So you need a new Antivirus after Avast

Now that Avast has been outed as selling "Every search. Every click. Every buy. On every site. [sic]" you might be thinking to yourself 'What should I use for Antivirus (AV) now?". Well the good news is that you have a lot to choose from. Lets take a look at two free and two paid AV you can use right now.

Free

Windows Defender

Windows Defender has come a long way since Windows XP. Acording to AV-Test.org (a reputable AV testing company) Windows Defender is a certified Top Product. It scored a 100% detection and protection rate against over 20,000 threats.

Windows Defender also benefits from one major key advantage that no other AV can replicate. It's default installed on billions of computers worldwide. This advantage can't be understated. Even if you're using other AV Microsoft is still getting data about Viruses and other Malware on your system. Where traditional AV vendors can only get malware samples from devices that have their products on it (note: they can get malware samples from other places like Virus total or sharing agreements with other vendors as well but we don't know how frequently that's happening) Microsoft Defender can get the samples from every Windows computer

Many tech websites actually suggest that Window's Defender is good enough to be your daily driver AV.

Immunet by Cisco Talos

Let's prefact this one by saying exactly what it is. Immunet is a GUI for CLAM AV. CLAM is a free opensource cross-platform antivirus developed by Cisco's Threat Intelligence branch Talos.

Throughout my professional career working in a SOC I've had the opportunity to work with Talos a few times. In each case they have truely earned their reputation as a high quality Threat Intelligence company. I reccoment Immunet based on my professional interactions with Talos as a company; however, I'll explain a bit more.

Cisco is a massive networking equipment vendor. They have routers, switches, telecom equipment, home routers, phones, etc. Large amounts of these devices can act as sensors feeding data back to Cisco Talos to help tip them off about new cyber threats. This tipoff feed then gets signaturized and included in CLAM AV.

Some final points about Immunet.

  • It's a bit ugly but it works.
  • CLAM AV is completely open source, the code is up on GitHub for auditing.
  • Immunet works with other Anti-Virus.

Paid

If you don't want a free AV solution after AVAST sold you out, and who can really blame you, here are my two reccomendations for paid AV.

Malwarebytes

Everyone's favorite darling child Malwarebytes has garnered quite a cult like following in a relatively short time. Years ago Malwarebytes was selling life-time subscriptions and I bought one. After they got popular though they stopped selling those and started charging a yearly fee.

Malwarebytes is one of the most highly recommended productes, gaining such fame as to be included in Reddit's r/techsupport Official Malware Removal Guide for the last four years.

Malwarebytes is only of the only AVs that I've used that also detects Potentially Unwanted Programs (PUPs) and adware regularly. Malwarebytes garnered a 99.9% detection rate on the same tests Microsoft Defender did.

Malwarebytes offers a free version of their AV that does on demand scans and removal but doesn't offer real time protection. I will almost always recommend that you download a copy of the free version and run it periodically even if you choose to use a different AV like Windows Defender, mostly because Malwarebyes gets the PUPs and Adware that Defender doesn't.

Bitdefender

Bitdefender is one of those AV solutions that near consistanly scores in the 100% effective range. I have very little to actually say about BitDefender because they're effective. Back when I used to working in malware analysis we'd use BitDefender to scan before we did analysis.

That's all I really have for now. I've never been a fan of Avast and since Window's Defender has gotten significantly better over time there's really no reason to use a free AV like Avast anymore.