Many AntiVirus companies have released "Home Edition", "Personal Editions" versions of their full product (which include real time protection) for free personal use. Add the many on demand scanners available for a second opinion, and the possibility of a third opinion with full disk online scans of practically every major antivirus product, there seems little reason to pay for a commercial product if one doesn't want to.
Memory Resident antivirus Edit
- Avira AntiVir PersonalEdition Classic (nagware)- http://www.free-av.com/
- Avast! Home Edition - http://www.avast.com/eng/avast_4_home.html
- AVG Anti-Virus Free Edition - http://free.grisoft.com/doc/1
Active Virus Shield -http://www.activevirusshield.com/antivirus/freeav/index.adp?Discontinued for new users 1st Aug 2007
The big three freeware antiviruses have traditionally being AntiVir, AVAST! and AVG. AntiVir in recent times has dominated some on-demand anti-virus tests, with results rivaling that of even top ranked antiviruses like Kaspersky Anti-Virus (KAV). AntiVir however lacks a email scanner unlike the other two, and the free version does not offer protection against spyware and adware. AVAST! provides additional features like Webshield (HTTP shield), IM/P2P shields on top of the standard resident shields. Experts differ on how important such features are (particularly the ability of http shield to handle exploits) given the existence of a classic file resident shield. AVG is probably the most popular of the three antiviruses, though it doesn't tend to do well in on-demand antivirus tests. AOL Active Virus Shield (discontinued) is based on KAV 6 (note: the latest KAV 6, provides various improvements, e.g PDM), and uses the well known and top rated antivirus engine. However many users have refused to use it on the account that it is from AOL. There is also some dispute over the permissive EULA. AOL has now replaced AOL Active Virus Shield with McAfee® VirusScan Plus (see below). This provides a more comprehensive range of protection covering email, IM as well as Buffer overflows and a system guard of various hijack points. There is also an option to install the whole suite including the firewall.
- Comodo AntiVirus /Comodo Anti-Viruspyware (CAVS) (betaware) -http://www.antivirus.comodo.com/
- ClamAV (open source)- Available with http://sourceforge.net/projects/clamrt/ or Spyware Terminator or Winpooch
CyberDefenderFREE - http://www.cyberdefender.com/ ad-supported (non-intrusive banners in interface)ROGUE (Ref: http://mysteryfcm.co.uk/?mode=Articles&date=17-04-2007 and http://hosts-file.net/?s=cyberdefender
Esafe - http://www.freedownloadscenter.com/Utilities/Anti-Virus_Utilities/eSafe_Desktop.htmlOutdated
- Malware Immunizer - http://faltronsoft.org/index.php?option=com_content&task=view&id=19&Itemid=20
- McAfee® VirusScan Plus – Special edition from AOL - http://safety.aol.com/isc/BasicSecurity/ 1 year only?
- Moon Secure Antivirus (open source)- http://sourceforge.net/projects/moonav
- PCclear Antispyware with Free Antivirus - http://www.softpedia.com/get/Antivirus/PCclear.shtml unverified
- PC Tools AntiVirus (nagware) - http://www.pctools.com/free-antivirus/ based on VirusBuster engine.
ClamAV is an open source project, it probably works best on email gateway servers rather than on host personal machines. The main project does not offer real time protection but there's a project to implement real time scanning or you could use Spyware Terminator with ClamAV. Moon Secure Antivirus is yet another ambitious open source project but currently uses only ClamAV signatures for real time protection.
All the other freeware antiviruses are probably too new and are not mature enough (needs to catch up with databases) to be worth considering. Comodo AntiVirus is still immature, tests by AV-comparatives show it is still far below the levels of most conventional antivirus. It also incorporates executable whitelisting.
Malware Immunizer is an unorthodox (and probably ineffective) approach to preventing malware by creating harmless text files with the same names of files created by malware.
On Demand antivirus scanners Edit
- BitDefender 10 Free Edition - http://www.bitdefender.com/bd/site/downloads.php?menu_id=21
- ClamAV (open source)- http://www.clamwin.com/
- Dr.Web CureIt! - http://download.drweb.com/drweb+antivirus+free+services/#0
- Malicious Software Removal Tool - http://www.microsoft.com/security/malwareremove/default.mspx
- MicroWorld Free AntiVirus Toolkit Utility (MWAV) - http://www.mwti.net/products/mwav/mwav.asp
- Norton Security Scan (Special version from googlepack that cleans) - http://pack.google.com/intl/en/pack_installer.html?hl=en&gl=us
One problem with running multiple anti viruses is that conflicts can sometimes occur.Some antiviruses will not install if they detect the presence of another antivirus installed. Of course, you can use Online scanners but these have their own problems. Most of the antiviruses here (with the exception of BitDefender 10 Free Edition) are standalone executables that do not install any files or services (all resides in one directory) hence they can be used and removed without any problems. http://www.mwti.net/products/mwav/mwav.asp MWAV which uses the top notch KAV engine used to be popular, however it does not infect, and has annoying false positives with registry entries. Three worth considering are Dr.Web CureIt!, Norton Security Scan and BitDefender 10 Free Edition (though BitDefender is heavy and installs a lot of unnecessary services) because they are top notch antiviruses that can be used as backup scanners.
