Battle Kaspersky Free Antivirus or Avast Free Antivirus for Default-Deny Protection?

Software comparison
Kaspersky Free Antivirus
Avast Free Antivirus
Feature comparison
  1. Ease of use
  2. Impact on hardware performance
  3. Core protection (malware and heuristic engine)
  4. Internet protection (web filtering, anti-phishing, anti-spam, browser extension)
  5. Proactive protection (anti-exploit, behavior blocker, IDS-HIPS, sandbox)
  6. Ransomware protection

Wraith

Level 13
Thread author
Verified
Top poster
Well-known
Aug 15, 2018
634
So guys this setup will be for one of my friends who is just an average Joe. He had his laptop infected with all sorts of malware and god knows what I had to do to restore the laptop. I flashed the BIOS, Secure Erased the HDD using Parted Magic, reset the Router to its defaults and then installed Windows 10 Home 64-bit ver 1809. I need to minimise the attack vectors. So far I've installed SysHardener(applied the tweaks)and OSArmor 1.4.2(just in case some malware manages to revert the changes made by SH). I had installed hard_configurator but it was too much of a hassle for my friend since he is unable to execute his softwares which he is downloading from the web. Maybe I'll try Comodo Firewall but that too I think will be too much for my friend since he is not so geeky. So it comes down to Avast free or Kaspersky Free. I like the System Watcher in KAF but it only jumps into action after any malicious activity is performed. I'm considering Avast just because of the Hardened Mode(Aggressive) since it will prevent any unknown file from executing. So what's your opinion guys? In this scenario which one should I choose? Avast or Kaspersky?
 

brod56

Level 15
Verified
Top poster
Well-known
Feb 13, 2017
738
I think the AV will be the less important security layer of your friend's computer.
Have you checked 'allow only signed executables to elevate' and disabled all unused extensions?
I think a restricted browser(WDBP+Emsisoft+hardened uBlock Origin), plus a restricted DNS (with malware+warez+explicit sites protection) would also help a lot.
Regarding the AV, I would choose Kaspersky. I have a love-hate relationship with Avast since the time of the sirens. Just make sure to enable PUP protection
 

Windows_Security

Level 24
Verified
Helper
Top poster
Content Creator
Well-known
Mar 13, 2016
1,301
Solid protection for digital illiterates

1. Hard Configurator
Add Software Restriction Policy set to default deny. Exclude admins, so your friend is able to install programs with RUN AS ADMINISTRATOR

2. Defender Configurator
Enable all except protected folders feature (when your friend installs a lot of software). It also includes an option through execute through the white list of smartscreen. This will protect your friend from installing malware through RUN AS ADMIN.

3.Educate your friend
There is a cause - effect logic in regard to his habit of installing software and the latest malware infection of his PC

Just my 2 cents
 

Evjl's Rain

Level 47
Verified
Helper
Top poster
Content Creator
Malware Hunter
Apr 18, 2016
3,626
My combo for complete novice users:
Tweaked syshardener + avast hardened mode aggressive (tweak for best performance)

no need to educate, has default deny, no worries

Kaspersky free: although I love it, it doesn't have any default-deny module + it's extremely weak against pups, needs to be strengthened
 
Last edited:

Arequire

Level 28
Verified
Top poster
Content Creator
Feb 10, 2017
1,709
anyone know where i can find recommended tweaks for syshardener?
Untitled.png
 

Evjl's Rain

Level 47
Verified
Helper
Top poster
Content Creator
Malware Hunter
Apr 18, 2016
3,626
Last edited:

RoboMan

Level 34
Verified
Top poster
Content Creator
Well-known
Jun 24, 2016
2,344
Can't -quite- understand why it's a problem your friend can't execute his programs downloaded from the web. Sounds to me that's the reason he gets massively infected.

As for a system lockdown, it depends I may say. Pretty sure Kaspersky will spot malware more precisely, although Avast's hardened mode will surely act as a default deny module. You surely want to minimize all popups to a minimum also, so don't even think about Comodo or some professional tool.

I would say: disable WSH, make a good use of some hardening tool like SysHardener, OSArmor for vulnerable process protection, and choose either one antivirus or the other. I would say: go Avast for a system lockdown and default-deny (hardened mode) or go Kaspersky for sophisticated malware detection in case he downloads crap. Both are good choices.
 

