Serious Discussion Is AV software necessary on Windows in 2024?

[Nevi]

The only reason I prefer to use Eset NOD 32 instead of MD, is that my computer runs lighter. MD can be a little heavy in the butt in certain situations. With Eset it's just like there are no AV. It's running without any pauses where the thingy in the midddle run around. Yes it's a small problem, but I am so used to a fast computer without those hiccups, that I pay with a winning smile when my licens have to be renewed.
Have a wonderful weekend everybody. 🫡

 

[Ink]

Windows: No, it's not mandatory to use a third party replacement.

Android, iOS, Mac, Linux: No, but can be recommended.

 

[Nikola Milanovic]

What about Xcitium?

 

[Sandbox Breaker - DFIR]

In my opinion, defender isnt enough.
While good security practices are your main line of defence, screw ups and mistakes happen. Defender isnt enough to detect anything past a basic threat.
Although I dont think paid suites are nessicary, I would try go for a third party free AV. In my opinion the best free AV is Kaspersky as you recieve all of the detection components, just not any of the other bloatware type stuff that comes with full suites. There are other options though.

You can get infected with any anti-virus, just it seems like most get infected with defender.

It is with ASR rules.

 

[Sandbox Breaker - DFIR]

What about Xcitium?

Why not Xcitium. Solid also. As long as is a Lambo, Ferrari or other high end system lol

 

[simmerskool]

Windows: No, it's not mandatory to use a third party replacement.

Android, iOS, Mac, Linux: No, but can be recommended.

re macOS I talked with level2 apple tech about 1 year ago, who recommended, if anything, Malwarebytes, which I do run real time on my Mini. I find it "odd" that search for macOS online usually mbam is not mentioned(?)

 

[Sandbox Breaker - DFIR]

re macOS I talked with level2 apple tech about 1 year ago, who recommended, if anything, Malwarebytes, which I do run real time on my Mini. I find it "odd" that search for macOS online usually mbam is not mentioned(?)

Xcitium for Mac has containment. I have the beta running on some MacBook pros

 

[Freki123]

I'm using MD with DefenderUI and CyberLock/Voodooshield ($30 for 1 year with discount for extra years).

They even have a lifetime license for 90$. It's a bit like betting on an AV Vendor but with luck it will save money in the long run.
If I wanted to use a free pure MS setup I would go with at least Configure Defender or WindowsHybridHardeningLIght (so far I only tried Hard Configurator but I have faith in Andy Ful's products and his epic support).

 

[Sandbox Breaker - DFIR]

They even have a lifetime license for 90$. It's a bit like betting on an AV Vendor but with luck it will save money in the long run.
If I wanted to use a free pure MS setup I would go with at least Configure Defender or WindowsHybridHardeningLIght (so far I only tried Hard Configurator but I have faith in Andy Ful's products and his epic support).

Amen. You really dont need to spend anything to get a holistically secure system. You just need to know how to tweak your engine.

 

[ErzCrz]

They even have a lifetime license for 90$. It's a bit like betting on an AV Vendor but with luck it will save money in the long run.
If I wanted to use a free pure MS setup I would go with at least Configure Defender or WindowsHybridHardeningLIght (so far I only tried Hard Configurator but I have faith in Andy Ful's products and his epic support).

Indeed. I got 2 years initially but the way this is going, will certainly consider lifetime if that's still an option when I'm closer to renewal

Agreed, WHHL with CD and WFH is also a great free option which I used a few times last year

 

[Azure]

The more people use Defender, I guess, the easier it would be for malicious actors to develop malware focusing on beating it.

 

[simmerskool]

The more people use Defender, I guess, the easier it would be for malicious actors to develop malware focusing on beating it.

maybe..., but I'm not sure about your comment... only because MS Defender is integrated into OS and MS seems to be trying to keep us safe based on more recent security tests. But you may be right, I don't know under the hood deep enough to be sure one way or the other, so curious to see what the smart(er) folks think about this (you know who you are)

 

[South Park]

maybe..., but I'm not sure about your comment... only because MS Defender is integrated into OS and MS seems to be trying to keep us safe based on more recent security tests. But you may be right, I don't know under the hood deep enough to be sure one way or the other, so curious to see what the smart(er) folks think about this (you know who you are)

It works both ways. The bad guys target MS Defender, but at the same time MS gets huge numbers of samples and can push out updated signatures very quickly. I recommend hardening its settings with Configure Defender or DefenderUI to the highest security level that one is comfortable with.

 

[monkeylove]

Consider the top ones in protection in AV-Comparatives and other sites, then test each one using benchmarking software and running various apps and browsing folders to see which is lightest in your machine.

 

[Ink]

The more people use Defender, I guess, the easier it would be for malicious actors to develop malware focusing on beating it.

There is also content filtering at a higher level at block threats before it has a chance to reach the home network.

A resident Antivirus doesn't provide the whole story.

 

[Jonny Quest]

Consider the top ones in protection in AV-Comparatives and other sites, then test each one using benchmarking software and running various apps and browsing folders to see which is lightest in your machine.

What are you using for benchmarking? I've found Novabench to be a little "interesting" at times with some of its results. Here is a test about 45 minutes apart, same notebook, F-Secure Total v19.2 with Windows 11 power settings set to Best performance (nothing extra running in the background). IMO, my best benchmarking test is opening my Dropbox folder which has lots of files and folders, and how quickly it populates all the folders and images. As well as opening individual folders and files. I'm not a gamer, so I'm not able to determine performance in that way.

