Some of em' don't even detect goat or test files, which seems dangerously stupid; as someone could easily modify them into working virus and get a clean pass.

Or you know, you could make malicious software instead, like Crowdstrike, which bad actors or incompetence could bring a general halt.

well those are extremely specific examples Darvond, and kinda out of the scope of this thread.

Technically we know we can't trust any software that connects online unless we have access to their source code and are able to actually read it and understand it. So as we know, even if they're not trustworthy, we wouldn't know with 100% certainty.

Wasn't Avast collecting users data around without them necessarily knowing and selling their data to third parties or something like that?

Researched a bit, yes, around that - here are four sources explaining the situation:

"Avast fined $16.5 million for ‘privacy’ software that actually sold users’ browsing data / For years, the antivirus software company harvested information from users’ web browsers without their consent."
https://www.theverge.com/2024/2/22/24080135/avast-security-privacy-software-ftc-fine-data-harvesting

Avast sold privacy software, then sold users' web browsing data, FTC alleges
https://www.cbsnews.com/news/ftc-avast-browsing-data-privacy/

FTC Cracks Down on Mass Data Collectors: A Closer Look at Avast, X-Mode, and InMarket
https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/03/ftc-cracks-down-mass-data-collectors-closer-look-avast-x-mode-inmarket

FTC Bans Antivirus Provider Avast From Selling Users' Browsing Data
https://www.pcmag.com/news/ftc-bans-antivirus-provider-avast-from-selling-users-browsing-data

So how can we trust BitDefender, Malwarebytes and Kaspersky aren't doing something like this?
(We know that Microsoft collects more data than all of them together, unless you use a completely offline Windows machine and update Windows Defender offline using this address to download their updates manually: https://www.microsoft.com/en-US/wdsi/defenderupdates) > That's what I do by the way currently.

Well, we trust that they will comply with their Privacy Policy, but, as we should always question - what if they don't?
What real consequences are there for the companies that do not comply? Based on those consequences we should trust or not on said company. At least that's how I guide myself when using closed source software most of the time.

Personally I never heard about Windows Defender not allowing other antivirus work on the system. That didn't happened here when I tested it. Though I have not updated to Win 11, so can't really say.

About disabling Windows Defender and other antivirus:

As far as I know, all antivirus software allow you to disable them, even Windows Defender.
I was actually doing some security tests with some viruses these days and disabled Defender purposefully, and it actually allowed me to infect the system and right after it remove the virus re-enabling Defender. It was a simple to remove virus, so no real damage were done, also, on an offline box. So yes, you can disable Defender anytime you want.

About Bitdefender: If I remember correctly from last year when I used it, you can also disable it.
About Kaspersky: Same thing, based on experiences from last year.
Malwarebytes is the one that I don't use for the longest, so I can't say how it is today.

But I'd recommend those three for you if you are not satisfied with Windows Defender - although defender is ok for a normal user.

Here's a channel I also recommend if you want casual and intermediate recommendations about cybersecurity:

"The PC Security Channel"
https://www.youtube.com/channel/UCKGe7fZ_S788Jaspxg-_5Sg

And here's a good comparison between Bitdefender and Kaspersky with real 2000 malware samples. A good vs battle in real time that he did to compare how both antivirus dealt with the 2000 malwares running:

Kaspersky vs Bitdefender Test vs 2000 Malware
https://www.youtube.com/watch?v=p_DzLml1jZw

Anyway, I hope these informations may help you decide what is best for your use case and personal preference.

I googled it back then and got the impression that AV makers must register their product on some MS channel before they are allowed to replace/disable Defender for their own AV. I presume that registration also involves having to abide to some MS rules how the AV must behave.

That at least makes sense that MS controls which software can override Defender, otherwise malware could override it as well I guess. So this isn't quite a black/white thing, I understand there must be some restrictions who can do what, to make the system secure.

Sure they do, but they also enable themselves without asking your for a permission. At least with Defender there seems to be some time limit, not sure if it is e.g. 30 minutes or 60 minutes or what, but if you wait long enough (without a reboot), the realtime scanning is switched back on automatically.

With googling I got an impression from some older messages that it would stay disabled until you reboot the computer (or enable it manually) which would be cool for me, but last time I tested it, that was not the case. It would enable itself after some time without a reboot, and didn't even inform you about it.

The last time I tried Avira, it started acting the same way (enabling itself back after some time without even a notification), which makes me believe this is some kind of requirement from MS to all registered Windows AV applications.

This is indeed very important and many times forgotten, open source per se is not inherently secure. It must be audit, read and understood. Look at what happened with XZ compression tool.

Does a barebones Windows install offer any way to disable defender or only "real time protection"?

A false positive as usual, happens all the time ... unless of course you have been infiltrated.

When I say 'happens all the time', I am speaking collectively, not individually. Windows Defender is guilty a lot, what you might call a bit slow on the uptake.

And as usual, if in doubt throw the file at VirusTotal, and be guided by the majority result. Then add an exception to your AV or wait for your next AV database update to fix things.

P.S. You''ll probably find that the online version of Windows Defender at Virus Total will give the all clear for the file. I've had that happen many times.

Heh I guess you have to Clench to Stay Awake.

OP STOP updating Windows Defender. It's Microsoft hacking you with each update, it's not for your benefit. I turned that shit off.

huh? why are you talking to me? I dont use Windows Defender.

also lol I do clench to stay awake lol

I know youi're not the OP that's why they're after you.

Also this song is for you:

https://www.youtube.com/watch?v=C3tC3IzxeQA

in-game achievements are malwares ( both in physical and mental way )

Legendary thread due to irony.

that song has been in a playlist for 4 years on my end.

As far as I know, only real time protection can be deactivated.
For fully disable Windows Defender you'd need scripts to force uninstall it / disable it.

The other way to disable Windows Defender is to install another antivirus, which, by default, is recognized by Defender and it auto-disables it for the installed antivirus to work. At least, that's what is apparent to me.

Depends what you mean by disable.
Unless they have changed things with latest Windows OS, you can set exceptions for individual files and file locations (folders), so they don't get scanned.
You can even set an exception for a process (i.e notepad.exe).