I don’t (generally) sail the high seas, but I’m surprised that people don’t use SysInternals tooling on windows. Of note:
ProcExp - A way better process explorer and has a built-in VirusTotal scanner for all running processes. 100 times better than standard process explorer. This in combination with windows defender is nearly always enough.
AutoRuns - A tool to see what automatically runs on your system. Included image hijacks and such. This is for handling potential post-infection scenarios.
I set my VPN to Russia. Russian viruses are known to not infect their homeland, by design. They promised they wouldn’t, so you know it’s good. I then run the program, and sometimes my CPU starts heating up and slowing down my computer a bit. It happens anytime I turn on my computer now that I think about it. Computer is always running slow. I guess that’s the CPU checking if the viruses are Russian and then rejecting their requests. I can verify this because when I open Task Manager, I don’t see anything showing high CPU usage. It’s probably my imagination since the thing is doing what it’s supposed to be doing and stopping the viruses.
Only downside is I occasionally get a random command prompt pop up that disappears immediately before I can read it. Plus, my identity has been stolen several times and I’ve had to get ahold of Macrosoft Support (they built Windows so I trust them) and buy their premium $500 virus total scam defender package that I pay for monthly, but I don’t think those are related.
Defender is sufficient when using common sense and being rightfully suspicious.
My toolbox also contains virustotal for suspicious executables/files.
If you actually want good protection, you’d need tiowatch at a solution that has behavior real time analysis. But that would also interfere with a lot of programs if they employ weird/shady programming (like trainers, mod menus etc.)
Windows Defender is fine. The only anti-virus good enough at what it does to be worth buying instead of just using WD is Emisisoft, and that has its own set of issues.
I switched back to Windows recently. Windows defender is really good, but I also use ClamAV when I need a deep scan offline that reports with a log. I only need it when I connect other people’s USB drives to my computer, though. Windows Defender catches things really well and doesn’t interfere with software installation, just like ClamAV. I’d say if you are looking for something free and advanced, ClamAV is what you need if you need to scan something. I hate Windows Defender’s offline deep scan because it does not produce a log you can access. ClamAV does this.
Pretty sure Windows Defender is fine now and not markedly worse than something like Bitdefender. I gave up on Bitdefender when they ended the free version with no advance warning shrug-outta-hecks
I sandbox stuff, using firejail or VM’s. coming from a cybersecurity perspective, AV’s are ok but they also aren’t stoping 0-days or malware that has been coded well by a good hacker.
Add comment