Metadefender Endpoint: Windows PC security scanner

Martin Brinkmann
Feb 10, 2017

Opswat Metadefender Endpoint is a free security scanner for computer systems running Microsoft's Windows operating system.

The program checks settings, installed programs and security, and computes a score based on that. It furthermore provides you with options to remove potentially unwanted programs from the computer system.

You need to fill out a form on the Opswat website before downloads for Windows or Mac OS X become available. The information is not verified though, and download links are provided right after you enter the information and submit the form.

Note: The program will submit a report to the Opswat website. There you find listed information on critical issues, other issues, and information.

Metadefender Endpoint

The application runs a scan automatically when it starts. It reveals the security score and the removable applications on the first page that you see when it is done scanning the system.

The score ranges from 0 to 100 points, and is based on points that Opswat Metadefender Endpoint  gives to each item it scans.

A click on the score opens these individual scores. The items it scans are: firewall, hard disk encryption, patch management, backup, public file sharing, antivirus, and anti-phishing.

security score

The scores are color coded to indicate perfect, medium and low scores. As you can see on the screenshot above, items are weighted differently.

Antivirus and anti-phishing make up 50 percent of the maximum score, while firewall and patch management only 15 percent.

You may click on any item to find out more about the score. The program lists applications that it detected, as well as information on what it discovered during the scan.

Not all scores may make sense. The system I tested Metadefender Endpoint on got a 10 out of 20 score in the backup category. The reason for that was that the program failed to score Veeam Endpoint Backup. It only scored Windows File History, something that was not used all that much on the particular device in the past.

The antivirus category had similar issues. It only detected Windows Defender, but not Malwarebytes Anti-Malware, or any of the other security programs installed on the device.

metedafender endpoint score

Move the mouse cursor over the information icon next to each item on the details page to display information on that particular item.

Some entries hold multiple programs that Metadefender Endpoint found during its security scan. The anti-phishing category for instance lists web browsers that are available on the system.

It is interesting to note that some score worse than others. Vivaldi, Google Chrome, Microsoft Edge and Opera for instance are listed with a score of 5 of 20, while Firefox and Internet Explorer with a score of 20 of 20.

Chrome's and Edge's phishing protections were turned off, that explained the scores, but the program failed to identify Vivaldi's and Opera's protective features properly.

You can right-click on the program icon and select "critical device issues to fix" to load the public page on the Opswat website that highlights the security issues that the program recommends to address first.

This includes issues that may not be mentioned in the program interface. It highlighted for instance that no lock screen timeout was set on that page.

App Remover

The App Remover section lists programs that are potentially unwanted. This includes high profile programs such as Google Drive, CCleaner, Google Chrome, Mozilla Firefox, or Windows Firewall Control.

It is interesting to note that qBittorrent, CCleaner and Google Drive were listed under potentially unwanted applications. I'm not sure how that classification came to be, but it is probably fair to say that most users would not classify those programs this way.

Closing Words

Metadefender Endpoint may point you in the right direction when it comes to security issues on your computer system. May, because it may also fail to identify a setup which may result in lower scores.

It is therefore advised to check all low score areas to make sure the program did not miss a solution installed on the system. (via Windows Club)

Now You: Which security programs or categories do you consider most important?

software image
Author Rating
2.5 based on 4 votes
Software Name
Metadefender Endpoint
Software Category
Landing Page

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Peter O said on February 12, 2017 at 2:05 am

    6 pages to scroll & no download link?

  2. SilverDragonSys said on February 11, 2017 at 7:38 pm

    Any time a so-called “security application” gives more than a 10% false/positive return I tend to lump it into the category “SNAKEOIL”. In the case of this program I got a 52% false/positive return on my security settings and installed programs.

    I tried this program on a infected system and it only found 2 of 35 UWPs. Of course the icing on the cake was that my score on the infected system was 5 points higher than on my secured system (66 on my secured system vs 71 on the infected system).

    It seems that more and more software companies are using the snakeoil approach, promising the moon and delivering beach dust. The idea of this program sounds promising, unfortunately the execution falls flat on its face.

  3. Arne Anka said on February 11, 2017 at 1:47 am

    It says I have 20 removable applications – stuff like CCleaner, Spybot, Spywareblaster, Firefox, Thunderbird, Irfanview, VLC, 7-Zip and other (IMNSHO) useful software…
    Prefer to remove this program instead…

    1. Tom Hawack said on February 11, 2017 at 9:42 am

      WOW! I wonder if evoking an application’s paranoia makes much sens. If at least Metadefender included itself in its scanning results then I’d say “Hmm, maybe not that bad” but then I’d wonder if evoking an application’s schizophrenia makes any more sens.

      Hey! CCleaner, Spybot, Spywareblaster, Firefox, Thunderbird, Irfanview, VLC, 7-Zip shouldn’t be trusted… according to Metadefender and Arne Anka’s experience with the thrilling application… well I’ll be darned :)

    2. Clairvaux said on February 11, 2017 at 2:07 am

      At least, it’s funny. And it has pretty graphics. You can’t deny it has pretty graphics ? It also has an awfully professional sounding name : Opswat Metadefender Endpoint, my, now that’s real security !

