Battle Lightest free AV

[brod56]

Hey guys.
I know many of you are a bit tired of threads comparing free AVs, but this one is a bit diferent.
I want to know what you think is the best performance free AV right now, which just has a new contester. I am aware of the detection rates considering the different modules of protection available (probably BDF>KAF>WD) but CPU/Ram usage is what Im looking at.
Compatibility with Voodooshield is also an important aspect for me, as I can't live without this wonderful piece of software.
Any comments (with Task Manager screenshots even better) are highly appreciated.

PS. Please do not suggest Avast or Avira as I had some pretty bad experiences with them in the past.

 

[Evjl's Rain]

Frankly speaking, if you disable so many features in Avast then you might as well be better off using another AV.....similarly for any other security software.

I know what you mean but I can hardly find any free AV that can replace or have similar features to avast's hardened mode aggressive
combining it with windows script host and powershell being disabled, I can't see how it can be bypassed by regular exe malwares

 

[HarborFront]

You can disable Windows Defender. wow
You can compromise Kaspersky and take full control over a PC. WOWOWOWOWOOWOW


You don't disable functions. You disable crap that slows down your PC.

So web shield and behavior shield are craps in Avast?

 

[HarborFront]

I know what you mean but I can hardly find any free AV that can replace or have similar features to avast's hardened mode aggressive
combining it with windows script host and powershell being disabled, I can't see how it can be bypassed by regular exe malwares

I'm using BD AV free and its behaving ok these few days. Down the road I'm not so sure because I had it previously and it caused a slowdown on my system. I replaced the KAV free after it causing some issues.

 

[Solarlynx]

KAF seems to be rather lite on my PC. I use it with Comodo FW. They complement each other pretty good. Q360 without BDF and Avira engines maybe good choice as well.

 

[AlanOstaszewski]

So web shield and behavior shield are craps in Avast?

No and yes xD. BB and Web Shield in Avast are a good thing to have.
If you search for a light AV then you can combine Comodo (@cruelsister Settings) with Avast (@Evjl's Rain Settings). (Under 30mb RAM)
Kaspersky Free + Comodo I tested yesterday. (Under 150mb RAM)

 

[HarborFront]

No and yes xD. BB and Web Shield in Avast are a good thing to have.
If you search for a light AV then you can combine Comodo (@cruelsister Settings) with Avast (@Evjl's Rain Settings). (Under 30mb RAM)
Kaspersky Free + Comodo I tested yesterday. (Under 150mb RAM)

Avast and KAF both have signatures and cloud protection. No point the duplication for one of them will become redundant i.e. not responsive to malware attack due to the action of the other

You can a a couple of AVs together without issues. However, there is only one main actor and the rest are sidekicks.....redundant

 

[HarborFront]

KAF seems to be rather lite on my PC. I use it with Comodo FW. They complement each other pretty good. Q360 without BDF and Avira engines maybe good choice as well.

If I'm not wrong Q360 updates its signatures once a day. Also, without BD and Avira engines is Q360 good?

 

[Parsh]

in fact, I have seen several samples that disabled WD immediately, via registry or group policy, after they successfully bypassed WD. After a reboot, WD was completely off and the system was unprotected then
This is a simple trick but it works
WD is now more widely used so it would be the first target to be disabled
I know what you mean
I think if we want have to compromise avast, we need something a bit more sophisticated
WD can be easily disabled by that way. MS needs to add something in the settings to protect WD from being turned off by registry

Though WD is working on improving their detection with known and appreciable ways, they definitely need to strengthen their own defenses first, for reason you mentioned.
There have been some samples tested here that could simply disable different built-in security measures, from a long time.

You can disable Windows Defender. wow
You can compromise Kaspersky and take full control over a PC. WOWOWOWOWOOWOW

By the latter, are you referring to the Double Agent?

 

[Parsh]

If I'm not wrong Q360 updates its signatures once a day. Also, without BD and Avira engines is Q360 good?

