Known Problems with Most Common AV's

Status
Not open for further replies.

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
This Kaspersky problem should've been fixed by now in the latest Firefox version 68.
Firefox changelog: "When an HTTPS error caused by antivirus software is detected, Firefox will attempt to automatically fix it "
when a new version of firefox is released, the problem can repeat
kaspersky used to have the same issue with chrome in the past and require a new patch update from kaspersky to fix
it seems like firefox is having a hard time dealing with AVs: kaspersky, avast, sophos,...
chrome has been stable for a while
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
when a new version of firefox is released, the problem can repeat
kaspersky used to have the same issue with chrome in the past and require a new patch update from kaspersky to fix
it seems like firefox is having a hard time dealing with AVs: kaspersky, avast, sophos,...
chrome has been stable for a while
The issue is not on Firefox's side because that's how Firefox works unlike other browsers. It uses its own certificate store instead of windows. So, they are not gonna totally change a crucial part of their product just to let Antiviruses do SSL scanning. But instead as a workaround Firefox will automatically enable the option to import root certificate from the system when this error occurs and save the preference permanently unless the user manually change it. I never liked antiviruses MITMing secure HTTPS connections as it completely breaks the purpose of HTTPS in the first place so I disable this feature on AV anyway.
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Tencent PC Manager

-BB does not work offline
-cloud very unstable (BB & cloud signatures broken)
-apart from Bitdefender 3rd party engine, no offline signatures
-does scan with Bitdefender Engine only, own signatures only triggered only on access & via Download shield
-download shield and web shield (phishing / malware URL blocker) incompatible with many browsers (M$ Edge, Brave, Vivaldi, maybe Chrome)
-nearly non-existent support (difficult registration on their forum, accessible without VPN only)
-weak against signed malware
-mediocre own detection on malware <24h
 
Last edited:

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
Another thread I thought about (wow Robbie you're on fire today!). Share a fact about the AV you use or about an AV you heard of that has specific problems or facts that need to be known before instaling. The purpose of this is to let users know what kind of issues or scenarios they will face when installing X antivirus.

Avast/AVG:
  • Telemetry/privacy issues
  • Hardware virtualization for DeepScreen and CyberCapture conflicts with VMware, VirtualBox and Windows Sandbox
  • Transient caching slows down the machine
Avira:
  • Webfilter is heavy
  • No offline BB. There is only online cloud+BB for uploaded files, which have to match certain criterias
  • Poor against scriptors
  • Luke Filewalker emergs after detecting malware and does a deep, slow full scan of the system, no option to stop it or disable
  • Not many options to improve its protection
  • Bloated with unnecessary modules
  • Updates can cause the PC to freeze if the update is big enough
  • Pro version has better behavior detection for cloud uploading (thanks to Webfilter). Free doesn't upload files as frequent
Bitdefender Paid/Free:
  • SSL scanning blocks legit websites without notice and no way to add exclusions or disable; cuts wi-fi connection intermittently
  • Inaccurate information aboout dealing with malware: says it's deleted but it's quarantined
  • Can be messy since it tends to dismantle a file to scan, therefore context-scanning one file may say it scanned 12 files
Comodo:
  • The antivirus module is heavy and weak (without AV, it's super light)
  • Some unexpected bugs
  • FPs for non-English or non-European programs
  • Learning curve. It's never easy for average users
Cylance:
  • FPs
  • No default UI for excluding quarantined files
  • Web dashboard mostly useful only for multiple device managment
Dr. Web:
  • Very high use of RAM
  • Very poor signature-based detection
Emsisoft:
  • Extreme memory usage
  • Conflicts with Chromium-based browsers' container
  • Signatures are borderline poor against new malwares (but great non-zeryday thanks to BD)
  • If we exit Emsisoft, re-opening it will make it crashed or unusable. Requires a reboot
  • Web filter is not good, requires installing browser extension for deep filtering
  • Not any options to improve the default protection
G Data:
  • Known conflicts with Shadow Defender (firewal becomes buggish, turns off automatically, requires reboot)
Kaspersky:
  • TAM module is known to significantly slow down the general daily operations.
  • Frequent problems with browsers on HTTPS and certificates, specially with Firefox.
  • Browser Script Injection causes slow downs on browser and PC
  • Compatibility issues with some APPS (NPE)
K7:
  • Very bad protection against scripts and documents
  • Vulnerable to java-based exploits
  • Mediocre firewal
  • Childish GUI
  • Poor support
Norton:
  • Poor protection against USB-delivered viruses
  • Ineffective web filter (never seen it work. All the hard work is done by Download Insight). Require installation of browser extension for Browser filtering. Useless system-wise filter
  • Download insight is very prone to FPs
  • Problems with licensing, also trial
  • SONAR takes a lot of time and resources to analyze a malware, especially on Aggressive option
  • Uninstall tends to be buggy
Panda:
  • Buggish when needed to update to a new program version, doesn't update automatically
  • Uninstall causes high memory leak and eventually BSODs
  • High CPU usage during execution of scripts
  • Program update will need to reinstall the program and there's no option to backup settings.
Windows Defender:
  • Tends to freeze/slow down the system with a folder filed with executables is opened
  • Strictly dependent on Windows updates and windows versions. If We use older windows versions, we lose some protection. If Windows updates somehow is damaged, WD will not update properly (WPD can cause it)
  • Poor caching mechanisms, almost none. Slows down copying speed and folder opening
  • Strictly dependent on cloud and internet connection. Really poor offline protection
  • Unstable after detecting some malwares. It may revert user's tweaks and sometimes makes itself problematic (it's fine if you never face any malware)
  • Tweaking requires a lot of efforts or external apps
  • Slows down PC while removing malwares (despite choosing "Remove", it should take 1sec max to remove)
  • Only works with maximum capability when a file is downloaded from a browser or script. Some modules are bypassed when the file is originated from an USB, password-protected archive or downloaded by a download accelerator/manager
  • Can be disabled easily by third-party apps. Malwares can also do that and disable WD forever

