Video Comparative Antivirus : Kaspersky VS F-Secure VS Norton

Source
https://www.youtube.com/watch?v=pLjytjKpK_8
Video created by
Shadowra

Gandalf_The_Grey

Level 62
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
5,119
problem is malware and infections does not waiting for 1month :)
In that case choose what works best for you on your system.
Bullguard is bought by Norton and its future is uncertain.
So, if I had to choose between those two, it would be AVG.
But why not try the winner of this battle F-Secure?
 
Last edited:

Evjl's Rain

Level 47
Verified
Helper
Top poster
Content Creator
Malware Hunter
Apr 18, 2016
3,627
problem is malware and infections does not waiting for 1month :)
in this case, we have to change the AV every month :D
nobody is consistent in this time. I have seen Eset, bitdefender, noton, emsisoft... failed in tests and they cameback strongly
recently, eset was bad but cameback. BD has been bad for a few years
this is the first time I've seen kaspersky consistently scored poorly in recent tests. It's usually top 1-2

microsoft/windows defender is not good enough against more sophisticated threats and it relies heavily (very heavily) on cloud
 

icarus

Level 2
Oct 29, 2021
65
In that case choose what works best for you on your system.
Bullguard is bought by Norton and its future is uncertain.
So, if I had to choose between those two, it would be AVG.
But why not try the winner of this battle F-Secure?
about bullguard yes and i hope its not vanish just like pctools :(
im not too good with antivirus who get rid of its best part "FIREWALL" and call them self total security internet security or maximum security;)if i want to go with antivirus with no firewall i 100% go with like freeantivirus with like zonealarm free firewall
so +1 for avg if i get +10 for avg i go for avg cz i want to keep it for like 2 3 years and im not gonna change them if they goes down in protection
 

Freud2004

Level 10
Verified
Well-known
Jun 26, 2020
467
Ohhhhhhh, let's be honest in the reviews we made.

Two ways of dealing with a problem;

1) Kaspersky way, you are not stupid decide what you want to do, visit the site or not, your shoice.

2) F-Secure and Norton, you are too stupid to decide anything, block without warning.

Kaspersky every time of the week ...

Captura de ecrã 2021-11-17 121310.jpg
Captura de ecrã 2021-11-17 121607.jpg
 

Andy Ful

From Hard_Configurator Tools
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,082
...

Phishing Test:

The 1st is Kaspersky and achieves a score of 2/5.
A little disappointed...

The second one is F-Secure and achieves an almost flawless score of 4/5

And finally Norton makes a score of 1/4 (1 URL was dead)

Our competitors are hot, let's go on !

Malware :

Norton and F-Secure make the same score : 10/10
On the other hand, our friend Kaspersky gets screwed... The 10th URL was a Ransomware, and Kaspersky does not stop it... Impossible to continue! Kaspersky is eliminated.

Fake crack:

F-Secure and Norton both block it.

Malware Pack:

F-Secure took 1h to analyze and clean, Norton took 2h45 !!!
The 2 antiviruses blocked many threats during the execution, but I found F-Secure much more comfortable. Norton had trouble from time to time.

Result Hitman Pro :

F-Secure makes a machine healthy! Only files in the archive are detected.
Norton lets through 2 active infections, and several files from the pack (the files are not counted, only the active infections count)

Overall Test:

1st : F-Secure. Makes a machine healthy, and new!
2nd : Norton. Passes 2 infections
3rd : Kaspersky, the disappointment. A Ransomware passed preventing it from continuing....

The comparison took 6 hours to complete!

It is very probable that by repeating this test many many times on different samples you would just get the results similar to the below:

Phishing + Malware (7659 samples)
Norton 360.........................8
F-Secure, Kaspersky...19

Fake cracks + Malware Pack (224173 samples)
Norton 360............................4
F-Secure, Kaspersky ........27

With your testing methodology, Norton can get full advantage of Download Insight, so its scorings will be always better (on a sufficiently large pule of samples) compared to Kaspersky and F-Secure.(y)
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,082
From the fact that AV missed a phishing URL, it does not follow that the user might be infected. Normally, the testing Labs follow the phishing links and next search for Indicators Of Compromise (IOC). So, the results for Norton can be questionable.

The crucial thing for testing can be the fact if Norton was installed and fully activated before downloading the Malware Pack to disk. If not then Norton Download Insight did not work properly.
 

Shadowra

Level 21
Thread author
Verified
Malware Tester
Sep 2, 2021
1,061
From the fact that AV missed a phishing URL, it does not follow that the user might be infected. Normally, the testing Labs follow the phishing links and next search for Indicators Of Compromise (IOC). So, the results for Norton can be questionable.

The crucial thing for testing can be the fact if Norton was installed before downloading the Malware Pack to disk. If not then Norton Download Insight does not work.

Why is this questionable? Do you think the test is flawed? I would like to know since you have been analyzing everything since before.

Antivirus software is installed BEFORE Malware Packs and .txt files on a healthy basis with Windows and up-to-date software.

I hope I have answered your question
 

Andy Ful

From Hard_Configurator Tools
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,082
Why is this questionable? Do you think the test is flawed? I would like to know since you have been analyzing everything since before.
...
The test is not flawed, but cannot be easily interpreted.
If the Norton users followed the link and did the actions expected by the attacker, they could be protected anyway by the other Norton's security layers. In such a case the phishing link can be absent in the Norton anti-phishing base, but the attack is effectively mitigated.

I think that you should not remove Kaspersky from the second part of the test. Such an event like missing one ransomware could happen to any AV by pure accident.
 

Shadowra

Level 21
Thread author
Verified
Malware Tester
Sep 2, 2021
1,061
The test is not flawed, but cannot be easily interpreted.
If the Norton users followed the link and did the actions expected by the attacker, they could be protected anyway by the other Norton's security layers. In such a case the phishing link can be absent in the Norton anti-phishing base, but the attack is effectively mitigated.

Ok, sorry, I misunderstood, I must say that I am bad in English :D (just to speak I use DeepL ^^ )

And indeed, but in terms of phishing, Norton is not the only one to miss some unfortunately. But if ever there is an attack, yes it will be protected (like on exploit for example)
 

Andy Ful

From Hard_Configurator Tools
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,082
The tests with phishing links without testing if the system or web browser has been compromised can hardly be interpreted. The problem is that most of the phishing links are added to the AV anti-phishing base after these links are already non-dangerous (blocked by the legal owner, inactive, or hosts known malware). The attackers usually change the phishing links after a few hours to host 0-day malware (most often polymorphic or obfuscated variants).
 
Last edited:

jackuars2

New Member
Oct 29, 2021
2
One of these days aforementioned antiviruses will also be able to treat and disinfect COVID through machine/human learning.

Do we not have COVID-antivirus already...

Thank you for the splendid review. What I liked about the review is the little summary note you made at the bottom. That was really nice to read during a busy Wednesday evening.
 

Andy Ful

From Hard_Configurator Tools
Verified
Helper
Top poster
Developer
Well-known
Dec 23, 2014
7,082
For me, the most interesting result is missing by Norton the sample in the Malware Pack test. One of the tested EXE files managed to infect the system, so the Norton reputation service (Download Insight) failed for some reason. I assume that all 3 tests were done independently, so there is no possibility that malware missed in another test could infect the system with delay while Norton was tested.:unsure:
 
Last edited: