What antivirus do you use?

What antivirus do you use?

I'm currently using Symantec Antivirus but thinking of swithcing, maybe to Avast!
What antivirus are you using/recomending?
Are you using more than one? If so check them both on the poll.

PS: There are some other topics on the Opera forums about antivirus software, but afaik none have such a large poll
http://my.opera.com/community/forums/topic.dml?id=6343
http://my.opera.com/community/forums/topic.dml?id=28709
http://my.opera.com/community/forums/topic.dml?id=105528

Come on, awaiting votes

Opera

ClamAV.

Avast Home

nod 32, best there is

Been using Avast for some time and I really like it. I've been meaning to try out NOD32 but haven't gotten around to it.

Bitdefender 9 std. on my win2k PC and thanks to the C't Mag i now have a 1a license for nod32 for my new xp x64 system....
so far I can say that even if nod feels a bit more elegantly i prefer bitdef over it and hope that in time my current bitdef license run out they too will have made the transfer to 64bit

Some experiences:
BitDef9 and OperaV8 seem to have certain glitches (Excluding the Opera8 Directory from BitDefs Shield solved that for me, and personally I have no trouble in doing so)

Nod32 first dissapointed me as I copied my Opera8 Profile and Mail Folder from my old machine to the new system as it did not popped up with viri-warnings whilst doing so. After the transfer I rechecked with a direct on-demand scann with nod for the mail directory and was shocked that it was not able to recognize my achieved viri therein (bitdef can scann operas mbs files and reports the viri, but cannot modify the mbs files to clear them). But after I modded the corresponding ini files for Opera (changing old systems path to new ones, so that the profiles/mails were recognized properly) I opened Opera and accessed some of the mails with the known viri & Nod popped up and notified me about them - so some trust into the programm was given back to me (but thats one major reason I still prefer BitDef).

P.S.: Sorry, have not checked if the poll was multi-choice - so I just marked Other for me and named both I am using here.

NOD32

Originally posted by Shandra:

P.S.: Sorry, have not checked if the poll was multi-choice - so I just marked Other for me and named both I am using here.

Well i should have named the topic "What antivirus do you use? [Multichoice Polls]"
It's too late now, if i edit the first post i'll loose all the votes

yeah ! my av is winning !

NOD32. Been using it for about four years now, maybe more. Pete

Althought it's still early (only 28 votes) it's surprising to see that most big companies have no votes or only one vote.

Using Avast for over 2 years.. not one evil chunk of code passed by him.. Good man Avast!!

HA, Avast what good is Avast besides to slow down your computer run another test on Avast and watch all the little things it lets by it's kinda sad but O' well. I'm sure they will fix this some day, every program has it's flaw so I won't pick on Avast to bad.

Originally posted by TemporaryChaos:

HA, Avast what good is Avast besides to slow down your computer run another test on Avast and watch all the little things it lets by it's kinda sad but O' well. I'm sure they will fix this some day, every program has it's flaw so I won't pick on Avast to bad.

So what would you recommend instead of Avast?

Mh, the latest C't AV Test I know said to avast - fast scanning but only average virus recognition (speed gain by limited depth of scan), Afee and Panda had so many disadvantages (not only did they not recognized 100% of the ITW list, but failed in some other aspects too) that I cannot understand how anyone wants to pay for them. So Avast wasn't a bad scanner - it had a 100% ITW recognition (on-access, not on-demand)but to be average isn't a recommendation for a AV - unless you see it compared to no protection at all
Kaspersky and therefore GData (wich includes the Kaspersky Engine) performed very good (100%backdoor/trojan/bots wich noother enginge achieved) and had a superiour signature update (alike to bitdef in a 1-2hour intervall) ... bitdef lacks in usability without admin rights but were also recommended and nod32 had the best heuristic of all the engines in recognizing malware and unknown viri.
Testscenario for the heuristic was: 3/6month old signature base (tested with standard new viri) and modified known viri (changed as skriptkiddies could do + modified container "format") there Nod performed (advanced heuristic activated) 83.4%/71.2%/90.9% best of the tested scanners, Kaspersky: 30.5%/19.2%/59.1%, BitDef9: 55,9%/38.3%/95.5% and for instance AVG Pro: 8.2%/3.8%/47.7%.

