Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Generic User Avatar

Should I replace Avast with Windows Defender?


  • Please log in to reply
31 replies to this topic

#1 Windows10User

Windows10User

  •  Avatar image
  • Members
  • 184 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 26 March 2018 - 11:32 AM

Hi,

 

I've recently read this article by Microsoft talking about how Windows Defender is being deployed in the enterprise. It got me thinking, I'm currently using Avast Free and Windows Defender is now offering good protection also I'm kind of tried of Avast's ads since I've been using Avast for the past few years. 

 

Should I uninstall Avast and move back to Windows Defender? 



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Gumshoe


  •  Avatar image
  • Global Moderator
  • 61,818 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:09 AM

Posted 26 March 2018 - 12:23 PM

avast! Free Antivirus has been becoming more of a disappointment for the past several years.

Further, since Avast acquired AVG and Piriform (CCleaner), avast made a marketing decision to bundle CCleaner and other unnecessary software...Avast Cleanup is promoted as the "Next generation tuneup and cleanup for your PC".

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons...read Why you should not use Registry Cleaners and Optimization Tools. In addition, the use of cleaning and tuneup utilities installs numerous files, folders and registry entries throughout the operating system making removal of the anti-virus software more difficult.

And finally there have been many user complaints about avast pushing a support package for $180 offered by a third party which prefers to take remote control of your computer in order to fix problems.

 

For these reasons, I no longer recommend avast as a free alternative anti-virus solution.
 
 

 

Microsoft Defender Antivirus (Windows Defender) with free built-in (integrated) anti-virus and anti-malware solution, is just as good as any other antivirus solution (and probably easier to use for the novice) without bundled toolbars or nagging popups. Windows Defender provides a higher level of protection against malware as Microsoft Security Essentials (MSE) provided on older operation systems plus enhanced protection against rootkits and bootkits and protection against potentially unwanted programs if that feature is enabled. Windows 10 Anniversary update introduced Limited Periodic Scanning which allows you to also use a third party anti-virus program as your primary protection.

Starting with Windows 10 version 1703 UpdateWindows Defender Antivirus was renamed Microsoft Defender Antivirus...it still consists of real-time protection, behavior monitoring and heuristics to identify and block malware based on known suspicious and malicious activity.

 

Microsoft has incorporated a number of significant improvements which make it competitive with other major anti-virus vendors including many paid for products.

  • Cloud-delivered protection for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Windows Defender Antivirus.
  • Always-on scanning, using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection").
  • Dedicated protection updates based on machine-learning, human and automated big-data analysis, and in-depth threat resistance research.
  • Exploit Guard designed to lock down a system against various attack vectors and block behaviors commonly used in ransomware attacks.
  • Controlled Folder Access Anti-Ransomware that allows you to protect files in certain folders to that they cannot be modified.
  • A dedicated Ransomware Protection section in Windows Security under the "Virus & threat protection" settings.

Microsoft Defender Exploit Guard has four components of new intrusion prevention capabilities designed to lock down a system against various attack vectors and block behaviors commonly used in malware attacks before any damage can be done. Exploit Guard is intended to replace Microsoft’s EMET which was confusing to novice users and allowed hackers to bypass because the mitigations were not durable and often caused operating system and application stability issues as explained here. To further secure Windows against attack, Microsoft added new security features to include Core Isolation and Memory Integrity as part of Microsoft Defender Exploit Guard.

"Controlled Folder Access" Anti-Ransomware is a feature that allows you to protect files in certain folders to that they cannot be modified by unknown applications. This protects the files within these folders from being encrypted by a ransomware infection.

 

What's new in Windows 10 Spring Creators Update (version 1803)

  • The Block at First Sight feature can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
  • The Virus & threat protection area in the Windows Defender Security Center now includes a section for Ransomware protection. It includes Controlled folder access settings and Ransomware recovery settings.

For more information about Windows Defender, see my comments in Choosing an Anti-Virus Program.

