Windows Defender - The worst AV ever?

Discussion in 'Windows 10' started by Windows_Addict, Feb 7, 2020.

  1. Krakatoa

    Krakatoa MDL Addicted

    Feb 22, 2011
    541
    825
    30
  2. Insanegamer1996

    Insanegamer1996 MDL Junior Member

    Oct 22, 2019
    99
    5
    0
    What free antivirus do you recommend?
     
  3. Vineet Garg

    Vineet Garg MDL Novice

    Aug 4, 2016
    20
    5
    0
  4. Windows_Addict

    Windows_Addict MDL Addicted

    Jul 19, 2018
    686
    1,353
    30
    #144 Windows_Addict, Aug 24, 2020
    Last edited: Dec 17, 2020
    (OP)
    Some time ago I did a test with some free antiviruses, I found that with trusted installer privileges, we can kill processes of only Windows defender and panda antivirus, all others are well protected from such basic attacks. Panda is still better than WD (because it doesn't have reg keys like DisableAntiSpyware which signals the AV to not enable itself) and if the processes are stooped then with system restart it will enable itself.

    So yeah, anything is better than windows defender.

    About which is best free AV, I think such a conclusion is subjective, protection against threats is not an only factor and as per av test sites, there is not much difference in this case. Here is why I like/dislike some AV's (random order).

    - Avast Free Antivirus
    Very less resource usage, install and forget it solution, (no manual intervention is required in renewing it). Minus point is its naggings for its pro version, though they have become less as per my last test. Overall I like it.

    - AVG AntiVirus Free
    same as avast.

    - Kaspersky Security Cloud Free
    I don't have any reason to dislike this AV, with fake emails we can gain an additional 1-year free license when it expires, resource usage is not below normal so I don't install it on a weak machine. Also every year we need to manually renew the license with another email address so it's not an install and forget it solution so I don't install it on those users pc who don't understand it's process.

    - Bitdefender Antivirus Free Edition
    Heavy on resources and install and forget it solution, changes some Windows settings and doesn't allow to revert them (maybe a bug) though I was able to change after some restarts.

    - Avira Antivirus
    This is good, but there was a software named Letasoft Sound Booster, and Avira was flagging this whole software folder, I tried to set exclusions for it but Avira was not respecting this setting, I tried everything many times but failed to run that software so I'd to say goodbye to avira.

    - Sophos Home Free
    Dashboard opens online in browsers, heavy on resources.

    - adaware antivirus free
    It requires registering an account online and that service was not working at the time of my test.

    - Symantec Endpoint Protection (Edit - added)
    Very good overall but doesn't have automatic program updates, this can create issues when a specific version has some bugs, or it expires, then manual maintenance is required. For example, I remember that on W10 1607 I installed a version that has issues which caused chrome to stop working, I tried to update SEP but it reported that it's on the latest version. So use it if you know how to solve these issues.

    ------------------------

    In conclusion, I prefer Avast free when I've to install it on a weak machine and/or I know that the user won't be able to manually renew the license if required. And I prefer Kaspersky free when the machine is good enough and the user will be able to check AV status and can manually renew it when it expires by putting a fake/another email ID.
     
  5. BAU

    BAU MDL Addicted

    Feb 10, 2009
    859
    1,726
    30
  6. BAU

    BAU MDL Addicted

    Feb 10, 2009
    859
    1,726
    30
    It shouldn't. But why don't you use toggledefender.bat instead?
     
  7. Vineet Garg

    Vineet Garg MDL Novice

    Aug 4, 2016
    20
    5
    0
  8. BAU

    BAU MDL Addicted

    Feb 10, 2009
    859
    1,726
    30
    Disabling the firewall is a huge NO specially when not behind a router with built-in protection.
    At any point in time your network gets flooded by automatic scanners run by malicious actors, without a firewall you invite further probing for vulnerabilities.
    You would gain no performance, you actually would loose some as any program would be free to make constant requests and network activity costs cpu cycles.
    Windows Firewall is not the strongest, but is the least annoying. It does a decent job of preventing your PC being botnet-ed.
    Ignore these services.

    ToggleDefender works fine even on 20H2.
    It actually purposely opens the MSE/Security Center icon so that you can tell if Defender is disabled or not at a quick glance.
    Hence ignore Security Center as well, it only shows a tray icon and notifications, does not consume many resources.

    I'm under the impression you want to run with Defender disabled at all times -and that's not the intended purpose.
    Just keep ToggleDefender on your desktop,
    and before running intensive tasks such as compiling, archiving, moving files, playing games, running mdl scripts, toggle it off by running the script. Defender icon should show the red x.
    Once you're done with that / before doing web browsing and downloading and installing programs, toggle it back on. Defender icon should reflect the change shortly.

