Windows Defender – best for low end PCs?

Paul many times recommended that most home users are perfectly fine running Windows Defender as their main protection on Windows 10. Couple of months ago I stopped paying for protection software and used Defender since. I’m pretty happy with it and Windows ‘felt’ snappier in comparison to the paid antivirus.

However many antivirus test sites like AV-Test or AV-comparatives argue that Windows Defender slows down the PC noticeably and consume significant resources. I’m thinking about moving to a cloud based solution like Comodo Cloud Antivirus or Webroot, as in theory, they should use less system resources – which is something I need on my Atom based Windows 10 tablet 🙂

What are your observations? Is Windows Defender the best choice for low end PCs?

Conversation 39 comments

  • AnOldAmigaUser

    Premium Member
    06 February, 2018 - 2:44 pm

    <p>I run Windows Defender on a lot of old (if it doesn't die, I repurpose it) and lower end equipment, including an Atom based tablet, and I have not seen that Defender has caused any slowdown. When I have checked the resources being used, it is relatively low. It has worked for all our needs, and the rest of the family is on the ultra-normal side of tech, in that they just use it as an appliance, with no thought to security.</p><p><br></p><p>On another note, considering the hooks that AV software has to have in to the operating system, I would just rather that it be part of the OS. I do not need to be sending information to yet another third party.</p><p><br></p><p>Remember that sites like AV-Test and AV-comparatives probably get a lot of revenue from AV Vendors. They are not likely to bite the hand that feeds them.</p><p><br></p><p><br></p><p><br></p>

    • lwetzel

      Premium Member
      06 February, 2018 - 3:48 pm

      <blockquote><a href="#243734"><em>In reply to AnOldAmigaUser:</em></a></blockquote><p>What you said.</p>

    • StevenLayton

      15 January, 2019 - 4:37 am

      <blockquote><a href="#243734"><em>In reply to AnOldAmigaUser:</em></a><em> As an old Atari ST user, it pains me to agree with an old Amiga user, but your 100% right ;)</em></blockquote><p><br></p>

    • robincapper

      12 February, 2019 - 3:28 pm

      <blockquote><em><a href="#243734">In reply to AnOldAmigaUser:</a></em></blockquote><p>Agree, run windows 10 with Defender alone on hardware from ancient Samsung Atom Netbook to Surface Book 2 i7 and find it ok. </p><p>I have noticed considerable improvement in performance removing Norton, Zone Alarm &amp; McAfee from machines. I clean install Windows 10 and run Defender + Windows Update supplied driver updates on HP, Toshiba and Acer hardware I 'family support'. Faster booting and almost zero app compatibility issues which I found the 3rd party ones are plagued with.</p>

  • offTheRecord

    06 February, 2018 - 4:26 pm

    <p>I've used only Windows Defender (and before that, Microsoft Security Essentials) as the full-time AV software on all of my Windows devices (more than a dozen PCs and Windows tablets) for as long as I can remember. Maybe I've been lucky, but I have never gotten a virus on any device. Like others have said, I'm inclined to stick with Microsoft's own AV software rather than mess around with 3rd party stuff.</p><p><br></p><p>As far as slowing down the PC, a bit of context is probably necessary. In general, I can't say I've noticed any consistent slowdown. However, sometimes the CPU utilization will spike (to 50% or more) and Task Manager shows it's the Antimalware Executable using a good chunk (or all) of that. Presumably, it's doing some sort of momentary scan or update. Whether or not that actually slows down the PC, it's hard to say, but I've never felt like it was a problem.</p><p><br></p><p>EDIT: Forgot to add that probably all of those PCs were what folks would consider low-end.</p>

    • jimchamplin

      Premium Member
      07 February, 2018 - 12:58 am

      <blockquote><a href="#243776"><em>In reply to offTheRecord:</em></a></blockquote><p>Damn right.</p><p><br></p><p>I've used Defender on everything from quad i7s and quad Xeons to single-core Atom N270s. Never had any issue anywhere. Ever.</p><p><br></p><p>Non-Defender AV is simply a ripoff.</p>