      And maybe their enterprise, core product is really something to phone home about. It’s just that this particular software appendage looks like a badly designed trap, a marketing disaster trying to push an otherwise legitimate product.

      I just noticed this :

      “Checks if your hard disk is encrypted.”

      If you need a piece of software to check if your hard disk is encrypted, you should not be trusted with handling security software in the first place…

  4. Clairvaux said on February 10, 2017 at 5:33 pm

    Be wary, though. I downloaded this program a while ago, and yes, you need to fill out a form before you get it. I almost never get spam. However, with this program, I got some spam with an attitude, of a sort I have never received.

    It was a lady from Opswat, with name and contact info provided, who wished to know how my testing was going and whether her company could be of any help. The wording of the mail made it clear that what she wanted to push to me were enterprise-type services (paid-for, obviously).

    The disconnection between posting a free downloadable security program on the Internet, and peddling enteprise-level, expensive services indiscriminately to anyone taking the bait is odd, to say the least. But what followed was even more odd.

    Having chosen to ignore the spam, I received more and more enquiring messages from this lady. She amways wanted to “help”, but there was a growing reproachful tone on the lines of : why do you keep ignoring me ? All very professionally written, with a mixture of politeness, aggression and cheek you had to marvel at. Aggression was up a notch with each successive mail, as you can guess.

    When her automated phrasebook finally overstepped the mark, I fired back a finely handcrafted reply, lashing out at her methods.

    The oddest thing of all was I did get a response. A whining one. The lady was sorry for having disturbed me, but it was my fault, after all : why did I not answer in the first place ? And the cheekiest was yet to come. She begged me to say why I was lambasting her and what she had done to deserve that.

    So I wrote an Outlook rule to discard any future potential “help offers”, and haven’t received anything from her since. Even in my spam folder. Be wary of Greeks bearing gifts (or something to that effect).

    1. Tom Hawack said on February 10, 2017 at 9:21 pm

      The article stipulates, “You need to fill out a form on the Opswat website before downloads for Windows or Mac OS X become available. The information is not verified though, and download links are provided right after you enter the information and submit the form.”.

      Obviously you gave a true email address and I hope for you that you avoided true information regarding whatever other personal information the form may “require”.

      That’s for the method. Be thanked for sharing your experience, relevant once again of the way some companies have to propose freeware as an incentive for the user to buy the paid version. Once again, shareware is not bad, what are reprehensible are the methods.

      This said, even with such methods, an application/software may be of great quality. Personally I avoid these sort of programs, too often tightened in formal considerations of security when a device may be protected in less academic forms and not detected as such. For beginners, why not? But I dislike these automated engines which, in my experience, are far from being truly pertinent. I have not one application which hasn’t been tested prior to installation with VirusTotal so should a secirity scanner such as this one declare that I have 26 suspicious apps installed that I’d remove, not the 26 apps but the scanner. To avoid loosing my time I simply avoid such half-jokes as this ‘Metadefender’. I just don’t trust them. I know, I may be missing the best with such an authoritative state of mind. I take that chance.

      1. Clairvaux said on February 10, 2017 at 10:22 pm

        Actually, I gave a working email address, but I don’t have true and false addresses. All of them work, in the sense that I receive what’s sent to them, and all of them can be de-activated if they are abused.

        In this case, I took the trouble to write an Outlook rule, because I was curious to see whether the spamming lady would keep hounding me. She did not.

        I don’t remember what other information I gave, if any, but I might, on the contrary, have given false information, and that might have been what prompted that stupid spam (stupid from their point of view). If I had said, for instance, that I was responsible for software buying decisions in a major company (which I don’t remember doing), that might have put me on a list of “interesting” persons.

        What was remarkable about that spam series is how personalised they were. The last reply was almost certainly manually typed by the author in response to my mail. I can’t imagine a case where that would have been an automated reply based on keywords detected in my mail. That would have required some really perverted planning.

  5. Gary D said on February 10, 2017 at 3:41 pm

    Martin, this is an urgent off topic post !!

    The link “” is not working. Neither does “”. They just open a blank page.

    “https://……..” does work.

    1. Martin Brinkmann said on February 10, 2017 at 3:48 pm

      Gary, it is working on my end, tested in several browsers. Can you try to force reload the http page? Ctrl-f5 should do the trick. Please let me know if that resolves the not-loading issue on your end!

      Thanks for reporting it.

      1. Gary D said on February 10, 2017 at 4:22 pm

        Martin, the link is working again :)

      2. Yuliya said on February 10, 2017 at 4:03 pm

        Yes, it seems to be working now.

      3. Martin Brinkmann said on February 10, 2017 at 4:05 pm

        Thanks Yuliya for verifying it!

      4. Yuliya said on February 10, 2017 at 3:52 pm

        I reported the same issue, also tried Ctrl+F5. I also tried on my phone with the same result, and through Tor. In all three circumstances the non secure http ghacks loads a blank page.

      5. Martin Brinkmann said on February 10, 2017 at 3:58 pm

        Thanks, I think I fixed it. Can you verify it?

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.