My DreamAV would be a blend of Kaspersky/BitDef and Nod32

Looks like I'm the first one to vote for Norman. It's OK, the only reason I use it is that my father gave me his old laptop, and that laptop had Norman already installed. The strange thing is that I still have a license for updates, almost two years after my dad left the business that paid (is paying?) for the license.

BitDefender Pro Plus:
integrated firewall & registry control, configurable, small updates, fast scan, works stable even on old Win98, very cheap in 3 years licence.
not so simple in use as AVAST or PANDA.

Hi! It's very interesting topic =))
In Russia we use few antiviruses:
1. Kaspersky Anti-Virus Personal/Pro
2. Dr.Web for Windows (lacking!!!)
3. Symantec/Norton Antivirus

The best one is absent!!! Do you know why??? Because all antivirus
firms exchange new virus bases with each other! Sometimes client's
security more important than trade secret!

Besides, you know that a lot off people use piratic software including
antivirus in Russia =)))

Nevetheless Kaspersky permit access to updates for such a users =))))))

What do you think about such a clever move?

Andreich, i'm not sure i can understand what you are saying.

I made the poll, and i tried to include as many antivirus software that i could find (on download.com and in av tests). I could have included all 24 av's tested by Virus Bulletin, but that would have made the list too large. Note also that 4 of the listed av's haven't yet received a vote and i did leave an option for other/specify in thread.

And i don't quite follow you on the Kaspersky update access and the virus database exchange thing.

Originally posted by shogunu:

Andreich, i'm not sure i can understand what you are saying.

Maybe, I've done too many mistakes in English... sorry... but idia is clear, is not it?

Originally posted by shogunu:

I made the poll, and i tried to include as many antivirus software that i could find (on download.com and in av tests). I could have included all 24 av's tested by Virus Bulletin, but that would have made the list too large. Note also that 4 of the listed av's haven't yet received a vote and i did leave an option for other/specify in thread.

No problem.. You did not mention only one: Doctor Web (Spider)... And I don't think that too many people use it...

Originally posted by shogunu:

And i don't quite follow you on the Kaspersky update access and the virus database exchange thing.

Explain, please... Do you know details of Kaspersky update access and the virus database exchange? I'm programmer but I don't know much about it...

Originally posted by shogunu:

And i don't quite follow you on the Kaspersky update access and the virus database exchange thing.

I think he means that kaspersky allows definitions update for pirated users. and virus bases = virus definitions I guess.

chesss, i understood what he said, just that i didn't understood what the parallel was between Kaspersky's allowing updates to pirating users and sharing virus databases with other companies
Also, i'm not quite sure that companies really do that, i mean having a broader virus db means a technological edge that ensures business, no?

Originally posted by shogunu:

Also, i'm not quite sure that companies really do that, i mean having a broader virus db means a technological edge that ensures business, no?

I visited Microsoft conference at Бауманский университет last year... And I was at Kaspersky's presentation. So I be charged with all of my posts

I find Avast very good

An avast! user here.

Originally posted by Andreich:

I visited Microsoft conference at Бауманский университет last year... And I was at Kaspersky's presentation. So I be charged with all of my posts

If Kaspersky actually exchanges virus db with their competitors for the sake of the end-users, that's wonderful, but what i think might be happening is that they exchange only old virus db.

Originally posted by shogunu:

Also, i'm not quite sure that companies really do that, i mean having a broader virus db means a technological edge that ensures business, no?

The real edge lies in efficient Heuristics, Speed, Memory usage and how well an AV actually can Clean out malware.

An example on this is how Bitdefender 8 professional failed to remove the eicar anti-virus test file** from my Opera cache. It did something to neutralize it, but it was still there and each time I started up Opera BD would pop-up a notice about this file saying something along the lines 'could not clean out the file but have successfully neutralized it' pfffft...
The only way for me to get rid of the file was to boot up in safe mode and delete it manually. In comparison, NOD32 effectively blocks the Eicar test file as soon as I attempt to download it, and most certainly it don't force me to go to extremes such as booting up in safe mode and manually delete a non-viral test file.

As for AV companies co-operating here is a snippet from a article dated January 31st 2006.

"Enterprises should welcome the announcement of the collaborative effort between the large antivirus vendors," because it should result in better antispyware tools, said Andrew Jacquith, an analyst at Boston-based Yankee Group Research. "[Antispyware tools] are probably the number one increasingly deployed items" within enterprises, he said. "This is a real issue, and the need for collaboration is great."

