Solved Which Free AV has the best boot protection?

RoloDman

HWIC
Pro User
Local time
7:25 AM
Messages
634
Location
New York City, New York
Thanks for taking the time to help. :geek:

I am hoping to get some recommendations for free AV software that has very early start-up behavior. I am looking for AV software that inserts itself deep within the OS and is very early to start.

Thanks :p
 

My Computer My Computer

At a glance

7 Ultimate 64 bit Service Pack 1Intel Core 2 Duo P9500 @ 2.53GHz (lower watta...4.0GB Dual-Channel DDR 2 @ 398MHz (5-5-5-18)512MB GeForce 9600M GT
Computer Manufacturer/Model Number
Sager NP2096
OS
7 Ultimate 64 bit Service Pack 1
CPU
Intel Core 2 Duo P9500 @ 2.53GHz (lower wattage chip)
Motherboard
JHL 90 (U2E1)
Memory
4.0GB Dual-Channel DDR 2 @ 398MHz (5-5-5-18)
Graphics Card(s)
512MB GeForce 9600M GT
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Generic PnP Monitor
Screen Resolution
1680x1050
Hard Drives
Hitachi 244GB @ 7200rpm (IDE)
Cooling
nature
Keyboard
generic
Mouse
Microsoft Wireless Mobile Mouse 3500
Internet Speed
30 megabits down, 5 megabits up
Other Info
1.)Staples 4-Port USB 2.0 Mobile Hub
2.)WNDR3700 - NETGEAR RangeMax Dual Band Wireless-N Gigabit Router
3.)Logitech Webcam C250
4.)Logitech M570
ESET AV has a startup scan. Avast has boot time scan (32bit only). I think most AV has the feature of enabling themselves after boot.
 

My Computer My Computer

At a glance

Windows® 8 Pro (64-bit)Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB...6GB DDR3 System Memory at 1,333MHz (on BD 4GB...AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Computer Manufacturer/Model Number
Samsung NP530U4B-S02IN
OS
Windows® 8 Pro (64-bit)
CPU
Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB L3 Cache)
Motherboard
Samsung Electronics
Memory
6GB DDR3 System Memory at 1,333MHz (on BD 4GB + 2GB x 1)
Graphics Card(s)
AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
35.56cm (14.0) SuperBright 300nit HD LED Display
Screen Resolution
1366x768
Hard Drives
1TB S-ATA II Hard Drive (5400RPM) with ExpressCache 16GB SSD
Internet Speed
sucks
Antivirus
Microsoft Security Essentials
Browser
Google Chrome (Sync enabled)
Hi there
NO AV software can do BOOT protection since the Boot loader is just that and the initial processes usually come from ROM in the BIOS (READ ONLY MEMORY).

You basically execute 2 instructions to start loading the OS.

Instruction 1 is a fixed instruction at a fixed point in the BIOS. It consists of something like EXECUTE instruction at memory address XXXX and is automatically executed when you power on your machine.

The Instruction at XXXX then consists of a piece of machine code to load a chunk of code in and start executing it - usually from the Bios which is the start of the actual OS loading process. This code will incorporate stuff to read the code from the default boot device etc etc.

This chunk of code contains enough instructions to continue loading device drivers and build the OS.

Thats why its called a BOOTSTRAP.

It's only AFTER the initial fixed part of the kernel has been loaded that the OS can start loading tasks and applications.

The main danger is not the BIOS code but the first block of code that is read in from the boot device. This can only be tampered with AFTER a running OS has got itself infected. However some viruses can infect this area of disk so you should regularly scan your system and be ESPECIALLY careful over what programs and processes you allow to start at Boot up time.

Cheers
jimbo
 

My Computer My Computer

At a glance

Linux CENTOS 7 / various Windows OS'es and se...Intel i7 Intel i58GB, 16GBOn Motherboard
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built, several laptops HP/ASUS
OS
Linux CENTOS 7 / various Windows OS'es and servers
CPU
Intel i7 Intel i5
Memory
8GB, 16GB
Graphics Card(s)
On Motherboard
Sound Card
Realtek HD audio
Monitor(s) Displays
Apple Cinema display, Samsung LCD
Screen Resolution
1920 X 1080
Hard Drives
4 X 1TB SATA
Mouse
Toshiba wireless laser
Internet Speed
> 20MB up
  • Like
Reactions: JMH
A few AVs have the ability to start early scanning. Im only familiar with Nortons however.

Norton calls theirs early load. It starts scanning just after filesystem drivers load (while the windows boot screen is still up).

Quote from Symantec:
"If you enable early load, Auto-Protect will start immediately after the filesystem drivers load, this allows Auto-Protect to scan other drivers as they load. The downside to early load is that it makes the boot slower because more files are scanned. Auto-Protect early load will automatically turn on after any threat is found that requires a reboot to remediate. Once the machine again scans clean, the previous setting is restored."


By default, Nortons is off. It is recommended to keep Early Load on always.

