App Review F-Secure TOTAL 2024

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra
Shadowra

Shadowra

Level 36
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,586
Content source
https://odysee.com/@Shadowra:f/F-Secure-TOTAL-2024:7
F-Secure is a Finnish publisher, well known in the world of IT security.
Formerly based on the Bitdefender engine and on the Avira engine for several years now (in addition to their own engines), the company continues to innovate and improve its flagship antivirus products.
On the program for this 2024 edition, the publisher is focusing on the Cloud and on its DeepGuard behavioral solution to better protect users.
Let's take a look at what F-Secure has in store for us...



User interface :

F-Secure's interface remains the same, so the publisher has made it necessary to provide several explanations before accessing the modules.
I appreciate this, as it helps to explain things properly to novices. You feel taken by the hand, which may annoy geeks...
F-Secure has also modified its software range. The VPN formerly known as Freedom is now included in the antivirus (only in the TOTAL version), as is ID Protection, their password manager.

Web protection: 10/10

F-Secure provides us with excellent web protection that is effective, consistent and intelligent.
He even used his anti-attack shield on one page!
This can happen if the software recognizes an IP address known for Botnet purposes, F-Secure will directly block the source.
Ingenious!


Fake crack : 0,80/1

F-Secure blocked everything except a Bitcoin script using rundll32.exe, but then disappeared.
I gave it 0.20 points.

Malware Pack : Remaining 22 out of 648 threats.

F-Secure provides a good antimalware engine. Even if the scan fails to remove everything, the interceptor catches up behind.
Overall, F-Secure put up a good fight thanks to DeepGuard .
In the end, the machine is certainly infected (the NetOptimiser launched malware via unresponsive PowerShell commands, as well as the presence of the AlteraAgent remote control software), but it can be disinfected without any problem.

Final scan :
F-Secure : 0
NPE : 0
KVRT : 3-1=2 (I ignore a file that is a false positive) => Infection memory

Final opinion:

All in all, F-Secure provides very good anti-malware and Web protection.
DeepGuard is highly effective, although not infallible, given that the machine was infected by 2 pieces of malware at the end of the test (AlteraAgent and a memory infection).
Nevertheless, the machine can be disinfected easily and without problems.
Apart from these 2 threats, F-Secure proves its reliability, consistency and efficiency.
Recommendable.
 
  • Like
  • +Reputation
  • Thanks
Reactions: Zartarra, Minimalist, Neutrophil and 29 others
Jonny Quest

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,102
Thank you for testing F-Secure, @Shadowra I really appreciate it. The web protection is one of the main reasons I use it (besides the rest of the protection). It has notified me of a previous phishing Cake site that was reported here on the forum, as well as another website that was flagged and posted here. The settings may be minimal and simplistic, but it's harder to get them wrong in that regard (for non-geeks).
 
Last edited:
  • Like
  • Applause
  • Thanks
Reactions: ShenguiTurmi, JB007, comolokko and 11 others
Anthony Qian

Anthony Qian

Level 10
Verified
Well-known
Apr 17, 2021
454
RansomwareRemediation said:
What I like about this av: Deepguard
What I hate: the Avira engine and it doesn't have its own firewall.
Thanks for the test.
Click to expand...
Same here.

I dislike how the Avira engine often copies the detection names of ESET and Kaspersky without conducting its own thorough analysis. Avira frequently uses ESET or Kaspersky's detection with random letter suffixes, but ESET or Kaspersky can detect the same threat variant using the same detection while Avira cannot. Additionally, the Avira engine relies too heavily on cloud.

Also, I dislike Avira's attitude towards sample analysis:

1. Avira analysts spent several months analyzing some malware samples, but they have not yet produced any results so far.
Screenshot 2024-03-02 at 21.39.12.png


2. Avira closed my ticket without replying or asking me, and they still haven't processed the samples.
Screenshot 2024-03-02 at 21.41.59.png


3. I have submitted an initially misidentified backdoor trojan sample (which was initially flagged by ESET as Adware, though this classification was not very accurate) to Avira. The analyst at Avira seemingly replicated ESET's initial adware detection without conducting a thorough analysis. This particular sample (found at VirusTotal) is, in my belief, if subjected to proper analysis, easily classifiable as a trojan rather than adware...

