By the sounds of it,
Emsisoft would be ideal.
As for the company, and why it was mentioned a lot during 2020.
An in-depth conversation with Emsisoft CEO Christian Mairoll on the advantages and challenges of running an all-remote working.
www.emsisoft.com
Not recommended for the faint of heart, would be to go AV-less. Alternative protection.
It's not uncommon to not using an Antivirus. Millions use ChromeOS, Android, iOS, Mac and Linux and all enjoy the benefits of zero-lag performance.
Thanks for the reply mate. And Vote 1 for Emsisoft. Will tally ‘em all up.
Product microanalysis will not produce the desired result. People put less analysis into their stock picks. Also, asking peoples' opinions on a forum such as this will generate a lot of well-meaning, but highly biased recommendations. They'll recommend many of the softs you already eliminated because they don't bother to read the posts.
Install VirtualBox, fire-up Windows and evaluate softs for yourself.
What is your objective? Excitement in your life or you just want to play with security software? You do realize that once you install an AV it is going to sit there like a lump - same as Microsoft Defender does, right? The "shine" and "feel good" of your newly selected AV will wear off within a week.
You are better served by hardening your Windows system. If you do not want to do that, all the time you are putting into analysis is more productively spent learning IT skills that interest you.
Great points made here. It’s true that I can fire up VirtualBox and have a go at answering some of these questions myself, but the truth is I have neither the time nor the desire. The latter is more important. If I had the desire, naturally I would find a way to make the time. There was a time in my life where I was interested in, and also did, what you’re describing. I’ve spent hundreds of hours in middle and high school testing out various AVs. I remember when Avast’s logo in the taskbar was an orange ball that spun every time the product initiated a scan, and an orange amoeba looking thing as the main logo. I remember when ESET used to put out (goofy) videos of a white and blue robot destroying shadow monsters (viruses). And when G-DATA used to use Avast + BitDefender, and a lesser known company TrustPort used three engines—AVG, BitDefender, and their own. When Emsisoft had separate products for AV and firewall. Even used Online Armor with Avast for a while, then switched to the Avast + Comodo firewall combo that was popular at the time.
And so on…been there, done that. That was years ago. Not interested in doing all of that testing again. Products are now more complex and there are better folks than me doing the testing. I have some defined criteria that I’ve indirectly outlined above by mentioning my likes / dislikes with the various products and I’m sticking to those to settle on one product. Mainly, I’m looking for stability, reliable security (doesn’t have to be the most agressive but it should be a top tier product), privacy-respecting (means different things to different people but F-Secure comes to mind as a good example), and financially sound. Emsisoft checks all of the boxes but the company looks like it’s not doing so well. And I’m not interested in jumping on a sinking ship.
Completely agree about the AV becoming a lump. But that’s fine because I’d rather have a different lump than Microsoft Defender. It has treated me well. Never been infected using it, but it has also never thrown an alert because I’m extremely cautious with my opsec. I don’t click any links if I know how to get there by searching manually (period). I never open unwarranted attachments. I don’t pirate or visit naughty websites, at least not on my main rig. I block all ads using custom and public lists. I have beefed up Defender to the nth degree using Group Policy and ran periodic scans with Malwarebytes, EEK, HitmanPro, ESET Online Scanner, NPE, etc. All clean. So my desire for a third-party AV is just that. A desire, likely an irrational one. And I’m going to fulfill it.
Hardening Windows is a great idea and something I’ve dabbled in. I’m quite familiar with Group Policy and have used it to beef up W11 quite a bit. I’ve gone through every setting in GPO regarding Windows components (yes, no joke… took me over an hour) and have tweaked things from disabling autoruns and autoplay to turning on network protection and boosting exploit protections, and everything in between. I’ve boosted cloud protection, enabled BAFS, and much much more.
If you have a list of GPO settings you apply, or a list of the various tweaks you do to harden up, please let me know. All ears. My only request is to not recommend software. I enjoy tweaking things myself, and took up the task of applying 80% of
@Andy Ful ‘s Hardening to Microsoft Defender manually in GPO with ASR rules and other protections. The other 20% I couldn’t do (such as get a right-click RunBySmartscreen and other minor miscellaneous stuff). And I was cool with it.
All products listed offer good protection. There's no such thing as a perfect security solution. If you are worried with certificates I have never seen a product that do not offer the option to turn off https scanning.
Test them in your machine and go for best performance/price ratio. Also test things you'd do normally and see if they are not affected by the security solution you are testing. These last years I've experienced from pages not opening to network printers not being recognized. Make sure the software will not interfere with your use of the computer.
Hardening is always a good idea but make sure you understand what you are doing. I see a lot of threads being opened in this forum because some Windows setting is set by the Administrator and the person has no idea how to undo it. This is often caused by hardening software setting some policy.
