Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  2. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    Perhaps it's because it isn't digitally signed.
    Also the main website is HTTP. (not sure where Softpedia gets it from)
     
  3. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    png_11535.png
    https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview
    -
    btw ~ Norton 360 Download Insight threw WS.Reputation.1 flag - Few Users - Very New
    File: tisp1964.exe
    File size: 1,000 KB (1,023,621 bytes)
    MD5 checksum: B211D24E7D4ECBED0A4DCCE4EB2E6CED
    SHA256 checksum: 07DF7FB0F8A3074C60DC80D57ADFA9B4013A59065248A8415D6BAF58044C0F7B
     
    Last edited: Aug 7, 2021
  4. moredhelfinland

    moredhelfinland Registered Member

    Joined:
    Mar 31, 2009
    Posts:
    344
    Location:
    Finland
    Somewhat obsolete, but ppl think that WD is mother of all AVs. It's not.
    Its an basic cloud AV, easy to disable. It does not protect your bankin, nor MTM attacks, dll injections, keyloggers and so on.
    See here https://avlab.pl/PDF_avlab/AVLab-Test-of-software-for-online-banking-protection.pdf
     
  5. waking

    waking Registered Member

    Joined:
    Jan 25, 2016
    Posts:
    176
    "Somewhat obsolete" indeed. In the interests of fairness and full disclosure,
    it should be noted that those tests were done 2 years ago.

    https://avlab.pl/en/test-of-software-for-online-banking-protection/

    WD/MD development has not been stagnant in the intervening two years. While not
    the same battery of tests specific to online banking, the more recent results
    from other testing done by AVLab shows fairly comparable performance with other
    security products.

    https://avlab.pl/en/

    Recent results - May 2021

    https://avlab.pl/en/recent-results/

    https://avlab.pl/en/we-check-a-diverse-protection-of-software-to-secure-computers/
     
  6. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    Looks like we are back to bashing WD. The problem is, the tests that I use (and my own) reveal that it is as effective as any of the others and because it is built into the OS, there are efficiencies that are not present with a third party product.

    I use it on five computers and never a problem and often risky sites are visited.
     
  7. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    :(
     
  8. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,387
    I believe the biggest reason for this type of behavior is a way to rationalize the choice of whether to buy or install a third-party security solution, it's a mindset somewhat similar to fanboy behavior (Apple vs. Android, Playstation vs. Xbox, Windows x Linux).

    This type of behavior is not seen in relation to other products (proved inferior by several tests) because only Microsoft Defender is the standard solution, it is the product that needs to be inferior to justify the paranoia and the hobbyist behavior of the security combo enthusiast (firewall + HIPS + antikeylogger + sandbox + VPN and so on).
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    But my point is that you shouldn't need to rely on SmartScreen if WD already declared the file as clean.

    To clarify, I believe they simply used a simulator to test all of this, and as we all know, once most AV's allow some file to run, they can do almost everything, especially because Win Defender doesn't have a locally based behavior blocker.
     
  10. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    100% in agreement. There are dozens of nags in all of them except WD. And the tests show it is as good (or better) than many of them.
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    That's exactly the reason why I'm sticking with Win Defender, because I just know that other free AV's are going to get on my nerves and I don't even trust them. BTW, I thought this was an interesting article, but I would like to see Win Defender to get more of the ATP features, would be cool for power users.

    https://www.zdnet.com/article/top-w...se-are-the-threats-security-hasnt-yet-solved/
     
  12. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    It'll get even worse in terms of bashing, once the consortium (norton/avira/avast) will consolidate. I'm also quite happy about MS Defender, it really feels like set it and forget it, although as I have often stated, the malware threat is definitely grossly exaggerated. No more money for AVs...
     
  13. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    100% correct. Paying for AVs is like putting your money in the stove.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    On the other hand, today Win Defender did annoy me once again. I deleted lots of apps and then I went to the recyle bin to get an overview of all deleted files, and guess what, WD was scanning those files for no good reason! Causing the icons to load very slowly. So perhaps I should switch to some other free AV, but which one that is the question, because I just know that bloated AV's like Avast and Avira will annoy the hell out of me. Perhaps I can try Bitdefender Free or Panda Free.
     
  15. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Yes, that's a known "problem" with MD. I hope that they implement some better caching in future versions.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    It's freaking ridiculous, you shouldn't scan files over and over again. BTW, today I decided to give ConfigureDefender a try, it's not that good looking but still a pretty good tool and I decided to enable PUA detection and all of a sudden Win Defender decided to remove YTD Video Downloader, very annoying but luckily it gave an option to restore it. And somehow it also keeps detecting SpyShelter's Security Test Tool, so seems like I need to exclude it, it's getting on my nerves.

    https://www.softpedia.com/get/PORTABLE-SOFTWARE/System/System-Enhancements/ConfigureDefender.shtml
    https://www.spyshelter.com/security-test-tool/
     
  17. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    You could add the Recycle Bin to Exclusions.
     
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    It looks like Dan will release new app to control MD. IT looks good IMO. You can check it out here: https://malwaretips.com/threads/defenderui.109495/
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Good point, thanks will try this.

    Yes I just saw it, it's basically a better looking version of ConfigureDefender, pretty cool. And I totally forgot that you could harden Windows security with these extra settings, very weird that this stuff is not clearly visible in Win 10 and 11.
     
  20. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Thanks for this. It does look great. As mentioned at MT forum, it is a real-time GUI, so there will be some, even if just a little, performance impact. Configure_Defender, however, is portable, so zero impact on performance. Either choice, depending on what the user wants, will be excellent.
     
  21. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    4,208
    i'd go with c_d. for my money, it's much more robust. and as you noted, its being portable makes it the better of the two for me.
     
  22. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    I currently use H_C and foresee no reason to replace it.
     
    Last edited: Aug 14, 2021
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I know it's not likely but what I wouldn't give to see MS upgrade the nearly downgraded Windows 8 with this better version AV. But that's ok. It'll have to be.
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    You know what I still don't understand? Is Win Defender AV really able to perform behavior monitoring on the local machine? It seems that if WD detects suspicous behavior it will send the process tree to the cloud and then it will come up with a verdict. This can be confgured by a tool like ConfigureDefender.

    But let's say that WD doesn't have access to the cloud, will it still protect the system against for example cross process injection? I'm guessing it will not. So that's why it's probably still a good idea to use a tool like HMPA and/or SpyShelter.

    But it's clear that Win Defender ATP is doing quite a good job, pretty impressive how they are able to block these code injection methods, see links. The thing is, I want Win Defender AV to be able to this also, with that I mean, even after malware is already running, post execution.

    https://www.microsoft.com/security/...-process-injection-with-windows-defender-atp/
    https://www.microsoft.com/security/...ender-atp-process-hollowing-and-atom-bombing/
    https://www.microsoft.com/security/...oading-with-windows-defender-atp/?source=mmpc
     
  25. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    ATP is not for consumers available.
    and "cloud" is only a synonym for evaluating unknown files from external capacities/servers. MS has its own, but VT is a similar one. however such feature is called, any current security software offers it. the rest is different, some feature more or less, not significant differences for signature scans.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.