Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

It's doing it to me right now. I have it enabled on my work PC. Saw I had an email in my spam folder. Clicked on the folder. Outlook froze. Now Defender is using 100% of my disk. For minutes. Can't even use the machine. So I type this on my laptop I bring to work with KIS on it. No issues. I need to get the boss to budget some funds for the company PCs.

 

I appreciate that WD may not work out on some machines but I'm not having any problems with this Intel Celeron N2840 @ 2.16GHz machine and notice very little difference from when it ran Norton.

 

Windows Defender are in no way sub-par to any other security.

There are just many with massive interest in spreading doubt about the native security.

Sadly this has been made easier since all the testing institutions insist on disabling parts of the native security during their tests and also practically no testing institutions test latest generation/branch of Windows. So reviews are always year/years behind the actual reality we all live in.

So many people has for years been saying that any test that disables parts of the native security during test, are invalid.
And as I'm sure you noticed in a recent thread, a test report was recently made that finally didn't disable the part of the native security that other testing institutions insist on disabling during testing. Suddenly when the native security features was allowed to complement each other, then we saw all samples in the report was blocked.

Finally there's the trolling factor. Every single time there's a thread on a forum or a readers comments section on some article about the native security in Windows, then the trolls flock together. Weird unexplainable behavior. Just ignore it and focus on the more rational members/users.
There are +300 million MSE/Defender users world wide, so plenty of calm users to enjoy a security talk with.

 

Start with a clean image, that has never seen third party AVs. System sounds to be in a mess.

 

The same here (on a clean install), I honestly can not believe, that this joke/troll thread is still alive. I particularly love saying: "WD never detected anything." Well, that is the problem, is not it?!
People usually say, that WD uses almost no CPU/RAM. That might me, but using 100% HDD is also important, but virtually no test take it into an account, therefore WD cheats performance tests.

 

I am still watching and hoping for a good outcome.

 

If you aren't interested, stop reading it - simple!

 

Nuh, I like psychology, I find odd people interesting, like people ignoring facts and a common sense.

 

I find it amusing someone would troll this thread by posting that it is a "joke/troll thread".

 

exact, more native improvements, less needs from 3rd party products then less incomes for the vendors.
~OT comment removed.~
It is same with any kind of business, they do a business for money , not for charity; so they defend their business at all cost.

exact again, it is why i laugh at all those so called "independent" test labs, they don't mind using the full spectrum of the 3rd party vendors but find normal to disable all native mechanism of Win10 and just let WD on his own...then readers skip all the methodology part of the report and go straight to the result then claim " WD suxx"

Indeed, i didn't wait this report to know that, various tests i (and others) did in the past clearly show that.

As i said since ages. but if you enables the native security features, it will become very difficult to find serious malwares. Then all those youtesters will have nothing to do on their channel

i think this is a security forums' members symptoms, you have people putting too much emotions on their products and defend it against everything even things not related; and unlike in real life, they won't forgive a failure even if this failure was years ago and fixed since; the resentment is still there.
For example, just create a UAC thread praising it; you will always have someone coming to bash it, whatever valid, documented and detailed explanation you will say.

People should focus on what they can give to and help the community instead of erpetually bashing efficient products just because they don't like it or had a bad experience.

i dislike several products for various reasons, doesn't means i have to go on every thread and spit my venom...i just ignore those threads.

 

I've recently uninstalled WSA on my secondary machine and trying WD.
After a day or so, I get a yellow warning triangle on my WD task bar icon that a scan has not been performed for a while and I am at risk.
I thought WD definition updates and scans were automatic?
Am I missing something? Is there some setting I should look at?
I had previously turned WD off via GPO (now on) when I had WSA, but I don't think I changed anything else.

 

One cause is if you use CCleaner and the Windows Defender logs are checked under Applications/Utilities tabs--they'll get deleted. If so, uncheck it and run a quick scan to get rid of the yellow icon.

 

Thanks @plat1098! Indeed it is ticked, so will try that.

Edit: And it worked.

 

Another question. I run EAM but want to run WD Limited Periodic Scanning.
But every time I reboot periodic scanning is off again.
I wouldn't think that is as intended, something must be switching it off ... how do I make it stick?

 

Maybe a 3rd party AV is disabling it with each reboot:

 

Must be EAM then (or MBAM 3, though that is currently set to not start with Windows and all protections are off).

 

The correct way third party AVs should handle this, is to simply register themselves upon installation and the OS will handle the shutdown of WD automatically.
Some third party AVs however will register themselves AND change every WD registry entry AND block every process that are even remotely related to WD.
This will result in exactly the situation you are experiencing.
IF third party AVs followed proper guidelines, then your OS would still work as intended and you would be able to use WD limited periodic scanning if you wanted to.

In 99% of the cases, the above mentioned will be the reason why you face this bug.
In the remaining 1% of cases, the reason for facing such bugs will be that the user has used one of those one-click tools that claim to save users from telemetry, spying and a 1001 other things.
Actually those one-click tools just disables tons of features completely unrelated to telemetry, features that other parts of the OS are depending on being functional.
It's pure hell backtracking what the user unintentionally disabled in the OS when they ran such tools.

 

Is it fixed with Windows 10 Insider Preview 15002?

 

Its still buggy for me here.

 

I'm not going to elaborate to far on this subject, as what I'm about to say, is geared more towards independent testing.

In my personal experience, which I do have a little, setting up a VM with nothing but windows default applications, I would have to disable, yes you read that right, disable windows defender in order to download my samples from the web and then zip it for testing of other products.

I'm also the type that even testing other securities, I left Smart screen and UAC enabled doing so, and in my tests, I had to allow, yes again you read that right, had to allow the samples through smart screen everytime.

Think upon that for a minute.

 

Still present in build 15025.

 

Thanks Martin. I will have to isolate whether it is Emsisoft or MBAM 3 (installed but not used) causing this, or possibly an anti-exe like VoodooShield.
Of course I know you would say I don't need any of these .
I would be interested if anyone else using the above products has experienced WD periodic scanning being set off on reboot, and isolated the culprit?
No one-click tools used.

 

Wow, Defender hasn't been updating its signatures a lot lately. Once/day? One thing with Emsisoft Internet Security: it can update hourly and you can see what's been loaded. Maybe Defender will show this too in the upcoming build?

Edit: yes, me too, lag is pronounced when you call Defender from system tray after the first time. It doesn't matter if you have "enhanced notifications" enabled in startup or not. Wish this would get fixed.

 

What Is Windows Defender Application Guard
http://www.ghacks.net/2017/02/20/what-is-windows-defender-application-guard/

 

ReHIPS is a similar application for Windows 7 and 8.