    • wright_is

      Premium Member
      02 January, 2019 - 12:37 am

      <blockquote><em><a href="#243776">In reply to offTheRecord:</a></em></blockquote><p>I went through Norton/Symantec, F-Secure, GData, Kaspersky and a few others over the years, but for around the last 10 years I've only ever used Microsoft SE or Defender on my home equipment.</p><p>At work I have had Trend Micro, GData and Kaspersky and I can't say any of them have made the PC particularly slow, but Defender PCs at home have felt a bit faster, but not noticeably.</p><p>I just don't see the point, at the current time, of using third party security. It is Microsoft's mess, so they should be responsible for securing it at their own cost.</p>

  • jimchamplin

    Premium Member
    06 February, 2018 - 7:31 pm

    <p>It’s the best choice for <em>any</em> PC.</p>

    • arunphilip

      06 February, 2018 - 9:23 pm

      <blockquote><a href="#243802"><em>In reply to jimchamplin:</em></a></blockquote><p><br></p><p>^ This. </p><p><br></p><p>Stick to Windows Defender. I'm amused that those AV sites claim <span style="color: rgb(0, 0, 0); background-color: transparent;">Windows </span>Defender uses more resources, and I would suspect they have a vested interest in it (any chance they're running ads for other AV products?). </p><p><br></p><p>I run <span style="color: rgb(0, 0, 0); background-color: transparent;">Windows </span>Defender on my Atom tablets, and don't have any problems at all with it that are caused by <span style="color: rgb(0, 0, 0); background-color: transparent;">it. </span></p>

      • jimchamplin

        Premium Member
        07 February, 2018 - 12:55 am

        <blockquote><a href="#243818"><em>In reply to arunphilip:</em></a></blockquote><p>They simply have a profit motive to push. They don't want you to use Defender because then you wouldn't pay for the subscription to their inferior service.</p><p><br></p><p>I wish I could get everyone I know to ditch paid AV services but I can't. </p><p><br></p><p>The best system I've found is Windows Defender, and a weekly scan with Malwarebytes free. Never been touched by serious malware – had a browser toolbar try to fade me once, but I reamed its ass and left it to bleed out. Unfortunately I couldn't put a spear through its creator and leave them to bleed out.</p>

  • wunderbar

    Premium Member
    06 February, 2018 - 8:09 pm

    <p>Yea, remove the qualifier. As long as you're not spending all day on *that* part of the internet Windows defender is all the average person needs.</p>

  • jimchamplin

    Premium Member
    07 February, 2018 - 12:59 am

    <p>Put it simply, if you pay for AV, you're getting ripped off.</p>

  • msedkowski

    Premium Member
    07 February, 2018 - 5:20 am

    <p>Right, so is the paid antivirus market destined to die out? On the consumer side at least? </p><p>New versions of consumer products like Norton, Kaspersky, McAfee come out each year, so there has to be a market for this?</p>

    • AnOldAmigaUser

      Premium Member
      07 February, 2018 - 11:17 am

      <blockquote><a href="#243867"><em>In reply to msedkowski:</em></a></blockquote><p>Generally, it is provided as an add-on by the PC vendor, and the majority of people who buy a computer use the software that comes with it…so they re-up when the *free* subscription ends.</p><p><br></p><p>Businesses like to get packages that they can run across all devices, so it is a bit more understandable in that case; but the fact that the software can upload files to the A/V vendors servers for analysis (as in the case of the NSA contractor running Kaspersky on his personal laptop) would give me pause, if I had significant IP in the documents on protected devices.</p>

    • waethorn

      06 February, 2019 - 11:43 am

      <blockquote><em><a href="#243867">In reply to msedkowski:</a></em></blockquote><p>It will only improve if more security companies take "PUP's" more seriously, like the way Malwarebytes does. PUP's are just scam software.</p>

