Better free alternative to microsoft defender?

[FireFox]

There was a time where ESET NOD32 used to be a good antivirus, i used it for a few years.

 

[Bill_Bright]

does not all come down to internet behavior?

Yes. Even the best solution is easily bypassed if the user opens the door and lets the bad guy in. Besides users not being "click-happy", it is critical to keep Windows and the security programs current.

When it comes to paid programs, Malwarebytes Premium is the only one I recommend. And the good news is (besides it being cheaper than most) is it plays well with other programs, including Windows Defender. For my less savvy clients, friends, and relatives, Windows Defender and Malwarebytes Premium is what I recommend (along with regular reminders to not be "click-happy) and there have been no problems. For the more experienced and disciplined clients, friends and relatives, WD and Malwarebytes Free works.

Regardless the primary solution of choice, everyone should have a secondary scanner for at least periodic (at least weekly) on-demand scanning. And I generally recommend Malwarebytes for that.

If you choose to add Malwarebytes Premium (the real-time version) as a secondary solution along with Windows Defender, make sure you go into Malwarebytes > Settings > Application and scroll down to "Windows Action Center". Then ensure "Never register Malwarebytes in the Windows Action Center" button is ticked. This will ensure Windows Defender does not step aside, the default action when an alternative real-time solution is installed.

-1 for Kaspersky. The product is good, but the Russian infiltrated company cannot be trusted. That's not me talking: Google it.

 

[trparky]

Honestly @Eric_Cartman , it's time to take the computer away and hand them an Apple iPad. They can't possibly screw that up.

 

[silentbogo]

Honestly @Eric_Cartman , it's time to take the computer away and hand them an Apple iPad. They can't possibly screw that up.

You'll be surprised. I think cleaning up browser history and cache on my uncle's iPad once a month for the past 4 years became a routine already ( it locks up w/ popups after visiting some random porn sites).

 

[trparky]

You'll be surprised. I think cleaning up browser history and cache on my uncle's iPad once a month for the past 4 years became a routine already ( it locks up w/ popups after visiting some random porn sites).

Yeah... I can see that but that's hardly anything close to a full blown malware infection that requires a nuke and repave.

 

[Shou Miko]

@qubit @SnakeDoctor @silentbogo I can only agree about Kaspersky it's one of the best anti-viruses out there, but the firewall have issues with the newer tap drivers, so to fix this for the time being I personally run Kaspersky Free and Windows 10 Firewall.

Link: https://www.kaspersky.co.uk/free-antivirus

If I need anything more I run Malwarebytes Anti-Malware.

 

[silentbogo]

Yeah... I can see that but that's hardly anything close to a full blown malware infection that requires a nuke and repave.

Those are reserved for his android phone.

 

[Mindweaver]

I have used Bitdefender Anti Ransomware on a few users machines and it works fairly simple alongside ms defender. It's also free to use. Malwarebytes has one as well but they have put it into their pro version. If you plan to buy something then Malwarebytes and ms defender is pretty solid. I also like Kaspersky's total security, but as with anything nothing is perfect. Just remember nothing is 100% safe. Take for example CCleaners infected installer was signed using a valid digital certificate that pretty much tells your antivirus it's was safe. But since it's a family member that pretty much just uses the pc to browse fb and yt then I would have her buy Malwarebytes pro.

 

[John Naylor]

My Sister in law brought me her machine (using MS build in AV) ... I'm guessing about 2.5 years ago ... it had over 1200 infections. I downloaded a 30 day free trial of BitDefender and got rid of most of it after about 4 runs. had to use some specialized apps for specifc infections and the last 5 or 6 had to be removed manually. I told her that it would be valid for 30 days and she should buy a license ($17 for 5 seats w/ an email offer o had rec'd). For whatever reason, she uninstalled it and it was back again. This time used 30 day trial Kaspersky, but it got much more out than last time tho still ahd to use a1 or 2 other tools and 1 had to be removed manually again.

