In this video, we compare 8 free antivirus programs.
The aim is to see how effective they are, and rank them from worst to best.
Please note:
- the antiviruses are already ranked in the video, I've taken into account Web blocking, the reaction to an attack, my malware pack and how the antivirus will defend itself.
- Please be courteous and respect my ranking. Filming took over 9 hours and 2 hours of preparation.
- the winning antivirus goes straight to the final, episode 3.
- all antivirus are default, I've only activated IF NECESSARY some options that the editor hasn't activated (heuristics, PUP detection etc.)
- the protocol is the same.
Panda is a relatively lightweight free antivirus.
It has no Web filtering, and the Web protection rating is based on blocking downloads.
Web: Panda blocks all malicious downloads, 9/9.
Crack: Panda intercepts malicious executions. 1/1
Pack: Panda leaves 30 malwares out of 111 after a fairly long scan.
Upon execution, Panda will try to defend itself as best it can, but will return a completely infected system.
KVRT will even report malware that has injected a system process.
It will be 8th, last.
Nano is a totally unknown Russian antivirus.
Surprisingly, on the 1st installation, it failed...
I had to restart the installation using the snapshot, which worked.
Nano features Web filtering.
Web: Nano blocks half the links, one of which is dead. 5/9
Crack: Nano blocks installations. 1/1
Pack: Remains 26 out of 111. A rather disappointing result, joining its competitor Panda.
It will be 7th, even if it's a bad result, but it put up a slightly better fight than Panda AV.
360 is a popular Chinese antivirus.
It offers many free solutions but tends to install bloatware, which I refuse (like Opera).
Some functions, such as the firewall, are not free, so you'll have to make do with the free version.
I install the KuPeng engine and also activate it for protection.
Web: 7/9 . Qihoo is missing 2 URLs, including a stealer that will close Edge.
Pack: Remains 8 out of 111, even 5 out of 111, which is an excellent score!
But it loses points for not detecting the false crack, the stealer that passed without reacting, the insistence on Bloatwares and a big false positive on a VirtualBox process, unforgivable as a false positive!
He came 6th.
Huorong is also a Chinese antivirus, a competitor to Qihoo.
It's an antivirus I had to configure: the heuristics and its Machine Learning were deactivated. I don't understand this choice, so I decided to activate them.
Web: 5.5/9: Huorong lets infections through, especially stealers. Surprisingly enough, Huorong blocks the URL but lets me download and even execute it!
It gets half a point despite the error, as the HIPS tried to catch up.
Crack: Huorong blocks installations. 1/1
Pack: Remains 7 out of 111, excellent score. Huorong defends himself with his HIPS, blocking several attacks. Remnants of infection are present.
In 5th place, an improvement on Infostealer scripts and Trojans is recommended, as it still suffers from shortcomings!
Comodo is an antivirus that should not have been tested.
Since I've added an extra spot in the paid list, Comodo has inherited its place.
The program behaves like a free security suite.
Web: 9/9 including 3 anti-malware reactions. Comodo will use its Sandbox to protect the system.
Crack: 1/1, reaction from its anti-malware engine.
Pack: 77 out of 111, the worst score ever!
One thing's for sure: Comodo's anti-malware engine is very bad!
At runtime, Comodo will mainly use its Sandbox. Some VirusScope detections, but rather weak. I had to restart the VM twice because the Unicorn worm was saturating my RAM...
During analysis, a few traces are present despite the Sandbox, but nothing alarming.
It's 4th because its Web protection is non-existent, its anti-malware engine is clearly lagging behind and it relies entirely on the Sandbox, which I certainly find a good protection, but I'd have liked to see something else…
Avira is a well-known German antivirus company, acquired by Norton in 2021 to form Gen Digital, but still owns its engine.
In the configuration, I've enabled detection of dangerous tools.
I installed its 2 extensions, one of which (Safe Shopping) does Web filtering.
Web: 10/10. Nothing to say, Avira blocks at source.
Crack: After a fairly long execution time due to analysis on the Cloud, Avira blocks the launch (TIME/APC).
Pack: Remains 18 out of 111. Avira blocks several executions thanks to its Cloud, leaving us with a healthy machine. 2 small traces are visible with KVRT.
It's 3rd.
Avast is the famous free antivirus, widely known to the general public.
In this test, we opt for its complete suite, One.
Web: Avast blocks all URLs, 10/10
Crack: CyberCapture authorizes launch, but execution .bat is blocked. 1/1
Pack: Remains 11 out of 111. Avast makes a clean machine, infection attempts blocked by Web filtering and IDS.
It is 2nd
The antivirus built into Windows!
For years, Microsoft has been improving its security solution against malware.
I did not activate SAC for this test.
Web: 9/9, MS Defender blocks all downloads. One file is dead
Crack: MS Defender blocks all installations. 1/1
Pack: Remains 4 out of 111, even 3 out of 111, the best score!
The other files don't work, I'm very surprised by his score!
Congratulations Microsoft, he's 1st and will take part in the final!
If you haven't done the testing yet for the paid avs
Would be interesting if you can add for reference Microsoft defender even more when it's the winner from the free avs
Anyway your tests are absolutely awesome and the results show a good variety of malware
If you haven't done the testing yet for the paid avs
Would be interesting if you can add for reference Microsoft defender even more when it's the winner from the free avs
Anyway your tests are absolutely awesome and the results show a good variety of malware
@Shadowra
Is there a chance for the 3rd part of the comparison of Enterprise class products:
- SentinelOne
- CrowdStrike
- CylanceProtect + Optics (with the latest mathematical model)
- DeepInstinct
- HarmonyEndpoint
- Microsoft Defender for Bussines
@Shadowra
Is there a chance for the 3rd part of the comparison of Enterprise class products:
- SentinelOne
- CrowdStrike
- CylanceProtect + Optics (with the latest mathematical model)
- DeepInstinct
- HarmonyEndpoint
- Microsoft Defender for Bussines
@Shadowra
Is there a chance for the 3rd part of the comparison of Enterprise class products:
- SentinelOne
- CrowdStrike
- CylanceProtect + Optics (with the latest mathematical model)
- DeepInstinct
- HarmonyEndpoint
- Microsoft Defender for Bussines
It's a good idea, but at the moment I don't have access to certain software. As soon as I have them (or find a reseller to buy and test them), I'll do a company comparison
No problem, I'll get back to you on Discord after the publication of part 2 - and in the meantime I'll try to get access to CrowdStrike - It will be an interesting comparison to assess the value of each of these solutions
Thank you @Shadowra and Merry Holidays Further justification for just sticking with MS Defender. Of course it is enhanced with @Andy Ful 's splendid WHHL
Yea I have troubles with BD and Avira on a clean install even. I can't remember what BD did, but Avira shocked me, icons started going bad in taskbar ECT.
