Battle Avast Free + Windows 10 Firewall vs Bitdefender Internet Security

THpubs

Level 1
Thread author
Nov 2, 2015
8
I'm a former Bitdefender Internet Security user. Looking to experiment with other products. I want to know what is the best choice for my Windows 10 lap. I don't want my machine to get slow but need enough protection. Also, need to mention that I plug my lap to my office network so need protection from others possibly infected machines in the network.
 

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
I believe it is not a correct comparison between free and paid products.
BIS is a great security suite, all in one, effective and very configurable but a bit heavy on the system.
Avast is one of the best free AV, and if it is configured in hardened mode (aggressive), it provides very solid protection.
The Windows firewall does its good job, even if it is not easily configurable, but you can use third-party applications like Windows Firewall Control or Glasswire, to better manage it.
 

THpubs

Level 1
Thread author
Nov 2, 2015
8
I believe it is not a correct comparison between free and paid products.
BIS is a great security suite, all in one, effective and very configurable but a bit heavy on the system.
Avast is one of the best free AV, and if it is configured in hardened mode (aggressive), it provides very solid protection.
The Windows firewall does its good job, even if it is not easily configurable, but you can use third-party applications like Windows Firewall Control or Glasswire, to better manage it.

I wanted to see whether two free products together can beat a paid product :)
 
  • Like
Reactions: given

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
there is 1 way that avast + WF can beat BIS
1/ you must disable windows script host. Follow this article
How-To Disable Windows Script Host

also you have to disable powershell to be a bit safer

2/ enable Hardened mode - to Aggressive (recommended) or at least Moderate. Both have pros and cons + risk for false positives

3/ optional: use windows firewall to block the outbound connections of wscript.exe, cscript.exe, powershell.exe, powershell_ise.exe
you are good to go
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Classic combination:

Avast Free is indeed powerful starter AV, you need to tweak the Hardened Mode and enable some components like DeepScreen and Cloud functionality for additional protection.

Adding anti-exe program will supplement your needs but an optional because of aggressive pop-ups.

--------------------

Windows Firewall comes powerful when you tweak it using Advanced configuration, or add a tiny tool like Tinywall or Windows Firewall Control to enhance it.

Remember you need a little effort to understand the pop-ups even in automated mode.
 

THpubs

Level 1
Thread author
Nov 2, 2015
8
there is 1 way that avast + WF can beat BIS
1/ you must disable windows script host. Follow this article
How-To Disable Windows Script Host

also you have to disable powershell to be a bit safer

2/ enable Hardened mode - to Aggressive (recommended) or at least Moderate. Both have pros and cons + risk for false positives

3/ optional: use windows firewall to block the outbound connections of wscript.exe, cscript.exe, powershell.exe, powershell_ise.exe
you are good to go

Classic combination:

Avast Free is indeed powerful starter AV, you need to tweak the Hardened Mode and enable some components like DeepScreen and Cloud functionality for additional protection.

Adding anti-exe program will supplement your needs but an optional because of aggressive pop-ups.

--------------------

Windows Firewall comes powerful when you tweak it using Advanced configuration, or add a tiny tool like Tinywall or Windows Firewall Control to enhance it.

Remember you need a little effort to understand the pop-ups even in automated mode.

I might not need a full aggressive protection because I'm a bit careful myself. But the question is, will Windows Firewall be enough? Or do I need to install a separate firewall?
 

inuyasha

Level 4
Verified
Well-known
Apr 9, 2017
186
I might not need a full aggressive protection because I'm a bit careful myself. But the question is, will Windows Firewall be enough? Or do I need to install a separate firewall?

like jamescv said, windows firewall can be more than enough if you learn to tweak it using a program like Windows Firewall Control. i am currently learning and exploring how to use it myself. it's pretty cool
 
  • Like
Reactions: frogboy

katharn

Level 1
Apr 23, 2017
14
it can be a bit tricky getting windows firewall to "behave" so to speak. its frankly up to you on how restrictive you want the firewall to be :D
but hey. trying to get free stuff to be as easy as paid... its possible... :D
 
  • Like
Reactions: Handsome Recluse

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
there is 1 way that avast + WF can beat BIS
1/ you must disable windows script host. Follow this article
How-To Disable Windows Script Host

also you have to disable powershell to be a bit safer

2/ enable Hardened mode - to Aggressive (recommended) or at least Moderate. Both have pros and cons + risk for false positives

3/ optional: use windows firewall to block the outbound connections of wscript.exe, cscript.exe, powershell.exe, powershell_ise.exe
you are good to go

So Avast does not monitor these types of scripts by default? What about NVT ERP or Voodoo Shield? Would Avast (hardened) + NVT ERP/VS cover the script activity well enough?

It's not your light solution, but Avast (hardened) + Comodo Firewall + NVT ERP seems to be working great for me, but I would like to confirm that I don't need to follow your step 1 or 3.
 
  • Like
Reactions: frogboy

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
So Avast does not monitor these types of scripts by default?
Avast hardened mode acts as purely an anti-exe for .exe files. Scripts are not included unfortunately.

