Battle Windows Defender OR another antivirus for average user?

[King Alpha]

Hello guys, King Alpha here (AKA King Mellow, for those who knew me). I need your help with setting up the security config on my gf's laptop (ASUS TUF Gaming FX505DY). I'm totally outdated with regards to my PC security knowledge as I've been away from MT the past 2 years. So, please, guys help me with this.

 

[King Alpha]

You can probably consider AVs that have a gaming mode.

In one Windows 10 machine, Kaspersky doesn't sometimes load, so I decided to use the built-in Defender.

ESET has a gaming mode.

 

[low L!fe]

Is WD an untrusted AV?
Have you tried to say that you personally do not trust WD protection? (this would be OK)

Very Very False positive

 

[ForgottenSeer 72227]

Very Very False positive

Have you run into a lot of FPs yourself with WD, or are you basing this off AV-Comparatives? Every AV will have FP's, but in my experience I really haven't had any issues with FP's when using WD. Doesn't mean it doesn't happen, but IMO I don't think it's as bad as AV-Comparatives makes it out to be. Furthermore, if you look at the FP break down from AV comparatives, WD tends to do poor on very low to low prevalence files, but medium to high prevalence files it does excellent. Not making excuses, I too would like to see WD do better with FP on those files, but IMHO I would rather have a FP on a small little known program, than a critical system file that is well known.

 

[blackice]

Have you run into a lot of FPs yourself with WD, or are you basing this off AV-Comparatives? Every AV will have FP's, but in my experience, I really haven't had any issues with FP's when using WD. Doesn't mean it doesn't happen, but IMO I don't think it's as bad as AV-Comparatives makes it out to be. Furthermore, if you look at the FP break down from AV comparatives, WD tends to do poor on very low to low prevalence files, but medium to high prevalence files it does excellent. Not making excuses, I too would like to see WD do better with FP on those files, but IMHO I would rather have a FP on a small little known program, than a critical system file that is well known.

The only FP I’ve ever had from Microsoft was smartscreen flagging @Andy Ful ’s tools based on not having a reputation. I’ve not seen a WD false positive in years of use.

 

[ForgottenSeer 72227]

The only FP I’ve ever had from Microsoft was smartscreen flagging @Andy Ful ’s tools based on not having a reputation. I’ve not seen a WD false positive in years of use.

This is exactly my experience as well. I've had the odd FP with some of @Andy Ful 's tools, (which have been fixed now) but other than that I've haven't had any issues what's so ever. That's why it's important to try a program for yourself and see what you think. Tests are good and all, but they don't always translate to whats happening in the real world. Hence why it's important to take all tests with a grain of salt and not rely on them 100%.

 

[Andy Ful]

The history of ConfigureDefender and H_C false positives was frustrating for me, but can probably be helpful for others.
A few years ago my first H_C executables were not detected as malicious after compilation. But, when I published them, then after some time they were classified as trojans. So, I found out that Microsoft allows developers to submit applications for whitelisting. This worked for over two years, till October 2018 when the previously whitelisted ConfigureDefender was suddenly detected by WD as malicious. The reason pointed out by Microsoft was that they changed the classification of malware. ConfigureDefender became malicious because the user could use it to disable WD real-time protection ????. This detection was extended after a few days to Hard_Configurator installers, because H_C includes ConfigureDefender.
Since removing this feature from ConfigureDefender and whitelisting, all installers were accepted by Microsoft as clean again.
From the version 4.1.1.1, ConfigureDefender and all my applications are digitally signed, and from ver. 5.0.0.0 they are also quickly accepted by SmartScreen.

WD false positives can be eliminated by developers in 5 minutes by submitting their executables to Microsoft, just like I do.
SmartScreen false positives can be avoided by signing the application installers. It can take a few months until the certificate will gain sufficient reputation.

 

[ltynk]

I'm fan of Windows Defender as it made huge progress, but l always switch to Emsisoft. Mainly because resource usage. I have fairly new machine but when I download for example 100 MB ZIP file WD was scanning it for few minutes! Never had similar issue with Emsisoft, Kaspersky or Avast. Would recommend to keep eye on WD for few days to see if it's fit workflow.