 

Starting with Windows 10 Version 1809Windows Defender Security Center was rebranded as Windows Security and allows management of all security needs including Microsoft Defender Antivirus (Windows Defender) and Windows Firewall.

 
There are many advanced hidden features that allow you to customize how Microsoft Defender Antivirus (Windows Defender) works. To view and configure the complete list of these settings, users need to use the Get-MpPreference and Set-MpPreference PowerShell Commands as explained here by Lawrence Abrams.
 

There is also the option to use ConfigureDefender, a small utility that allows users to access a graphical user interface and easily configure (strengthen) all hidden Defender Anti-Virus settings. Once started, ConfigureDefender will list your current configuration and allow you to change various settings. ConfigureDefender includes three predefined protection level templates...."Default", "High" and "Max" that will automatically increase or lower the protection offered by Windows Defender Antivirus after rebooting. Setting the Protection Levels to "High" is a good baseline and recommended for most users.

Is Microsoft Defender Antivirus (Windows Defender) Good Enough?  The results are mixed but more positive than negative.

Note: I found a few reviews which said Windows Defender was not very good but those sites were pushing Norton and Total AV. In fact, while reading these reviews I encountered several advertising links and popups prompting me to purchase those products.

 

Since 2019 Microsoft Defender has received very good test results for protection on a yearly basis from AV-TEST, an independent IT-Security Institute. Those results were surprising to securty experts who perform reviews and conduct their own testing.

 

Updated: 02/21/24


.
.
Microsoft MVP Alumni 2023Windows Insider MVP 2017-2020, MVP Reconnect 2016-2023

Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif


#3 JohnC_21

JohnC_21

  •  Avatar image
  • Members
  • 34,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:09 AM

Posted 26 March 2018 - 12:41 PM

Windows Defender on Windows 10 has very good protection as can be seen from the AVcomparatives Real World Protection chart.

 

https://chart.av-comparatives.org/chart1.php



#4 Windows10User

Windows10User
  • Topic Starter

  •  Avatar image
  • Members
  • 184 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 27 March 2018 - 01:50 PM

I've now replaced Avast! with Windows Defender on all my Windows 10 machines. 

 

Thanks for your replies!  :thumbup2:



#5 quietman7

quietman7

    Bleepin' Gumshoe


  •  Avatar image
  • Global Moderator
  • 61,818 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:09 AM

Posted 27 March 2018 - 02:13 PM

You're welcome on behalf of the Bleeping Computer community.

.
.
Microsoft MVP Alumni 2023Windows Insider MVP 2017-2020, MVP Reconnect 2016-2023

Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif


#6 trump_richard

trump_richard

  •  Avatar image
  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:39 AM

Posted 28 March 2018 - 12:31 AM

Third Party antivirus applications tend to make your machine very slow. This was one of the main reasons i replaced Avast with windows defender.

After replacing my PC has become really fast and also windows defender has very good protection. 

Yes i would recommend you to replace Avast with windows defender. 



#7 saluqi

saluqi

  •  Avatar image
  • Members
  • 1,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:09:09 PM

Posted 28 March 2018 - 08:54 PM

I have been asking  myself this question for a while now, so I hope it's not inappropriate for me to post here.  Desktop: Dell XPS 8700, Windows 10 Pro 64 bit fully updated; laptop: Dell Inspiron 5537, Windows 10 Home 64 bit fully updated; smartphone: Samsung Galaxy S5, T-Mobile, fully updated.

 

For some time now I've been using Avast Internet Security, Premier version, and Malwarebytes Premium, on 3 devices each (desktop, laptop and smartphone).  In that time I've had no problems with malware or viruses, or with the operation of those products.  Of late, Avast has been offering add-ons (at extra cost).  I have declined those (though I was and still am considering using a password manager).  I did notice that their "sales division" (is it still a separate company, like Digital River?) is quite happy to continue billing for overlapping licenses, and seems unwilling to give credit for accidental overlaps.  That objectionable practice is, I think, not confined to Avast.  For years also, I've been using CCleaner to get rid of Internet tempfiles and the like (but NEVER for tinkering with the Registry - on the VERY rare occasions when a Registry edit is required, I do it by hand, fully documented so I know exactly what was done and can undo it if necessary).

