Q&A Currently what is the best free AV?

Block_shield

New Member
Thread author
May 9, 2021
4
Regarding recent Kaspersky rumors I am unsure should I uninstall (free version) it or leave it. Today I looked for other free alternatives and seems like there is no big choice:

BitDefender - they are retiring free version soon
Norton owns Avast, AVG and Avira and by user comments they all become bloatware and cryptominers
Panda - by some reviews seems like it has lower detection rate

Anything else worth mentioning except Microsoft Defender?

For passive scanner Malwarebytes is still a top choice (free version)?
 

kC77

Level 4
Aug 16, 2021
191
Windows Defender teamed up with Configure defender in highest mode is solid and was my normal choice.... and for free it would by number 1.

recently picked up a free 3 year f-secure trial, wasnt even planning to use it, but after seeing the many positive posts on here i gave it a go, and have to say I like it a lot so now my current protect - Im leaving F-secure to resident duties, and using task scheduler have 2nd opinion scanners which run staggered...

F-Secure Safe - Resident
Microsoft Defender - Commandline updates/quickscans task scheduler every 2 hours (takes about 1min)
EmsisoftEEK - commandline updates/quickscans every 2hours (takes about 35 seconds)
Sophos Scan & Clean (basocally free version of hitman pro) - commandline scans every 2 hours (takes about 2-3mins)


Ive been testing with a lot (200+ samples from Malware bazaar)
Windows defender would pick them up, but would seemingly take ages to action them/delete etc, F-Secure is like lightning.... so fast at processing (but it does miss a fair few samples!)
whatever F-secure missies, at least one of the other manual scanners do find and remove (WD/EMSI/Sophos)
 

DJ Panda

Level 30
Verified
Top poster
Well-known
Aug 30, 2015
1,928
"Norton owns Avast, AVG and Avira and by user comments they all become bloatware and cryptominers" I've been a bit behind on the news but didn't realize Norton bought the three. I know Avast had merged with AVG and they were planning something with Avira.. It's kinda sad since I grew up with Avast for over a decade and they went down the hole.

As for a good Free AV, if you don't do too much high things online, Windows Defender with PUP protection and such should be enough. GitHub - AndyFul/ConfigureDefender: Utility for configuring Windows 10 built-in Defender antivirus settings.
Making regular backups of important files is a good habit to get into. Emsisoft Emergency Kit is what I would use as a secondary on demand scanner. :)
 

kC77

Level 4
Aug 16, 2021
191
this is annoying... my most recent test 305 new samples from malware bazaar, (simple extract of zipfiles, not running the malware) F-Secure got rid of most, down to maybe 20 leftover files.... then between EMSI & Sophos cleared the rest.
Im left with 3 samples

1647469109802.png

Now Running F-secure scan shows NO ISSUES it thinks clean - F-secure had missed maybe 17 other samples in this test....
running EMSIsoft shows clean - these 3 files are clean.....
running Sophos scan and clean (or even tried hitman pro) and it says these are clean.....

now I run windows defender...... custom scan and it can see they are threats, and is the only thing that detects them.... (3 of 3 items detcted) but it doesnt attempt to remove them, or give me any option to remove them, congrats to defender here! but it should remove the files i think!

1647469375666.png

so after running all these emsi/f-secure/wd/sophos/hitman, 3 .exe files exist ...... only WD actually detects them right now.. Microsoft's AV has come such a long way.
Once its detection's get the speed of F-secures removal.... ill be happy!
 
Last edited by a moderator:

Shadowra

Level 20
Verified
Malware Tester
Sep 2, 2021
963
now I run windows defender...... custom scan and it can see they are threats, and is the only thing that detects them.... (3 of 3 items detcted) but it doesnt attempt to remove them, or give me any option to remove them, congrats to defender here! but it should remove the files i think!

so after running all these emsi/f-secure/wd/sophos/hitman, 3 .exe files exist ...... only WD actually detects them right now.. Microsoft's AV has come such a long way.
Once its detection's get the speed of F-secures removal.... ill be happy!

I already had this problem, it was the Windows Defender Cloud that did not sync...
I had set it with DefenderUI in maximum setting
 

kC77

Level 4
Aug 16, 2021
191
I had put 60s with Confidence Zero on DefenderUI
just made thos changes set to 60s / zero & rebooted.... (WD isnt my resident protection here, F-Secure still is which is not detecting)

another custom scan ran, and again WD see's 3 threats but makes no attempt to remove
(im quite happy here i can just delete these static files manually) but I'd like one of these supposedly amazing engines do it automatically!
 
  • Like
Reactions: Shadowra

Shadowra

Level 20
Verified
Malware Tester
Sep 2, 2021
963
just made thos changes set to 60s / zero & rebooted.... (WD isnt my resident protection here, F-Secure still is which is not detecting)

another custom scan ran, and again WD see's 3 threats but makes no attempt to remove
(im quite happy here i can just delete these static files manually) but I'd like one of these supposedly amazing engines do it automatically!

F-Secure does not block them indeed (I found your droppers, I could test) .

With my configuration, I tested on the file with low detection on Microsoft Defender in VM

vQpUBwjU.png


I don't know if it's a flange made on purpose by Microsoft, but it's a pity... because by pushing the hidden settings, it is much more responsive
 

kC77

Level 4
Aug 16, 2021
191
Just updated f-secure again
1647470974264.png

1647471030854.png



just updated emsisoft defs...... it still misses them

1647470731925.png

sophos / hitman still says its clean
1647470787303.png

Windows defender however detects the 3 files... but doesnt remove/delete/clean -
1647470847006.png

 
Last edited:

kC77

Level 4
Aug 16, 2021
191
noticed a new WD update so scanned again and now it gives the option to remove
1647472262781.png
1647472315442.png


good old windows defender......... everything else missed is or wouldn't detect it, eventually it removed it ( i could of just manually deleted this static sample.... but i wanted a tool to do it for me) Windows defender was the first to do so
 
  • Like
Reactions: Nevi and goodjohnjr