Is windows Defender still the best choice of antivirus?

[Golf1.6]

I think I ditched 3rd party AV for 5 years now and just switched to windows defender as it was proven to be the most lightweight solution out there, it was at the time.

Recently the CPU usage of defender has spiked a lot. I had a 15-2500K system for work and I had to ditch it basically because windows defender was making it run slow. It comes on in the background every day and rises the temps and CPU utilisation for 10 or so minutes. on the i5-2500k it would get 90% cpu utilisation. Enough for me to avoid doing anything too heavy - go for a tea break sometimes.

I had to upgrade my system to ryzen 5 5600x and it gets 35% cpu utlisation - although the susyem runs fine without being slowed down, I can hear the CPU fans throttle up - I had to double check my computer wasn't being used as a miner for hackers.

I remember every few years we had to change AV because over time the AV would get bloated and we needed to jump ship. I recall it was ususally switching between AVAST and AVG and one year I think symantec actually ruled the roost. I'm wondering if defender has reigned for too long as the lightweight AV and now become bloated?

 

[Mcnumpty2323]

There's 2 parts to defender
Scheduled/default/periodically scans

Then always on protection

So it's a case of which part is causing the problem
I have 10 drives connected for it
To scan and don't notice a problem though may be
My 5950x can cope with it
But I probably did alter the settings mentioned above
If in the past it had become a nuisance

 

[beachBOYken]

Is windows defender the AV that is integrated into windows already?

Or is it something I need to download.

I’ve not long been on windows 11 and I have something in the background that runs scans presume its defender?

 

[Mcnumpty2323]

Is windows defender the AV that is integrated into windows already?

Or is it something I need to download.

I’ve not long been on windows 11 and I have something in the background that runs scans presume its defender?

It's built into windows

 

[Tetras]

Is windows defender the AV that is integrated into windows already?

Yep. Unless you download a separate AV, it is always on by default.

 

[Mcnumpty2323]

Don't think I said earlier once you
Find which bit is the issue you
Can alter the settings
So tell it to scan once a month for example
Since if always on protection is enabled
There's very little need to always run
Scheduled scans
Or you can set scans to only scan important stuff like system32 for example
Instead of every single file and folder
So there's a few ways to tweak it
To your requirements

 

[ED209]

I've always used defender and not paid for any AV software.

built in to Windows and gets updates via Windows updates service.

Defender + common sense goes a long way these days

 

[marinersfan]

I've been using the standard windows gear for years.
As far as I know it's been fine.

 

[Zefan]

If you're not bringing in loads of files from elsewhere, I really wouldn't even bother with scheduled scans. On access scanning will pick up anything ever moved or opened.

:edit: I must note, I don't reckon defender is causing your system issues.

 

[nelbert]

You say it is your work machine. Is it just a machine you happen to use for work, or a work machine with company policies and restrictions on it?

I've always found Defender to be low to zero impact on my personal machine, except one occasion where on-demand scanning was causing a slow down on one of my modded games due to so many small files being read and scanned. An appropriate exclusion configuration resolved that.

In contrast, some of my work provided machines over the years would grind to a halt daily, due to crazy 'no thought button clicking tick every checkbox' machine policies forcing a full scan of all files during working hours causing the AV/Security package to go nuts on the cpu and drive access.

I remember every few years we had to change AV because over time the AV would get bloated and we needed to jump ship. I recall it was ususally switching between AVAST and AVG and one year I think symantec actually ruled the roost. I'm wondering if defender has reigned for too long as the lightweight AV and now become bloated?

While products do gain features over the years, when setup and managed correctly the expanded features are rarely are a reason to jump ship due to impact on a machine. More often than not it is cost changes to the business for features they don't need rather than performance impact are the reason for change.

 

[Mcnumpty2323]

Guessing it's their PC
Which they use for work
Rather than a company owned machine with policies set etc
2500k was a bit of an enthusiast cpu
Due to its severe overclocking ability
A company pc shouldn't still be using a 2500k recently
Not impossible just seems less likely

 

[Paracelsus]

I'm still on a 2500k and Defender (win10) doesn't have any impact, certainly never noticed any unexpected slowdown or CPU spikes, never any issues gaming.

In contrast, all of my work laptops have been fancy new CPUs but almost universally run like dogs thanks to a million different AV-type things running constantly. The only one that hasn't is my latest one which is some swish £xxxx high-spec one. Though it gets hammered enough the fan is always on which isn't on the case on my own laptop.

 

[Pawnless Endgame]

Is windows defender the AV that is integrated into windows already?

It's built into windows

Yes it is built into Windows nowadays but it wasn't always the case. There was a program called Giant Anti-Spyware which you could download for Windows. Microsoft then acquired it, renamed it to Windows Defender while still based on Giant's code. It was still an optional download for the next few years. Then at some point, it became fully integrated and presumably a lot of Giant's code is now altered.

If you type 'giant antispyware' into Wikipedia, it redirects you 'Microsoft Defender Antivirus'.

In fact, I didn't even know it has changed names from Windows Defender to Microsoft Defender Antivirus until I finished typing this post. Very sneaky of Microsoft

 

[Freefaller]

I use it and no 3rd party and it's been absolutely fine, but I also run quite aggressive/restrictive access to internet pages via DNS so reduces the chances of coming across dodgy stuff.

DefenderUI

www.defenderui.com

You can also download that for more interactive settings for windows defender.

 

[hornetstinger]

Used to have avast but it constantly has pop ups even in silent mode, asks for registration etc

 

[conuk]

Went to the dark side recently? Kasperky... They offer sooooo many addon and popups. Seem worse than Norton of old. Won't be renewing.

 

[willhub]

I run defender and I did run Malwarebytes, but I disabled malwarebytes due to the amount of popups it was spamming me to try and buy it.

 

[Moley]

I only use defender and have done for a long time. I work in the security industry, wrote antivirus software in the early 1990s and regularly play with malicious stuff on my network and defender is more than adequate for catching this stuff.

 

[beachBOYken]

Talking of windows defender, I did a clean install recently and noticed a few things disabled by default, one was core isolation and I think the other was memory integrity.

Anyway I only use my pc to game really, should I leave these settings off?

 

[Tetras]

Anyway I only use my pc to game really, should I leave these settings off?

VBS can gobble up a fair chunk of performance when you're gaming, but with a recent PC it matters way less than an old one.

Personally, I'd leave it enabled unless you're trying to eek out every last frame from your hardware (e.g. competitive gaming or it is old).