Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Absolutely, if you are a safe surfer and careful what you click on. You should activate the PUP detection though. There's a Reg key to do that mentioned somewhere, possibly earlier in this thread.

 

Enable PUP (Potentially Unwanted Programs) Detection in Windows Defender

While Windows Defender file detection rates have gone up from 0 out of 6 in AV-Test to a respectable 4.5/6, you can further enhance its security by enabling PUP detection. While this feature is currently available to Windows 10 Enterprise users out of the box, you can still enable it on your Windows 10 Home or Pro installation and it works just fine.

If you prefer not to do this manually through regedit, then I have created a regfile that enables PUP Detection in Windows Defender. Simply double click on the file to import it into the Windows registry then reboot your computer.

Enable Windows Defender PUP Detection

or if you wanna create the reg file manually:

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine]
"MpEnablePus"=dword:00000001

Example of a PUP detection caught while trying to install Shark 007 Codecs. While Windows Defender doesn't go all the way of actually blocking the installer of the PUPs like NOD32 does, at least it detected the PUP so one would take extra care not to blindly hit the NEXT button and install everything but rather, carefully read what you are installing, after that I simply canceled out the bundled search garbage that it was trying to install and proceeded with the installation normally albeit without the PUPs:

 

Hey Papusan, very cool - thanks a lot!

and to all...
Happy New Year

 

would unchecky 1.0.1 catch this and most pups? i have unchecky on all my machines and friend's machine. i rarely download programs so i don't know how effective it is. you would think wd pup detection would be a default setting on win10 home edition were it is most needed. yhanks

 

The PUA (PUP) Tweak also works for Microsoft Security Essentials in Windows Vista & 7. The registry tweak is in a different location but works fine, I have the .reg files on my website HERE.

 

Actually Windows Defender in Windows 10 will automatically quarantine all detected PUA/PUPs, when the PUA option has been enabled in Windows Defender.

The shown screenshot has nothing to do with the PUA detections in Windows Defender.

The prompt shown in that screenshot will appear if the Automatic Sample Submission option has been disabled in Windows Defender settings, since the user will then be prompted for confirmation before submitting suspicious samples to the cloud.

Disabling Automatic Sample Submission will lower protection, since it will also disable Block at First Sight.

 

http://www.networkworld.com/article...icrosoft-windows-defender-comes-up-short.html

 

Windows 10 Insider Preview 15002 includes some new improvements to the new Defender app. Note that this is still a preview version.

Source: https://blogs.windows.com/windowsex...ng-windows-10-insider-preview-build-15002-pc/

 

I find Unchecky totally reliable and solid. I download regularly and, whilst I am always on the lookout for PUPs, it has always beaten me to it and the PUP boxes are always unchecked.

 

+1

 

Microsoft are doing very well.

November-December 2016 with Windows Defender 4.10 on Windows 10 version 1607 :

https://www.av-test.org/en/antiviru...ystem-center-endpoint-protection-4.10-164974/

November-December 2016 with Windows Defender 4.8 on Windows 8.1 :

https://www.av-test.org/en/antiviru...r-2016/microsoft-windows-defender-4.8-164847/

 

Nice!

 

will this reg tweak work if WD is set to periodic scanning?

thanks

 

Yes it will.

 

I do not see that reg entry in my reg. I did not use the exe. wanted to edit is myself.

 

@boredog :

The registry entry isn't there until you put it there.

In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\MpEngine add DWORD MpEnablePus with value 1.

That's all.

 

Introducing Windows Defender Security Center

 

Before we have the discussion about WD having a firewall again:

"Firewall & network protection provides information on the network connections and active Windows Firewall settings, as well as links to network troubleshooting information."

 

I know WD automatically runs a quick scan every day but does WD periodically run a full system scan on a schedule, or is that just for the more paranoid among us to run manually?

 

@Krusty :

Quickscans are automatic.
Full scans are only manual.

Users with platter drives and a couple of TB data would get a sad face if full scans where done automatic frequently.

 

The feeling for the necessity of a full system scan originates rather from fallacy than paranoia. The appropriate course of action in this case would be education instead of psychiatric treatment.

 

Thanks Martin.

 

I believe that through the Windows Task Scheduler, you are able to schedule the Windows Defender full scan job to run on a repeating time schedule if you wish. A quick Google for 'windows 10 run windows defender scheduled scan' should give you some good results on a step-by-step walk through on how to do this. I tested it a while back and recall not seeing any alerts or confirmation that the scheduled scan ran or not. I had to go back into the Windows Task Scheduler and verify the job ran with success. Of course, I set it to run at 3am on a Saturday morning so I wasn't around to monitor anything... fast asleep! I didn't test much more than that.

 

Thanks. I know I can create a schedule for a full system scan, but that isn't what I asked. Martin answered that.

Cheers.

 

While Windows-Defender is a good basic virus protection, it did not protect my recent customers machine from Crypt0L0cker.
The machine was running WIN10-64-pro.
All relevant files got encrypted and had a random, 6 digit, extension.

Luckily I was able to restore all encrypted files from dive c:\, using shadow explorer.
Files on drive d:\ had now shadow copy, but there where only a few unimportant files.

The infection came in via a fake invoice, but I had now time to further investigate, because my customer wanted his machine back asap.

Is there a test site for smart screen?
I wonder, why smart screen didn't stop the attack...