 

So I am looking for information and suggestions on the pros and cons of ditching Avast Premier, next time it comes up for renewal, and allowing Windows Defender to take over.  At present the Speccy report tells me that Avast and Malwarebytes are active, and Windows Defender is of course disabled.  I may say that for me security is primary, and saving money secondary, in this context.  I may also say I haven't noticed anything not working, but perhaps I just don't know enough to detect such things.

 

I have a similar question on behalf of a friend, of limited computer skills, for whose security I am therefore by default partly responsible.  He has a fairly new (2 years) HP Envy desktop - I don't know the model number, but it has an i5 6400 Skylake 14 nm processor at 2.70 GHz, 12 GB of RAM and a 2 TB hard drive, running Windows 10 Home version 1709. I just now managed, with difficulty, to install the most recent Cumulative Update (KB4089848).  His AV program is Webroot SecureAnywhere, installed by Best Buy/Geek Squad where he bought the computer.  His paid Webroot subscription runs until September 15, 2019.  I did not find Webroot on the "avcomparatives" site.  I am proposing that he install Malwarebytes 3 Premium with real-time protection enabled, and leave the Webroot alone for the time being (especially since he has already paid for it).  Suggestions very welcome for this situation too.

 

EDIT - most curious event!  I posted this last night, and this morning got an E-mail from Avast saying they want me back!  I haven't left yet, my current subscription runs until September . . .

 

Thanks as always for enlightenment.


Edited by saluqi, 29 March 2018 - 11:21 AM.


#8 JohnC_21

JohnC_21

  •  Avatar image
  • Members
  • 34,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:09 AM

Posted 29 March 2018 - 03:17 PM

On Windows 10 I would use only Windows Defender and possibly SpywareBlaster Free. I would not use Malwarebyte's real time scan if installed along side Defender. Then free would be all you would need. 

 

In regards to Digital River automatically charging your credit card that has been a big problem with avast. In a case like this I use a virtual credit card number my bank lets me create. It's a one and done. If the company tried the charge against the number it would be denied.

 

https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/I-asked-AV-Comparatives/td-p/300028

 

Webroot does not wish to be tested anymore because they believe the tests do not accurately test their product.

 

Some good advice here.


Edited by JohnC_21, 29 March 2018 - 03:24 PM.


#9 britechguy

britechguy

    Been there, done that, got the T-shirt


  •  Avatar image
  • Members
  • 12,652 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:09 AM

Posted 29 March 2018 - 06:18 PM

I cannot see any reason why Windows Defender, under Windows 10, should not be more than adequate for the vast majority of home and small business users.  I certainly would not be spending any money on third-party solutions given the track record of improvement in Windows Defender since the debut of Windows 10 and where it consistently lands in most AV testing (which should be taken with a big grain of salt no matter where a product lands).

 

Most infections do not "wheedle their way on" to your machine nor come in via some back door, but are the result of direct user action.  Your personal history of infection is the best predictor by far as to whether you'll be infected again.

 

I always post the following, from our own Quietman7, that are must reads in my book:

 
 
 
 
 
Your best defense against infection is to develop safe surfing and downloading habits.

Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Pro, 64-Bit 
    A lot of what appears to be progress is just so much technological rococo.
            ~ Bill Gray


#10 saluqi

saluqi

  •  Avatar image
  • Members
  • 1,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:09:09 PM

Posted 30 March 2018 - 03:53 PM

Very interesting and thought-provoking information.  The various links are very helpful.

 

Do I understand correctly that disabling real-time monitoring in Malwarebytes (using the free version only) would be to avoid possible conflict with Windows Defender?  Is there any documentation pro or con such an effect?  How about the anti-exploit and anti-ransomware functions of Malwarebytes?  Are they also equally well covered by Windows Defender?