If ya look back to that time ... we see that Defender scored only a 3.5 outta 6,0 on detection ... so yes, Defender was bot a wise choice stopping only about 80% of 0-day malware attacks ... performance wise, it scored 4.5 / 6.0 ... So if you have been relying on Defender since back then as your sole I would have to shake my head and utter "if they only knew". Today, things have changed.

https://www.av-test.org/en/antiviru...-2018/microsoft-windows-defender-4.12-181447/

As we can see... in march / april 2018, WD scored 98% protection (5.5 / 6.0) which sound pretty good eh ? Not really, that means 4 of 196 "0-day attacks" thru. In April, it nabbed 99.9% which again sounds really good but that means it let 6 well known attacks thru. while ya have to give occasional leeway oin the 0-day stuff, there is no excuse for letting any of the well known threats thru. It didn't do so well on the performance front with 49^% of application installation slowed down and 8 false positives. By comparison, Kaspersky got a 5.5 this test in performance due to slower loading of web pages in this test .... but it did nab 100% of all threats in both months. On Win 7 it scored 6.0 rating in all 3 categories while the MS solution got a 5.5 performance with 3 false positives.

So what yo[u choose to use whether free or paid is simply a matter of what you are trying to protect. Do you have 30 years of business records on your machine ? ... 20 years of family photos ? Design plans for every building you have ever designed ? ... then you are foolish if not using a paid alternative with string history of tested performance. Yes, you may have backups but what's the downtime for disinfection, OS reinstallation, program installs and data replacement ? On a small office or home network ... figure 1 - 2 days x 5.. That's not worth $17 - $39 to protect all 5 boxes ?

If you have a gaming box or a general use internet browsing box and backups of anything important, then no worries using WD or free utilities ... but only if assuming your time has no value. AV protection is like making backups .... insurance. If yu never needed it, then no worries. But everyone who ever said they never had a storage device failure so they don't make backups and everyone who said they never had an infection so they just use WD, has wished they had done just that when lady luck strikes.

Also to be considered .... do any of the protection utilities in use need to be run manually ? Do updates happen automatically or must be done manually ... if so is the time spent doing that on 1, 2 .....5 or more PCs worth less than $2 - $8 per box ?

 

[las]

Bitdefender or Kaspersky is the only 3rd party I would use and recommend.
Window Defender on Windows 10 has improved alot tho. Tops independant tests these days. I'm not using 3rd party AV anymore.
Brain + Defender is enough for me.

 

[Old-Greg]

@qubit @SnakeDoctor @silentbogo I can only agree about Kaspersky it's one of the best anti-viruses out there, but the firewall have issues with the newer tap drivers, so to fix this for the time being I personally run Kaspersky Free and Windows 10 Firewall.

KIS 2019 has issues with tap drivers like they did with KIS 2018. The quickest and easiest way around this for Kaspersky users it to revert to KIS 2018 and wait for Kaspersky to fix the problem.

 

[R-T-B]

Even the best solution is easily bypassed if the user opens the door and lets the bad guy in.

To continue our discussion that kind of got cut off elsewhere (assuming for the OT cable modem stuff)

The thing people don't seem to get though, is if you have knowledge of how to detect an infection, an AV program does little good for you. You can do those "heurestics" yourself. You can check signatures yourself. You can do all that yourself. There is literally nothing an AV program does that you can't do on your own with a few scripts and knowing where to check, and what kind of problem behavior to look for. Those of us who want complete control of our systems may desire this. Most admitedly do not.

The best thing AV programs do is automate the process and remind the user to do a "scan." A degree of realtime scanning may be provided as well so you don't have to check your process list constantly. But not running can and is a legitimate choice. I choose it. I am not a problem. And I don't need to (nor should I have to) prove it.

Microsoft does not demand you run an AV solution. They don't make you agree to it, they never have tried to and they likely won't for the reasons above.

That reasoning is why Microsoft provided this GP key, which is entirely different than the interface in which AV products turn off defender:

It's a shame, because it actually works fine, but seasonal windows updates at the moment reset it (a clear bug).