Avast (hardened) + Comodo Firewall + NVT ERP seems to be working great for me
NVT isn't needed if you're running Avast and CFW in proactive configuration (preferably with cruelsister's settings). CFW will convert any untrusted scripts that are run into .bat files, restrict their network access and sandbox them. You can still disable Windows Script Host and Powershell if you wish though. (I do so via Hard_Configurator which is more convenient than disabling them through the registry yourself. Just be sure to read installation.txt and follow the steps.)
 
  • Like
Reactions: AtlBo

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
So Avast does not monitor these types of scripts by default? What about NVT ERP or Voodoo Shield? Would Avast (hardened) + NVT ERP/VS cover the script activity well enough?

It's not your light solution, but Avast (hardened) + Comodo Firewall + NVT ERP seems to be working great for me, but I would like to confirm that I don't need to follow your step 1 or 3.
Avast file shield by default does monitor these scripts but the hardened mode does not. HM is only for .exe files
disabling windows script host prevents malwares infecting via scripts. I don't really see any advantage of leaving WSH enabled
there will be less work for AVs and comodo
I think avast + comodo firewall are enough. I see no place for NVT
avast with HM aggressive + disabling WSH work like an anti-exe/whitelister

in a few cases, we can intentionally revert the WSH disabling easily to do what we want, then we can block it again
 
Last edited:

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
I think avast + comodo firewall are enough. I see no place for NVT

Thanks Evjl's. I agree. I like NVT ERP for a closer look at script activity, so I keep it there for that purpose. Seems to light that I can't think of a reason to remove it, although protection-wise Comodo will do the job with scripts as you say...

If the hardened mode removes this monitoring, what is it about hardened mode that makes it so much better than default? Maybe I missed something or your comment was based on turning off the file shield and using only hardened(?). My main PC is Q360, so I haven't learned the insides of Avast to know what can be done. Anyway, we have you experts to tell us :)...
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Thanks Evjl's. I agree. I like NVT ERP for a closer look at script activity, so I keep it there for that purpose. Seems to light that I can't think of a reason to remove it, although protection-wise Comodo will do the job with scripts as you say...

If the hardened mode removes this monitoring, what is it about hardened mode that makes it so much better than default? Maybe I missed something or your comment was based on turning off the file shield and using only hardened(?). My main PC is Q360, so I haven't learned the insides of Avast to know what can be done. Anyway, we have you experts to tell us :)...
Avast's HM in aggressive mode works similar to comodo's whitelist. Only safe files, .exe, are allowed to run. Other files not in the online database will be blocked
In HM Moderate, if files are suspicious and trigger Deepscan sandbox analysis (only when HM disabled), HM Moderate will block them instead of letting them be analyzed by Deepscreen

default-denying/whitelisting/allowing only safe files to execute makes HM special, while most other vendors don't have this features

the only problem is HM doesn't support scripts so disabling WSH can partially fix this
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
the only problem is HM doesn't support scripts so disabling WSH can partially fix this

To clarify on WSH. I have this monitored by Comodo and NVT ERP (your settings I believe from that forum). That said I am curious of which types of scripts WSH runs? As I understand, there is also CScript and Java elements to monitor and also Powershell will run scripts I believe as well as the standard command prompt/command line scripts. Looking at NVT ERP I see VDS.exe there too. I believe Comodo Firewall covers all of this, but I am curious about which scripts WSH can run if you know specifically or know in general.

I thought of an interesting idea for NVT ERP thinking about this. Maybe I will see if the dev thinks anything of adding customizable alerts for Vulnerable Processes...maybe add a Danger graphic and a little text for some processes...
 

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
I think BIS is better and win firewall is broken
IDK about Bitdefender firewall but I think they have a strong firewall:)
u can get Ransomware Protection, Password Manager, vulnerability scanner and File Shredder with bis!
avast(free version) is only av!
Avast free+lastpass+secunia psi+comodo firewall+O&O SafeErase+hitmanproalert===bitdefender internet security:p
 
Last edited:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
To clarify on WSH. I have this monitored by Comodo and NVT ERP (your settings I believe from that forum). That said I am curious of which types of scripts WSH runs? As I understand, there is also CScript and Java elements to monitor and also Powershell will run scripts I believe as well as the standard command prompt/command line scripts. Looking at NVT ERP I see VDS.exe there too. I believe Comodo Firewall covers all of this, but I am curious about which scripts WSH can run if you know specifically or know in general.

I thought of an interesting idea for NVT ERP thinking about this. Maybe I will see if the dev thinks anything of adding customizable alerts for Vulnerable Processes...maybe add a Danger graphic and a little text for some processes...
according to my knowledge, WSH include 2 main processes: wscript.exe and cscript.exe. File types: .JS, and .JSE, .VBS and .VBE. Disabling WSH will prevent these files to run
powershell does not belong to this category.

I don't know if CF covers what types but normal users should never execute these extensions. Sometimes, .vbs files are useful
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top