amitkumargiri
Level 1
- Mar 13, 2022
- 44
Currently what is the best free AV?
- Thread starter Block_shield
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
amitkumargiri
Level 1
- Mar 13, 2022
- 44
FWIW one of those samples is actually corrupt and doesn't run:this is annoying... my most recent test 305 new samples from malware bazaar, (simple extract of zipfiles, not running the malware) F-Secure got rid of most, down to maybe 20 leftover files.... then between EMSI & Sophos cleared the rest.
Im left with 3 samples
View attachment 265017
Now Running F-secure scan shows NO ISSUES it thinks clean - F-secure had missed maybe 17 other samples in this test....
running EMSIsoft shows clean - these 3 files are clean.....
running Sophos scan and clean (or even tried hitman pro) and it says these are clean.....
now I run windows defender...... custom scan and it can see they are threats, and is the only thing that detects them.... (3 of 3 items detcted) but it doesnt attempt to remove them, or give me any option to remove them, congrats to defender here! but it should remove the files i think!
View attachment 265018
so after running all these emsi/f-secure/wd/sophos/hitman, 3 .exe files exist ...... only WD actually detects them right now.. Microsoft's AV has come such a long way.
Once its detection's get the speed of F-secures removal.... ill be happy!
JoeSandbox:
- Corrupt sample or wrongly selected analyzer. Details: %1 is not a valid Win32 application.
- Apr 1, 2019
- 2,868
Did you submit the samples to the vendors that missed them?
- Aug 16, 2021
- 232
- Aug 16, 2021
- 232
- Jul 27, 2015
- 5,458
In some situations with many or extra large pictures/images it's preferred yes. Extra since it can have a very negative effect for mobile users when they gets forced to scroll too much.@kC77 please use the Spoiler function for your picture
Here's a very good staff tip/hint for general spoiler use anywhere on the forum!
Please do Not use the " Inline Spoiler " option in the editor. That's what create the " blurry " effect over text or pictures. Try use the normal basic Spoiler option instead.
- Aug 16, 2021
- 232
- Apr 16, 2017
- 2,097
3 different 2nd opinion scanners running on schedule every 2 hours, that is not just 'Overkill' it is 'Overkill Ultra Max Pro' version. Weekly scans with 2nd opinion scanners is more than enough, if it's not sufficient than you need to change your browsing/downloading habits.
Stay safe, not paranoidᵀᴹ
Edit: Oops forgot to answer the OP's question: Kaspersky
Last edited:
Far as I'm concerned, all the big ones are already similar in terms of protection. I mean, they compete neck-and-neck for your money. In my opinion, it's more now about how you set it up, what you (can) bolster it with, and/or how it interacts with the hardware and software on one's system.
Plus, antivirus performance can fluctuate quarterly in their metrics. Look at Defender for a clear example.
Plus, antivirus performance can fluctuate quarterly in their metrics. Look at Defender for a clear example.
- Sep 2, 2021
- 2,586
Anyway, even with Windows Defender currently on Win10/Win11, a user is very well protected.
I often do computer troubleshooting and especially in the Pro environment (in my IRL job), I keep Windows Defender that I confugurate and also explain how to avoid pitfalls and to authorize manually (for example if the anti Ransomware protection blocks any file).
Same thing when someone asks me for a free Antivirus. Microsoft offers an excellent protection shield that has evolved well, you can trust it
I often do computer troubleshooting and especially in the Pro environment (in my IRL job), I keep Windows Defender that I confugurate and also explain how to avoid pitfalls and to authorize manually (for example if the anti Ransomware protection blocks any file).
Same thing when someone asks me for a free Antivirus. Microsoft offers an excellent protection shield that has evolved well, you can trust it
- Jun 24, 2016
- 2,485
- Aug 16, 2021
- 232
"overkill ultra max pro" lol i like it!
Ive never actually had a virus, the school of common sense, (gateway IPS/adbock/pihole/os updates/firmware updates/Vlans/geoblocking firewall/immutable backups/common sense etc being the first)
but purely out of boredom a few days ago I did grab f-secure safe, which then got me onto grabbing hundreds of samples to test.... F-secure missed a fair few samples, defender got a few of the stragglers, emsi a few & sophos a few more ... to clear out the folder of samples took 4 products/engines.
been testing even more again today and 954 samples.... 72 were missed by F-secure, Defender then cleaned 32, emsi got 22 and sophos got the rest, just intrigued testing the capabilities of them.
as for adding the scheduled tasks I was just testing commmandline usage of them all, and as yet there is no pop ups or noticeable slowdowns as background sig updates quick/scans run (lowest priority) - they all stagger x minutes after logon, then repeat every 2 hours, so none of them run at the same time.
yep every 2 hours maybe overkill! ultra max overkill! if i notice any impacts ill adjust, or delete!
for Free protection, MS defender is very capable!
Ive never actually had a virus, the school of common sense, (gateway IPS/adbock/pihole/os updates/firmware updates/Vlans/geoblocking firewall/immutable backups/common sense etc being the first)
but purely out of boredom a few days ago I did grab f-secure safe, which then got me onto grabbing hundreds of samples to test.... F-secure missed a fair few samples, defender got a few of the stragglers, emsi a few & sophos a few more ... to clear out the folder of samples took 4 products/engines.
been testing even more again today and 954 samples.... 72 were missed by F-secure, Defender then cleaned 32, emsi got 22 and sophos got the rest, just intrigued testing the capabilities of them.
as for adding the scheduled tasks I was just testing commmandline usage of them all, and as yet there is no pop ups or noticeable slowdowns as background sig updates quick/scans run (lowest priority) - they all stagger x minutes after logon, then repeat every 2 hours, so none of them run at the same time.
yep every 2 hours maybe overkill! ultra max overkill! if i notice any impacts ill adjust, or delete!
for Free protection, MS defender is very capable!
FWIW for whatever reason, F-Secure doesn’t seem to care about their on demand scanner performance. Often times it will fail to pick something up and then attempting to execute it results in an online detection.
Plus the best part of F-Secure is the DeepGuard on execution behavior blocker which is their most common defense for the variations of Emotet/Formbook that all act the same way on execution.
Testing their ability to clean a folder of malware samples is not representative of their ability to protect your machine.
- Mar 13, 2021
- 462
- Aug 16, 2021
- 232
yep still its impressive how fast it deals with files and deletes them near instantly, and hopefully I never get to see deepguard
but yes the tests im doing is basic detection of static samples unzipped to a folder.Yeah put it this way: I’m very confident in F-Secure protection against my machine being infected by any kind of malware, including zero day and ones custom written and truly never before seen. Just attempting to hook an AutoRun as an unsigned binary will bring out DeepGuard.yep still its impressive how fast it deals with files and deletes them near instantly, and hopefully I never get to see deepguard
I’m not nearly as confident of using F-Secure as a static scanner.
- Oct 2, 2020
- 451
BItdefender re-released it's free version so it's another one to consider.
- Jul 11, 2018
- 227
I did not know that Sophos Scan & Clean existed, thank you very much KC77, I am going to try it now.
- Aug 16, 2021
- 232
yeh it's basically hitman pro renamed/rebadged ... but free (no 30day removal limit)
Similar threads
