Battle Lightest free AV

brod56

Level 15
Thread author
Verified
Top Poster
Well-known
Feb 13, 2017
737
Hey guys.
I know many of you are a bit tired of threads comparing free AVs, but this one is a bit diferent.
I want to know what you think is the best performance free AV right now, which just has a new contester. I am aware of the detection rates considering the different modules of protection available (probably BDF>KAF>WD) but CPU/Ram usage is what Im looking at.
Compatibility with Voodooshield is also an important aspect for me, as I can't live without this wonderful piece of software.
Any comments (with Task Manager screenshots even better) are highly appreciated.

PS. Please do not suggest Avast or Avira as I had some pretty bad experiences with them in the past.
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Frankly speaking, if you disable so many features in Avast then you might as well be better off using another AV.....similarly for any other security software.
I know what you mean but I can hardly find any free AV that can replace or have similar features to avast's hardened mode aggressive
combining it with windows script host and powershell being disabled, I can't see how it can be bypassed by regular exe malwares
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
I know what you mean but I can hardly find any free AV that can replace or have similar features to avast's hardened mode aggressive
combining it with windows script host and powershell being disabled, I can't see how it can be bypassed by regular exe malwares
I'm using BD AV free and its behaving ok these few days. Down the road I'm not so sure because I had it previously and it caused a slowdown on my system. I replaced the KAV free after it causing some issues.
 
  • Like
Reactions: brod56

AlanOstaszewski

Level 16
Verified
Top Poster
Malware Hunter
Jul 27, 2017
775
So web shield and behavior shield are craps in Avast?
No and yes xD. BB and Web Shield in Avast are a good thing to have.
If you search for a light AV then you can combine Comodo (@cruelsister Settings) with Avast (@Evjl's Rain Settings). (Under 30mb RAM)
Kaspersky Free + Comodo I tested yesterday. (Under 150mb RAM)
 
  • Like
Reactions: CodaPG and Parsh

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
No and yes xD. BB and Web Shield in Avast are a good thing to have.
If you search for a light AV then you can combine Comodo (@cruelsister Settings) with Avast (@Evjl's Rain Settings). (Under 30mb RAM)
Kaspersky Free + Comodo I tested yesterday. (Under 150mb RAM)
Avast and KAF both have signatures and cloud protection. No point the duplication for one of them will become redundant i.e. not responsive to malware attack due to the action of the other

You can a a couple of AVs together without issues. However, there is only one main actor and the rest are sidekicks.....redundant
 
Last edited:
  • Like
Reactions: Parsh

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
KAF seems to be rather lite on my PC. I use it with Comodo FW. They complement each other pretty good. Q360 without BDF and Avira engines maybe good choice as well.
If I'm not wrong Q360 updates its signatures once a day. Also, without BD and Avira engines is Q360 good?
 
Last edited:
  • Like
Reactions: Solarlynx

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
in fact, I have seen several samples that disabled WD immediately, via registry or group policy, after they successfully bypassed WD. After a reboot, WD was completely off and the system was unprotected then
This is a simple trick but it works
WD is now more widely used so it would be the first target to be disabled
I know what you mean
I think if we want have to compromise avast, we need something a bit more sophisticated
WD can be easily disabled by that way. MS needs to add something in the settings to protect WD from being turned off by registry
Though WD is working on improving their detection with known and appreciable ways, they definitely need to strengthen their own defenses first, for reason you mentioned.
There have been some samples tested here that could simply disable different built-in security measures, from a long time.

You can disable Windows Defender. wow
You can compromise Kaspersky and take full control over a PC. WOWOWOWOWOOWOW
By the latter, are you referring to the Double Agent?
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
If I'm not wrong Q360 updates its signatures once a day. Also, without BD and Avira engines is Q360 good?
The signatures are typically said to be updated twice a day. BD signatures, as you might know, are sometimes found to be more than 2 days old though.
Qihoo engine alone has been fairly good using its cloud detections, however not suited to be used alone like that. @WinXPert has tested 360 without the additional engines at MH quite a few times. Infections were a common sight with the single Qihoo engine, with or without detections made.
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
The signatures are typically said to be updated twice a day. BD signatures, as you might know, are sometimes found to be more than 2 days old though.
Qihoo engine alone has been fairly good using its cloud detections, however not suited to be used alone like that. @WinXPert has tested 360 without the additional engines at MH quite a few times. Infections were a common sight with the single Qihoo engine, with or without detections made.
I used Q360 TSE previously and I know the signatures update once a day only. That's why I stopped using it.
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
No. I mean in whole that Defender is good integrated in Windows 10 and contains fewer bugs.
I've has seen a consistent rise in its protection. But WD has not been difficult to defeat and has seen vulnerabilities like other AVs and there will be newer ones as it progresses. It will more often be targeted too. Yeah, the Windows integration will be better and WD will be the fastest protection to adapt to the architectural changes of the OS (example during the early PatchGuard for Win10 x64).

I used Q360 TSE previously and I know the signatures update once a day only. That's why I stopped using it.
I'm not very sure about this. In some posts around different forums, it was a notion that the updates were meant to be delivered twice a day. The update logs might be useful to confirm it.
 
  • Like
Reactions: brambedkar59

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
I'm not very sure about this. In some posts around different forums, it was a notion that the updates were meant to be delivered twice a day. The update logs might be useful to confirm it.

That's why I'm telling you my experience.

Even if some gets twice a day updates will that be enough adequate protection as an AV as compared to those which provide hourly updates or updates every few hours?
 
  • Like
Reactions: Parsh

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,188
My opinion: Windows Defender is very good and light because it is a part of Windows.
Windows Defender is not light and based on my experience of using it on many computers, it can cause very noticeable slowdowns unless you have a fast CPU. Windows 10 can run quite fast even on some really old hardware (e.g. I'm running it on some 11 year old laptops), but Windows Defender makes them run slowly at times.
 

MTUser

Level 4
Verified
Sep 11, 2014
144
they are a company bigger than Kaspersky lol! they won't use bd or Kaspersky... they are a big name in business!
Fortinet - Wikipedia

Yes, they are a big player and they are very very good, but FortiClient is a endpoint solution, designed to be integrated with the Fortinet Security Fabric, not to be used as a standalone product. As standalone, there is much better alternatives.
 

l0rdraiden

Level 3
Verified
Jul 28, 2017
117
Yes, they are a big player and they are very very good, but FortiClient is a endpoint solution, designed to be integrated with the Fortinet Security Fabric, not to be used as a standalone product. As standalone, there is much better alternatives.
The fact that it works together with fortigate firewalls doesn't mean that is not mean to be used as a stand alone product. I think you don't know the product at all or you don't know what are you talking about
 

MTUser

Level 4
Verified
Sep 11, 2014
144
The fact that it works together with fortigate firewalls doesn't mean that is not mean to be used as a stand alone product. I think you don't know the product at all or you don't know what are you talking about

I'm not saying you cannot use the product as a standalone, but the product itself is designed to be used with the security fabric, so it's not the best solution as standalone with "static" signatures.

I don't know what you know about Fortinet, but I'm Fortinet NSE certified, so I know a thing or two about the product :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top