- Jun 3, 2014
- 1,136
Avast free vs Bitdefender free for newbies about security. You can sugges other free products that are easy and protect well. Only antivirus.
Avast free vs Bitdefender free for newbies
- Thread starter Dani Santos
- Start date
- Status
- Apr 3, 2014
- 1,460
now days qihoo 360 is on the top at least for the last 2 years, what will happen tomorrow who knows
I would go with 360, I've been using the 360IS for the last 6 moths on 10 computers with no problem
- Jun 14, 2015
- 857
Popular, no, I can't think of anything except some early Win10 files (debatable on whether that's 'popular'). It flagged Ditto clipboard manager but most everything does (it's unsigned, hooks into clipboard, and talks on the network...should be concerned if it weren't flagged). It's BB flagged the ESDtoISO utility but, then again, it's a command script messing with system files on a beta OS (and people think 360 doesn't have a BB).
First, why disable those? You could always try them and if you don't like them, disable them; you're not stuck with one decision. Next time I test, I'll try with the other engines disabled to see the result. I don't think about it much since performance isn't an issue for me. I will say 360 fully enabled is still far faster than Avast! fully enabled and has better detection rates.
Incorrect: QVMII engine is offline, separate from the Cloud engine (hence, four)
Click on the Protection: On button, Configure button, then select "Custom":
Rolo,
I did some testing with harmless samples.
File Protection is HIPS feature (Attached is the screenshots). If File Protection is disabled then I dont get these popups.
File Protection & Registry Protection seems HIPS features.
Malicious Behavior Blocking is not HIPS feature. If MBB is disabled then with the option "scan when saved" enabled...malware is not detected, & with the option "scan when opened" enabled...malware is detected but no detection alert.
So MBB is required to be enabled for malware detection & detection alert.
For now it seems File & Registry protection are HIPS features.
Dont know if Keylogger Protection will give HIPS popups or malware detection alert?
Guess Network Protection will block malicious connection & notify?
I did some testing with harmless samples.
File Protection is HIPS feature (Attached is the screenshots). If File Protection is disabled then I dont get these popups.
File Protection & Registry Protection seems HIPS features.
Malicious Behavior Blocking is not HIPS feature. If MBB is disabled then with the option "scan when saved" enabled...malware is not detected, & with the option "scan when opened" enabled...malware is detected but no detection alert.
So MBB is required to be enabled for malware detection & detection alert.
For now it seems File & Registry protection are HIPS features.
Dont know if Keylogger Protection will give HIPS popups or malware detection alert?
Guess Network Protection will block malicious connection & notify?
Attachments
Did a little test again.
As mentioned above with screenshots File Protection is a HIPS feature.
Yes, Registry Protection is a HIPS feature (Attached is a screenshot)
Malicious behavior Blocking could be behavior blocker & not HIPS feature (Attached is a screenshot...I get this popup only when MBB is enabled). And notice the popup mention "suspicious" so could be MBB looks for suspicious/malicious behavior.
And disabling MBB automatically disables Keylogger protection.
Any harmless sample you know to test keylogger protection?
As mentioned above with screenshots File Protection is a HIPS feature.
Yes, Registry Protection is a HIPS feature (Attached is a screenshot)
Malicious behavior Blocking could be behavior blocker & not HIPS feature (Attached is a screenshot...I get this popup only when MBB is enabled). And notice the popup mention "suspicious" so could be MBB looks for suspicious/malicious behavior.
And disabling MBB automatically disables Keylogger protection.
Any harmless sample you know to test keylogger protection?
Attachments
Those FPs I guess--
1. Unable to open executable file - I guess it means .exe is not working. But its working fine. Comodo Cleaning Essentials - Quick Repair also shows .exe OK. It seems 360 is wrongly detecting this.
2. Domain name resolution file (Hosts) exception - I guess this is related to Unchecky as it adds rules in Hosts file.
3. autorun.inf - This is TeamViewer portable file.
4. rundll32.exe - As per VirusTotal this file is safe.
So to me all seems FPs.
I have enabled Avira & Bd.
Boot, browsing, programs opening, etc... everything seems good.
Currently full scan is going on & system, browsing, etc... is still light & good.
Attached is the screenshot of taskmanger.
Qihoo is good in taskmanger?
Attachments
Last edited by a moderator:
- Jun 14, 2015
- 857
sysnative: https://msdn.microsoft.com/en-us/li...187(v=vs.85).aspx?f=255&MSPPError=-2147217396
I don't think you want to "guess" when things may be modifying your OS files; you have to verify the falseness of a positive.
