Yes, a small number, but it changes each year due to AV vendors (including Microsoft) changing how their AV works. It also depends on whether one looks at the impact from passively running the antivirus vs actively running a scan.
Ah yes, I have my Windows power user bingo card dusted off! So far in this thread I’ve got:
- Antivirus software is malware
- We have to disable Windows Updates because I didn’t like them 30 years ago
- Windows Defender hogs resources, laptop reviews showing Windows systems getting 10 hours of web browsing battery life are lying, Windows Defender actually ruins the performance of your computer
- It’s better to complain constantly about Windows and spend hours disabling functionality rather than switch to Linux
I’m just waiting for “Windows sucks I’m thinking about switching to Linux but never end up doing it” and I’ll have a bingo!
>Windows Defender hogs resources, laptop reviews showing Windows systems getting 10 hours of web browsing battery life are lying, Windows Defender actually ruins the performance of your computer
There are definitely times when I wish I could disable it outright. Often someone will want my help reviving an old computer or laptop and it'll have to sit for a day in a loop of windows update fighting windows defender for resources with neither of them making much headway before one or the other will finish enough to let the other run for a bit.
We use some software that stores each record in a separate file; basically using the filesystem as a database.
Without adding an exception to Windows defender, that software is unusably slow. Once the exception is added (or defender is turned off) the software is nice and fast again.
The solution there is adding the exception, not turning off Defender, especially when you don't have control over what other activities may take place on the system.
Exceptions are valid when scoped to a container where you reasonably expect to be the sole user of the data therein and it contains no executable code.
I honestly have never seen Defender behave with exceptions properly. Sometimes it does, sometimes it doesn't. Seems to depend on whether the day starts with a T.
While your first statement is reasonable, your second is uncharitable and hostile.
If Windows won't allow use of the filesystem as a database or cannot heuristically detect when a folder is being used as a store of data, Windows is wrong, not the developer.
Amusingly Microsoft ships exclusions for their own software, and states "Opting out of automatic exclusions might adversely impact performance, or result in data corruption. Automatic server role exclusions are optimized for Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025."
Why blame me? I didn't write the software, I only use it. But yes, I consider it badly written software due to that design. I would use SQLite for that particular use case. It would make the programming easier and more performant.
That “architecture of the parent OS” is so shitty they had to introduce a first party “Dev Drive” mode to disable said architecture wholesale so that developer workflows aren’t crippled. Think about that.
I assume you either don’t really know what you’re talking about, or are arguing in bad faith.
Oh, and people develop software for a living and sometimes that involves making sure the software works on Windows. Not everyone complaining is using Windows by choice.
I understand and mostly support the idea of mandatory AV for the people who can barely handle the concept of a file system.
There is also a class of user forged in the fires of the primordial internet who would never in a trillion years be tricked into clicking a fake explorer.exe window in their browser.
Giving users choice is the best option. Certainly, make it very hard to disable the AV. But, don't make me go dig through DMCA'd repos and dark corners of the internet (!) to find a way to properly disable this bullshit.
> There is also a class of user forged in the fires of the primordial internet who would never in a trillion years be tricked into clicking a fake explorer.exe window in their browser.
Until they've had a couple drinks. Might still need a more sophisticated fake than that, but they exist. I'm with you on the disabling part though: I think Apple gets it right with SIP, it takes a reboot in recovery mode to disable it temporarily and a single command while in recovery mode to make it permanent.
Skilled in what exactly? In x-raying all data storages on a system with a naked eye and spotting there a malware? In sniffing ether around the system and smelling a malicious bits on the radio spectrum coming in? How does this skill works?
I've been using computers for 40 years, have never installed and have always disabled malware scanners, and never had a virus. Maybe I'm special. But I'm not that special. There are 3 billion Android uses in the world, almost all of them don't have malware scanners, and almost all of them have never been infected by a malware. Ditto iPhone users.
To be fair, I haven't used Windows for the latter 1/2 of that 40 years. So maybe it's only Windows users who need to go around x-raying all data storages.
I've used computers a bit less since 90s, and I'm also careful not to do dumb stuff on it. But I can't guarantee that any of any PCs at any time is virus free, because I don't know it and can't know it. And that includes Linux btw, though statistically it is much safer. But Linux is beside the point, the whole topic is about removing a Windows component, and on Windows there are millions of different malware.
