Advice Request Best antivirus for offline computer?

[shmu26]

As mentioned, Avast and Avira are good choices.

Avira Update | Download Avira Virus Definition File update

AVAST Software Updates | Download Latest Virus Database Updates

Avast Free Activation Code (License Key) for 2018 - Part 5

AGHSPE-982YJJ-5YU56N

When you will be downloading updates, you can also grab CureIt or KVRT for a scan, they are updated daily.

Dr.Web CureIt! — Лечащая утилита

https://usa.kaspersky.com/downloads/thank-you/free-virus-removal-tool

Thanks. I am heading over to that computer with Avast offline installer, I jotted down the code you gave me, and will also install MCShield and Binisoft USB Control.
I really should put ERP on it, but I don't want to be bothered by other users when something doesn't work for them.

 

[Deleted member 65228]

If the system is offline completely then I would get USB protection and maybe an Anti-Executable... You could just lock-down the system. I guess it really depends on how often other people other than yourself use the system.

Most Anti-Virus products are most effective nowadays while there's an active internet connection to reach out to it's cloud network and ensure that the latest updates are applied all of the time, but if you're not connected to the internet then your attack vector is more-or-less related to infected removable media I guess.

MCShield is commonly used in these situations as well as far as I am aware because it has a form of USB protection IIRC.

 

[shmu26]

Avast cannot register offline even with the provided license key. All is fine for now but I don't know what will happen in 30 days. Maybe it will have mercy on me if it cannot connect to the internet.

Binisoft was unable to install. I guess the computer is missing Windows 7 updates that are needed.

 

[Syafiq]

@shmu26, what about Avira free ?. Avast needs to connect to the internet when registering. My friend's pc that was having avast free installed, saying that the license is expired and needs to register again. After registering, all things came back to normal.
NOTE: What about NVT Anti-Auto exec, i think it's good

 

[shmu26]

@shmu26, what about Avira free ?. Avast needs to connect to the internet when registering. My friend's pc that was having avast free installed, saying that the license is expired and needs to register again. After registering, all things came back to normal.
NOTE: What about NVT Anti-Auto exec, i think it's good

Yeah, probably Avira would have been a better choice. If Avast gives me grief in 30 days, I will put my children into forced labor and make them schlep the computer over to the router for the annual registry and update therapy session...

 

[show-Zi]

If the infection route is limited to USB, I do not think I need to worry about real-time protection.

If I am in your position, run antivirus software on the main PC in advance, scan the USB memory, check the safety and connect to the sub PC.

I think that protecting PCs fixed offline in real time is like hiring bodyguards on uninhabited islands

 

[Deleted member 65228]

I think that protecting PCs fixed offline in real time is like hiring bodyguards on uninhabited islands

He might have children though who might copy across to the offline system, and then if he/someone else needs to use the system and copy files back and the system is infected, a worm component could spread and infect his removable flash drive and then this can cause other systems to be infected.

Unlikely nowadays but I guess he just wants to be safe and we can't really blame him because attacks have changed so much in the recent months and there's a lot of new malware on a regular basis. Every morning I wake up to media of a brand new variant for banking malware, crypto-currency malware, .... It's crazy right now.

On the plus side though, a majority of malware nowadays DOES call back to home... For example a C&C (Command and Control) server. And thus if this cannot be done, the payload may not even be executed, or may be unable to execute in the first place. And in the case of data exfiltration via networking, backdoor, keylogging... You are a lot more safe in your situation with the disconnected system. Because logs from the keylogger, banking malware, requests to the attacker for instructions, instructions from a botnet server, etc... cannot be performed. Because on your disconnected machine there will not be a way for any active infection to do so.

So I am sort of with @show-Zi on this on second thoughts, because even if you did get infected... As long as it's malicious software from our time now and not an old virus from years ago or on the same lines, chances are it isn't going to get very far with actually causing any harm. Even crypto-currency mining, the malicious components won't be able to connect to do it.

 

[TairikuOkami]

Avast cannot register offline even with the provided license key. All is fine for now but I don't know what will happen in 30 days. Maybe it will have mercy on me if it cannot connect to the internet.

Register Avast Free Antivirus

Good news! You no longer need to register
Newer versions of Avast Free Antivirus will no longer ask you to register, and older versions will keep working even after they've "expired".

 

[RmG152]

The virus this PC got hit by was so ancient and so stupid, I don't know if OSA is even designed for that.

Yes the application block execution from USB, and scripts.

 

[ForgottenSeer 58943]

Put FortiClient on it with Zoo (extreme) signatures enabled. Toggle on Scan USB on insertion. Done!

 

[DavidLMO]

To OP - here is what I would do.

If you need to access the Internet for whatever reason - when kids are asleep - attach Dongle, go to Internet and do what is needed. Remove Dongle. Lock Dongle in Safe. And install NVT OSArmor. You do realize that at some point, the kids will figure out all this on their own.