  • Bats

    07 February, 2018 - 10:12 am

    <p>I am actually running Windows Defender on the two new PCs that I bought last year (HP Envy 27 AiO and HP Spectre X2). I decided to just go with Windows Defender, based on the recommendation from some Firefox guy, that 3rd Party AVs break the browser and kinda/sorta make the PC unsecure. After a number of years using Avast, Vipre, and Nod32, I decided to just go with Windows Defender. For one thing, I don't want to pay anymore for this stuff. I would rather pay annually for Office 365 Home subscription to get up 5TB of hard drive space for myself rather than another tool that gives me better AV protection but not total immunity from it.&nbsp;</p><p>Luckily, I was able to jump on the chance to purchase five Lifetime Malwarebytes Pro subscriptions to compliment my AV program at the time and that's what I am using now as my second layer of defense.&nbsp;</p><p>Overall, my setup has worked very well for me, considering Windows Defender gets hammered everywhere in the Blogosphere. Anyway, I don't go to shady websites, except for (JUST KIDDING!!!). I don't access porn, warez, or download any bootleg movies. So overall, I've been safe so far.&nbsp;</p><p>I do keep one eye on the software security space, to see if anything new or cutting edge is released in terms of anti-virus/anti-malware, but as of right now my PC is running clean, fast, and strong.</p><p>One more thing,…</p><p>Microsoft should just make this product the best in the market. After all, it protects their crown jewel, Windows OS. Why they keep failing at these independent tests, is beyond me. I have no reason to not believe in these independent tests, but Microsoft consistently ranks severely low in them. It does make me wonder, whether I am doing the right thing by using Defender, but it would be good if Microsoft actually performed high on one of these tests.&nbsp;</p><p>All in all, the most important part of Windows Security are the Updates. Constant updates should be the 1st layer of defense, then the AV product, and then Anti-malware….that should keep any PC safe.</p>

  • Martin Pelletier

    Premium Member
    08 February, 2018 - 11:47 pm

    <p>I think Windows Defender is all right if you don't have a lot of files in your system. I have quite the millions of files on my system and it can take as much as 4-6 hours to do a manual scan of my computer with Windows Defender. With Eset Internet Security it take only 2 hours to do the same work.</p><p><br></p><p>One thing annoying tho, when activating Windows Defender Ransomware protection, you have to white list your applications first. You must know where to look for the executable files. With Internet Security, it does that automatically. Also tried Bitdefender ransomware protection. At least with Bitdefender it ask you if you want to white list the program.</p><p><br></p><p>The performance tests made by AV-Comparative seems to be fair. Compared to Eset, Windows Defender does <span style="color: rgb(0, 0, 0); background-color: transparent;">sometimes </span>perform slower. </p><p><br></p><p>But one good advantage of Windows Defender, it is know to not interfere with the web browsers. One thing I wish Microsoft would have added their Advanced guard to all customers. Not just Enterprise customers.</p>

  • eebrinsfield

    09 February, 2018 - 4:34 pm

    <p>I have seen a big difference in performance when switching to Windows Defender. Everything runs better than with the paid anti-virus programs. As long as you update date your PC, you really do not need much in antivirus protection. Windows defender will give you what you need in that department. Also, one can mitigate some threats through the router such as quadnine.</p>

  • NoFlames

    04 January, 2019 - 7:33 pm

    <p>I quit using 3rd Party A/V software years ago, because they drag down the system too much. I always have MS defender enabled. I haven't had an infection since about 2007 because I practice safe computing. The infection in 2007 was my fault for clicking on an email link that looked legit but wasn't.</p>

  • txag

    14 January, 2019 - 11:08 am

    <p>I have a laptop that I still use occasionally, but it can go 4-6 weeks between uses. I was pretty happy with a cloud-based AV, but they started getting a little pushy toward their paid service. So I switched back to Defender.</p><p><br></p><p>But now I have to budget an hour or two for Defender to do many, many things whenever I start it up after weeks of non-use. That part is really annoying.</p>