BoraMurdar

Community Manager
Verified
Staff member
Well-known
Aug 30, 2012
6,654
Between those two I would pick Avast Hardened Aggressive Mode just for overall usability and user interaction. But if you ask me globally just use Comodo Cloud AV with containment set to block + Web protection (Emsisoft Browser Protection and uBlock or NanoAdblock). I left my parents with that setup for quite some time now and nothing was able to penetrate it. You can find more info in the link below
Video - Bora tests Comodo Cloud Antivirus
 

Andy Ful

Level 80
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
6,996
I am afraid that your friend will suffer after applying default-deny protection. It is good when the user likes a semi locked setup. For inexperienced users who want to apply gaming cracks, and like to install applications by themselves, the default-deny protection is usually inappropriate.
With Avast in Hardened Aggressive mode most cracks and unpopular applications will be blocked (more than with SmartScreen), so your friend will whitelist them sooner or later (it is easy in Avast), and probably will infect the system, anyway.
I could advise you to install Kaspersky + SysHardener.(y)
But, without educating and changing unsafe habits, any protection will be insufficient for your friend.
 
Last edited:

shmu26

Level 85
Verified
Helper
Top poster
Content Creator
Well-known
Jul 3, 2015
8,162
Avast hardened will be totally and completely useless to your click-happy friend because he will simply override it. It is too easy to click past the protection -- it is just a recommendation, not a brick wall. Give him Kaspersky. He won't be able to click past it.
 

bribon77

Level 35
Verified
Top poster
Well-known
Jul 6, 2017
2,417
I am afraid that your friend will suffer after applying default-deny protection. It is good when the user likes a semi locked setup. For inexperienced users who want to apply gaming cracks, and like to install applications by themselves, the default-deny protection is usually inappropriate.
With Avast in Hardened Aggressive mode most cracks and unpopular applications will be blocked (more than with SmartScreen), so your friend will whitelist them sooner or later (it is easy in Avast), and probably will infect the system, anyway.
I could advise you to install Kaspersky + SysHardener.(y)
But, without educating and changing unsafe habits, any protection will be insufficient for your friend.
I totally agree with you, an inexperienced user would get bored with a default denial setting.

so I would put Kaspersky free and ublock origin.:giggle:
And Macrium Reflect.(y)
 

Wraith

Level 13
Thread author
Verified
Top poster
Well-known
Aug 15, 2018
634
Thanks everyone for your responses. Actually that friend is not at all tech savy. He's graduating in English honors and he uses this laptop mostly for his work and assignments. Previously he had Win 7 with MSE. I asked him how he managed to get infected and he told me that he had downloaded a word document for one of his assignments from the internet and when he used his word(office 2007) to open it, there was a warning and he clicked allow and thereafter his laptop started behaving strangely. I guess it was some kind of macro which had enabled a script virus or maybe launched powershell, bypassing the AV. To close these attack vectors, I ran SysHardener and installed OSArmor. Luckily for my friend, he had some cash with him and so I bought him a copy of KIS(got it for $19.99) and turned on TAM. Also instead of office 2007, I installed WPS Office. KIS alongwith OSA and some common sense should be enough I hope. I have taught him some basics of security. He's not a gamer so he does't use any cracks and he doesn't use torrents also, so that's a good sign.

I think the AV will be the less important security layer of your friend's computer.
Have you checked 'allow only signed executables to elevate' and disabled all unused extensions?
I think a restricted browser(WDBP+Emsisoft+hardened uBlock Origin), plus a restricted DNS (with malware+warez+explicit sites protection) would also help a lot.
Regarding the AV, I would choose Kaspersky. I have a love-hate relationship with Avast since the time of the sirens. Just make sure to enable PUP protection
An excellent suggestion mate. Can You recommend me a good DNS?

Can't -quite- understand why it's a problem your friend can't execute his programs downloaded from the web. Sounds to me that's the reason he gets massively infected.

As for a system lockdown, it depends I may say. Pretty sure Kaspersky will spot malware more precisely, although Avast's hardened mode will surely act as a default deny module. You surely want to minimize all popups to a minimum also, so don't even think about Comodo or some professional tool.