Others may be called something different, but will work somewhat similar.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7 2700k8GB Mushkin Redline Ridgebacks @1866EVGA GTX570 SC
Computer Manufacturer/Model Number
Custom (Self Build)
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7 2700k
Motherboard
eVGA P67 SLI
Memory
8GB Mushkin Redline Ridgebacks @1866
Graphics Card(s)
EVGA GTX570 SC
Sound Card
XiFi Titanium HD
Monitor(s) Displays
LG W2453V
Screen Resolution
1920x1080
Hard Drives
Intel 320 80GB -- Intel X25-V 40GB --WD Black 1TB x2 -- WD Blue 640GB
PSU
Seasonic x750
Case
Corsair 600T SE White
Cooling
eVGA Superclocked CPU Cooler
Keyboard
Saitek Cyborg
Antivirus
Kaspersky
Browser
IE
Other Info
LG BD/DVD

My Computer My Computer

At a glance

Windows® 8 Pro (64-bit)Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB...6GB DDR3 System Memory at 1,333MHz (on BD 4GB...AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Computer Manufacturer/Model Number
Samsung NP530U4B-S02IN
OS
Windows® 8 Pro (64-bit)
CPU
Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB L3 Cache)
Motherboard
Samsung Electronics
Memory
6GB DDR3 System Memory at 1,333MHz (on BD 4GB + 2GB x 1)
Graphics Card(s)
AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
35.56cm (14.0) SuperBright 300nit HD LED Display
Screen Resolution
1366x768
Hard Drives
1TB S-ATA II Hard Drive (5400RPM) with ExpressCache 16GB SSD
Internet Speed
sucks
Antivirus
Microsoft Security Essentials
Browser
Google Chrome (Sync enabled)
it's possible for a virus to flash your bios, and therefore infect it. However, there is a simple defense against it: create a bios password. ;)
 

My Computer My Computer

At a glance

Windows 7Quad Core8GB
OS
Windows 7
CPU
Quad Core
Memory
8GB
Hard Drives
1TB
A few AVs have the ability to start early scanning. Im only familiar with Nortons however.

Norton calls theirs early load. It starts scanning just after filesystem drivers load (while the windows boot screen is still up).

Quote from Symantec:
"If you enable early load, Auto-Protect will start immediately after the filesystem drivers load, this allows Auto-Protect to scan other drivers as they load. The downside to early load is that it makes the boot slower because more files are scanned. Auto-Protect early load will automatically turn on after any threat is found that requires a reboot to remediate. Once the machine again scans clean, the previous setting is restored."


By default, Nortons is off. It is recommended to keep Early Load on always.

Others may be called something different, but will work somewhat similar.

Hi there
By the time the filesystem drivers have loaded the OS kernel is essentially loaded so this is a much TOO late time in the OS start up process to worry about boot protection.

The only safe way is to have the boot process entirely loaded from ROM where you would have to replace the chip to get a software upgrade.

This isn't realistically possible -- but a virus that actually flashes the BIOS is probably VERY RARE indeed. People do write these for testing purposes etc but transmitting to other peoples computers is not really a serious issue.

99% of computer FRAUD etc comes from people BEING CARELESS WITH THEIR DATA such as giving away Bank details to sites that "look like" the Bank site or become victims of "Phishing trips".

These days serious Hackers want to make money -- You'll actually find that poor use of computers is much more to blame than any amount of Virus attacks.

Cheers
jimbo
 

My Computer My Computer

At a glance

Linux CENTOS 7 / various Windows OS'es and se...Intel i7 Intel i58GB, 16GBOn Motherboard
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom built, several laptops HP/ASUS
OS
Linux CENTOS 7 / various Windows OS'es and servers
CPU
Intel i7 Intel i5
Memory
8GB, 16GB
Graphics Card(s)
On Motherboard
Sound Card
Realtek HD audio
Monitor(s) Displays
Apple Cinema display, Samsung LCD
Screen Resolution
1920 X 1080
Hard Drives
4 X 1TB SATA
Mouse
Toshiba wireless laser
Internet Speed
> 20MB up
thanks to everybody
 

My Computer My Computer

At a glance

7 Ultimate 64 bit Service Pack 1Intel Core 2 Duo P9500 @ 2.53GHz (lower watta...4.0GB Dual-Channel DDR 2 @ 398MHz (5-5-5-18)512MB GeForce 9600M GT
Computer Manufacturer/Model Number
Sager NP2096
OS
7 Ultimate 64 bit Service Pack 1
CPU
Intel Core 2 Duo P9500 @ 2.53GHz (lower wattage chip)
Motherboard
JHL 90 (U2E1)
Memory
4.0GB Dual-Channel DDR 2 @ 398MHz (5-5-5-18)
Graphics Card(s)
512MB GeForce 9600M GT
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Generic PnP Monitor
Screen Resolution
1680x1050
Hard Drives
Hitachi 244GB @ 7200rpm (IDE)
Cooling
nature
Keyboard
generic
Mouse
Microsoft Wireless Mobile Mouse 3500
Internet Speed
30 megabits down, 5 megabits up
Other Info
1.)Staples 4-Port USB 2.0 Mobile Hub
2.)WNDR3700 - NETGEAR RangeMax Dual Band Wireless-N Gigabit Router
3.)Logitech Webcam C250
4.)Logitech M570
Back
Top