The signatures are typically said to be updated twice a day. BD signatures, as you might know, are sometimes found to be more than 2 days old though.
Qihoo engine alone has been fairly good using its cloud detections, however not suited to be used alone like that. @WinXPert has tested 360 without the additional engines at MH quite a few times. Infections were a common sight with the single Qihoo engine, with or without detections made.

 

[AlanOstaszewski]

By the latter, are you referring to the Double Agent?

No. I mean in whole that Defender is good integrated in Windows 10 and contains fewer bugs.

 

[HarborFront]

The signatures are typically said to be updated twice a day. BD signatures, as you might know, are sometimes found to be more than 2 days old though.
Qihoo engine alone has been fairly good using its cloud detections, however not suited to be used alone like that. @WinXPert has tested 360 without the additional engines at MH quite a few times. Infections were a common sight with the single Qihoo engine, with or without detections made.

I used Q360 TSE previously and I know the signatures update once a day only. That's why I stopped using it.

 

[Behold Eck]

Immunet v5 is the lightest I have ever tried.

Regards Eck

 

[Parsh]

No. I mean in whole that Defender is good integrated in Windows 10 and contains fewer bugs.

I've has seen a consistent rise in its protection. But WD has not been difficult to defeat and has seen vulnerabilities like other AVs and there will be newer ones as it progresses. It will more often be targeted too. Yeah, the Windows integration will be better and WD will be the fastest protection to adapt to the architectural changes of the OS (example during the early PatchGuard for Win10 x64).

I used Q360 TSE previously and I know the signatures update once a day only. That's why I stopped using it.

I'm not very sure about this. In some posts around different forums, it was a notion that the updates were meant to be delivered twice a day. The update logs might be useful to confirm it.

 

[HarborFront]

I'm not very sure about this. In some posts around different forums, it was a notion that the updates were meant to be delivered twice a day. The update logs might be useful to confirm it.

That's why I'm telling you my experience.

Even if some gets twice a day updates will that be enough adequate protection as an AV as compared to those which provide hourly updates or updates every few hours?

 

[ForgottenSeer 55474]

I believe in my heart it is Bitdefender,but it probably is microsofts own Defender.

 

[Solarlynx]

If I'm not wrong Q360 updates its signatures once a day. Also, without BD and Avira engines is Q360 good?

AFAIK its cloud has all sigs, if you are online, and what is more important, it has robust HIPS.

 

[roger_m]

My opinion: Windows Defender is very good and light because it is a part of Windows.

Windows Defender is not light and based on my experience of using it on many computers, it can cause very noticeable slowdowns unless you have a fast CPU. Windows 10 can run quite fast even on some really old hardware (e.g. I'm running it on some 11 year old laptops), but Windows Defender makes them run slowly at times.

 

[MTUser]

they are a company bigger than Kaspersky lol! they won't use bd or Kaspersky... they are a big name in business!
Fortinet - Wikipedia

Yes, they are a big player and they are very very good, but FortiClient is a endpoint solution, designed to be integrated with the Fortinet Security Fabric, not to be used as a standalone product. As standalone, there is much better alternatives.

 

[l0rdraiden]

Yes, they are a big player and they are very very good, but FortiClient is a endpoint solution, designed to be integrated with the Fortinet Security Fabric, not to be used as a standalone product. As standalone, there is much better alternatives.

The fact that it works together with fortigate firewalls doesn't mean that is not mean to be used as a stand alone product. I think you don't know the product at all or you don't know what are you talking about

 

[MTUser]

The fact that it works together with fortigate firewalls doesn't mean that is not mean to be used as a stand alone product. I think you don't know the product at all or you don't know what are you talking about

I'm not saying you cannot use the product as a standalone, but the product itself is designed to be used with the security fabric, so it's not the best solution as standalone with "static" signatures.

I don't know what you know about Fortinet, but I'm Fortinet NSE certified, so I know a thing or two about the product