Looking for antivirus software WITHOUT VPN/Browser Plugin/Root CA

VPN
1

I’m currently only using Windows Defender and I wonder if there’s any alternative antivirus software that is:

  1. Better than Windows Defender (in terms of detection/prevention/repair capabilities)

  2. Does NOT popup VPN ads or attempt to divert all my traffic to their server with any “free vpn”.

  3. Does NOT install any ROOT CA to the system.

  4. Does NOT popup or require installation of any browser plugin/extension.

I’ve tried Norton and Kaspersky before. At least I know Norton fails at least #2 and #4, and Kaspersky at least #3.

2

Kaspersky > Settings > Network settings > disable ‘Encrypted connection scanning’ > Save

Their extension is optional, the VPN can be uninstalled, and it’s definitely better than Defender.

Can I ask why you don’t want https scanning?

3

It’s just my personal preference and not necessarily true, but I have these two reasons:

  1. Installing ROOT CA provided by an antivirus breaks an existing security system, the trusted CA list. I prefer having the CA list as a different/separate line of defense which works completely independently from the antivirus system.

  2. I think if an antivirus has to use ROOT CA man-in-the-middle proxy technique to scan HTTPS traffic in order to provide antivirus security, it may imply that such antivirus is incompetent in detecting malware/virus that gets downloaded from special downloaders or bugs from normal applications: in these situations the downloader may not necessarily respect TLS/SSL/https protocol and may run some customized protocol specific to an application, that is unknown to any antivirus software. I expect an antivirus software to detect threats even if they go through custom encryption that is not detectable by standard HTTPS man-in-the-middle. As the downloaded malware/virus materializes on disk, or gets assembled in-memory, the antivirus should detect it, even when the encryption during transmission is mathematically unbreakable.

4

There are plenty of 3rd party tests that just run malware from the host or local network, and Kaspersky does well in them, so there’s no overdependence on MitM HTTPS scanning. Same for ESET, Sophos, Bitdefender, etc… Having that extra protection is just additional security. As mentioned though, you can disable it.