It's called Google Play Protect. Comparing it to a Windows malware scanner it like comparing a house door lock to security in a jail.
All Google Play Protect does is compare the installed apps on your device to a list of known bad ones, and uninstalls any Google doesn't like. For the most part all it's doing is looking for apps you've installed that Google later deemed bad and removed from the app store. That's a slight exaggeration, but not a big one. The performance impact is what you would expect from that description - almost none.
A windows virus scanner tries to get itself involved in most mouse clicks. Open an email - it's reading it over your shoulder. View a web page - it's looking at it too. Copy a file from USB - it's inspecting every byte. Every time you write a file, it's sniffing over the new contents. The performance impact is what you would expect from that description, ranging from noticeable to crippling in the worst cases. When it does find a virus it can't "just uninstall it". It may well have replaced parts of Windows itself.
Google Play protect is all you need when you design an OS with security in mind. The situation on Windows is where you end up when focus on delivered features, security be damned.
Skilled in not falling for the kind of malware, that Defender is able to catch.
It’s not a very high bar: I have not seen it find anything in a long time, neither on my machines, nor on the ones I inspected after they had been owned.
In what universe is windows defender “resource-crippling?” There are windows laptops that will sip battery for an entire workday plus extra hours while running defender the entire time. So clearly it’s not “resource-crippling” if it can run on a laptop with a single digit wattage power draw.
And then we’ve got the “I need to control my system I’m too smart for antivirus” folks all over this thread.
Well, if you’re so smart why are you using a consumer OS designed for idiots?
(I like OP’s tongue-in-cheek work and post a whole lot better than the neckbeard army describing how Windows is broken and totally doesn’t work and how we have to disable updates and antivirus because we are power users I guess so we just do that for no reason)
> In what universe is windows defender “resource-crippling?”
This one? Not all of us want to throw perfectly usable hardware in the e-waste pile. Windows 10 was perfectly fine on my old Haswell miniPC, save for Defender wasting CPU cycles and IO doing..."checks".
Let’s cut the bullshit, Defender is basically unchanged as a concept since Windows Vista or maybe even Windows XP. It runs completely fine on 15 year old hardware.
We are in the “Windows users complain endlessly and refuse to switch to Linux” bingo card right now. Windows has been this way since before you bought that mini PC.
I can go install Windows 10 on my Haswell mini-PC again if you'd like, show you a screencap of Defender eating 100% of the CPU if you'd like. Literally the only reason I commented was because I saw this behavior in real life, causing framedrops while playing video in Firefox. Am I a liar?
> Let’s cut the bullshit, Defender is basically unchanged as a concept since Windows Vista or maybe even Windows XP. It runs completely fine on 15 year old hardware.
Exactly. It's the same legacy scan every fucking thing you open AV architecture.
Back in the day of spinning disks it probably wouldn't have been too noticeable for the AV to marshal scanning to its usermode service and the filesystem to pull the data from cache for the original request afterwards. However now that we have 10GB/s+ capable SSDs the factor of slowdown is exponentially larger.
I can run ripgrep on a massive directory, make myself a cup of tea and return to it still searching for matches versus being done in < 10 seconds with defender disabled.
Yeah so like, every time I ran AV software it was quite obvious where the paranoia settings were, and how to tone down the aggressive "scan everything everywhere every time" settings.
For 98% of systems, there is probably no reason to scan every file on opening it. If people have enabled that setting, or left that default on, then that's their problem; it's not Windows Defender's fault.
My current AV dashboards are screaming at me that I'm only 35% protected. That's because I've exercised a lot of prudence in enabling paranoid settings, based on my rather limited and simplistic threat modeling. Installing AV software comes with the understanding that it can steal resources, but they nearly always have plenty of settings that can be disabled and win back your system responsiveness.
I am beginning to believe that commenters giving bingo-card winnings are not the brightest bulbs in the Windows MCSE pool, honestly. I can relate: Linux and Unix admin in general is far more intuitive and comfortable for me, so I have generally stayed on that side of things, but knowing how to properly set up Windows is an indispensable life skill for anyone.
>In what universe is windows defender “resource-crippling?”
In any universe where you do a lot of small file IO. I'm not saying that other AV isn't far worse, but on access/write/delete AV massively kills performance when you do anything that creates/deletes tons of small files.