 

[Alexhousek]

It's funny to see you talking about ESET here in the community... I see you talking all over the place about this firewall problem you claim to have faced. It's funny, I've been an ESET customer for 3 uninterrupted years (and still am), I've never even had the problems you've already mentioned having with ESET and much less have I been infected in that period of time (36 months). It's curious because I wonder how much of it was really ESET's and not the user's...

I'm not saying that AV is the best and everything works 100%, because we know that no AV is, but it's curious to see you talking about ESET like this everywhere...

I want to confirm that I had the same issue with ESET that simmerskool had. When I uninstalled it, it totally messed up my firewall and I could not access the internet at all. ESET tech support was pretty useless. It took me hours and lots of headaches to finally get my PC and internet working again. It was finally Tweaking.com's Windows Repair that finally fixed my system. Personally, I won't go back to ESET because of this reason. Prior to this, I do have to admit, that I really liked ESET. Just be very careful uninstalling it.

 

[simmerskool]

I want to confirm that I had the same issue with ESET that simmerskool had. When I uninstalled it, it totally messed up my firewall and I could not access the internet at all. ESET tech support was pretty useless. It took me hours and lots of headaches to finally get my PC and internet working again. It was finally Tweaking.com's Windows Repair that finally fixed my system. Personally, I won't go back to ESET because of this reason. Prior to this, I do have to admit, that I really liked ESET. Just be very careful uninstalling it.

@Alexhousek thanks for your confirmation. fwiw on my win10 ESET SSP, broke the windows firewall when it updated to newer version. It was the most time-intensive resolution that I've had in at least 10 years.

 

[cofer123]

It's funny to see you talking about ESET here in the community... I see you talking all over the place about this firewall problem you claim to have faced. It's funny, I've been an ESET customer for 3 uninterrupted years (and still am), I've never even had the problems you've already mentioned having with ESET and much less have I been infected in that period of time (36 months). It's curious because I wonder how much of it was really ESET's and not the user's...

I'm not saying that AV is the best and everything works 100%, because we know that no AV is, but it's curious to see you talking about ESET like this everywhere...

I want to confirm that I had the same issue with ESET that simmerskool had. When I uninstalled it, it totally messed up my firewall and I could not access the internet at all. ESET tech support was pretty useless. It took me hours and lots of headaches to finally get my PC and internet working again. It was finally Tweaking.com's Windows Repair that finally fixed my system. Personally, I won't go back to ESET because of this reason. Prior to this, I do have to admit, that I really liked ESET. Just be very careful uninstalling it.

@Alexhousek thanks for your confirmation. fwiw on my win10 ESET SSP, broke the windows firewall when it updated to newer version. It was the most time-intensive resolution that I've had in at least 10 years.

I also experienced Firewall issues a couple of years ago on one computer. One day, for no reason at all, that computer became unreachable (I only access it remotely) and all network functionality simply stopped. That was only fixable be running the Eset uninstaller tool in safe mode and then issuing a winsock reset.

I had my fair share of issues with Eset in the past 48 months. Something's changed recently and issues are getting more frequent. To name a few:

• Broken performance counters back in 2022-05 due to regular module updates; Had to dig an immediate fix until Eset issued a fix/repair;
• Browser protection "sandbox" introduced in 2022-10 that sometimes resulted in garbled keyboard input in browsers. Eset insisted users with this problem used some sort of key-scrambling protection software, but that was not the case for me and many others. Only recently (past couple of months) it appears that they've finally fixed it;
• Firewall update introduced with version 16.2 back in 2023-07 was the most annoying of them all with several reported issues, some still present [1][2][3][4][5]. I personally had several of the aforementioned issues, like local connections blocked, trusted network connections blocked, losing connectivity due to Firewall blocking of DHCP renewal, DNS blocking, etc. Some of these persisted for several weeks, some still occur today but, again, randomly and hard to diagnose;
• SSL/TSL scanning sometimes breaks pages with Firefox (very random and very hard to pinpoint). I found only a couple of reports [1][2] mentioning this so far;
• Interactive Notifications (especially for firewall) have never worked right for several years (I remember having issues as far back as 2014) and are still problematic to this day. The most often outcome is complete network loss since some notification gets stuck in the background new ones never get to show, blocking all network connections until a system restart. I gave up interactive firewall mode a decade ago because of this, and it's still happening.

Starting with version 16.2 is when Eset dropped the ball in my book. They've been releasing updates that appear to be untested and not even close to ready for the public. While I trust Eset's capability to offer protection, the main downside is that now I expect them to break something each time a new version comes out. And this is not machine-specific either, as I have had all of these issues I mentioned on multiple Win10/11 devices.

Since the XP days I've been using Eset and they often go like this, alternating between good and not so good phases. You have periods of very good quality followed by periods where you ask yourself why even bother. Seems to be a pattern they can't get rid of, which is a shame since they're my favorite security vendor.

 

[monkeylove]

What are you using for benchmarking? I've found Novabench to be a little "interesting" at times with some of its results. Here is a test about 45 minutes apart, same notebook, F-Secure Total v19.2 with Windows 11 power settings set to Best performance (nothing extra running in the background). IMO, my best benchmarking test is opening my Dropbox folder which has lots of files and folders, and how quickly it populates all the folders and images. As well as opening individual folders and files. I'm not a gamer, so I'm not able to determine performance in that way.

View attachment 280882

I also use Novabench, but I only test three times before doing things like opening folders and running apps, and I don't have time to test the latter. I think AV-Comparatives and others did that, though. For example,

Performance Test October 2023

AV-Comparatives released the Performance Test report October 2023 for consumer security products under Microsoft Windows 10.

www.av-comparatives.org