    • evox81

      Premium Member
      14 January, 2019 - 7:47 pm

      <blockquote><em><a href="#396747">In reply to txag:</a></em></blockquote><p>Defender (or any AV) can definitely bog down a spinning hard drive, especially after periods of non-use. But, I would lean towards a $60 SSD upgrade, over a $40/year AV subscription.</p>

  • Bats

    14 January, 2019 - 7:43 pm

    <p>Give us the link that says Windows Defender slows down your machine.</p><p><br></p><p>I'm tired of paying for anti-virus. I went strictly to Windows Defender. I haven't had a problem ever since. Let's face it, unless someone watches porn or goes to really shady websites, Defender along with Windows Updates will do the job. If you really want to be absolutely safe, then use Defender with Malwarebytes Free or Emsisoft Emergency Kit. </p>

  • amdman2017

    04 February, 2019 - 8:29 pm

    <p>Still using Avast Free on all systems, but either before 1903 is released or after might start using Defender full time…Not sure if the systems are actually low end though, well one household system might be–</p><p><br></p><p>AMD A6-3620 APU, 8gb of ram, older HP system, Laptop–Intel I7 7700HQ, 8gb of ram, Nvidia Geforce 1050TI 4gb, 128gb m.2 ssd, and 1tb storage drive, finally Desktop Intel I7 7700, 16gb of ram, Nvidia Geforce 1050, WD 250gb blue SSD, and 1tb Toshiba storage drive currently</p><p><br></p>

    • wright_is

      Premium Member
      05 February, 2019 - 10:16 am

      <blockquote><em><a href="#401897">In reply to AMDman2017:</a></em></blockquote><p>For an AMD man, you seem to have a lot of Intel in your blood. :-D</p><p>I have a Ryzen 1700, 32GB RAM, 3 512GB SSDs and 2TB spinning rust, so I don't think that is low end enough. My HP Spectre also isn't really low end, although it is Skylake, but 256GB SSD and 8GB RAM.</p><p>But I always use Windows Defender at home. At work we've just switched from TrendMicro to Kaspersky and that is running on up to 10 year old Windows 7 PCs with 2GB – 4GB RAM. Obviously the newer kit with modern Core i processors and Windows 10 are fine, but even the older stuff with first generation Core processors are still working well with Kaspersky.</p>

      • amdman2017

        12 February, 2019 - 12:12 pm

        <blockquote><a href="#402769"><em>In reply to wright_is:</em></a><em> I Switched Back to Intel based systems late 2017, after using AMD from 2003 on, Main reason decided to try Intel based systems again, felt like since I had the money to give Intel system a shot, and so far liking the intel based systems very well. As For Windows Defender will definitely resume using it very soon, or after Windows 10 1903 Launches possibly. </em></blockquote><blockquote><br></blockquote><blockquote><em><span class="ql-cursor"></span></em></blockquote><p><br></p>

