Is Using Windows Defender As Good As Avast or Other Antiviruses
I'm just wondering if Windows Defender will work as well as others will? Because the other ones keep advertising me to upgrade and it gets on my nerves. And was wondering if Windows Defender works as good as the other free antiviruses.
This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread.
Although there’s never any shortage of endorsements for Microsoft products here in the Microsoft forum, there’s really no simple answer to your question – because many of Defender’s more important real-time protection components are disabled by default,
and this makes a direct comparison next to impossible:
Potentially Unwanted ApplicationProtection (PUA Protection) is turned off.
Controlled Folder Access ransomware protection is turned off.
Attack Surface Reduction rules are not applied.
Block at first Sight zero-day threat protection is set to its lowest possible level.
Network Protection is turned off.
And this probably accounts for the fact that Windows Defender has the largest user-dependent protection segment in the AV-Comparatives Real-World Protection Test:
For Windows users who haven’t been following the recent technical evolution of Windows Defender, it might also come as a bit of a surprise (or maybe even a “culture shock”) to see that the principle Windows Defender configuration tool for the Home
edition of Windows 10 is now the PowerShell Set-MpPreference cmdlet. These configuration options are absolutely essential for maximizing Defender’s level of protection, as well as for customizing its internal operations to suit your preferences:
Windows Defender can now immediately block a suspicious or unknown file; upload a sample for analysis; and generate a signature – all within a matter of seconds. And we can use PowerShell to upgrade the default level of protection
for this feature. The upgrade settings aren’t documented, but I tricked PowerShell into telling me their named values by specifying a numerical value that I knew was out of range:
To configure a higher level of cloud protection (Cloud Block Level), run one of these commands at the Administrator PowerShell prompt:
Set-MpPreference -CloudBlockLevel High
Set-MpPreference -CloudBlockLevel HighPlus
Set-MpPreference -CloudBlockLevel ZeroTolerance
And you can also increase the allotted file-analysis time by running this command at the Administrator PowerShell prompt:
Set-MpPreference -CloudExtendedTimeout 50
Windows Defender Exploit Guard:
The exploit protection features that were previously provided by EMET are now integrated into Windows 10; and most users shouldn’t need to modify the default settings for these.
Attack Surface Reduction:
We also have the ability to add Attack Surface Reduction rules in Version 1709, but the only practical way to add these rules in Windows 10 Home is with the PowerShell Set-MpPreference cmdlet:
For example, here’s the first rule that I set up by running a command line at the Administrator PowerShell prompt:
Controlled Folder Access is turned off by default; so you’ll need to turn it on in the Windows Defender Security Center app > Virus & threat protection > Virus & threat protection settings. Once Controlled Folder Access is
turned on, standard Windows document folders will be protected by default, and you’ll also be able to add ransomware protection for additional folders, as well as whitelist trusted applications in order to allow them access to your protected folders. If you
have trouble whitelisting a friendly app, then you can set this feature to run in Audit Mode, where it will identify access events, but won’t block them. Run this command at the Administrator PowerShell prompt to set Audit Mode:
There’s already a lot of confusion about allowing an app through Controlled Folder Access, and some “Windows experts” are responding to this with a just-turn-it-off “solution”. Now I’ll admit that a dialog with “Block”
and “Allow” buttons would make this a whole lot friendlier – but if you just jot down the blocked app’s file path that appears in the notification; and then click on the notification, this will bring up the “Allow an app through Controlled folder access” window,
where you can quickly add the blocked app to the whitelist:
Windows Defender has actually been able to detect and block Potentially Unwanted Applications for some time now, but many people still don’t know that this feature is disabled by default and needs to be enabled by running
this command line at the Administrator PowerShell prompt:
Set-MpPreference -PUAProtection 1
Then, optionally, you can confirm that PUA Protection was enabled by returning the current state for PUAProtection:
$Preferences = Get-MpPreference
This is a less well defined feature that’s also turned off by default. To enable Network Protection; copy, paste, and enter this command at the Administrator Powershell prompt