Under the collaborative effort announced Monday, the participating vendors have agreed to share spyware samples they find, said Bruce Hughes, senior antivirus researcher at Trend Micro.

Spyware samples are used by vendors to develop specific signatures for blocking them with their antispyware tools, in much the same way antivirus vendors use virus and worm samples to develop signatures that block them.

Sharing samples and other information on spyware programs will allow the vendors to develop signatures for a broader range of spyware than is now possible, he said. "Sharing spyware samples makes everybody a lot stronger," Hughes said. Right now, there are so many spyware programs that it's difficult for vendors to protect against them all without some sort of information- and sample-sharing, he said.

https://www.pcworld.com/reviews/article/0,aid,124564,00.asp

** "The Eicar test file is a file, developed by the EICAR organization, that is used in testing anti-virus scanners for their integrity in detecting viruses. The actual file is simply a text file of either 68 or 70 bytes that can be created using any text editing program (Such as Notepad), although it can be saved and run as an executable MS-DOS .COM file.

While it does register as a virus under any reliable virus scanner, it is a completely benign file that will not harm, attach to files, or replicate and spread over networks. If executed, the file will simply display the message EICAR-STANDARD-ANTIVIRUS-TEST-FILE!, and then terminate.

Its use can be more versatile than straightforward detection - for example, a file containing the Eicar test string can be compressed or archived, and then the antivirus software can be run to see whether it can detect the test string in the compressed file.

The test string was specifically engineered to consist of ASCII human-readable characters, easily created using a standard computer keyboard. It makes use of self-modifying code to work around technical issues that this constraint makes on the execution of the test string." http://en.wikipedia.org/wiki/Eicar_test_file

Crappy thing for BitDefender to behave like this. And speaking of BD, i don't know why don't they spend their money on actually improving the software, which i found to be very bloated and somewhat inefficient, instead of opening offices in Germany, Spain and the U.S.A. (like that even matters).

Mh... Just tested on my w2k machine for the eicar file and bitdef....
it detected it right (as eicar test, not a virus) and deletion from within windows was not possible - but no safe mode needed, just perform a regular bitdef on demand-scann on the file and select delete - or configure the shield to anything else than block access and continue... if its configured that way (default) as second action of course the file will be locked (and bitdef is just doing as told in that case, so do not blame the app about the configuration it is set to )

I find Avast! a very good program.

I am also very happy with Avast!
I especially appreciate the fact that Avast! supports IMAP.

I realize that I come from a very different environmental background than most of you, so my solution is most likely not the best for most of you... that said I don't tend to use any AV software.

At home I use an NT based (2000pro, XP64, 2003server) network and all normal accounts do not have the ability to install software or make system level changes. Additionally I have disabled macros, associated all scripting extension (.vbs, .wsh, etc) to notepad.exe, and all internet accessing client software runs with the security context of an even more restricted account.
When I wish to install software I use Trendmicro's Housecall (I never like to name specific products, but I think they might be the only one that offers such a service) services which is a lightweight, on demand virus scanner to validate untrusted packages.

In professional environments a similar setup was used, but the same test department that validate patches would also validate additional packages. These approved packages would then be digitally signed and placed on a specific network drive. Normal users were only able to install software that showed this internal digital signature. This ensured enforcement of the change control policy.

The advantages over these setups to using an antivirus package are:
- No longer a race between the virus and the new AV signature
- Removes the need to purchase and maintain additional software
- Change control policy enforcement is simplified
- Malicious infection attempts by internal users are prevented

cheers,

catch

I'm using Zone Alarm anti-virus. I got it mostly for the pro version of the firewall.

Nod32 on Windows XP Pro, Home and Windows 2000 server work incredibly well.

zzycatch, you should vote for Trend Micro.

Its interesting to see that Avast is currently top of the poll. I currently use AVG and have had no distinct problems with it, but from what I have read about Avast this seems a better free alternative (i.e. real-time protection for IM clients etc). The only concern I have about Avast is that I have read somewhere that it can conflict with Zone Alarm firewall, although I cannot get any concrete info in order for me to make an educated judgement about possible conflicts. I may just take the plunge and try Avast for my own curiosity.

