Battle Hardened Defender vs Kaspersky Free vs Avast Free

  • Thread starter ForgottenSeer 77194
  • Start date
F

ForgottenSeer 77194

Thread author
Supposed HTTPS Scanning is turned off and Control Folder Access is Irrelevant and Configure Defender is set to High.
How do the File, Behavior, Web, Cloud Network, and anti-exploit components compare to each other (Behavior Shield vs System Watcher)?
In terms of effectiveness, a number of false positives, and lightness.
Do ASR Rules make a large difference? Is there a specific module or brand that has historically had a successful rate?
 
  • Like
Reactions: Moonhorse

Templarware

Level 9
Verified
Well-known
Mar 13, 2021
414
Avast is better because it has all the protection in the free version, even a firewall. Or use Defender if you don't want to install third party AV.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Avast is better because it has all the protection in the free version, even a firewall. Or use Defender if you don't want to install third party AV.
Yes and No.
One can tweak Avast Free to get more protection than untweaked Defender free.
One can tweak Defender free (for free) to get similar protection as maximally tweaked Avast free (hardened mode).
 

gery79

Level 12
Verified
Top Poster
Well-known
Jun 21, 2011
566
kaspersky is not meant to be hardened and free, But at some point it is a very strong tool even for free....
 
  • Like
Reactions: [correlate]

Kiss

Level 4
Verified
Well-known
Oct 6, 2021
155
use whatever you want, just be smart when browsing that no matter what antivirus is on the system, the chances of you getting caught by ransomware or dangerous malware is almost zero, any antivirus protection on the market will protect you easily. Now if you are an important company and so on, then you need to invest in a robust product to protect you, ordinary users will rarely get infected
 
  • Like
Reactions: Moonhorse
F

ForgottenSeer 77194

Thread author
kaspersky is not meant to be hardened and free, But at some point it is a very strong tool even for free....
the hardened part was for defender with configure defender set to high. Basically, I wanted the opinion of malware testers or those who follow malware testing sites, for the strengths or effectiveness of core components like file and behavioral components, or reactiveness of cloud component against zero-day malware pe or scripts (fileless).
use whatever you want, just be smart when browsing that no matter what antivirus is on the system, the chances of you getting caught by ransomware or dangerous malware is almost zero, any antivirus protection on the market will protect you easily. Now if you are an important company and so on, then you need to invest in a robust product to protect you, ordinary users will rarely get infected
It is for home use. Since av is the only behavioral or active monitoring for malware I want a solid one with a good protection record against zero-day malware just in case.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Comparing Defender, Kaspersky, and Avast does not make much sense if you did not decide which concrete setup you plan to use. Avast can be tweaked to use Hardened Mode and some other aggressive settings, but this will produce many false positives (similarly to Defender with MAX settings).
If you use MS Office, then tweaked Defender is probably the best option. If not, then both Avast and Defender can be tweaked to get similar protection. I did not test Kaspersky free for a long time, so I do not know how strong it can be after tweaks.
 
F

ForgottenSeer 77194

Thread author
Comparing Defender, Kaspersky, and Avast does not make much sense if you did not decide which concrete setup you plan to use. Avast can be tweaked to use Hardened Mode and some other aggressive settings, but this will produce many false positives (similarly to Defender with MAX settings).
If you use MS Office, then tweaked Defender is probably the best option. If not, then both Avast and Defender can be tweaked to get similar protection. I did not test Kaspersky free for a long time, so I do not know how strong it can be after tweaks.
Usually, my Setup is:
Defender:
Configure Defender set to High, Cloud Protection is high, average CPU usage is 10%, ASR rules about blocking exes that do not meet criteria and block psexec and wmi process creation set to warn.

or

Avast:
Default + Hardened Mode + Sensitivity of Core Shields is High and HTTPS Scanning is off.
Firewall, Mail Shield, and ransomware shield are turned off.

or

Kaspersky:
Default + HTTPS Scanning is off.

All are used together with Simple Windows Hardening set to Default or paranoid mode.
 
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
When using SWH, you have covered most of the fileless attacks that can impact home users.

Protection:
hardened Defender or hardened Avast > default Kaspersky


Kaspersky on default settings will produce fewer false positives, but you have to be cautious with EXE and MSI files, especially those from USB drives or embedded into archives and disk images. I assume that you do not use MS Office and Adobe Reader.

The setup of Kaspersky is simpler so you will probably feel it lighter, but this can depend on the particular computer, its hardware, installed software, and preferred activities.

Edit.
When SWH is used, the most important ASR rule against 0-day malware is "Block executable files from running unless they meet a prevalence, age, or trusted list criteria".
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top