  • waethorn

    05 February, 2019 - 11:10 am

    <p>I have never seen AV comparative tests say that Windows Defender slows down a computer, but I have seen *some*, <em>not all, </em>of their tests show that it doesn't compare in scan quality in lab situations. These are LAB conditions. Many of which test traditional viruses supposedly in the wild.</p><p><br></p><p>However, I have also read reports that independent security researchers say that third-party antivirus software like Symantec/Norton, Kaspersky, and BitDefender breaks security mechanisms in Windows to "function" and yet introduces additional security exploit vectors due to poor programming. AVG breaks Google Chrome's security, and now they're trying to get into the scamware market with a "PC Tune-up" program. McAfee also breaks security in Firefox. </p><p><br></p><p>In many examples of un-sponsored objective antivirus research, their recommendation is to stick to Windows Defender because "it's Microsoft's platform, and their own security software respects the platforms built-in security mechanisms".</p><p><br></p><p>I fix computers on a regular basis, and the most common type of "infections" that people get lately is flat-out "malware", which is usually classified all around as adware and fake scamware software that makes claims towards its operations but doesn't actually do anything. The majority of this is PC "tune-up" software that makes grand claims that it will magically speed up your PC. It doesn't. Registry cleaners are another type of snake oil. Absolutely no third-party software should be allowed to have unfettered access to your system registry to "clean it up". NONE!</p><p><br></p><p>The best program to use to battle fake software and other malware is Malwarebytes Premium. Regular antivirus software doesn't detect most of the scam software, which is what most people contract lately. Malwarebytes also isn't a complete replacement for antivirus – they even say that. It's designed to work in tandem with your traditional antivirus, and does it slow down PC's like the way Norton or Kaspersky do. My advice for Windows users is to use Defender and Malwarebytes Premium, and you're going to be far better off than with any of these antivirus security suites.</p><p><br></p><p>All of that said, Windows 10 is a pig now. To run it reasonably well, you need a system with 8GB of RAM. Less than that, and you'll want to shoot yourself in the face. If you have a new, but low-end system, like one with a Celeron with 4GB of RAM and 64GB of eMMC storage, use Linux instead. Fedora Workstation is a good choice – they stick to mostly-unmodified upstream projects but have support for proprietary hardware that distros like Debian don't. If your system is older, Fedora could work well on it, but you'd have to test out different desktop environments and/or compositors to see how they run. I've found that some low-end systems will run GNOME 3 as well as anything else, but might need to use Xorg in place of Wayland because of video driver compatibility issues. Really low-end old hardware (2GB RAM and old video hardware) might be better suited to a lightweight desktop environment. GNOME Classic is also installed by default for a more menu-driven desktop instead of the "big icons" like the smartphone/macOS-Launchpad style of GNOME 3, and it doesn't use as many resources. GNOME Classic is also not quite as customizable, whereas something like Cinnamon isn't bad.</p>

    • james_b

      05 February, 2019 - 1:23 pm

      <blockquote>Just stick with Windows Defender. As for Malwarebytes, the free version is fine and run it on demand rather than always on in the background with its premium version. </blockquote><p><br></p>

      • waethorn

        05 February, 2019 - 3:58 pm

        <blockquote><em><a href="#402842">In reply to James_B:</a></em></blockquote><p>When you get a nice piece of malware attached to some download that Defender doesn't detect, and it borks Windows 3 ways from Sunday before you can run that Malwarebytes scanner, good luck with that.</p>

        • james_b

          06 February, 2019 - 12:06 pm

          <blockquote><a href="#402885"><em>T</em></a>ell that to those who use WD… like our own dear Paul Thurrott and a host of others. Don't be a sucker for marketing hype. WD is just fine these days… even AV-Test and Comparatives and Neil Rubenking have had to admit. This is 2019, not 2010. </blockquote><p><br></p>