Back to the subject:

If you actually want an AV solution, I was partial to the ones from Kaspersky Labs back before Defender, but their rep has taken a hit and I have no idea their present status or reputability (it's certainly tanked). I will say I wasn't happy with how they didn't really relase tech details on the "equation group" malware as they said they would after the press left.

I'd just go with Defender if I wanted one, though it's weak KASLR practices that were exposed recently certainly ensure it will be the first thing targeted because a.) It's the million pound elephant and b.) It's easy to turn off.

 

[Shou Miko]

KIS 2019 has issues with tap drivers like they did with KIS 2018. The quickest and easiest way around this for Kaspersky users it to revert to KIS 2018 and wait for Kaspersky to fix the problem.

Not always I even had the issues with KIS2018 u need to use a specific tap driver version that is outdated before it works or that what I had to do and still had some issues not with Kaspersky Free and Windows 10 Firewall no more issues.

 

[Flanker]

The OP can go one step further, if he is the go to guy for computer stuff, he could set up the machines up with user accounts and he retains the admin rights to each. He then could lock down each machine as he see's fit with freeware AV, internet/security options. One step in mitigating end users clicking on stuff and installing bloat/malware. No perfect options here except pulling the plug on the net to keep people safe. As for better free AV stuff there are free versions but each comes with its own set of ads that pop up at different times. I currently use WD and quite happy with it and no issues. GL

Best advice in this thread imo. Better yet, set up a sandbox and lock them in. Create a whitelist of sites they can visit, adding new sites will require your manual approval.

 

[insane 360]

I think the best solution would be to put OpenDNS on their routers so that way everything on their network gets it via dhcp. this will help mitagate a lot and will have a splash screen on bad sites and why its blocked. help hammer the issue home.

paid malware bytes would be my next choice but with lots of different users in different houses...opendns might be the best free option for people who don't want to learn better

 

[trparky]

Yes but even good sites have been infected with malware through bad ads.

 

[insane 360]

Yes but even good sites have been infected with malware through bad ads.

this is true, then i would suggest a pi-hole for a budget option to blocking ads and pop ups. otherwise build a small pfsense router at each location, get yourself vpn access for remote work and get all the power/ad blocking you can shake a stick at!

 

[TheHunter]

Kaspersky Internet Security. I've been using it for the last 12 years and it's excellent. Sorry, it's not free though, but that's what I use so recommend this.

Avast seems to have a good reputation for a free a/v though if you wanna try that.

EDIT: @jboydgolfer mentioned Malwarebytes, which is probably an even better choice.

I prefer Nod32 security more, atm at v11 and its great. Been sticking with nod since v4 and after v8 it got super good.

I remeber testing Kaspersky back in the days, think around 2010 and it left a sour taste in my mouth, blocked gpu driver and lagged the system with its overprotective protection. In the end I found it more crap then not. Think I liked trendmicro more back then

 

[qubit]

I prefer Nod32 security more, atm at v11 and its great. Been sticking with nod since v4 and after v8 it got super good.

I remeber testing Kaspersky back in the days, think around 2010 and it left a sour taste in my mouth, blocked gpu driver and lagged the system with its overprotective protection. In the end I found it more crap then not. Think I liked trendmicro more back then

Well, it's worked well for me since 2006, so differences in systems could account for the issues you saw. It's a much more polished app nowadays anyway, so don't let that old experience put you off if you wanna give it a go. The full version runs for 30 days without a licence anyway. Just download it off their website.

 

[Bill_Bright]

The thing people don't seem to get though, is if you have knowledge of how to detect an infection, an AV program does little good for you. You can do those "heurestics" yourself. You can check signatures yourself. You can do all that yourself. There is literally nothing an AV program does that you can't do on your own with a few scripts and knowing where to check, and what kind of problem behavior to look for. Those of us who want complete control of our systems may desire this. Most admitedly do not.