- ArcaMicroScan - http://www.arcabit.com/products_arcamicroscan.html
Antidote - http://www.vintage-solutions.com/English/Antivirus/Super/
- F-PROT (Dos) - http://www.f-prot.com/products/home_use/dos/
- Panda commandline scanner - http://research.pandasoftware.com/blogs/research/archive/2007/07/18/Free-commandline-scanner.aspx
- TT Livescan+ - http://www.tot-ltd.org/TTLivescan+.rar (Multiple-Engine/Plugin - Open Source)
Mostly second tier or outdated products. F-PROT for Dos is respectable though development has stopped (signature updates are still available). Similarly Panda commandline scanner is meant for "research purposes" /"or those who wish to implement malware scanning in a not-for-profit project" only.
On demand (specific cleaners)Edit
- Junk Files Cleaner - http://www.digeus.com/products/junkcleaner/
- Avast! Virus Cleaner - http://www.avast.com/eng/down_cleaner.html
- AVG removal tools - http://www.grisoft.com/doc/34/us/crp/0
- Bitdefender removal tools - http://www.bitdefender.com/site/Downloads/browseFreeRemovalTool/
- Etrust removal tools - http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?CID=40387
- F-secure removal tools - http://www.f-secure.com/download-purchase/tools.shtml
- KAV removal tools - http://www.kaspersky.com/removaltools
- McAfee Stinger - http://vil.nai.com/vil/stinger/
- McAfee Removal Tools - http://us.mcafee.com/virusInfo/default.asp?id=vrt
- Multi-AV (includes Malware removal utility incorporating multiple command line scanners inclucing McAfee, Sophos, Kaspersky and Trend engines.) - http://www.pctipp.ch/downloads/dl/35905.asp , ,similar script(beta)
- Multi Virus Cleaner - http://www.viruskeeper.com/us/mvc.htm
- Norman NGenFix - http://www.norman.com/Virus/Virus_removal_tools/en-us
- Panda repair utilities - http://www.pandasoftware.com/download/utilities/
- Sophos - http://www.sophos.com/support/disinfection/
- Symantec removal tools - http://www.symantec.com/enterprise/security_response/removaltools.jsp
- Trend Sysclean - http://www.trendmicro.com/download/dcs.asp
- Virusbuster removal tools - http://www.virusbuster.hu/en/downloads/free/
- See also List of freeware antispyware specific cleaners
Generic tools to remove specific malware or groups of popular/common malware encountered. Use this, if you know what malware has infected the machine and/or you don't want or can't install the full antivirus packages. Multi-AV is particularly interesting since it is a program written that automates the handling of several of the programs listed here.
- Bitdefender Linux Live cd - http://archive.bitdefender.com/bd/site/mirrors.php
- Ultimate Boot CD for Windows - http://www.ubcd4win.com/index.htm
What is there to say? Bootdisks!
Online Scanners Edit
Note: This section is no longer updated, For updated list and more details about online scans including screenshots, file upload limits, ability to clean etc, see Online Scanners .
Online Scanners (full disk, some do not disinfect) Edit
- Bitdefender Online scan - http://www.bitdefender.com/scan8/ie.html
- Etrust - http://www3.ca.com/securityadvisor/virusinfo/scan.aspx -
- Freedom net -http://www.freedom.net/viruscenter/onlineviruscheck.html
- Fsecure - http://support.f-secure.com/enu/home/ols.shtml -
- KAV - http://www.kaspersky.com/service?chapter=161739400 - Top notch detector but does not not disinfect
- MCafee - http://us.mcafee.com/root/mfs/default.asp -
- Panda - http://www.pandasoftware.com/ - DISINFECTS for virus,worms,trojans NOT spyware, also see Panda Nanoscan
- Symantec - http://security.norton.com/sscv6/default.asp?langid=ie&venid=sym -
- Trend Housecall - http://housecall.trendmicro.com/ and http://uk.trendmicro-europe.com/consumer/housecall/housecall_launch.php (java based)
- Arcaonline - http://arcaonline.arcabit.com/scanner.html
- Ahnlab -http://info.ahnlab.com/english/myv3/myv3.html
- Command Online - http://www.commandondemand.com/eval/cod/codie.htm
- Eset Online Scanner - http://www.eset.sk/virus-info/on-line-scanner
- Pitstop - http://www.pcpitstop.com/antivirus/AV.asp (based on Panda)
- Rising AV - http://online.rising.com.cn/order/KillVirus_EN_Rav.asp -
- Safety.live.com (beta)- http://safety.live.com/site/en-US/default.htm
- Viruschaser (based on Dr web) - http://www.viruschaser.com.hk/eng/webscan/?color=68b9e1,ff99c1?cure=on -
- For more online scanners see also List of freeware online antispyware scans and Lists of freeware online antitrojans scans
Online scanner (multi-engine, single file) Edit
- Jotti's - http://virusscan.jotti.org/
- Virustotal -http://www.virustotal.com/en/indexf.html
- Virus.org spyware scanning - http://scanner.virus.org/
Online scanner (single engine, single file) Edit
- AVAST - http://onlinescan.avast.com/
- Avert(r) Labs WebImmune (registration required but free) - https://www.webimmune.net/default.asp
- ClamAv - http://www.gietl.com/test-clamav/
- Dr Web (via firefox antivirus link checker) - https://addons.mozilla.org/firefox/938/
- Dr Web - http://online.drweb.com/ , http://old.antivir.ru/english/www_av/
- Fortiguard - http://www.fortinet.com/FortiGuardCenter/antivirus/virus_scanner.html
- KAV - http://www.kaspersky.com/service?chapter=161739400
- UNA Online - http://www.una.ua/eng/online.html
Online Sandbox detection Edit
- Normon Sandbox - http://sandbox.norman.no/live_4.html
- Sunbelt Sandbox - http://research.sunbelt-software.com/Submit.aspx or http://research.sunbelt-software.com/Submit.aspx
- NoSpyZone Security Cente - http://nospyzone.com/SecurityCenter/Download/index.html
- VirusTotal Uploader - http://www.virustotal.com/metodos.html
Information Sources Edit
Testing and certification sites Edit
- AV Comparatives - Latest on demand and retrospective testing results Aug 07/May 07.
- Avtest.org - Latest May 07 results, Aug 07, pdf
- CheckVir -Latest May 07
- ICSALabs - List of certified products
- Malware-test lab
- Shadowserver virus stats
- Virus.gr - (currently down, June 07) - Latest May 07 results
- Virus Bulletin - VB100 awards needs free registration.
- VirusTotal realtime stats of samples submitted by Malware Incident Reporting & Termination (MIRT) + OITC
- West Coast Labs checkmark certification - Level and Level 2
CheckVir, ICSALabs, West Coast Labs checkmark certification are certifying organizations but not all antiviruses submit to such testing. Reputable (though this is often a matter of opinion) antivirus tests are generally on-demand tests, where the tester collects an archive of malware and the antiviruses are nade to scan it without running the malware. Examples include AV Comparatives, Avtest.org, Virus.gr . These generally include samples in the tens or hundreds of thousands and are done at monthly or longer periods. Historically the most famous and reputable test is VB100 awards, however this test differs from the others mentioned because of their relatively small sample size as they test mainly against malware that have being reported in the wild.
Malware Incident Reporting & Termination (MIRT) + OITC and Shadowserver virus stats differing from the tests already mentioned in that malware are tested against scanners (loaded on VirusTotal for the former) as and when they are reported as opposed to waiting and testing all of the them at the same time at fixed intervals (monthly or more). These tests appear to favour scanners with aggressive heuristics because most samples tests will be new or rare.AV Comparatives also provide retrospective tests where scanner signatures are held back for 3 months and tested against current malware to see how much is detected.
Malware-test lab actually executes and runs the malware first and then tests to see how much of it is removed. The sample size is obviously much smaller. There are many other adhoc tests down on the net of course, but are of limited usefulness. See also this document.
Technicial details Edit
- Antivirus Research and Detection Techniques by Extreme Tech - http://www.extremetech.com/article2/0,3973,325439,00.asp and http://www.extremetech.com/article2/0,1697,367051,00.asp
- Who Goes There? An Introduction to On-Access Virus Scanning - http://www.securityfocus.com/infocus/1622 and http://www.securityfocus.com/infocus/1626
- Heuristic Techniques in AV Solutions: An Overview - http://www.securityfocus.com/infocus/1542
- The Evolution of Self-Defense Technologies in Malware - http://www.net-security.org/article.php?id=1028&p=1
- The WildList—Still Useful? http://www.people.frisk-software.com/~bontchev/papers/wildlist.html
- International Antivirus Testing Workshop 2007 - http://www.f-prot.com/workshop2007/presentations.html
- Comparing the comparatives - http://www.mcafee.com/us/local_content/white_papers/threat_center/wp_imuttik_vb_conf_2001.pdf
- Counting Spyware Detections Perception and Reality - http://www.mcafee.com/us/local_content/white_papers/threat_center/wp_pupcounts_0305v1.pdf
- From Traditional Antivirus to Collective Intelligence Panda’s Technology Evolution - http://research.pandasoftware.com/blogs/images/wp_pb_collective_intelligence.pdf
- Antivirus Blogs
- Very comprehensive antivirus resource databases
- Very comprehensive security free software lists
Freeware Anti-Viruses | Freeware Anti-Spyware | Freeware Anti-Trojans | Freeware Anti-Keyloggers | Freeware Anti-Rootkits | Freeware Firewalls | Freeware Behavior blockers | Freeware Sandboxes | Freeware Virtualization | Freeware Security analysis tools | Freeware Hardening tools | Freeware Blocklists | Freeware security services (excluding virus scanners) | Freeware Anti-Phishing | List of portable tools | List of unclassified tools
Related : Lists of online scanners