearly all such cases the infection originated with the user "clicking something" or engaging in some marginally illicit action while browsing. If you give permission, knowingly or unknowingly, to allow a program to be installed on your machine, there is NO Anti-everything program that can prevent it from being installed - since you're 'da boss.

There are enough viruses and trojans and such in circulation to make a good AV (and firewall) necessary; but much of the most malicious stuff currently of concern contains NO VIRAL CONTENT, is NOT identifiable as adware, mimics common web activity to conceal that it is spyware or botware, and relies on user stupidity (= curiosity, synonym: gullibility) to get on your machine.

John