The best thing AV programs do is automate the process and remind the user to do a "scan." A degree of realtime scanning may be provided as well so you don't have to check your process list constantly. But not running can and is a legitimate choice. I choose it. I am not a problem. And I don't need to (nor should I have to) prove it.

I don't agree with this for one main reason; real-time scanners do just that, they scan in "real time". And most importantly, they scan what is in memory in real-time before any potentially malicious code is written to our drives, before payloads are delivered. You're human. You are way too slow.

Another flaw in that logic is you are assuming you already know every trick in the bad guy's book. If it were that easy, there would be no such thing as zero-day exploits.

If it were as easy as you suggest, don't you think Microsoft would have created those few simple scripts to look for that "known behavior" you claim is easy for anyone to look for ? Since Microsoft already knows where to look, they could just put those scripts in Windows and never have to worry about malware again. Piece of cake!

If you are that clever, why don't you submit a proposal to Microsoft? You could be a billionaire in no time. Seriously! I am NOT being facetious. There would be no need for MS to spend $millions every year on WD development or with developing, testing and distributing critical Windows Update patches for newly discovered critical vulnerabilities as rapidly as possible. It would be a boon for Microsoft shareholders, corporations, governments, universities, and all of us consumers too.

But not running can and is a legitimate choice. I choose it. I am not a problem. And I don't need to (nor should I have to) prove it.

Sorry, R-T-B, but you are not smarter than the smartest bad guys. You've just been lucky thus far and have not been targeted by them. But should they decide to focus on you, and your system is compromised, you then do indeed become a problem, and a threat to the rest of us. And you can't, even if you wanted to, prove otherwise because you do not know what tomorrow will bring.

Microsoft does not demand you run an AV solution. They don't make you agree to it, they never have tried to and they likely won't for the reasons above.

No body said they did. The question was, "Who gave Microsoft the right to make changes to our systems?" The answer is, we did when we agreed to abide by the EULAs.

Nope! More important than the choice of anti-malware products is just using one, keeping it and the OS current, and avoid being click happy on unsolicited downloads, popups, attachments and links. And funny thing, all those are user disciplines - which then boils down to education.

 

[R-T-B]

If it were as easy as you suggest, don't you think Microsoft would have created those few simple scripts to look for that "known behavior" you claim is easy for anyone to look for ? Since Microsoft already knows where to look, they could just put those scripts in Windows and never have to worry about malware again. Piece of cake!

Windows Defender, Bill?

Yeah. Same thing. Definitions to stay up to date on threats of course, but thats really just a list of tricks and signatures.

Sorry, R-T-B, but you are not smarter than the smartest bad guys.

You don't have to be. You just have to be smart enough to break their shit. You can take it apart and reverse engineer it and marvel later (I was impressed by a clients just recently). It's not hard to be up to date enough to keep malware a.) mostly off your machine in the first place and b.) limit it's damage when it does appear to your machine via network and best practices.

Some may call my approach inconvienient, but it DOES work.

 

[Bill_Bright]

Okay.

 

[bogmali]

Don't want this to turn into another chatroom full of arguing, make your suggestion and move on. You stick around and start arguing=threadban.

Last warning to the usual suspects....if you want to argue, take it to PMs other wise refer to the highlighted and underlined quote above.

 

[R-T-B]

Okay.

Hey, don't take my word for it. I've hosted my public facing home server, glacialsoftware.net, with literally no AV for 10+ years (3 of them with the fact that I have a metric butt-ton of crypto stored there as public knowledge, 1 year since I essentiallt announced that in the TPU news feed). It has never, ever had a breach, and yes I can prove that.

Last warning to the usual suspects....if you want to argue, take it to PMs other wise refer to the highlighted and underlined quote above.

Sorry. Stopping. I respect bill and did not mean it like that at all. I'll cool it. I'll actually be the first to admit I brought it here, started it, and appologize.

Thanks for the warning.

 

[kenkickr]

Ive been a user and fan of Avira free for years.