Appreciate the reply! Please see comment above on why I’m not keen on testing things out again myself. But I’m all for Windows hardening and know my way around Group Policy. Any specific hardening tweaks you recommend? Manual tweaks please, I don’t like using utilities to do the tweaks for us. I’ve done a lot of
@Andy Ful ‘s Defender tweaks manually in GPO using MS docs.
I hope you will try FFRI yarai a solution from Japan that provides computer and browser protection and they have their own detection engine.
Or try Cylance Smart Antivirus with the TrafficLight Browser Protection add-on
Currently, I am using Cylance Smart Antivirus, and I have not encountered any problems.
Kaspersky is also good
Never heard of FFRI but I’ll look into it. Cylance I’ve heard of but thought it was corporate. Didn’t know you could buy home licenses. And Vote 1 for Kaspersky, thanks!
I would go for Kaspersky as I had been using it and provides good protection. I tried Emsisoft, and it gave me a lot of FP warnings. Currently, I have downloaded Avast One trial and using it and kinda liked it. My preferences would be Kaspersky, Avast and Bitdefender.
Vote 2 for Kaspersky. Thanks!
Ah the infamous Shadowra. It’s your videos that put me into this mess, mate. You’ve tested all of these products and they all looked solid and made it difficult to pick one. Jokes aside, your vids are great. Appreciate the obvious time and effort put into them.
Since you recommended F-Secure, do you know if they beefed up tamper and self protection? Is it still possible to end F-Secure processes in task manager, or delete files from the F-Secure folders? Most AVs protect against that but F-Secure historically didn’t. Curious if that has changed.
Also, should I disable any Windows security features such ad Memory Integrity / Core Isolation before install? I know Kaspersky doesn’t like it but what about F-Secure? Currently have it disabled but I can easily go into BIOS, enable SVM, and then go into Windows Security and flip on Memory Integrity.
Unless you are employed by the Pentigon I don't think you have any worries using Kaspersky.
Thanks for the comment lol. But these days, even non-Pentagon employees need to be careful. Especially with the escalating tensions on both sides.
F-secure does not install a root certificate for browsing. It is a solid product with a good protection and a great support. The only problem I have is that they have issues with cleaning the machine after an infection or a block from Deepguard that leaves some traces.
Emsisoft is also a good product. They are using Bitdefender signatures and their behavior blocker is not bad.
I can't say anything about Kaspersky. It has been a while since I used/tested that product.
What do you think about Trend Micro and Sophos Home Pro?
Trend Micro has some issues with their signatures but the behavior blocker and webprotection is good. I used SHP in the past and it was not that bad.
Currently I am testing some of these products. I post back when I have some more results.
Great reply! And thanks for answering regarding browser certificate. So if I install something like AdGuard for desktop that does scan HTTPS, it shouldn’t conflict with F-Secure’s browsing protection? I know some HTTPS-scanning products like ESET have had issues historically with Adguard, so I’m trying to avoid that. I want F-Secure to scan HTTPS traffic, but without using a cert or interfering with Adguard’s certs / process.
I have used Trend Micro in the past and while it was, and presumably still is, a good product, it’s still in the Dr.Web and VIPRE camp for me. Not as well-known here in the west.
Sophos looks interesting though. I’ve heard of them before and know they own HitmanPro these days. Sad what they did with Sandboxie so that left a bad taste in my mouth. But definitely interested in your testing of SHP. Thanks again.
I have kaspersky, and the new f-secure (formerly f-secure safe) on two machines, and have been using them for several years now. Kaspersky is a good product, but the way the world is today I would never buy it now, but this is for moral and security reasons.
f-secure safe is a product I have used for at least 15 years, and have never experienced getting anything on my machine that shouldn't be there, f-secure has protected it 100%. Kaspersky has also done this, but f-secure is still easier on my machine, and the program is from Finland and I have never heard that f-secure has been involved in anything bad. It is considered to be a very safe and secure company, so my advice is: use f-secure
Vote 2 for F-Secure. Thanks for the reply! The moral part doesn’t factor into my decision because the same could be said about US IT companies when America invaded the Middle East and killed millions. For some good reasons but many bad. But nobody said buying from a western IT company was fueling the war, even though our tech sector is heavily tied to NSA, CISA, and so on. And I say all this as a proud American myself.
So I rule out that argument as a double-standard against Kaspersky because it’s Russian. But the security aspect you mentioned is a real threat. Completely agree. My only concern is finding out if there is any actual reason to worry about them even with most of their infrastructure in Switzerland and Canada for US users. Other folks can debate the war but I’m staying out of it. I’m leaning towards F-Secure already but open to alternatives.
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
) and Emsisoft is OK.
