Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Also, it's pretty bad that "Defender" doesn't have any additional defenses if it doesn't detect, let's say crypto ransomware (just to ride the current scare train), via signatures/heuristics/cloud. Other antivirus and security suites all have protection against this stuff as a last line of defense if it somehow manages to get past the initial scan. So that's worrisome to say the least.

 

No, that's its main Achilles Heel, but a lot of EMET is supposedly going to be incorporated into Windows Security system proper with the upcoming fall Creators Build remake. Then, we'll see.

 

Yup that is what I read as well. Time will tell.

 

For me an anti exe should block everything by default that isnt whitelisted.
Something that allows or disallows based on reputation/heuristics to me isnt an anti exe.

 

There was a discussion previously about PUP. So just FYI:
On windows10 (1607), I expected MBAM to warn about OpenCandy in ImgBurn as it did on XP and Windows 7.
Well, on 10 MBAM didn't even get a chance. Windows Defender grabbed the dll out of temp during installation, and that was that.

 

is MAPS on win 8.1 settings same as cloud on win 10? If yes it seems the 8.1 version is functionally equivalent?

https://www.winhelp.us/configure-windows-defender-in-windows-8.html

 

I have the same conclusion. I have set it to update at startup and every 2 hours, and it doesn't as far as I can see.

 

Yup strange right?

 

Now we sit and back and wait for one of the clever bods to point out what we have missed. I'm guessing there is another policy that needs enabling?

 

I would imagine so. If I get around to it I will dig around more.

 

Oh really? Hmmm, and Malwarebytes is supposed to take the place of Defender or am I mistaken? If I had both, I would definitely keep Defender enabled regardless, right? In fact, when W10Security gets its mitigations in the fall, how will its protection compare relative to that which MB provides? This being that MB touts itself now as "catching what antivirus can't."

 

Guys, Defender has Cloud Protection too. So I don't know if there is a point multiples signatures updates. Unless you manage to get infected while offline.

 

So that would have let the ImgBurn installer run, without offering any third party extras?

 

Guys, I decided to do a test using Windows Defender (I was using Avast Free before), but I did not get good results. Soon after removing Avast and enabling WD, I ran a full check of my system. After several hours (boring), WD detected some problems, between PUA and false positives. I put fp to be ignored and clicked to apply actions. WD said it would take a few seconds, but it was at least 2 hours in that process and it did not finish, taking full processing of one core processor during that time. I restarted, tried again without success. I had to go back to Avast. Any suggestions for this problem?

 

Exactly. It installed. I was surprised, so started looking into MBAM(v2) log, found nothing. Then in Defender History it was there. I have a screenshot to prove it. Clearly it happened as the installer was making the stuff in the temp directory. I guess it was separate enough that it didn't break the installation. Other applications may not be so lucky.

I do have that magic PUP setting done in the registry. Don't recall where it is, it's been a long time since that tip here.

 

It will be the same for any installer using OpenCandy. The installer will run without the third party offers. I think ESET products do the same for installers with OpenCandy. Most antiviruses will detect and quarantine the installer, preventing it from running. What WD and ESET do is a much better approach.

 

It is a more convenient approach, so long as they can isolate one .dll, me thinks. IIRC, on XP or win7 I had to disable MBAM.
Related details:
When I clicked on the installer, I got a small blue WD alert that it's bad. I started installing and even though I was logged into admin account, Got a yellow UAC alert for unknown program, allowed it, and the rest you know.
I looked at my WD settings - on at runtime, but not checking the cloud.

 

No ads, no pop ups, Windows defender is boring sometimes.

 

Now you see why so many security users of this and other forums prefer other solutions. If my computer is working too well, something must be wrong.

 

I suppose Win SmartScreen should take care of that.

 

Did you do that thru GPE or with Task Scheduler Tweak?
I know this "twaek" was working before (it should be working now too):
https://www.winhelp.us/configure-windows-defender-in-windows-8.html

 

It was using group policy. Have now turned off WD to use just CFW.

 

By the way, did a fresh install of 10 last night. Added the extra protection for WD via GP. Cloud Protection is enabled but grayed out. I give up lol.

 

What settings did you added? It is grayed out because of GP.

 

I figured but it is quirky as to being grayed out and then not being grayed out.

These settings here: https://m.windowscentral.com/how-change-windows-defender-antivirus-cloud-protection-level-windows-10