    We would not need such forced toggle if Microsoft would play nice and not re-enable real-time-protection out-of-the-blue, or flag harmless tools and scripts as viruses..
     
  9. monkeylove

    monkeylove MDL Junior Member

    Dec 8, 2013
    98
    27
    0
    I'd like to avoid paid AVs because it's like buying a new hard drive every year or two for a family pack or multiple licenses.

    I had to uninstall KSC because it kept showing popups even though all notifications were disabled, and when I checked performance using Novabench noted that WD improved. I also tried Bitdefender Free but it kept blocking components of Adguard.

    Finally, I checked some reviews and noted that WD has gotten better, so I'll see how it fares.
     
  10. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,785
    767
    60
    #151 LiteOS, Sep 3, 2020
    Last edited: Sep 3, 2020
    I dont use AV
    but i use wfc to block any connection or any new firewall rule from been created
    and running firefox in normal user env, or any software that can be exploit by the web
     
  11. Vineet Garg

    Vineet Garg MDL Novice

    Aug 4, 2016
    20
    5
    0
    Wonderful!
    I find ''Kaspersky Antivirus 2020 & Windows Defender Firewall'' a good combo all together.
    Now that I have disabled various default firewall rules ( Advanced Firewall Settings > In-bound & Out-bound rules ), my pc is very speedy & crunchy with just everything I need to use. And its inspiring me to look further into firewall rules without breaking any functionality!

    Anything else ?

    Thanks again.
     
  12. nosirrahx

    nosirrahx MDL Addicted

    Nov 7, 2017
    611
    260
    30
    Honestly, install windows 10 into virtual box and launch it only when you are going to do something secure like online banking or online purchases.

    I do this but go a step further and have another virtual box VM for general surfing.

    Use the actual OS to do things like gaming, dev work, content creation ... whatever needs the actual power of the system and move everything else into encapsulation. I have a 2nd monitor set up on the side jut for VMs.
     
  13. BAU

    BAU MDL Addicted

    Feb 10, 2009
    859
    1,726
    30
    Annotation 2020-11-01 091053.png
    So this is still not fixed, Microsoft keeps adding smart labels like "Security Intelligence", "Advanced Thread Protection" and so on, yet they fail to whitelist their own s**t.
    AV smartness is inversely proportional to it's false positives rate. AV-comparatives must be one hell of a sellouts to keep rating Defender just middle of the pack and never with remarkably many FPs as real life usage shows time and time again.
    What chances does a small developer have to break trough in this bulls**t context?!
    It really feels like we're going backwards with blocking everything by default, on content servers, on internet browsers, on av's. That's not smart.
     
  14. BAU

    BAU MDL Addicted

    Feb 10, 2009
    859
    1,726
    30
    If deal gets approved I guess it's the worst AV betrayal ever (my understanding is that it's not yet greenligted by regulators - eu / the german gov).
    This might be a blow to Defender and all other AVs as well, since Avira labs make a sizeable contribution that all benefit from.
    We still have viable choices in Bitdefender - based in Romania, they won't sell to shady investors any time soon (other than Microsoft, would be funny to sell to them an evolved version of RAV that MS based their first AV on). And then there's Eset and F-Secure, with Total AV trailing the top as the UK-wanna-be-Avira.
     
  15. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    5,490
    6,654
    180
    I also haven't used AV for a long time, in addition to common sense when browsing I use Adguard Premium which knows how to do the rest and wonderfully well so I'm calm I think ...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. monkeylove

    monkeylove MDL Junior Member

    Dec 8, 2013
    98
    27
    0
    I also use Adguard (got a lifetime promo).

    I had to uninstall Kaspersky Security Cloud recently because I was experiencing problems with it and getting logged off some sites or web site settings not preserved using Firefox. Also, it started showing upgrade popups that I could not disable.

    I decided to try the free version of Avast, but before that I ran NovaBench to test performance impact in my system, and found out that Defender now scores slightly better than Avast, which I read is one of the lightest.

    I don't know if I should try turning on core isolation; I read elsewhere that it works fine for newer hardware.

    Given that, I'll see what's the best so far. I'm hoping for a free version of an AV that can do signature detection, behavior blocking, core isolation/sandboxing, plus have high detection plus low performance impact.
     
  17. sxhilkxdxm

    sxhilkxdxm MDL Novice

    Mar 7, 2020
    48
    19
    0
    Does ToggleDefender disable Tamper as well ?
    Or we need different file for it
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. BAU

    BAU MDL Addicted

    Feb 10, 2009
    859
    1,726
    30
    If you would just read the mere 8 pages thread you would gain the knowledge that most here dislike the very feature you named, Tamper Protection, because it does not work as advertised, and scripts such as ToggleDefender simply ignore it.