Screenshot 2024-03-02 at 21.50.01.png


Anyway, I really hope F-Secure can replace the Avira engine...
 
  • Like
  • Wow
  • +Reputation
Reactions: Dave Russo, Sunshine-boy, ShenguiTurmi and 9 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Shadowra said:
I would have thought of Kaspersky or ESET, but I don't know if they offer a solution for using their engines...
Click to expand...
Kaspersky does offer their SDK, Eset as well AntiMalware SDK for Windows and Linux | ESET

Kaspersky Anti-Virus Software Development Kit | OEM Technology Solutions | OEM Partners | Kaspersky

Learn about Kaspersky Lab technologies that are available for integration with third party hardware & software security products for customized protection.
www.kaspersky.com
Eset doesn’t offer Mac version of their SDK though.
But integrating a new SDK is not a one-day task.
F-Secure previously mentioned that they are ready to switch engines at any time so it looks like their developers are already trained into implementing plan B.
community.f-secure.com

What changed after Norton acquired Avira? Is my data still safe with F-Secure? - F-Secure Community

Issue: On 7 December 2020 NortonLifeLock announced to acquire German cyber security vendor Avira. How does this affect F-Secure? Resolution: On 7 December 2020 NortonLifeLock announced to acquire German cyber security vendor Avira. Though F-Secure is licensing Avira’s technology the acquisition...
community.f-secure.com community.f-secure.com
 
  • Like
  • +Reputation
  • Applause
Reactions: Dave Russo, ShenguiTurmi, vonvon and 8 others
Jonny Quest

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,102
Anthony Qian said:
Why not develop F-Secure's own engine as a standalone detection engine?
Click to expand...
But, if they are already using their own in tandem with Avira's, and it had the results shown by Shadowra's test, how would that make it better? I know the post was from the time in using BD's scanning engine, but just to consider the other scanning engines of F-Secure.

Scan Engine from F-Secure = Bitdefender?

Hello, sorry, dear forum, I still just another question too. Which scan engine does F-Secure use?
community.f-secure.com community.f-secure.com
F-Secure SAFE also has some other engines that cover some specific detection techniques or add additional ways to combat threats.

In addition, quite powerful and own (at least, was) F-Secure engine is "cloud one". It is also expanded view of their Ultralight design.

Another cool thing is F-Secure DeepGuard. You could read about these technologies and realizations there: Whitepapers & Reports - F-Secure Blog

For example, whitepapers: "F-Secure Ultralight", "F-Secure Security Cloud", "F-Secure DeepGuard" (3rd edition). I think they should provide comprehensive information.

// In general, I mean that F-Secure has created a long time ago, let's say, an "engine" that allows you to use different "cores" at once. Including scanning. Therefore, F-Secure solutions can detect a treat based on multiple engines. And use them for scanning.
Click to expand...
 
Last edited:
  • Like
  • +Reputation
Reactions: Dave Russo, ShenguiTurmi, vonvon and 8 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Anthony Qian said:
Why not develop F-Secure's own engine as a standalone detection engine?
Click to expand...
Developing an engine is not a task to complete overnight, at the very least they will need 1 year of research, 1 year of development and 1 year of testing. And it will be costly as well. Why not just subscribe to someone who's already experienced?
 
  • Like
  • +Reputation
Reactions: Dave Russo, ShenguiTurmi, Tume and 7 others
Jonny Quest

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,102
Trident said:
Developing an engine is not a task to complete overnight, at the very least they will need 1 year of research, 1 year of development and 1 year of testing. And it will be costly as well. Why not just subscribe to someone who's already experienced?
Click to expand...
And at what cost for the user's experience in that learning curve on their part, which may then include more malware issues for the customers? More people defecting from F-Secure?
 
