App Review TPSC - Windows Defender vs Avast: Do you need Free Antivirus?

[tetridental73]

Leo from The PC Security Channel "emulates ransomware" with behavioural tests by Avast as defense.

 

[marcopaone]

Avast Free (is very underrated, but I prefer AVG) > WD (Not tweaked)

 

[Andy Ful]

Leo's tests are mostly OK if one can ignore some of his personal comments that present his beliefs and have nothing to do with the test results.

The first part of the test is a simple demonstration - Leo admits that any AV should block all samples because they are well known. Avast was tested and got a perfect result.

The second part is based on one custom sample (simulator). Avast (on default settings) failed but could protect with enhanced settings. Defender passed the simulator test on default settings - although the ransomware info was displayed, the ransomware actions were blocked by behavior.

Although Avast scored worse in this particular test, such a result is not meaningful (only one of many ransomware techniques was tested).

 

[Andy Ful]

Avast Free (is very underrated, but I prefer AVG) > WD (Not tweaked)

No proof of that. The reliable tests strongly suggest that the difference in protection between Avast, AVG, and Defender is too small and cannot be even measured.

 

[blackice]

I would argue that anybody who uses basic internet hygiene and caution could use MS Defender at default with an admin account and probably never have a problem. Too much emphasis is put on the AV. Most infections are the result of user ignorance, willful or not. Andy’s statistical analysis tends to show the risk would be similar regardless.

 

[Andy Ful]

I would argue that anybody who uses basic internet hygiene and caution could use MS Defender at default with an admin account and probably never have a problem. Too much emphasis is put on the AV. Most infections are the result of user ignorance, willful or not. Andy’s statistical analysis tends to show the risk would be similar regardless.

The more sources I used, the smaller were the differences between top AVs. For example:

REAL-WORLD (Triathlon = AV-Comparatives + AV-Test + SE Labs) 12 tests in the year 2021
--------------------- missed samples
Avast........... 1.5 + 5 + 2 = 8.5
Microsoft.... 4.5 + 1 + 3 = 8.5
Norton......... 3.5 + 1 + 5 = 9.5
Kaspersky.... 5.0 + 0 + 5 = 10
Samples............ 3 737

REAL-WORLD (Biathlon = AV-Comparatives + AV-Test) 8 tests in the year 2021
--------------------- missed samples
Norton.............. 3.5 + 1 = 4.5
Kaspersky......... 5.0 + 0 = 5
Microsoft......... 4.5 + 1 = 5.5
Avast................1.5 + 5 = 6.5
Samples............... 3 337

I skipped some top AVs that were not tested by all AV Labs (like Bitdefender, F-Secure, TrendMicro).

In both cases, the statistical error is probably greater than the maximal difference between AVs (1.5 and 2).
The "Triathlon" includes the results of "Biathlon" and is enhanced by adding the results of SE Labs tests.

 

[ForgottenSeer 94654]

Just waiting for the Leo bashing.

In another Leo video, he admits that tweaked Windows native security is powerful. He just doesn't like tweaked & hardened Windows because he thinks all security software should cater to neophytes.

Security software does not solve the malware and IT security problems. For many years, software industry leaders have been saying that security software by itself is not the solution.

 

[Andy Ful]

Leo is not entirely wrong about Defender free (default settings). When we take into consideration both the home and business environment, then almost all popular AVs are better in all categories (protection, GUI, maintenance, etc.).
But, in the home environment, the difference in protection among free AVs is non-measurable (so far), especially when we use Defender with Edge.
The advantage (for some users) of Defender free comes from the ability to use several Advanced Threat Protection features, not available in other free AVs.

Edit.
Of course, Leo's "tests" cannot show any real difference in the protection strength between AVs. His testing methodology is insufficient for that and the results are statistically insignificant.

 

[ForgottenSeer 94654]

Leo is not entirely wrong about Defender free (default settings).

Actually, Leo knows what he is talking about. The problem is peoples' interpretations of and reactions to Leo.

 

[Andy Ful]

Actually, Leo knows what he is talking about. The problem is peoples' interpretations of and reactions to Leo.

He has got some extended knowledge about malware, but apparently does not know much about reliable testing.
His comments are somewhat misguiding in convincing people that his tests can be more than an interesting demonstration.

 

[ForgottenSeer 94654]

He has got some extended knowledge about malware, but apparently does not know much about reliable testing.
His comments are somewhat misguiding in convincing people that his tests can be more than an interesting demonstration.

He is a member of the Youtube tester community with the same test methods and mentality as other Youtube testers. He actually does know how to test much better, but that is not how he is going to do it.

I doubt if Leo cares what people think of his testing nor his experience-based comments. Based upon what I see, he is perfectly fine with the way he does things. It is difficult to find fault whenever his most ardent opponents are on the other side of the spectrum - they are fanboys and don't like what Leo says about their beloved software.

 

[Kongo]

He actually does know how to test much better, but that is not how he is going to do it.

Do you have mind reading capabilities?

 

[Shadowra]

Actually, Leo knows what he is talking about. The problem is peoples' interpretations of and reactions to Leo.

You're defending him when a few months ago you were bashing the "YouTube testers"?
Curious.... curious....

 

[ForgottenSeer 94654]

You're defending him when a few months ago you were bashing the "YouTube testers"?
Curious.... curious....

Leo is a very well established professional. Without having here to explain himself, just based upon appearances I don't think he cares to put a lot of effort into his Youtube testing - which makes him no different than other Youtube testers.

Leo is not a professional tester, just like you.

 

[ForgottenSeer 94654]

Do you have mind reading capabilities?

No, but I've had multiple dealings with Leo. So I do know what he thinks about quite a few things. Besides, he spells out a lot in-detail in his videos. You have to just pay attention to what he actually saying, as opposed to what you think he is saying.

 

[devjit2020]

He is a member of the Youtube tester community with the same test methods and mentality as other Youtube testers. He actually does know how to test much better, but that is not how he is going to do it.

I doubt if Leo cares what people think of his testing nor his experience-based comments. Based upon what I see, he is perfectly fine with the way he does things. It is difficult to find fault whenever his most ardent opponents are on the other side of the spectrum - they are fanboys and don't like what Leo says about their beloved software.

Yeah I totally agree with you on this one. Leo does know how to test antivirus. In fact he's the one and only tester I've seen who disabled the real-time protection of ESET and tested some ransomware to find if the other modules block it. The whole world knows that all the components of ESET are tied to each other and ESET does not have a behaviour blocker but still he tests like this. Why can't you just shut up instead of spamming all the posts? And just a few days ago you were bashing the YouTube testers. You should seek the help of a psychiatrist my friend.

 

[Shadowra]

Leo is a very well established professional. Without having here to explain himself, just based upon appearances I don't think he cares to put a lot of effort into his Youtube testing - which makes him no different than other Youtube testers.

Leo is not a professional tester, just like you.

You contradicted yourself in your post, just for that you are not credible.

I don't care if I'm not "professional" as you say, I do what I like and I'm fine with it, buddy

 

[Anthony Qian]

Leo said MD detected the ransomware using behavioral detection. But the detection name that is given by MD is signature-based, I suppose.

 

[blackice]

Leo said MD detected the ransomware using behavioral detection. But the detection name that is given by MD is signature-based, I suppose.

Leo does a good job and understands malware, but doesn’t always take the time to understand the components of the tested AVs he’s not as familiar with.

 

[Neno]

All these tests are far from professional work, they are more on the generic side. But that aside, they also provide valuable information on the theme.