Best FREE anti virus and Firewall advice please

[weare one]

Hi all as the title says what do you recommend/use as the Best FREE anti virus and Firewall.

Searching google has done my head in ie is Windows 10 built in security good enough with perhaps Malwarebytes (as one site says) added on.

Is AVG and Avast now almost but not quite the same since the take over.

I’ve used Comodo years ago but it takes ages to set up and stop annoying you and recent online review are awful.

Any and all advice much appreciated

 

[SpyderTracks]

Hi all as the title says what do you recommend/use as the Best FREE anti virus and Firewall.

Searching google has done my head in ie is Windows 10 built in security good enough with perhaps Malwarebytes (as one site says) added on.

Is AVG and Avast now almost but not quite the same since the take over.

I’ve used Comodo years ago but it takes ages to set up and stop annoying you and recent online review are awful.

Any and all advice much appreciated

I would avoid Comodo, it’s signature detection is one of the worst.

AVG is effectively now adware, again, I’d avoid at all costs.

Avast is quite good.

Personally I use windows defender combined with free malwarebytes (you don’t want paid as you can’t have 2scanners running at the same time). I’ve been using that for years and not had an infection for a long time.

I do still frequent some dodgy sites, but I know now what are dangerous links and just navigate sensibly.

For firewall, the windows one is absolutely fine and very effective unless you’re needing to do some pretty advanced stuff.

 

[ubuysa]

For most average users the built-in Windows firewall and Defender antivirus are perfectly fine. Running the Malwarebytes on demand scanner periodically is a very good idea, but make sure you never activate the Premium version - you must not have two real-time antivirus engines active at the same time.

Comodo Internet Security (CIS) is in my opinion the best online security available on a home PC, and it's free. I've been using it for many years now. It is true that it requires some knowledge of how Windows and networks work to get the best from it, and you do get a lot of alerts in the early days, so it's not for everyone. Although I don't recommend it for most average users, for those who want a more granular and more effective security system it is well worth the effort of getting it setup properly.

The view that CIS is poor because it's antivirus detection rates are lower than others misses the point - CIS doesn't depend on detection to provide security. CIS uses a 'default deny' philosophy, which is one reason it can be hard to setup, and that means that any unknown process on your system is run in a sandbox (CIS calls it containment or virtualisation). A sandboxed process has no access to any real system resources, so even if it does contain malware that malware cannot get out of the sandbox and cannot infect the real system. Sandboxed processes access virtualised resources so the sandboxed process has no idea that it's running in a sandbox and the virtualised resources created for it can be easily deleted afterwards. Containment protects against all malware, including zero-day attacks, and in that situation virus detection is largely unnecessary. CIS offers a real-time antivirus engine partly because people expect it of a security system and although it is true that its detection rate is lower than that of competitors CIS's 'default deny' and 'containment' philosophy means that the probability of being infected by malware is far lower with CIS than with a security system that relies on detection alone. You might want to watch this: https://vimeo.com/232269684.

 

[SpyderTracks]

For most average users the built-in Windows firewall and Defender antivirus are perfectly fine. Running the Malwarebytes on demand scanner periodically is a very good idea, but make sure you never activate the Premium version - you must not have two real-time antivirus engines active at the same time.

Comodo Internet Security (CIS) is in my opinion the best online security available on a home PC, and it's free. I've been using it for many years now. It is true that it requires some knowledge of how Windows and networks work to get the best from it, and you do get a lot of alerts in the early days, so it's not for everyone. Although I don't recommend it for most average users, for those who want a more granular and more effective security system it is well worth the effort of getting it setup properly.

The view that CIS is poor because it's antivirus detection rates are lower than others misses the point - CIS doesn't depend on detection to provide security. CIS uses a 'default deny' philosophy, which is one reason it can be hard to setup, and that means that any unknown process on your system is run in a sandbox (CIS calls it containment or virtualisation). A sandboxed process has no access to any real system resources, so even if it does contain malware that malware cannot get out of the sandbox and cannot infect the real system. Sandboxed processes access virtualised resources so the sandboxed process has no idea that it's running in a sandbox and the virtualised resources created for it can be easily deleted afterwards. Containment protects against all malware, including zero-day attacks, and in that situation virus detection is largely unnecessary. CIS offers a real-time antivirus engine partly because people expect it of a security system and although it is true that its detection rate is lower than that of competitors CIS's 'default deny' and 'containment' philosophy means that the probability of being infected by malware is far lower with CIS than with a security system that relies on detection alone. You might want to watch this: https://vimeo.com/232269684.