  • Like
  • Applause
Reactions: Dave Russo, ShenguiTurmi, JB007 and 6 others
Jonny Quest

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,102
I'm also curious about the behind-the-scenes results of people who are using it being provided by their ISP's here in the States and Europe? What is the infection rate or issues we don't know about that maybe aren't as public as the normal consumers-only paid subscription users?

Back in ~2011, I had a subscription to F-Secure IS, and then found out that Charter Internet (Spectrum now) had a rebranded version of F-Secure. In comparing the two, Charters was a build behind, and some definition updates were behind my paid-for version. I'm not sure of how it's different today, but at that time, I thought to stick with my "more up-to-date and current", paid version.
 
  • Like
Reactions: Dave Russo, ShenguiTurmi, JB007 and 6 others
SumTingWong

SumTingWong

Level 28
Verified
Top Poster
Well-known
Apr 2, 2018
1,782
Trident said:
To replace it with whose engine? They already tried Bitdefender and it didn’t work too well for them. Who else is out there? Sophos is not amazing.
Click to expand...
Anthony Qian said:
Anyway, I really hope F-Secure can replace the Avira engine...
Click to expand...
F-Secure can develop its own engine. Avast/AVG engine. Sophos engine. ESET engine. Kaspersky engine ( might not due to political and data privacy issues ). Symantec engine.

I think Symantec may disbanned Avira like Symantec already did with Bullguard antivirus products.
 
  • Like
Reactions: Dave Russo, ShenguiTurmi, JB007 and 3 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
SumTingWong said:
F-Secure can develop its own engine. Avast/AVG engine. Sophos engine. ESET engine. Kaspersky engine ( might not due to political and data privacy issues ). Symantec engine.

I think Symantec may disbanned Avira like Symantec already did with Bullguard antivirus products.
Click to expand...
AVG, Avast and Symantec/Broadcom/NortonLifeLock offer no SDKs for OEMs. The choice is between Kaspersky, Eset and Bitdefender with Eset not being able to supply engines for Mac products. To develop their own engines is possible, perhaps they can do an AI (static analysis one). If they want a full blown engine with emulators, fuzzy signatures and other modern parameters, that may be beyond their investment capabilities.
 
  • Like
  • +Reputation
Reactions: Dave Russo, ShenguiTurmi, vonvon and 8 others
Anthony Qian

Anthony Qian

Level 10
Verified
Well-known
Apr 17, 2021
454
Jonny Quest said:
But, if they are already using their own in tandem with Avira's, and it had the results shown by Shadowra's test, how would that make it better? I know the post was from the time in using BD's scanning engine, but just to consider the other scanning engines of F-Secure.

Scan Engine from F-Secure = Bitdefender?

Hello, sorry, dear forum, I still just another question too. Which scan engine does F-Secure use?
community.f-secure.com community.f-secure.com
Click to expand...
The test results showcased in this post are less than optimal, revealing some weaknesses in Avira engine, specifically its weakness in memory scanning and disinfection. Effectiveness in memory scanning relies on precise malware characteristic extraction and detection, which is the area where the Avira engine is not good at.

Trident said:
Developing an engine is not a task to complete overnight, at the very least they will need 1 year of research, 1 year of development and 1 year of testing. And it will be costly as well. Why not just subscribe to someone who's already experienced?
Click to expand...
But F-Secure is not a new and minor player in the industry. For F-Secure’s long-term interests, mainly using its own detection is important because it will give F-Secure more control.
 
  • Like
Reactions: Dave Russo, ShenguiTurmi, vonvon and 4 others

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review F-Secure Internet Security v19.5
Replies
24
Views
2,226
Video Reviews - Security and Privacy
zidong
zidong
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review F-Secure TOTAL 2024 (Re-Test)
Replies
18
Views
2,433
Video Reviews - Security and Privacy
franz
franz
NB InfoTech
    • Like
App Review Who will be the winner? | F-Secure Antivirus vs Comodo Antivirus | Antivirus Clash | 2024
Replies
4
Views
360
Video Reviews - Security and Privacy
tofargone
tofargone

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top