Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Absolutely, if you are a safe surfer and careful what you click on. You should activate the PUP detection though. There's a Reg key to do that mentioned somewhere, possibly earlier in this thread.
     
  2. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,424
    Location:
    Dubai
    Enable PUP (Potentially Unwanted Programs) Detection in Windows Defender

    While Windows Defender file detection rates have gone up from 0 out of 6 in AV-Test to a respectable 4.5/6, you can further enhance its security by enabling PUP detection. While this feature is currently available to Windows 10 Enterprise users out of the box, you can still enable it on your Windows 10 Home or Pro installation and it works just fine.

    If you prefer not to do this manually through regedit, then I have created a regfile that enables PUP Detection in Windows Defender. Simply double click on the file to import it into the Windows registry then reboot your computer.

    Enable Windows Defender PUP Detection

    or if you wanna create the reg file manually:

    Code:
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine]
    "MpEnablePus"=dword:00000001
    Example of a PUP detection caught while trying to install Shark 007 Codecs. While Windows Defender doesn't go all the way of actually blocking the installer of the PUPs like NOD32 does, at least it detected the PUP so one would take extra care not to blindly hit the NEXT button and install everything but rather, carefully read what you are installing, after that I simply canceled out the bundled search garbage that it was trying to install and proceeded with the installation normally albeit without the PUPs:

    Windows Defender PUP Detection.png
     
  3. Scott W

    Scott W Registered Member

    Joined:
    Sep 21, 2008
    Posts:
    659
    Location:
    USA
    Hey Papusan, very cool - thanks a lot!

    and to all...
    Happy New Year
     
  4. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    159
    would unchecky 1.0.1 catch this and most pups? i have unchecky on all my machines and friend's machine. i rarely download programs so i don't know how effective it is. you would think wd pup detection would be a default setting on win10 home edition were it is most needed. yhanks
     
  5. mnosteele

    mnosteele Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    194
    Location:
    Chesapeake, VA USA
    The PUA (PUP) Tweak also works for Microsoft Security Essentials in Windows Vista & 7. The registry tweak is in a different location but works fine, I have the .reg files on my website HERE.

    :)
     
  6. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    525
    Actually Windows Defender in Windows 10 will automatically quarantine all detected PUA/PUPs, when the PUA option has been enabled in Windows Defender.

    The shown screenshot has nothing to do with the PUA detections in Windows Defender.

    The prompt shown in that screenshot will appear if the Automatic Sample Submission option has been disabled in Windows Defender settings, since the user will then be prompted for confirmation before submitting suspicious samples to the cloud.

    Disabling Automatic Sample Submission will lower protection, since it will also disable Block at First Sight.
     
    Last edited: Jan 1, 2017
  7. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    849
  8. remco8264

    remco8264 Registered Member

    Joined:
    Apr 25, 2012
    Posts:
    29
    Windows 10 Insider Preview 15002 includes some new improvements to the new Defender app. Note that this is still a preview version.

    Source: https://blogs.windows.com/windowsex...ng-windows-10-insider-preview-build-15002-pc/
     
  9. Cache

    Cache Registered Member

    Joined:
    May 20, 2016
    Posts:
    445
    Location:
    Mercia
    I find Unchecky totally reliable and solid. I download regularly and, whilst I am always on the lookout for PUPs, it has always beaten me to it and the PUP boxes are always unchecked.
     
  10. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    +1
     
  11. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    525
  12. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
  13. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    will this reg tweak work if WD is set to periodic scanning?

    thanks
     
  14. mnosteele

    mnosteele Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    194
    Location:
    Chesapeake, VA USA
    Yes it will.
     
  15. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    I do not see that reg entry in my reg. I did not use the exe. wanted to edit is myself.
     

    Attached Files:

  16. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    525
    @boredog :

    The registry entry isn't there until you put it there.

    In HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\MpEngine add DWORD MpEnablePus with value 1.

    That's all.
     
  17. remco8264

    remco8264 Registered Member

    Joined:
    Apr 25, 2012
    Posts:
    29
  18. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Before we have the discussion about WD having a firewall again:

    "Firewall & network protection provides information on the network connections and active Windows Firewall settings, as well as links to network troubleshooting information."
     
  19. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I know WD automatically runs a quick scan every day but does WD periodically run a full system scan on a schedule, or is that just for the more paranoid among us to run manually?
     
  20. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    525
    @Krusty :

    Quickscans are automatic.
    Full scans are only manual.

    Users with platter drives and a couple of TB data would get a sad face if full scans where done automatic frequently.
     
  21. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    The feeling for the necessity of a full system scan originates rather from fallacy than paranoia. The appropriate course of action in this case would be education instead of psychiatric treatment.
     
  22. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Thanks Martin.
     
  23. sirvalence

    sirvalence Registered Member

    Joined:
    Aug 13, 2014
    Posts:
    4
    I believe that through the Windows Task Scheduler, you are able to schedule the Windows Defender full scan job to run on a repeating time schedule if you wish. A quick Google for 'windows 10 run windows defender scheduled scan' should give you some good results on a step-by-step walk through on how to do this. I tested it a while back and recall not seeing any alerts or confirmation that the scheduled scan ran or not. I had to go back into the Windows Task Scheduler and verify the job ran with success. Of course, I set it to run at 3am on a Saturday morning so I wasn't around to monitor anything... fast asleep! I didn't test much more than that.
     
  24. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Thanks. I know I can create a schedule for a full system scan, but that isn't what I asked. Martin answered that.

    Cheers.
     
  25. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    While Windows-Defender is a good basic virus protection, it did not protect my recent customers machine from Crypt0L0cker.
    The machine was running WIN10-64-pro.
    All relevant files got encrypted and had a random, 6 digit, extension.

    Luckily I was able to restore all encrypted files from dive c:\, using shadow explorer.
    Files on drive d:\ had now shadow copy, but there where only a few unimportant files.

    The infection came in via a fake invoice, but I had now time to further investigate, because my customer wanted his machine back asap.

    Is there a test site for smart screen?
    I wonder, why smart screen didn't stop the attack...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.