Share as much facts as you want about the antiviruses you want!

PS: if you don't participe and still saw this thread, you'll have 7 years of bad luck and you will be destined to use Panda Antivirus forever.

I'll update this post with all your comments! Please be sure that what you post is indeed a known problem and not an isolated issue on your PC. Avoid comments like "Kaspersky is heavy on my machine", that's not a general issue, it just means your hardware sucks.
So not a single known problem with ESET has been found? :unsure:
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
QuickHeal:
-very poor signature detection
-apart from Antivirus Pro, the packages are to expensive for what they deliver
-only very few useful additions in Internet Security / Total Security packages (but steep price increase)
-installers for other than English releases are very old, cannot comfirm user gets latest release
-difference between Total Security and Total Security Multi Device not clearly visible (TS Multi Device did not arrive with latest Version 18 yet but stuck at v17, an issue because of many improvements in v18)
 
Last edited:

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
what are those advanced techniques? :unsure:
Look it up.

By traditional, I mean downloading signatures locally to detect unknown malware. Practically useless.
 
  • Like
Reactions: JB007

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Qihoo 360:
-free version with ads and nags
-paid version does not give any security related improvements at all
-promised early upgrade never noticed when using premium
-does not notify on new version unless manual update is triggered
-HIPS are almost useless against common malware (does prevent AutoRun, but malware can still submit and steal data)
-good signatures, but without signatures, system is very likely to get infected
-weak against process hollowing
-HIPS do not freeze malware, it can happily harm the system until user action / 30 seconds until autoblock
->RANSOMWARE :emoji_fearful:
-pseudo-firewall does block almost nothing (seems to be a network monitor rather with the option to manually block - but why pay for?)
 

FrFc1908

Level 20
Verified
Top Poster
Well-known
Jul 28, 2016
950
Qihoo 360:
-free version with ads and nags
-paid version does not give any security related improvements at all
-promised early upgrade never noticed when using premium
-does not notify on new version unless manual update is triggered
-HIPS are almost useless against common malware (does prevent AutoRun, but malware can still submit and steal data)
-good signatures, but without signatures, system is very likely to get infected
-weak against process hollowing
-HIPS do not freeze malware, it can happily harm the system until user action / 30 seconds until autoblock
->RANSOMWARE :emoji_fearful:
-pseudo-firewall does block almost nothing (seems to be a network monitor rather with the option to manually block - but why pay for?)

add :

useless bloatware
high rate of false positives
ignorant / incompatible customer support
telemetry / spying / data harvesting
bd signatures have updating issues
sandbox is weak
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
there are some. most of them are related to its protection. I can submit some but I'm afraid some ESET users may disagree
I'm sure we all respect your opinions, I know I do! IMHO it's not necessarily a case of disagreeing, for me it's a case of balancing up the known info & making a decision thereby accepting the risk factor balanced against the advantages - We do that in all things in life I feel :)
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
KIS - Quite brilliant: But on all PC's I own (and actually ones I don't) drops the speed of all VPN's I've used by 30% or more, (no issues without a VPN) not found a way round it other than using KAV, with maybe less protection.

Edit: Depending on your connection speed this may or may not be an issue.
 
Last edited:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
ESET:
- The UI is very confusing with small text and grouped settings. Not easy for new users (I had problems with tweaking)
- Scan mode ("Scan On" option) in "Real-time file system protection" needs more detail explanation in app when clicking on the ! mark. Users have to visit help.eset.com to read more detail about it (and they do explain)
- Poor zero-day protection = silent HIPS in default settings
- Newly developed Behavioral blocker is not yet competent
- HIPS is HIPS. it can block everything including safe files. It's not easy and takes time to configure => not user-friendly (any HIPS in general)
+ HIPS can make your PC unbootable if you don't know how to use it
- "Enable detection of potentially unsafe applications" is a real FP machine (not to be confused with "Enable... unwanted applications" = detecting PUPs). This blocked too many files on my PC. However, the option contributes to ESET's great signatures => FPs (That's why they give an option to enable or disable it during installation, but not the other one)
- No free version
- Admins usually find a lot of reasons to defend their products when there is a flaw or bypass discovered by an organization or an user

(- for unknown reason, my first installation of ESET made my PC unusable until I went to Safe Mode and uninstalled ESET. The second try worked)
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top