User Feedback F-Secure SAFE 18.2

Software
F-Secure SAFE 18.2
Installation
5.00 star(s)
Installation Feedback
Very fast. Very simple.
Interface (UI)
4.00 star(s)
Interface Feedback
The UI is streamlined and well-organized. But no advanced settings (heuristic sensitivity) are available and some pro users may be disappointed at this. Adding the capability to submit samples within the product would be nice.
- One star deducted for the lack of advanced settings.
Usability
5.00 star(s)
Usability Feedback
Not quite configurable, and pro users may be disappointed at this.
Performance and System Impact
5.00 star(s)
Performance and System Impact Feedback
One of the lightest AVs I've ever tested.
Protection
4.00 star(s)
Protection Feedback
Generally good. Like many AVs using Avira engine, F-Secure is not so good at detecting script malware. Unable to remove and repair threats within archive (zip, rar....). See below for comments on DeepGuard and F-Secure Security Cloud.

Banking protection is very cool.

Internet Surf protection is so-so. The plug-in failed to block many phising sites, not as good as McAfee.

No bulit-in firewall.
Real-time file system protection
4.00 star(s)
Internet Surf protection
3.00 star(s)
Proactive Intrusion protection
4.00 star(s)
Pros
  1. No setup required
  2. Low impact on system resources
  3. Lightning fast scans
  4. Easy to use
  5. Simple and non-intrusive
  6. Ransomware protection
  7. Blocks even brand new malware
  8. Virus signatures are updated very often
  9. Well designed, clear interface
  10. Multiple layers of protection
Cons
  1. Advanced users may want more control
  2. Short on configuration options
  3. Limited web protection
  4. Not as many features as some competitors
Software installed on computer
Less than 30 days
Computer specs
ThinkPad X1 Carbon (6th Gen)
Recommended for
  1. Inexperienced users
  2. Banking or other financial activity
  3. Gamers
  4. Low specs device
Overall Rating
4.00 star(s)
Disclaimer
  1. Any views or opinions expressed are that of the member giving the information and may be subjective.
    This software may behave differently on your device.

    We encourage you to compare these opinions with others and take informed decisions on what security products to use.
    Before buying a product you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Anthony Qian

Level 7
Thread author
Verified
Well-known
Apr 17, 2021
343
Thanks to the three-year giveaway, I have been testing F-Secure SAFE 18.2 over the last few days.

Compared with my previous experience with F-Secure, I see significant improvements in terms of DeepGuard and F-Secure Security Cloud.

DeepGuard, an effective behavior blocker, successfully blocked the so-called Coffee Ransomware, which Comodo, Kaspersky's SW, HitmanPro Alert, ESET, Bitdefender's ATD, and Symantec's SONAR failed to block when the threat was not yet added to their Virus Database, indicating that DeepGuard is better than other well-known BBs in some cases. However, DeepGuard is not perfect. It was unable to block the Remcos malware and some PowerShell script malwares in my testing. In addition, I hope DeepGuard will be able to roll back any changes made by malware in the future.

F-Secure Security Cloud, F-Secure's equivalent of Kaspersky's KSN and ESET's LiveGrid, has done a very good job at detecting new malwares that Avira engine failed to detect. Its detection rate has improved. However, unlike KSN and LiveGrid, we cannot check the files' reputations in F-Secure Security Cloud.

The biggest shortcoming of F-Secure is its VERY SLOW response to users' sample submissions. In my experience, F-Secure's analyst replied my submission after five days, saying the files I submitted were malicious and had been blocked by F-Secure Security Cloud for immediate protection (???:unsure:). But, as the C&C server is down, this sample actually does no harm when it was blocked by F-Secure Security Cloud 😅.
 

Anthony Qian

Level 7
Thread author
Verified
Well-known
Apr 17, 2021
343
Do FS and Comodo work well together, or is it better to keep Windows firewall? And what about security? Windows or Comodo Firewall? Or maybe wisevector?
I have tried to install F-Secure and Comodo firewall with HIPS disabled. I did not notice any problems. However I recommend using Symantec Endpoint Protection (only firewall component) along with F-Secure. SEP has fantastic IPS function.
 

