Avira AntiVir NOT at CSU FAQ

v. 0.14, Jul 2, 2008

Zube (zube@stat.colostate.edu)

This guide is an evolving document. Please help make it better. If you have any additions, suggestions or corrections, please mail me.


Symantec Anti-Virus Corporate Edition has been the chosen AV product at CSU for many years. For various reasons, a few departments decided to follow a different path by switching to Avira AntiVir but this decision was blocked by the central CSU IT support people (ACNS, Academic Computing and Networking Services). Their reach does not extend to personal Windows machines, however, so what once would have been for the campus is now for my own amusement.


Why AntiVir?
Does Avira have an FAQ?
Where are the Avira discussion forums?

Home Use

Can I install AntiVir on my home computer?
Can I prevent the nag screen from appearing?
What about Spyware protection?
The free-for-home-use version claims it will expire sometime in the future. Is that true?
What directories should I exclude from scanning?


What doesn't work with Antivir?
How do I prevent the splash screen from coming up on login?
Trouble downloading updates?

Q: Why AntiVir?

A: AntiVir was not a positive choice in the sense that all current anti-virus products were tested and AntiVir came out ahead. It was more of a negative choice in that it was the only one left after others were removed from consideration. The main reasons were:

Q: Does Avira have an FAQ?

A: Here is the Avira Products Support FAQ. Scroll down a bit to the section titled Avira AntiVir Classic/Prem./Sec. Suite/Workstation. Many issues are addressed there.

Q: Where are the Avira discussion forums?

A: There does not seem to be a discussion forum for AntiVir Workstation (the campus product that is not being used) but there is the AntiVir Personal Forum.

Q: Can I install AntiVir on my home computer?

A: A home-use-only version of Antivir called AntiVir Personal is available for download from http://www.free-av.com. Initial testing has shown it to be much faster than Symantec, but it contains a nag screen that appears whenever the virus definitions are updated. It also does not detect spyware, so it is important to look into free spyware solutions as well. Please see the spyware entry for further information.

You can also purchase the full version that includes spyware detection. AntiVir Premium is 19.95 Euro for a one-year license, 5 Euro of which goes to the Auerbach Foundation.

If you choose to install AntiVir Personal or any other anti-virus product, please make sure that you remove Symantec Anti-Virus completely and reboot before installing. Two anti-virus programs running on the same machine at the same time is a direct path to profound computer sadness.

Q: Can I prevent the nag screen from appearing?

A: Yes. Several options are listed on this page. I've used the third option (using a software restriction to stop avnotify.exe from executing) with success on Windows XP.

Q: What about Spyware protection?

A: It's important to augment your anti-virus software with spyware protection. Two products that have been used with success in the past are:

We recommend using these two together (they coexist fine). In brief, the idea is to install both (I usually do not install the teatimer bit in Spybot Search & Destroy) update the definitions and then Immunize (Spybot Search & Destroy) or Enable Protection for All Unprotected Items / Enable All Protection (Spyware Blaster). Doing this once a month or even once a week is simple, quick and will help prevent the installation of spyware on your Windows box. Spybot S&D can also scan your computer for currently-residing spyware and attempt to remove it.

Both of these programs are free, but they have donation pages, so if you use them, please consider donating.

The best way to deal with spyware is to never get it in the first place. You can help by using a non-IE browser such as Firefox, Seamonkey or Opera, by not clicking on email attachments without thinking and by being careful about where you download software from. For this last case, you might head on over to Softpedia when you are looking for programs, as they scan the files they host for spyware and viruses.

If you use Firefox or Seamonkey, the single best protection against spyware is to use the noscript Add-On. It allows one to configure which domains are allowed to run scripts, flash, java, etc. and denies all others. It is highly configurable, fairly intuitive and free (donations accepted).

Q: The free-for-home-use version claims it will expire sometime in the future. Is that true?

A: No. If you click on the plus sign in that section of the status window, it displays "License will be automatically prolonged about 4 weeks before expiration."

Q: What directories should I exclude from scanning?

A: Microsoft KB 822158 suggests that if you are running Windows 2000/XP/2003 c:\windows\SoftwareDistribution\Datastore should be excluded from scanning (c:\winnt\SoftwareDistribution\Datastore for Windows 2000). The KB article does not mention Vista. To do this in AntiVir:

Q: What doesn't work with AntiVir?

A: According to the readme.txt, the following two sets of programs are a problem:

Also, limited scans do not seem to be available in AntiVir Personal. The entire disk can be scanned for viruses, but not any particular subdirectory or file.

Q: How do I prevent the splash screen from coming up on login?

A: Always be careful when using regedit, please. Now then, open a dos window and run regedit.exe. Browse to the following key:


When you click on the Run key in the left pane, you'll see some entries pop up in the right pane. One of those entries will be "avgnt" and if you double-click on it, you'll see that its value is:

C:\Program Files\Avira\AntiVir Workstation\avgnt.exe /min

Add /nosplash to the end of it so it looks like:

C:\Program Files\Avira\AntiVir Workstation\avgnt.exe /min /nosplash

After a reboot, the splash screen should no longer appear.

Q: Trouble downloading updates?

A: Yes, there seem to be times when it's difficult to download the virus updates. I'd suggest setting the update time to mid-to-late afternoon or early evening. Most of my failures have come during the morning or early afternoon hours. Reports of success or failure times are welcome.