zlacker

Is Windows Defender even worth enabling?

It eats up a lot of CPU. It doesn’t seem like much help in a default update enabled system where you are using a regular user account instead of an administrator account.

In addition, anti-virus and real time scanning is itself potential surface area for an exploit (for example a few years back there was an exploit based on Norton antivirus email scanner).

>>RcouF1+(OP)
Windows Defender is worse than nothing but in recent versions of Windows it is enabled by default, very difficult to disable, and may get re-enabled at any future software update.

>>RcouF1+(OP)
Enable it on your parents PC but you shouldn't need it.

>>RcouF1+(OP)
Yes.

It uses next to no system resources (issues like this aside), it integrates perfectly with Windows (it comes from Microsoft, after all), it's reasonably effective (to the chagrin of AV vendors the world over), and it isn't intrusive.

>>RcouF1+(OP)
I don't think you can disable it anymore in recent versions of Windows unless you install another AV software.

>>Narish+Ze
Getting rid of Defender is one of the best reasons to buy 3rd party AV.

>>Narish+Ze
You can disable it. First you have to disable the tamper protection and real time protection in the GUI. Now the real time protection will come back automatically in some time, unless you do the following.

If you have a Pro version of Windows there is a group policy setting for it. [1]

If you have Home, you can achieve the same effect by manually tweaking the registry. [2]

--

[1] Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > Real-time Protection

[2] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection\"DisableRealtimeMonitoring"=dword:00000001

>>RcouF1+(OP)
How many threats has it detected for you? I ran it for a decade or so and it caught exactly zero, so then I decided to disable it, because it makes file system access about 5-10x slower than it can be on my NVMe drive. Not bandwidth, but I/O syscalls. So things like node_modules become a real pain.

>>zokier+Kh
3rd party AV is worse than defender

>>Strom+xi
Thank you, I just disabled it on my fully offline game system. Hopefully a few games that previously crashed will work now :/.

>>Dalewy+Y9
Its definitely as intrusive as other AV products. with Microsoft's push for more telemetry collection.

but it does integrate with the system well since its from Microsoft.

>>Dalewy+Y9
Yes. If you exclude all the issues with resource use, it uses none.

>>RcouF1+(OP)
> Is Windows Defender even worth enabling?

For me, no.

I grew up in the era of internet wild-west and I understand why some of us still feel the need to operate with multiple levels of (perceived) safety even today.

That said, I think most of it is really foolish crap now. The sorts of exploits that are out in the wild that you should actually worry about will go right through defender like a modern bunker buster.

It's really upsetting to me when you think about how much performance/energy/UX latency/frustration/et. al. is being spent in hopes of achieving a minor incremental improvement in security. Windows defender == TSA for your PC.

If you know to not download & run executable files from sketchy websites, you are basically already at the limits of what defender is effectively achieving on your local machine.