    • martinusv2

      Premium Member
      13 February, 2019 - 8:14 pm

      <blockquote><em><a href="#402798">In reply to Waethorn:</a></em></blockquote><p><br></p><p>From <a href="; target="_blank"></a&gt; and <a href="; target="_blank"></a&gt;, where WD is slower than the others is when installing, archiving / unarchiving.&nbsp;Also making a full scan of your system can be very, very long. Especially with all the files on my system.</p><p>&nbsp;</p><p>With what happened with Firefox 65 lately, you can ask yourself, does&nbsp;3rth party AVs&nbsp;worth it?</p><p>And from the show notes on&nbsp; Security now :&nbsp;<a href="; target="_blank"></a></p><p><br></p><p><em>%5Bquote%5DFirefox 65: I have Firefox v65 and I'm not have any problems because I'm not using Avast, AVG, BitDefender, ESET or Kaspersky. </em></p><p><em>&nbsp;</em></p><p><em>As we have discussed before, in order to hold onto their diminishing relevance by remaining able to peer into, and scan, the content of HTTPS connections, all of those AntiVirus addons are performing user-sanctioned man-in-the-middle interception of all HTTPS traffic. </em></p><p><em>&nbsp;</em></p><p><em>As we know, for the signatures of a website's certificates to be trusted, the website's private key must be pre-installed into the local system's root certificate store.&nbsp;In order to transparently intercept HTTPS traffic, a user's A/V addon generates a unique public and private key pair during 6 </em></p><p><em>installation and places the public key into the user's local certificate store. Then it pretends to be any remote server the user connects to, generating a certificate on-the-fly, signed by its built-in private key so that the web browser will trust it. </em></p><p><em>&nbsp;</em></p><p><em>This all went awry when Firefox 65, as part of its enhanced security warnings began alerting people who were using these A/V products that something was wrong with their connections and that the sites they were visiting should not be trusted. </em></p><p><em>&nbsp;</em></p><p><em>Much Chaos ensued.&nbsp;Mozilla quickly halted the roll out of FF65.&nbsp;Avast and AVG were quick to issue patches to disable HTTPS scanning of Firefox.[/quote]</em></p><p><br></p><p><br></p><p>So&nbsp;AVs are using tricks that&nbsp;can open up other security holes. Could it be the fault of Microsoft not providing API for AVs?</p><p>&nbsp;</p>

      • wright_is

        Premium Member
        14 February, 2019 - 2:23 am

        <blockquote><em><a href="#404700">In reply to MartinusV2:</a></em></blockquote><p>Microsoft does provide APIs for AVs. The problem is, HTTPS is encrypted by default, so the AV software can't stick its nose into the stream – this is only Microsoft's "fault" in Edge, Chrome is Google's problem and Firefox Mozilla's.</p><p>As the AV companies use an online scanning modes (something WD doesn't do) it requires them to break the computer's security and make it vulnerable to attack. This was shown as bad practice when the bundled software on some Lenovo home PCs was hijacked, because it did the same thing (although at least the AV software generate a unique license when it is installed, unlike Superfish, which had a global local certificate).</p><p>The problem came to light, because the AV software was puttings its unregistered master certificate in the Windows certificate store when it was installed. Edge, IE and Chrome (and its derivatives) all use the built-in Windows certificate store to validate certificates and keys, and while the user accepted the installation of this root certificate during installation of the AV software, the root certificate can then be used by the AV software (or anything else on the system) by creating bogus certificates for each site you visit, but because the AV's root has been put in the trusted store, it gets a green light and the browser doesn't complain or raise an alert.</p><p>Firefox, on the other hand, uses its own built-in secure certificate store and it is impossible for the AV software to by-pass this and add its own root certificate to Firefox. That means, when you use Firefox to go to a website, when using one of these AV products, it correctly tells you that the security of the connection has been compromised. Because the other browsers use Windows certificate store, they don't notice that the connection has been compromised.</p><p>Firefox has offered a workaround, so you can set a flag in about:config to make it use the Windows certificate store, instead of its own secure one and you will then not get warning messages that the connection is compromised.</p>

  • waethorn

    05 February, 2019 - 11:13 am

    <p> Someone please explain to me what a "cloud antivirus" software program is supposed to be.</p>

    • james_b

      06 February, 2019 - 12:05 pm

      <blockquote><strong style="color: rgb(17, 17, 17);">Cloud</strong><span style="color: rgb(17, 17, 17); background-color: rgb(255, 255, 255);">-based simply means that files are scanned on a remote server without using processing power of the user's machine.</span></blockquote><p><br></p>

      • MikeGalos

        12 February, 2019 - 12:30 pm

        <blockquote><em><a href="#403039">In reply to James_B:</a></em></blockquote><p>But instead using the disk I/O and the network I/O of the user's machine (and some processing power to do the file and upload processes)</p>

      • waethorn

        12 February, 2019 - 3:44 pm

        <blockquote><em><a href="#403039">In reply to James_B:</a></em></blockquote><p>So, it wastes your Internet bandwidth, and is a major privacy and security risk. Got it.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC