Dec 14 2008

What free Anti Virus do you use at home?

Published by at 9:07 am under Malware,Simple Security

We can’t live without anti virus on our computers in this day and age.  I guess we really can, strictly speaking, but the non-techies in my household don’t have the understanding of the Internet to know which behaviors to avoid and what might get them in trouble.  So I put AV on their computers, because it’s easier than trying to educate them.  And as vital as AV is in these situations, I refuse to pay for it.  Why?  Because there are so many free options available, and I think most of the for-pay AV’s are too expensive for offering few features that I can’t get in the free versions.  I suspect the free AV solutions use the home AV market as a loss leader to get themselves market share and awareness, giving them a toehold in the corporate AV market, which is where the real money is in any case.

For years I’ve been using AVG Anti Virus free edition, but recently I’ve been less than happy with it.  It’s been fine on my computer, a decent XP desktop, but on my wife’s slightly older Win2K system, it’s been more than a little unstable and recently started complaining at startup that it was missing a .bin file.  I tried to update it several times and scanned the hard drive several times, but I lack the confidence in it’s ability to find malware if it’s acting this flaky.  So this morning I uninstalled AVG and now I’m in the process of installing Avast Home Edition.  The initial installation was as painless as expected, the system rebooted and before it fully loaded into Windows it’s doing a full system scan for malware.  It hadn’t found anything when I started writing this, but given the amount of storage space on her computer, a full scan could take a little while.

So my question to you is what free AV program do you use at home and install on your family’s computers?  Or do you pay for AV from one of the big names?  Or do you skip AV all together, since the I’ve read numbers stating that AV is only between 60% and 80% effective in any case?  And most importantly why did you make the decision you did?

Update:  Here’s a link to an entire list of AV products out there at Checkvir.com and a really good report by Anti-malware Test Lab, showing exactly how ineffective AV is.  According to this report, only Avira (who?) Kaspersky and F-Secure AV even hit the 90% mark for finding viruses.  The big players, Symantec and McAfee only hit the mid-60’s.  Ouch!

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

22 responses so far

22 Responses to “What free Anti Virus do you use at home?”

  1. Mikeon 14 Dec 2008 at 10:23 am

    Though I’m not as satisfied with it since they released AVG8, it still gets run on both my systems, and haven’t had any trouble with malware since I started using it (other than when my sister installed Zango…but lets not go there). Other than that one time, I can’t recall ever having a major malware incident on my computers. I grabbed AVG at the time because it seemed to do the job, and it was pretty lightweight on the resources. My girlfriend’s family all run Norton, and they still get issues with viruses and especially adware on two of their three computers, which seems to support my thoughts that it is as much about the user’s habits and internet street-sense as it is about what AV you have on the machine.

  2. infogeek2uon 14 Dec 2008 at 10:29 am

    I use avast on family/friends PCs. No AV on mom’s PC tho – I use SteadyState instead and she only needs to reboot if she happens to hit a bad site.

    I also use avast on my surfing PC. I rely on Sandboxie as additional layer on my surfing PC.

  3. Khürt Williamson 14 Dec 2008 at 11:15 am

    On my Windows XP machines I use AVG Anti-virus Free (wife and kids). Nothing on Linux, BSD or OS X machines.

  4. Brice Smithon 14 Dec 2008 at 11:44 am

    I personally use a laptop with Ubuntu 8.10 and have XP on all my other PC’s and I run AVG8 on XP. I have been happy with it. I do use it in tandem with Spybot Search and Destroy and since my job is computer security, I have my family ‘trained’ to use an alternative browser (Firefox w/NoScript) and have heard my ranting enough not to just randomly click on things.

    You have to realize that AV is reactive and can only protect you against what is known. Martin, you know this and most who follow you through your blog and podcast know this already also.

    There are other tools I use also like CCleaner and a few others.

  5. Tomon 14 Dec 2008 at 11:48 am

    I believe in diversity in applications…a monoculture is just as risky in technology as it can be in agriculture. Thus, I run AVG on one WinXP Home machine, Avast on another WinXP Home box, and BitDefender (not a free solution) on a Vista machine. Avast has been a solid performer for me. Of course, then there is the Linux machine, the Apple computer…diversity is a good thing.

  6. Brice Son 14 Dec 2008 at 12:09 pm

    I personally use Ubuntu on a laptop I purchased off eBay. All my other machines here at home run XP and I use AVG8 along with Spybot Search and Destroy. Being a computer security professional, I have my family trained to use an alternative browser (Firefox w/NoScript) and they have heard my ranting about randomly clicking on things so I haven’t had that to worry about either.

    Knowing that AV is reactive and only can catch what is known, you can’t use it alone in your defenses. I also use other tools to maintain the PC’s like CCleaner.

  7. John D.on 14 Dec 2008 at 12:35 pm

    I run a mixture of ClamAV, ClamAVX and ClamWin in my household. I don’t find it very “set it and forget it”, but find it works well enough.

  8. Anonymouson 14 Dec 2008 at 1:41 pm

    I have used Eset NOD32 and found that to be very effective. For my other computers I stick to Avira Antivir free edition and Comodo Firewall. One of the biggest annoyances I have had with AV is the impact on system performance. With these I think there is a balance between effectiveness and system performance.

  9. Matton 14 Dec 2008 at 1:44 pm

    I currently don’t use any AV on Windows (Vista and XP), OS X, or Linux. However, I’ve tried several different kinds.

    My work PC has Norton but I don’t recommend it. I’ve tried TrendMirco’s Internet Security but it mucks up XP and really slows things down. I’ve also tried Avaria but it annoyed me with ads and hangs during scans. Avast seems to work pretty good. AVG is my favorite free AntiVirus even if it has an ugly UI.

    I do use Firefox with NoScript and keep Windows Defender running. My theory is that AV doesn’t catch the really nasty stuff and I try to be careful with what I download and the websites I visit. If I question anything I download, I’ll scan it with a computer that has AV software installed and/or use http://www.virustotal.com/.

  10. Ben Ceckaon 14 Dec 2008 at 2:50 pm

    I use ClamAV on all of my personal machines. If I had top notch machines then I’d probably run AVG, but I can’t justify the processor time for any software that is more than likely not doing a solid job. Real-time scanning just isn’t worth it to me when I can have my computer prioritizing more effective tasks.

  11. Rafal Loson 14 Dec 2008 at 8:45 pm

    I regularly research “malicious content” such as web sites, binaries, etc and the *only* malware-protectant worth a crap is Kaspersky. I just recently purchased the new version and tested it against some of the malware and malicious sites out there… and it’s by far still the best.

    Sadly, everything else is just variants of crap. At the end of the day though most virus/malware scanners are pattern-based, so they top out around 10% effectiveness (known and unknown threats) if we are to believe “unbiased” reports.

  12. Security4allon 15 Dec 2008 at 6:42 am

    I’m a very happy user of Avira home edition. Sure, not spyware & firewall in the free edition but I run spybot search&destroy from time to time.

    Together with Firefox & Noscript, I feel quite secure. Apart from running a Secunia OSI scan to detect missing patches.

    I have seen quite high detection rates with Avira in a lot of test due to good heuristics and I’m still quite confident in it. It’s the big commercial ones like McAfee &Symantec that get tested first to avoid detection.

    Pick your favorite poison.

  13. Tomon 15 Dec 2008 at 6:56 am

    Avast is really good AV that I recommend to friends and family…mostly because it is free and does the same job as your more bloated and expensive AV’s like Symantec or McAfee. I also install Windows Defender on their PC’s as an additional layer for spyware protection. Like the others have said, AV doesn’t catch everything but as part of a layered defense you have to have it.

  14. Chrison 15 Dec 2008 at 7:10 am

    I use Antivir on one XP desktop and inside some virtual machines. I find that it is faster than most and doesn’t noticeably bog down the system.

  15. David Szpunaron 15 Dec 2008 at 7:44 am

    Personally, I’m a new fan of Sunbelt Software’s VIPRE antivirus. I just switched to their Enterprise product at work and am using their included Home Use licenses myself, switching from Symantec in both cases. VIPRE’s resource usage is so low (even when scanning) as to be almost unnoticeable, while Symantec was so bloated in a few cases I’ve had to add more RAM to keep systems running (especially after upgrading to Symantec 11!). Sunbelt already had highly-rated commercial anti-malware software, CounterSpy, but they added an antivirus component this year. It’s not free but they do have a “one license price for all your home computers” license. And they had a Black Friday sale of $10/computer that you missed :-) I have talked to support for our Enterprise version several times and they are one of the most responsive and helpful companies I’ve dealt with, highly recommended just from that angle! I won’t say they’re perfect, just that they fix any issues and are prompt about it, which is as much as you can ask really.

    Just a satisfied customer :-)

  16. Joe Websteron 15 Dec 2008 at 9:19 am

    Maybe I’m crazy, but I’ve always thought AV was a sucker game, so I don’t use it myself. Other than the anemic AV that comes with the free Comodo firewall. I think a better approach is to head the malware off at the pass. I use either a completely virtual Windoze environment (courtesy of VMware running an a real OS) or Sandboxie to sandbox anything that grabs data from the cloud.

    My non-techie wife uses VCOM’s SystemSuite package (not free but a way better deal than Symantec or McAfee) which includes the TrendMicro AV. It runs fairly well on her Vista box.

  17. Sam Van Ryderon 15 Dec 2008 at 9:40 am

    I’ve been using Avira for about a year and am pleased with it so far. I do also run the NoScript plugin and the Spybot stuff. No real threats ever since (then again, I do make a point to do regular scans as well).