I would say: disable WSH, make a good use of some hardening tool like SysHardener, OSArmor for vulnerable process protection, and choose either one antivirus or the other. I would say: go Avast for a system lockdown and default-deny (hardened mode) or go Kaspersky for sophisticated malware detection in case he downloads crap. Both are good choices.
Actually when I applied H_C, I hid the Run as Administrator option and so he was unable to execute files by double clicking. He has some softwares(like Teamviewer, Winrar, Daemon Tools, Thunderbird, Teracopy and VLC) which he needed to install after I reinstalled the OS. So when he downloaded these and tried to install them by double clicking them, H_C blocked them from executing.

I am afraid that your friend will suffer after applying default-deny protection. It is good when the user likes a semi locked setup. For inexperienced users who want to apply gaming cracks, and like to install applications by themselves, the default-deny protection is usually inappropriate.
With Avast in Hardened Aggressive mode most cracks and unpopular applications will be blocked (more than with SmartScreen), so your friend will whitelist them sooner or later (it is easy in Avast), and probably will infect the system, anyway.
I could advise you to install Kaspersky + SysHardener.(y)
But, without educating and changing unsafe habits, any protection will be insufficient for your friend.
This is the problem with the average Joe. Unless he/she gets well educated about the online dangers and learns safe habit, no software will be enough. There are many effective solutions instead of an AV(like an anti-executable) but the average Joe will not be able to use them effectively. A simple but wrong decision and bam you're infected. They rely totally on AV's and in today's world it's just a matter of time before a standard AV is bypassed by newly discovered malware.
 

Moonhorse

Level 32
Verified
Top poster
Content Creator
Well-known
May 29, 2018
2,187
An excellent suggestion mate. Can You recommend me a good DNS?
Really depends do you prefer performance or security

I find cloudflare fastest living in eu, also firefox supports this Firefox - Mozilla Firefox Expands DNS-over-HTTPS (DoH) Test to Release Channel

but you can compare some popular results here DNS Performance, seems trustworthy

For me in speed its like:
1. cloudflare
2. google
3. yandex
or either neustar DNS for protection, but its easier to do filtering with av/ extensions
 

Wraith

Level 13
Thread author
Verified
Top poster
Well-known
Aug 15, 2018
634
Really depends do you prefer performance or security

I find cloudflare fastest living in eu, also firefox supports this Firefox - Mozilla Firefox Expands DNS-over-HTTPS (DoH) Test to Release Channel

but you can compare some popular results here DNS Performance, seems trustworthy

For me in speed its like:
1. cloudflare
2. google
3. yandex
or either neustar DNS for protection, but its easier to do filtering with av/ extensions
I prefer security over speed. This is more so applicable in case of my friend who manages to get infected. Is neustar DNS good for security?
 

Moonhorse

Level 32
Verified
Top poster
Content Creator
Well-known
May 29, 2018
2,187
I prefer security over speed. This is more so applicable in case of my friend who manages to get infected. Is neustar DNS good for security?

Threat Protection
- For users who want protection against malicious domains for security purposes. Includes Reliability & Performance;
Malware, Ransomware, Spyware & Phishing and it also blocks torrent/warez sites wich might cause security issues

But you should just use fastest dns and do the filtering with adult filter like k9 and forticlient

Or with web extension like blocksi, and just choose the categories you want to block

I guess your friend is an adult, so its not probably fair to limit his web browsing so just focus on malware/phishing filtering and if you have either avast! or kaspersky, you really have everything covered

Just install adblock + decent filterlists and hes fine, otherwise just install sandboxie to browser wich has built-in adblocking like brave and doubt he will get infected ever.

if you want to do this to family members, teamwiever is an option to help them if they need help
 

Wraith

Level 13
Thread author
Verified
Top poster
Well-known
Aug 15, 2018
634
Threat Protection
- For users who want protection against malicious domains for security purposes. Includes Reliability & Performance;
Malware, Ransomware, Spyware & Phishing and it also blocks torrent/warez sites wich might cause security issues

But you should just use fastest dns and do the filtering with adult filter like k9 and forticlient

Or with web extension like blocksi, and just choose the categories you want to block
Let me test it out then. For a good web protection extension, I hope Emsisoft browser security will be a good choice.