Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

IMO it will probably indeed be less vendors on market. It also depends on decisions made by other big players (Google, Facebook, Amazon, Apple). If they will try to enter market by acquisition of current vendors there might be even more competition. Who knows what time will bring.

 

Agree.

I'm OK with your second option, but hopefully still smaller independent Emsisoft along with the first list of 'big guys' ...

 

Yes, Emsisoft, I hope is still around. It's like Firefox, stubbornly not giving in to the monopolistic big ones. We need diversity in software, like everyting else.

 

I've been running Windows Defender on Win 10 for quite some time with absolutely no problems, and I surf quite heavily. Recently, I installed Hard_Configurator and set it to defaults just because I felt like it. I may keep it, I may not. But I do kind of like it so far. For me my interest in 3rd party alternatives to WD has waned. I haven't seen a reason yet to pay for something else again, WD seems to be well on the way to being just what Win 10 users need it to be. .

 

Hi,
I also still pretty confident using the windows 10 built-in security product..but after watching this video on youtube: https://www.youtube.com/watch?v=VXtTgP8JkSk from one of the user's I'm subscribed to now I'm wondering if I need to add something else to my protection.
David

 

Was controlled folder enabled in that test?

 

No, it was not.

 

This "test" was done with no internet connection and is simply another in a long line of "Let's bash Windows Defender" by this guy. As someone on another forum said, in part:

"If the purpose of this video was to demonstrate that WD free features (no ATP) are not suited to the enterprise environment, then it is a pretty good demonstration. Of course, this is a well known fact (without any demonstration) because WD protection highly depends on the cloud backend (Cloud delivered protection, Block at First Sight, SmartScreen)."

And Controlled Folder Access was not used in this test. Leo @ TPSC never tests WD appropriately, neglecting the fact that it depends on all of the above features, including Controlled Folder Access. His tests are defective for this reason and the fact that he doesn't educate his viewers about how his tests are done, or about WD features themselves.

If you want to take full advantage of WD's capabilities you may use ConfigureDefender, Group Policy, powershell commands, etc. to do so. I find CD to be the easiest method. You may find it here: https://github.com/AndyFul/ConfigureDefender

Stay safe, not paranoid - my friend!

 

The above statements are true but you can always check and add Appcheck or KART in addition to your current setup and do daily backups to an external hard drive (just in case).

 

You may also use Hard_Configurator if you want to harden W10. It can be used as default-deny with a number of different configuration profiles. Extensive malware testing has been done with its "Recommended setting". You may also harden Windows' built-in exploit protection for browsers and other internet-facing apps. If you're interested in the latter option you may check https://malwaretips.com/threads/umbras-lockdown-security-2020.97589/ for an example of browser hardening.

 

Hi,
While I do appreciate all of your constructive criticism's, you might want to double-check the video again because leo actually performed his test two different ways. One without an internet connection & one with an internet connection, of when his vm test computer did have a internet connection it had better results. While I respect his testing, sometimes he does tend to not have all of the facts/features enabled properly. I hope you can see by my statement here that I'm taking a middle of the road stance here, I actually feel as though like others have mentioned in here that if we is enabled properly that it's a very good product.
David

 

Even so, my other points are still pertinent. How can it be a ransomware test without CFA?Check out his "Windows Sandbox" video. It's a real piece of work! He has no clue.

 

Hi Bertazzone,
To be honest I really like what I call your 'positive constructive criticism' , he also seems to kind of push the hitman pro software. Honestly..since I'm a windows 10 insider build tester, it's my opinion that microsoft has really upped their game as far as improving windows defender to make it as viable as it is today. In a moment of weakness and tied with having a old person moment, I installed hitman pro on my desktop computer so I could at least evaluate it. Have you ever tried it, and if so what did you think of it ? Another thing that bothers me is the fact of how pc magazine rates kaspersky free higher than ms windows defender being used in windows 10. The MAIN thing with any security software is use commonsense and be careful of the site's you visit.
David

 

@Davy49 I take all reviews and testing, especially YouTube testing with a huge dose of salt. Yes K is good but, again, it's the comparisons and judgements made about it. I use HMP along with EEK but use them based on forum discussions, as much as anything. Otherwise I have no strong opinion about it because I don't get infected. It is pretty darn fast, which is nice.

Definitely!

 

Hi,
What is HMP & EEK ? Of course I'm not trying to play dumb..by the way, have you ever tried a linux distro.. and if so which one ? I've always wanted to learn more about linux, I'd even consider dual booting a distro along with windows 10. Or I could set up a virtual machine.
Thanks
David

 

HMP - HitmanPro
EEK - Emsisoft Emergency Kit

 

Hi,
Thanks so much for the clarification, I'm so glad that I'm a member here in the forum's. Being safe on the internet and life in general is essential to me, as a side note both of our son's work for justice department of the federal government. As a parent of course I'm kind of nosey sometimes but they can't share much information with me, I have got to meet several fbi agent's though.
David

 

I am far from a fan of PC Security Channel testing methods. That said, he was very straight forward in the video on how he tested WD.

He did not enable CFA because:

1. It's not enabled by default.
2. It's a royal pain in the butt to configure properly as documented by the numerous postings in this forum on the subject.

As far as testing WD w/no Internet access, A-V Comparatives does the same in their full spectrum malware test. Although in the A-V C test, it is only done for documentation purposes only with no penalty accessed for missed detection's in that mode.

 

CFA is poorly implemented but I have no problems with it enabled. I may be the exception to the rule because I use very few 3rd party softs, but I see others using it on other forums. I have set up with the usual protected folders plus these additional ones:



Simple, added built-in protection !

 

I just have CFA set up with the typical protected folders and I have absolutely no issues with it. I have a couple of other folders I want to set up with it, but I don't think I'll have any issues with them. I'm just using WD and Hard_Configurator set to recommended settings. Maybe that has something to do with it.

 

Agreed. It's a kind of half baked, amateurish solution, just like their Windows Defender firewall. Both could be so much better.

 

This thread pretty much sums up CFA issues: https://www.tenforums.com/antivirus.../96309-controlled-folder-access-problems.htmlhttps://www.tenforums.com/antivirus-firewalls-system-security/96309-controlled-folder-access-problems.html . Now project this to the typical Win 10 nob user.

CFA actually works quite similar to conventional HIPS processing in that anything that touches CFA protected folders need to be whitelisted. This in itself can create security issues if malware can inject code into one of those whitelisted processes. Many of which run at medium integrity level making such activity trivial to perform.

Bottom line - on a scale of 1 - 5, CFA provides level 2 at best ransomware protection.

 

Hello.

Can anyone please confirm such a rapid quick scan by Defender?

Spoiler: really quik scan

I know the times vary depending on circumstances but I find this unusual, even for a mere 16000-odd files. There was an update to the antimalware platform a few days ago but an optimized Quick Scan was not listed in the changelog.

There have been times the scanner seemed to fly from one extreme to another due to various issues. Thanks for any info. Oh, temporarily back on v. 1909-- build 18363.693

 

Using the latest Windows Defender version (4.18.2001.10)

 

Agreed. CFA is pretty worthless. I've seen it bypassed. In person.