Having said that, I cannot speak more highly of AVG as a free AV, it is certainly better than McAfee's disgraceful excuse for security software. I would warn any potential user from using the latest version of the Internet Security Suite 2006, I had major problems with it.

Dava

What's even more interesting is that the "big guys" don't even come close to the top 3.

When you say "big boys" I assume you are referring to Norton and McAfee. Well to be honest it is not surprising since these days Norton and McAfee are horrendous resource hogs that they are not worth running even if they were any good. As it happens, neither Norton nor McAfee are considered the top AV brands any more. As the Internet is growing, in terms of the numbers of people who are now getting on line, so the demand for software to become cheap to the point of being free, increases. Take out the PCs which come free with Norton and McAfee from suppliers such as Dell and PC World (here in the UK) how many people actually actively go out to install Norton or McAfee products on their PC. I did it once, and never again. Long may the likes of AVG and Avast produce high-quality, free products.

Dava

Norton, McAfee and also Norman, Panda, CA and F-Prot.

You know, I've never heard of Norman. Computer Associates is another large organisation that I didn't think about. As it happens I get free AV from CA with my ISP, however have stuck with AVG as my AV up till now.

As a follow up to this topic, does anyone have statistics about the relative success of the different AV solutions against each other I.e. detection rates, cleaning rates, general details on which AV is statistically the best.

Dava

I think the Virus Bulletin comparatives is what you're looking for http://www.virusbtn.com/
You have to register (for free) to get access to the content, and it compares only if the products detect 100% In The Wild samples and no false positives, but it's pretty useful

Originally posted by shogunu:

I think the Virus Bulletin comparatives is what you're looking for http://www.virusbtn.com/
You have to register (for free) to get access to the content, and it compares only if the products detect 100% In The Wild samples and no false positives, but it's pretty useful

Cheers, I have come across Virus Bulletin before and will have a look at it.

Dava

Originally posted by shogunu:

zzycatch, you should vote for Trend Micro.

I would except for two things:

1. I've only used TrendMicro about three times over as many years.
2. TrendMicro has never prevented me from getting malware (that is done by my Windows security policy, which is why I voted for "other")

cheers,

catch

I'm AVG Free all the way What more could I want than a free, automatically updating database that doesn't hog my system resources?

I used McAfee back in the day when viruses weren't as big of a problem, and I had no problems with it. But my aunt installed Norton Security Center on her age-old laptop, despite my opinionated objections, and when my computer died forcing me to use her laptop, I ended up developing a profound hate for the Security Center. So sloooooow.

Strange.. I don't see Housecall on there. That's a very convient virus scanner, albeit not something that sits on your computer

Housecall is a free online scanner from Trend Micro, and probably uses the same engine as other Trend Micro products.

Originally posted by jnome:

I'm AVG Free all the way What more could I want than a free, automatically updating database that doesn't hog my system resources?

I used McAfee back in the day when viruses weren't as big of a problem, and I had no problems with it. But my aunt installed Norton Security Center on her age-old laptop, despite my opinionated objections, and when my computer died forcing me to use her laptop, I ended up developing a profound hate for the Security Center. So sloooooow.

Strange.. I don't see Housecall on there. That's a very convient virus scanner, albeit not something that sits on your computer

The AVG update feature is the only part of the software where I have a gripe. The automatic update window is only 2 hours daily, thats not to say you can't update manually, however for myself my hours of work on my PC vary considerably so the automatic update window is a bit of an arse for me.

One of the best thing about AVG is the e-mail attachment extension removal feature which allows you to remove known potentially dangerous attachments by their extension. For those who are not sure what I'm on about they can do the following:

1. Open the AVG Control Center
2. Select the e-mail scanner option and click Properties at the bottom.
3. Select Configure.
4. In the Attachment Filter section: Select remove attachments and remove all executable attachments. Copy the following string into the Remove files with these extensions box:

ADE;MDB;ADP;MDE;BAS;MSC;BAT;MSI;CHM;MSP;CMD;MST;COM;PCD;CPL;PIF;CRT;REG;SCR;HLP;SCT;HTA;

5. Click OK and exit the AVG Control Center.

AVG will now remove all e-mail attachments that potentially are dangerous. This is a superb feature particularly for people who use POP3 e-mail clients like Outlook or Outlook Express.

Dava