I wasn’t aware of the sandbox being a first point of prevention, that’s sensible. But how does that work if say, you’re browsing the internet and come across an infected site? Are you expected to run general navigation in a sandbox?

 

[ubuysa]

I wasn’t aware of the sandbox being a first point of prevention, that’s sensible. But how does that work if say, you’re browsing the internet and come across an infected site? Are you expected to run general navigation in a sandbox?

Many people (including me) do run the browser in the sandbox, although Microsoft Edge already runs tabs in sandboxes, I believe the new Firefox does too? But if the browser is not sandboxed in CIS then all is not lost, CIS includes a comprehensive Host Intrusion Protection System (HIPS) that controls which processes have access to which resources. HIPS is without doubt the hardest part of CIS to get setup properly and it also requires some pretty detailed knowledge of how Windows resources work, which is why CIS is not really suited for the average user. CIS is multilayered so although improving the less than perfect malware detection rates would be nice, malware has a really tough time getting past CIS. As an example, I'm an experimenter and pretty casual when browsing too, and I rely on CIS to keep me safe. In the many years I've been using CIS I've never been infected - I've had a fair few alerts and some of those have been for real malware - but I've never been infected.

In any case I take daily images of my system drive (and file copies of my user data), and I keep 14 days worth of those, so even if CIS did fail me a restore of a past image will remove any malware that gets in. My backup device is also normally offline, it's only switched online during the backups and then switched off again. Belt and braces.

 

[SpyderTracks]

Many people (including me) do run the browser in the sandbox, although Microsoft Edge already runs tabs in sandboxes, I believe the new Firefox does too? But if the browser is not sandboxed in CIS then all is not lost, CIS includes a comprehensive Host Intrusion Protection System (HIPS) that controls which processes have access to which resources. HIPS is without doubt the hardest part of CIS to get setup properly and it also requires some pretty detailed knowledge of how Windows resources work, which is why CIS is not really suited for the average user. CIS is multilayered so although improving the less than perfect malware detection rates would be nice, malware has a really tough time getting past CIS. As an example, I'm an experimenter and pretty casual when browsing too, and I rely on CIS to keep me safe. In the many years I've been using CIS I've never been infected - I've had a fair few alerts and some of those have been for real malware - but I've never been infected.

In any case I take daily images of my system drive (and file copies of my user data), and I keep 14 days worth of those, so even if CIS did fail me a restore of a past image will remove any malware that gets in. My backup device is also normally offline, it's only switched online during the backups and then switched off again. Belt and braces.

That’s really interesting and totally changed my view of the product, they don’t really cover that in reviews. Yes, I can see why this would be more suited to people with a bit more knowledge but it sounds extremely powerful!

 

[weare one]

Great informative replies chaps, I'm really glad that I posted this question.
As for comodo I last used it some 10 or so years ago and found their online forum very helpful but as has been said it’s a big learning curve and rather time consuming for us not so knowledgeable folks :stupid:

 

[ubuysa]

That’s really interesting and totally changed my view of the product, they don’t really cover that in reviews. Yes, I can see why this would be more suited to people with a bit more knowledge but it sounds extremely powerful!

I think most security reviews are focused on detection - because people can understand that, plus it gives a number that can be easily ranked in reviews. You can't really rank containment.

Comodo have their failings like anyone else. In the main they do have a habit of releasing new versions that turn out to be buggy, fortunately they have an active user base and forum that identifies these bugs and issues, but a decent Beta testing phase would be better. CIS is free, and that's the fully functional version, there are no 'premium' features that you have to pay for. The only paid upgrade is for 24x7 support and what they call 'Geek Buddy' which is really a remote session with a Comodo expert.

If anyone does decide to give CIS a go don't hesitate to contact me for some initial guidance, there are ways of making CIS fairly easy to setup whilst retaining security.

 

[Tony1044]

I personally use just defender and the free Malwarebytes.

However I actually have an entire sandboxed virtual machine with only ports 80 and 443 opened to the web and 3389 internally, and on a completely separate vlan from the rest of the network.

It allows for accessing the dodgier parts of the web with easy snapshot based rollbacks and no worries about things like SMB based attacks.

 

[ubuysa]

However I actually have an entire sandboxed virtual machine with only ports 80 and 443 opened to the web and 3389 internally, and on a completely separate vlan from the rest of the network.

I like that idea - I might borrow it!