Unable to open...perhaps it was locked...without knowing the file, I can't guess much. Try right-clicking and scanning that file.
Modifying hosts is a prevalent malware activity; I assume Qihoo saw changes upon installation and alerted you (not FP).
Glancing at Task Manager is an absolutely useless method in assessing a program's resource efficiency.
autorun.inf on the hard disk is highly unusual but odd that it flagged it since it won't do anything in its current location; it's only used in the root of removable media to launch an executable when autoplay is enabled (does nothing on its own).
I don't think you want to "guess" when things may be modifying your OS files; you have to verify the falseness of a positive.
Unable to open...perhaps it was locked...without knowing the file, I can't guess much. Try right-clicking and scanning that file.
Modifying hosts is a prevalent malware activity; I assume Qihoo saw changes upon installation and alerted you (not FP).
Glancing at Task Manager is an absolutely useless method in assessing a program's resource efficiency.
autorun.inf on the hard disk is highly unusual but odd that it flagged it since it won't do anything in its current location; it's only used in the root of removable media to launch an executable when autoplay is enabled (does nothing on its own).
sysnative one I edited in my previous post. As per VirusTotal its safe.
Unable to open executable file - I guess it means .exe file entension. .exe file extension is fine.
Hosts detection - It was a quick scan & not realtime scan. All the detection I have mentioned is quick scan & rightclick scan results. How to check Hosts file manually? I will check if anything other than Unchecky is there.
autorun.inf is TeamViewer portable file i.e its in TV portable folder.
360 has an option to disable Windows autoplay. I have manually disabled "use autoplay for all media & devices" on system...is 360 option the same?
There is no password protection. I do miss it as its a shared system.
Hope Glasswire FW will not be added into 360TSE...if its added will uninstall 360. 360 own FW is welcome.
On 360 website offline databases for Avira & Bd are same for 360TS & 360TSE? I didn't checked the page during download whether I was on 360TS page or 360TSE page. Now I noticed both 360TS & 360TSE page have offline databases.
Unable to open executable file - I guess it means .exe file entension. .exe file extension is fine.
Hosts detection - It was a quick scan & not realtime scan. All the detection I have mentioned is quick scan & rightclick scan results. How to check Hosts file manually? I will check if anything other than Unchecky is there.
autorun.inf is TeamViewer portable file i.e its in TV portable folder.
360 has an option to disable Windows autoplay. I have manually disabled "use autoplay for all media & devices" on system...is 360 option the same?
There is no password protection. I do miss it as its a shared system.
Hope Glasswire FW will not be added into 360TSE...if its added will uninstall 360. 360 own FW is welcome.
On 360 website offline databases for Avira & Bd are same for 360TS & 360TSE? I didn't checked the page during download whether I was on 360TS page or 360TSE page. Now I noticed both 360TS & 360TSE page have offline databases.
- Jun 14, 2015
- 857
It's telling you it was unable to open a particular executable, not that the exe file association was broken.
That autorun.inf may be part of the TeamViewer portable media but it is not part of the program. Delete it and see. Or open it in a text editor. Or read https://en.wikipedia.org/wiki/Autorun.inf
It's just a link to install GlassWire; it doesn't come with it.
TSE just doesn't have the extra fluff TS has; otherwise, same thing.
Third-party firewalls are a gimmick. They do nothing WAF doesn't already do: they both allow/block traffic per specified rules and WAF isn't buggy.
That autorun.inf may be part of the TeamViewer portable media but it is not part of the program. Delete it and see. Or open it in a text editor. Or read https://en.wikipedia.org/wiki/Autorun.inf
It's just a link to install GlassWire; it doesn't come with it.
TSE just doesn't have the extra fluff TS has; otherwise, same thing.
Third-party firewalls are a gimmick. They do nothing WAF doesn't already do: they both allow/block traffic per specified rules and WAF isn't buggy.
- Jul 16, 2015
- 23
From my experiences, Bitdefender free is lighter than Avast Free, about the real world system impact avast is better, for the UI i like Bitdefender because it's simple and doesn't have annoying ads, but Bitdefender doesn't have so much features compared to avast.
i recommend Avast Free Because it has a good detection rates and features such as HIPS (new feature)
i recommend Avast Free Because it has a good detection rates and features such as HIPS (new feature)
- Status
Similar threads