    Amazing the amount of responses you got to this post – a very passionate topic indeed!

  18. cwon 15 Dec 2008 at 2:34 pm

    At home: Windows Vista laptop: Avira, Comodo FW, global DEP; FF +NoScript, SEH registry tweak (protects against SEH-based mem corruption attacks), IE zone hardening (no specific use of IE), lots of firewall tweaking in Core Networking. Secunia PSI. No AV on OSX box, OpenBSD box or Linux box. XP box mostly for music, using Avira there too.

  19. Mikeon 15 Dec 2008 at 7:26 pm

    I’m a touch unsure on some of this – it always seemed to me that it was highly advised not to install or run multiple anti-virus/anti-spyware applications at the same time. A few have mentioned doing this, which seems to fly in the face of what to me seems conventional wisdom – or has this changed with improvements to AV over the years and become more of a marketing thing? I know server solutions will sometimes run multiple AV engines to give that additional protection, but theres an ocean between server solutions and home/PC solutions.

  20. Jean-Philippeon 16 Dec 2008 at 5:23 pm

    Whenever I can I install a different OS than the Microsoft one when it is possible, but it is not always possible, so I mainly use and install ClamWin (an opensource anti-virus) http://www.clamwin.com/ and Comodo as a personal firewall http://www.personalfirewall.comodo.com/

    @Mike,
    You are still right, usually running multiple antivirus at the same time is not a good idea, resource wise, and due to frequent clash by having two program scanning memory at the same time.

  21. Cd-MaNon 20 Dec 2008 at 7:52 am

    Sorry, I’m a little late to the game. Hopefully I can still share some useful advice.

    From my experience (being a virus researcher for 3 years and have looked literally at thousand of samples) all AV software is quite ineffective. IMHO, the most trustworthy results are the one published at the av-comparatives.org website, but you will see that even the best products miss thousands (!) of samples.

    To counter some arguments from the comments (I know that it looks like I’m pimping my blog, but the fact of the matter is that I’ve written about many of the issues raised):

    – Spybot Search & Destroy is mostly useless (as is AdAware). They are living off the name they made for themselves in the past. See my rant at: http://hype-free.blogspot.com/2008/10/stop-anti-spyware-nonsense.html

    – All the respect for the ClamAV guys, but their detection rate is so low that it’s not even funny. And combined with the fact that their primary aim is gateway scanning (ie mailgateways), it is not even near an effective solution. Also, lets not forget that they do not provide on-access scanning and third-party products which do (based on the ClamAV engine) are not mature yet.

    – NoScript is effective, but by no means usable by the average person. Instead I would advocate using a hosts file (http://www.mvps.org/winhelp2002/hosts.htm) to block more “dubious” parts of the Internet (warning! sometimes it is overly aggressive, and it can break things which the user might like – for example I like Google AdSense)

    – Under no circumstances should you run multiple AV! This is an almost sure way to (a) major slowdown (b) computer hangs / bluescreens and (c) possibly the computer not booting anymore.

    – The **most** effective thing is using a “non-standard” environment (see http://hype-free.blogspot.com/2008/04/how-efficient-are-non-standard.html). You can take a look at my post title “Windows XP High Security Configuration” (http://hype-free.blogspot.com/2008/04/windows-xp-high-security-configuration.html). Applying the listed security measures will prevent 99.99% of the malware from running!

    In conclusion, my advice would be:
    – don’t let them run as admin!
    – if possible, use Vista (again, because XP is much more widely spread, most malware currently targets XP)
    – don’t use mainstream programs! Use FoxitPDF reader, not Adobe Reader. Use Firefox (or Opera) instead of IE.
    – Use software restriction policies to set where programs can be run from.
    – Keep the PC up to date! Run Windows Update regularly and use something like the Secunia PSI to check for vulnerable software!
    – Use a hosts file to block sites in combination with OpenDNS.
    – Configure the firewall to block all incoming connections if possible
    – Disable Autorun (http://hype-free.blogspot.com/2008/09/autorun-malware.html)
    – And, lastly, just for defense in depth, use an AV. Here are my configuration guides for Avast (http://hype-free.blogspot.com/2008/10/installing-avast.html) and AVG8 (http://hype-free.blogspot.com/2008/10/installing-avg-8.html). Probably I should also do one for Avira, but last time I’ve tested them, they were very ad-loaded (admittedly this was several years ago).

    If you use these methods, the chance of the computers getting malware is almost nil.

  22. Markon 25 Dec 2008 at 1:57 pm

    I’ve been using ESET’s NOD32 for a while now, but its not the only AV I run – My firewall (Astaro) scans all incoming emails and downloads for known malware content. I know my email provider does something similar but using a different anti-virus.

Trackback URI | Comments RSS

Leave a Reply

7ads6x98y
%d bloggers like this: