Monday, February 16, 2015

Anti-Virus Software Update - GSD Thoughts

Quick post.

I’ve been doing some PC support for friends and family these past few weeks.

Some have had expired ($) AV products on their systems and weren’t getting current DAT downloads. Others were running good free solutions.

I’ve continued to use Microsoft Security Essentials on all our home systems coupled with a paid version of Malwarebytes Anti-Malware. I also run EMET so there is that.

I liked Bitdefender Antivirus Free when I ran it on my primary laptop at home for a while, but the whitelisting management was frustrating, particularly with my special tools that are often treated as PUP’s.

So I pondered this How to Install Free, Effective Antivirus Software (for Beginners) - post at Lifehacker that recommended Bitdefender Free again for general users and Avast Free for advanced users.

I then encountered an installation of Avast (2014) Free that one of those family members had on a PC they brought me. I upgraded it to Avast 2015 Free so it was current and generally liked what I saw.

It seems to have been since forever when I posted Freeware Anti-Virus Solutions for Windows so that led to this updated quick-reference post for Freeware AV solutions.

First, I recommend starting with the following resources to get some understanding of AV products and their general ratings/evaluations.

Neither of these will point you magically to the “perfect” solution, but it will give you some background on the lay-of-the-land across different AV vendor products.

My layered use of the following products meets my own household needs but may not be adequate for less-than-advanced users.

  1. Free Firewall Software by GlassWire - Monitors and logs network connections…more used for logging than “active firewall blocking”.
  2. Sysmon - Sysinternals core service to log application/network executions
  3. Enhanced Mitigation Experience Toolkit - EMET - TechNet Security
  4. Microsoft Security Essentials - Microsoft Windows - Core AV protection
  5. Malwarebytes Premium - Supplemental real-time AV/AM protection
  6. (Optionally) Malwarebytes Anti-Exploit - Free Zero-Day Exploit Protection - browser layer protection

However, if all this is too much, and I had to offer alternative AV/AM freeware products for family or friends, here is what I would go with:

I don’t tend to lean to the “Cloud-AV” protection camp, however, these cloud-based free AV/AM products might be worth considering.

Not directly related but I saw news this week that Google and Microsoft are working to create better whitelists for good files.

Constant Vigilance!

--Claus Valca

2 comments:

FF Extension Guru said...

Hmm...interesting about Avast! I went into Windows 8 Control Panel and did a change on the installation and noticed a bunch off tools were selected including the 'NG' one. I disabled all the tools except for the update service. I will have to see if this improves my startup performance. Eventually, I may do this on my Win7 laptop and the testing Win7 desktop that doesn't do much other than occupy an otherwise empty corner in my office.

Claus said...

@ FF Extension Guru - Indeed! I love these arcane little troubleshooting tidbits I seem to collect. May not be an issue on most systems but it usually is bound to come in helpful down the road.

I remember when I used to run AVG that I could select to install only certain components of the AV product suite. I usually only stuck with the core AV/AM scanner component and didn't use any Firewall, URL, browser add-on components. I don't know if Avast lets you do the same component install tweaking.

Certainly worth considering shedding some of the other components if it lets you and doesn't offer you added value based on your advanced skill level and security awareness.

Now if it was a non-tech-savvy family member or friend who just surfed the web and emailed, then I would probably err on the side of caution and load them down with all the protections the AV suite provided.

--Claus V.