 

As for "surfing habits" and online presence, I am primarily a scientist, with wide ranging interests, looking for answers to scientific questions, and staying in contact with colleagues all over the world.  As a sideline, and provoked originally by a need to find solutions to scientific problems, I became a software user and developer first in the IBM mainframe environment, and after 1980 in the PC environment.  For about a decade (roughly, the 1990s) I made my living writing software.  Now I am for all practical purposes retired from that field and can only - in the words of one of my favorite Judo instructors - "sit in the corner of the mat and practice kuchi-waza (mouth technique)."  And of course try to absorb the abundant wisdom to be found on the BC Web site.

 

In all that time I have, to the best of my recollection, never had a virus infection in any of my computers, and only rare, minor and easily eliminated malware events.  I hope that may be predictive of the future! <G>.

 

Thanks for the many insights I have gathered from this thread!



#11 JohnC_21

JohnC_21

  •  Avatar image
  • Members
  • 34,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:09 AM

Posted 30 March 2018 - 04:14 PM

I never run two AV's at one time. As far as ransomware I can't say which is better, only provide a link from Microsoft.

 

https://www.microsoft.com/en-us/wdsi/threats/ransomware

 

Another regarding Windows 10 Defender Ransomware protection in the Fall Creator's Update

 

https://www.theregister.co.uk/2017/10/23/fyi_windows_10_ransomware_protection/

 

Can't say about anti-exploit.



#12 quietman7

quietman7

    Bleepin' Gumshoe


  •  Avatar image
  • Global Moderator
  • 61,818 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:09 AM

Posted 30 March 2018 - 04:18 PM

Malwarebytes 3.x Premium should run alongside Windows Defender 8/10 without conflicts.
 

With the launch of Malwarebytes 3.0, we are confident that you can finally replace your traditional antivirus...but rest assured, we continue to support compatibility if you choose to use a third-party antivirus or other security software alongside Malwarebytes 3.0.

Announcing Malwarebytes 3.0, a next-generation antivirus replacement

There are members of the Microsoft community who recommend only to use the free version of Malwarebytes as a stand-alone scanner to avoid possible conflicts. Although there have been some reports from Windows Defender users that it will not work when Malwarebytes Premium is installed, others have indicated the two products work fine together so you may need to experiment and add exclusions. See How to Run Malwarebytes Alongside Another Antivirus.

Windows Defender real-time protection in Windows 10 Anniversary Update includes behavior monitoring and heuristics to identify and block crypto-malware (ransomware) based on known suspicious and malicious activity.
[quote]In Windows 10, version 1607, we invested heavily in helping to protect against ransomware, and we continue that investment in version 1703 with updated behavior monitoring and always-on real-time protection.Windows Defender Advanced Threat Protection

Windows Defender Antivirus in Windows 10 Fall Creators Update and Windows 10 Creators Update continues with improvements and additional security features to protect against ransomware. Windows Defender Exploit Guard has four components of new intrusion prevention capabilities designed to lock down a system against various attack vectors and block behaviors commonly used in malware attacks before any damage can be done. Windows Defender EG is intended to replace Microsofts EMET which was confusing to novice users and allowed hackers to bypass because the mitigations were not durable and often caused operating system and application stability issues as explained here.


.
.
Microsoft MVP Alumni 2023Windows Insider MVP 2017-2020, MVP Reconnect 2016-2023

Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif


#13 saluqi

saluqi

  •  Avatar image
  • Members
  • 1,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:09:09 PM

Posted 31 March 2018 - 03:30 PM

 

 

Malwarebytes 3.x Premium should run alongside Windows Defender 8/10 without conflicts.
 

That was my understanding.  Thanks for clarification!

 

I am wondering whether the enhanced capabilities of Windows Defender may bring with them the need for a minimum of user input in the form of configuration settings, to get the most out of the new features?  Or are the default settings already the correct ones for most users?  FWIW I'm aware of the "Windows Defender Security Center" although I am not (yet <G>) using those features.  The Center quite properly refers me to Avast (my currently installed AV) for AV settings.

