Battle Kaspersky free vs Windows Defender

Aktiffiso

Level 9
Thread author
Verified
Aug 24, 2013
413
Hi i thinking in configure one of my pc whith free programs. I am thinking to use WD or KFA . I think both are good softwares . I am cuestioning me about what of this offer better protection and speed performance. I hope your contributions of objetive compare. Thanks
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
I am experiencing some interesting features in the last insider preview Win 10 (fall creators update) about WD. Did you heard about the feature named Folder Lock at Windows Defender Security Center.

Yes, this is the Microsoft response to ransomware attacks. There are some articles available, about this new feature: (Controlled Folder Access), for example:
Windows 10 to Get Built-in Protection Against Most Ransomware Attacks
Windows Defender Antivirus: Controlled Folder Access - gHacks Tech News
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Yes, this is the Microsoft response to ransomware attacks. There are some articles available, about this new feature: (Controlled Folder Access), for example:
Windows 10 to Get Built-in Protection Against Most Ransomware Attacks
Windows Defender Antivirus: Controlled Folder Access - gHacks Tech News
There are several AVs that already have this feature, and testers say that it is not so effective. It helps in some cases, but it is not a solution to the ransomware problem.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
Yes, eagerly waiting for it. I just did not find any information if it will avible for all win10 versions.

It looks like this feature will be available for all users, but to be sure, we must wait until it will be released:

"Controlled Folder Access will ship to all Windows users in October-November, when Microsoft plans to release it for all users as part of the operating system's major update package, codenamed Redstone 3, or the Fall Creators Update."

Microsoft Announces "Controlled Folder Access" to Fend Off Crypto-Ransomware
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
There are several AVs that already have this feature, and testers say that it is not so effective. It helps in some cases, but it is not a solution to the ransomware problem.

That is true, especially for Enterprises. Anyway, this solution can be useful for home users, because:
1. Truly bad ransomwares are mostly used first against Enterprises, so they are recognized by signatures and other security solutions, when they start attacking home users.
2. In Windows Defender this solution will be connected with powerful artificial inteligence.
3. It can be used as an element of layered protection.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
I was curious about Kaspersky free, so I installed it and made a quick test.
1. It seems light, fast, simple and effective.
2. Better signatures than Defender, especially when dealing with spyware.
3. Kaspersky processes protected by DEP and ASLR.
4. Cons - Kaspersky installed as 32-bit application on my 64-bit Windows 10!

Kaspersky free has kind of a file reputation service, but it works differently as compared to SmartScreen. It is available by option in the Explorer right click context menu.

Edit.
Edited the info about file reputation service.
 
Last edited:
  • Like
Reactions: plat1098 and shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
I was curious about Kaspersky free, so I installed it and made a quick test.
1. It seems light, fast, simple and effective.
2. Better signatures than Defender, especially when dealing with spyware.
3. Kaspersky processes protected by DEP and ASLR.
4. Cons - Kaspersky installed as 32-bit application on my 64-bit Windows 10!

Kaspersky free has kind of a file reputation service, but it works differently as SmartScreen. When I changed some bytes in the well known installer 'EMET 5.2 Setup.msi', Kaspersky did not block it, but SmartScreen did.
Even the paid version, Kaspersky Internet Security, always installs in programs (x86).
Is that what you meant that it installed as 32-bit?
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
Even the paid version, Kaspersky Internet Security, always installs in programs (x86).
Is that what you meant that it installed as 32-bit?
Yes. It is strange for such a good security suite.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Yes. It is strange for such a good security suite.
You mean it makes a difference which program folder it installs in? Please explain. I didn't know that it makes a difference, pardon my ignorance.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
You mean it makes a difference which program folder it installs in? Please explain. I didn't know that it makes a difference, pardon my ignorance.
The difference is in process security - 64-bit processes are more secure (harder to be exploited).

Edit.
Anyway, it may be not so important for home users.
 
Last edited:
  • Like
Reactions: shmu26
D

Deleted member 65228

It helps in some cases, but it is not a solution to the ransomware problem.
One of the most reliable solutions you can resort to is having a clean up-to-date backup. Not a solution for mitigating ransomware, but a brilliant one for recovering from it.

3. Kaspersky processes protected by DEP and ASLR.
Does Kaspersky Free Anti-Virus also include general self-protection for their processes, or is this feature only available on their paid solutions? Apologies for asking, I haven't looked at KAF yet! :) :p
 
  • Like
Reactions: shmu26 and frogboy

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
One of the most reliable solutions you can resort to is having a clean up-to-date backup. Not a solution for mitigating ransomware, but a brilliant one for recovering from it.


Does Kaspersky Free Anti-Virus also include general self-protection for their processes, or is this feature only available on their paid solutions? Apologies for asking, I haven't looked at KAF yet! :) :p

Yes, it has self-protection:
Kaspersky Free antivirus launches globally to secure the whole world
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
When using third party AV on Windows 10, the users should be prepared for some security limitation after upgrade to the new Windows version. For example, after upgrading to Windows 10 v1703 the following components have worked with the limitations in Kaspersky Internet Security 2017:
  1. System Watcher.
  2. Self-Defense of the product processes at startup.
  3. Detection and disinfection of malware in the system memory.
  4. Protection against ransomware.
  5. In the Safe Money component, protection will not work for information in the clipboard, protection against screenshots will be disabled, and the Protected Browser process will not be protected against external attacks.
  6. In the Application Control component, custom rules may not be applied to applications, categorization of tile applications in Windows, protection of Microsoft Edge.
  7. Trusted Applications mode will work with limitations related to compatibility with Program Data Updater.
  8. Protection against the attacks of the type Time-of-Check Time-of-Use (TOCTOU).
  9. Microsoft Edge does not support the On-Screen Keyboard and the Kaspersky Protection extension in Kaspersky Lab products.
 
D

Deleted member 65228

When using third party AV on Windows 10, the users should be prepared for some security limitation after upgrade to the new Windows version.
It makes perfect sense as to why issues like this occur; a lot of things in security products such as self-protection, behaviour monitoring, virtualisation (e.g. for a safe browser which is isolated) and other things are all related to Windows Internals... Things change on newer versions of Windows and/or update patches so things need to be re-adjusted to be compatible again.

IMO that is one big advantage for Windows Defender. They can plan changes to be made when crucial changes are performed on the OS itself, and this allows them to maintain stability and correct functioning of features without problems on newer OS versions. Apparently, some vendors do get new information/assistance in adding changes support before new versions are released though.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
Because of those issues, I dropped third party AV in Windows 10 for Defender + system hardening.
Though, this requires changing the user's approach to security and some learning about how to adjust the system.
 
Last edited:
P

plat1098

My choice of Kaspersky Free is going to be contingent upon Fall/Creators/Defender being compatible with the paid standalone anti-exploit. Kaspersky Free has the same good performance on the machine as Defender** :eek: and is compatible with the standalones. No monopoly, thanks, not all eggs in one security basket.

You wonder about some third party developers and their futures following the Fall build and onward. True, Windows 10 has a smaller market share, but it's gaining ground.

** Ain't much on C: and no other drives connected.
 
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,600
With Windows 7 the user had no choice at all, and had to install third party antivirus.
Now, he/she has the choice, and home users can live pretty safe with Defender in Windows 10, especially when using SUA + Edge + Universal Applications for tasks related to vulnerable context (file browsing/editing, watching media, etc.).

Edit.
Defender (even with PUA protection) is not good when dealing with adware, so for inexperienced users, something like Unchecky is welcome too.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top