Shadowra

Level 21
Verified
Malware Tester
Sep 2, 2021
1,057
Do FS and Comodo work well together, or is it better to keep Windows firewall? And what about security? Windows or Comodo Firewall? Or maybe wisevector?
They work well together, but I find that the Windows firewall is more than enough.
I remind you that F-Secure modifies the Windows firewall by adding rules to it.

And if security is important, you have the tool of @Andy Ful which allows to reinforce even more :)
 

Anthony Qian

Level 7
Thread author
Verified
Well-known
Apr 17, 2021
343
Can you expand on why you give it three stars for surf protection or the con for Limited web protection at all?
F-Secure blocks phishing and harmful websites with its browser plug-in. However, in my testing, F-Secure was unable to block as many harmful websites as McAfee WebAdvisor. Because some phishing sites are difficult to detect, failing to block them isn't a big deal. What disappoints me about F-Secure's surf protection is that even after I submitted the URLs for analysis, it was unable to block those sites until they were down. In contrast, McAfee WebAdvisor responds to my URL submission within one hour, and Norton SafeWeb responds immediately if its automatic system is able to classify.
 

superleeds27

Level 6
Apr 5, 2017
254
F-Secure blocks phishing and harmful websites with its browser plug-in. However, in my testing, F-Secure was unable to block as many harmful websites as McAfee WebAdvisor. Because some phishing sites are difficult to detect, failing to block them isn't a big deal. What disappoints me about F-Secure's surf protection is that even after I submitted the URLs for analysis, it was unable to block those sites until they were down. In contrast, McAfee WebAdvisor responds to my URL submission within one hour, and Norton SafeWeb responds immediately if its automatic system is able to classify.
Might be worth mentioning it on their forum/community.

They seem quite active on there!
 

Virtuoso

Level 1
Feb 21, 2022
34
F-Secure blocks phishing and harmful websites with its browser plug-in. However, in my testing, F-Secure was unable to block as many harmful websites as McAfee WebAdvisor. Because some phishing sites are difficult to detect, failing to block them isn't a big deal. What disappoints me about F-Secure's surf protection is that even after I submitted the URLs for analysis, it was unable to block those sites until they were down. In contrast, McAfee WebAdvisor responds to my URL submission within one hour, and Norton SafeWeb responds immediately if its automatic system is able to classify.

Can this be mitigated by using Bitdefender traffic light or Emsisoft Browser Security extension instead of F-secure extension?
 

MacDefender

Level 16
Verified
Top poster
Oct 13, 2019
789
Very well written and I agree with your feedback. DeepGuard is probably the most interesting part of F-Secure and it's one of the most effective BB's out there. I agree that all of its engines have a bit of a weak spot against script based malware, and DeepGuard in particular is very weak if you exploit something they overzealously whitelisted. (For example the last time I tested, various things like 7Zip, MATLAB, official and portable Python, and Node.JS / Chromium V8 are all completely whitelisted. You can easily build ransomware or even run stock malware with those, and DeepGuard won't say a thing unless your malware is stupid enough to download a secondary payload that gets flagged). On the other end of the spectrum, DeepGuard can have a lot of false alarms with certain software. In another thread, we analyzed that for something like Rufus which tries to disable USB drive autorun dialogs via GPO, if you change the hash of the app at all, DeepGuard thinks that it's a GPO trojan.

They don't seem to focus on either proper cleanup or rollback. A lot of partial hits result in DeepGuard repeatedly flagging an AutoRun on every boot. KSW and other BB's combine almost as strong performance with a pretty elaborate rollback mechanism.

Overall though it's still one of my favorite lightweight AVs. It's small, unintrusive, and tastefully uses a lot of native Windows features like notifications without bothering you all the time. It's probably my favorite drop in replacement for Windows Defender for those who just want an AV that gets out of their way.
 

show-Zi

Level 34
Verified
Top poster
Well-known
Jan 28, 2018
2,358
If so, F-Secure should remove the Submit A Sample site, and ask submitter to send their samples through official community, just like Malwarebytes. :ROFLMAO:
I evaluated them in the sense that they are proactive in responding to users.

As for the fact that it takes longer time than other vendors to determine and reflect suspicious files, I suspect that the support desk and the technical department are not well coordinated.