MS Security Essentials vs AVG vs Avast
Is it time to begin recommending Microsoft Security Essentials over AVG and Avast? AVG is easy to use, but the free version is somewhat crippled (no rootkit detection). Avast includes rootkit detection, but does not seem to scan the registry and has a user-unfriendly UI.
Microsoft Security Essentials screenshot
MS Security Essentials won't nag users to upgrade, has minimal required user interaction, and includes rootkit protection.
Additional Tools
In addition to the recommended virus removal tools, bring the following to on-site jobs:
- a Linux Live CD
- an external hard drive
- your laptop
Your Live CD and external hard drive can help you to recover files from crashed computers on site.
Recommended Virus Removal Tools
Your virus removal arsenal consists of tools for detecting and removing viruses, spyware and adware, rootkits, keyloggers, and every other nasty program and process known as "malware" (malicious software).
Ultimate Virus Removal Arsenal
The ultimate virus removal arsenal can be downloaded for free. The catch is you have to create and maintain it yourself.
Anti-Virus, Adware, Spyware
- Avast Home - Avast includes rootkit detection abilities. It includes boot-time scanning.
- AVG Free installer - Anti-Virus and Spyware in one, but no rootkit detection in the free version. You might choose to leave this installed on your client's computer if she doesn't already have antivirus software.
- Malwarebytes' Anti-Malware - Catches malware that others often miss. Quick.
- SuperAntiSpyware - An up-and-coming malware remover.
- Spybot Search and Destroy - a malware scanner / remover.
- Lavasoft Ad-Aware - another malware scanner / remover.
- Kaspersky - One of the best. Try their free scanner trial.
- Nod32 - Second only to Kaspersky. Get their free trial.
- HijackThis - Unlike the other utilities, this program works by comparing the computer to a clean, spyware-free environment, and shows what's different. Removal is up to you.
- Spyware Doctor - get their free trial; it should be used to confirm that you removed everything, since the free version will not perform removal.
- Virus and Spyware Definitions - in case you travel to areas without Internet access, bring the latest definitions with you (often available as a separate download for each program).
Anti-Rootkit
- F-Secure Black Light - easy to use rootkit scanner. The online scanner includes removal capability.
- GMER - an application that detects and removes rootkits.
- IceSword - A hard-core tool - instructions for use.
- Panda AntiRootkit - Rootkit detection and deactivation.
- Darkspy - test version available (risky).
- Rootkit Revealer - from trusty Windows Sysinternals, this program requires manual interpretation of the results (but you can usually Google for the meaning). Also, it does not perform cleaning - it's a detection-only utility.
- Sophos Anti-Rootkit - Simple detection and removal.
General Utilities
- Process Explorer - a system monitoring utility like Task Manager, only more powerful and helpful with virus removal!
process explorer shows you what's running
- Autoruns - find out what programs run automatically.
- Ultimate Boot CD - This includes as many diagnostic utilities as possible to fit on a single CD. You can't always be sure what's causing the problem (is it malware, faulty RAM, or a bad hard drive)?
These utilities will help you with virus removal practice in your own lab environment. Check the licensing agreements to see how you are permitted to use these tools first.