Avast Free Activation Code (License Key) for 2018 - Part 5

AGHSPE-982YJJ-5YU56N

What is the story on that? I went to the linked page and it is unclear to me what the background is? Thanks

 

[TairikuOkami]

What is the story on that? I went to the linked page and it is unclear to me what the background is?

It was a generic code for activation, but internet was probably still required, so it did not help. But since registration has been disabled, it is no longer needed anyway.

 

[DavidLMO]

I guess I am dense and/or ignorant. What benefit does one get from doing this that they do not get by DLing and installing if for Free?

 

[Ink]

What good is a modern AV without an Internet connection? Not much. Not in an Always-Connected era.

1. Lock down the OS, Account, Passwords, Permissions, Ports etc.
   
2. Pick a Sandbox, Anti-Exe or Light Virtualization solution.
3. Find an independent USB protection software, an AV will only add bloat.
   
4. Keep Emsisoft Emergency Kit on-demand.
5. Make backup images or snapshots.

Keep it light.

 

[show-Zi]

What good is a modern AV without an Internet connection? Not much. Not in an Always-Connected era.

1. Lock down the OS, Account, Passwords, Permissions, Ports etc.
   
2. Pick a Sandbox, Anti-Exe or Light Virtualization solution.
3. Find an independent USB protection software, an AV will only add bloat.
   
4. Keep Emsisoft Emergency Kit on-demand.
5. Make backup images or snapshots.

Keep it light.

"Lock OS, account, password, authority, port etc" will protect 90%!

by the way. Since I was ignorant in the past, I used a firewall on an offline PC.
It was the defense power of the iron wall. I can not enter and can not go outside

 

[ifacedown]

Hello!

Actually, what you need for an offline protection are:

1. AV with good offline signature (that could be updated offline),
   
2. a behavior blocker or an anti-exe, and
   
3. a USB anti-malware.

I think no single protection could provide all of these. But here are my suggestions:
1. AVIRA Free - just like in the post above, could be updated offline. Just download the required database update from other online pc. It's not incremental updates though, but a full signature database download that will full update your offline AVIRA.
2. for a behavior blocker: NoVirusThanks System Armor. It is free and is new, but is being improved fast. In a short time it will be very powerful and competent. For an anti-exe: VoodooShield Free is more than enough for most users. (I don;t know if AVIRA Free while offline does have behavior blocker.)
3. McShield - Free and very strong heuristics. Just let it fully finish scanning the USB before using the USB. Choose the options to delete any suspicious files and unhide every item found.

So there, those options above are all FREE and efficient!

My BONUS: Disable the execution of apps on USB (Deny Execute Access). Here's how:

If your version of Windows supports group policy editor, you just need to type gpedit.msc into your search bar in the start menu. Then you'll enter the group policy editor. Now follow this path:
Local Computer Policy --> Administrative Templates --> System --> Removable Storage Access --> Enable the "Deny execute access" to the removable storage classes you want.
P.S.: Group policy editor isn't available in the home versions of Windows OSes. There are some registry tweaks to enable it via registry editor though, but I don't remember the exact path.

 

[ChoiceVoice]

perhaps an anti exe instead of an antivirus? or some white listing program. another option would be a behavioral detector instead of a definition based one. spyshelter is very light and has the ability to stop malware without definition updates. i haven't used voodoo shield in years, but it has a white list, but it also hooks to the net, so i am unsure if the white listing works without the internet. winpatrol can be used with spyshelter. then, make sure you create a restore point quarterly (just incase). and while this computer doesn't have an antivirus and was infected by usb drive, the computer the usb came from has antivirus to scan the files before you put it on the usb, so there is some definition scanning occurring before it hits your un-netted system. in spyshelter, harden it in the settings. and yes, an antivirus will have behavioral detection, but adds a lot of weight you will not need, and will bug you for updates (plus, in absence of 3rd party antivirus, windows defender will be on anyway, you can't turn if off. and you can occasionally download the definitions from microsoft and put them on a stick drive to update it for a checkup scan). just my 2 cents, lol.

oh, and run the system under a user account, not an administrator one.

 

[ChoiceVoice]

put a chuck norris wallpaper on, that'll scare all the malware away

 

[Behold Eck]

If Chuck Norris doesn`t work how about Comodo firewall with Cruel Sistor`s settings ??

Regards Eck

 

[shmu26]

Thanks to @everyone for all the great ideas.
Yeah, OSArmor recently added USB protection, so that's pretty irresistible. Thanks to those who mentioned it.
OSA+McShield+Avast free is the config I am going with, and if I get more ambitious, I can add a default/deny app.
And thanks to @TairikuOkami for the good news that Avast registration is now optional. Cool!
PS This computer is mainly used by the children -- and their friends. Just trying to keep it safe and in operating order for them.