 

Now I am wondering what to advise my computer semi-literate friend, who has (some time ago, and without any input from me) paid for a Webroot SecureAnywhere subscription that still has 18 months to run.  He is running Windows 10 Home, 64 bit, on a nearly 2 year old HP Envy desktop system.  The Webroot was installed by Best Buy/Geek Squad at the time he bought the computer there.  I gather there is a commercial connection.  Seems to me choices are a) leave Webroot active until it expires (9/15/2019) or B) dump it now and use Windows Defender.  Maybe add Malwarebytes Free.

 

I presume that to remove either Webroot or Avast one would have to make use of the manufacturer's removal tool, just as if one were changing to another "3rd party" antivirus system.

 

It looks to this naive observer as if the enhanced capabilities of Windows Defender are going to have a major impact on the 3rd party AV software market?



#14 quietman7

quietman7

    Bleepin' Gumshoe


  •  Avatar image
  • Global Moderator
  • 61,818 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:09 AM

Posted 31 March 2018 - 03:51 PM

The default settings in Windows Defender Antivirus provides optimum protection which makes it easier to use for the novice user. In fact most anti-virus programs are preconfigured with default settings to provide optimum protection since the vendor typically has the novice user in mind for those who choose to use their program. Although increasing some settings like heuristics/behavior may increase the chance for false positives or take longer for a scan to complete.

Keep in mind that by default, Malwarebytes automatically decides whether or not to register itself with Windows Action Center settings based on your system. Users can override this behavior in Malwarebytes > Settings > Application tab and choose to "Never register Malwarebytes in the Windows Action Centre"

Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up and create numerous files, folders, and registry entries in various locations making it more difficult to remove than most applications. It is not uncommon for some anti-virus programs to not completely uninstall itself using the usual method of Apps & features in Windows 10 or Programs and Features (Add/Remove Programs) in Control Panel or to result in various errors due to the presence of related services and processes running in the background.

In some instances normal uninstalling may fail, not work properly or result in continued detection by another anti-virus program after removal. Most anti-virus vendors provide clean-up utilities or removal tools on their web sites to remove remnants left behind after uninstalling, or for a failed uninstall or failed reinstall. Remnants include related registry entries, files and folders created in various areas of the OS.

Note: It is not always necessary to run vendor created removal tools. I typically use them anyway to ensure all the remnants have been removed. Performing an uninstall via Apps & features/Programs and Features in Control Panel does not always do a thorough job.
 


.
.
Microsoft MVP Alumni 2023Windows Insider MVP 2017-2020, MVP Reconnect 2016-2023

Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif


#15 BertAzzone

BertAzzone

  •  Avatar image
  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:09 PM

Posted 02 April 2018 - 01:41 AM

 

I cannot see any reason why Windows Defender, under Windows 10, should not be more than adequate for the vast majority of home and small business users.  I certainly would not be spending any money on third-party solutions given the track record of improvement in Windows Defender since the debut of Windows 10 and where it consistently lands in most AV testing (which should be taken with a big grain of salt no matter where a product lands).

 

Most infections do not "wheedle their way on" to your machine nor come in via some back door, but are the result of direct user action.  Your personal history of infection is the best predictor by far as to whether you'll be infected again.

 

 

 

 

 

 

+1   - especially the last bit about predictor. Nicely said! The advice from more experienced users on this forum has been invaluable to me. I am a new member and a novice (technically, that is!). I am now trying WD instead of Sophos Free, which I was happy with. But, I added Andy Fuls' ConfigureDefender to WD. Very easy. This hardens WD, which would otherwise require more knowledge and skill than I have. I also use TinyWall controller and VoodooShield Free. This combo has been a small learning curve for me, but seems to be working quite nicely, especially useful on our older laptop. While my 1st complete scan took a LONG time and high CPU the normal load on the system is quite light. Oh, and I happen to run Zemana Antimalware Premium which I got a great deal on.NO conflicts with WD.  But, down the road I would probably let that subscription run out and depend on WD, etc. and just use the on-demand second opinion scanners.  "If BertAzzone can do it, you can do it!".






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users