Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. ReverseGear

    ReverseGear Guest

    Not sure if I should create a new thread or not -

    Windows defender in Windows 10 and Windows 10 Enterprise LTSB - Do they provide the same protection ?
     
  2. guest

    guest Guest

    Unless you suscribe to WD ATP , yes.
     
  3. ReverseGear

    ReverseGear Guest

    Thank you
     
  4. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    ...and no need for PUP tweak, right?
     
  5. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Pup is needed.
     
  6. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,797
  7. guest

    guest Guest

    sadly some idiots drives right away into a wall full speed then wondering why they died...

    @safeguy interesting links, will relay them ;)
     
  8. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    Windows 10 Enterprise LTSB has AppLocker and BitLocker protection tools. Optionally, in Windows Enterprise, one can get ATP for added protection.
     
  9. guest

    guest Guest

    http://m.windowscentral.com/how-change-windows-defender-antivirus-cloud-protection-level-windows-10

    https://blogs.technet.microsoft.com...in-the-cloud-how-can-it-help-your-enterprise/

    What is MAPS?

    The Microsoft Active Protection Service is the cloud service that enables:

    • Clients to report key telemetry events and suspicious malware queries to the cloud
    • Cloud to provide real-time blocking responses back to the client
    The MAPS service is available for all Microsoft’s antivirus products and services, including:

    • Microsoft Forefront Endpoint Protection
    • Microsoft Security Essentials
    • System Center Endpoint Protection
    • Windows Defender on Windows 8 and later versions
     
    Last edited by a moderator: May 25, 2017
  10. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    Disabling the web protection should equally stop the AV interfering with the browser, shouldn't it?
     
  11. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,797
    I guess so as long as no modules are injected into the browser. But the remaining criticism for all AVs such as the way they work and their lack of self-protection mechanism remains...

    P.s. I am not arguing for or against anything...just sharing the information as is.
     
  12. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    849
    Location:
    Melbourne, Australia
    Any other group policy settings recommended to complement the MAPS settings?
     
  13. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    525
    Here is a view of all Windows Defender settings :
    https://technet.microsoft.com/en-us/itpro/powershell/windows/defender/defender
    Just drill your way down through each link on that page for a complete walkthrough.

    The way Windows Defender are set up in Windows 10 out-of-the-box will keep every regular user safe.

    But for those that want to activate more modules in Windows Defender, increase its aggressiveness, throttle system impact, change update intervals and so on - then that link is what you want to memorize.
    Under the hood, Windows Defender are a powerhouse of settings. :thumb:
     
  14. mWave

    mWave Guest

    They don't need too. :) All they need to do is watch closely and make good decisions instead of being trigger happy when it comes to running unknown downloads and clicking on links from spam emails - usually that is sufficient enough in itself to stay protected.

    Even if you are being click happy on search engines, its pretty difficult to just "walk" yourself onto a zero-day malicious URL which deploys a browser exploit to infect your system (with the exception of a drive-by-download although you'll still need to interact with that download...).

    People seem to think that by installing an AV for free, or alternatively opening up their wallets and handing over $50 for an Internet Security suite that they will be completely protected against threats. What they don't seem to realize is that they can stay protected with minimal effort just by resisting to click on links which either seem suspicious or are unknown (and to not give a good vibe), by performing check-ups on new downloads/URLs on sites like VirusTotal and being aware of how email attacks are performed (in case of spear phishing and the such).

    It's not difficult to do the above even if you lack any experience in the security field. It would take a few days maximum to get the grip on using sites like VirusTotal, checking downloads for digital signatures, verifying email senders in the case of a spoof, etc.

    Pretty damn stupid if you ask me. I know what I would do if I was an average person... I would spend a few hours a day for a week or so to learn the very basic practices (some suggested above) and then be fine for years and years (most likely) other than fall for social engineering into installing malware and having all my savings shifted from my bank account by a malware author or have my friends spammed with malicious URLs over Facebook chat after falling for a phishing attack.

    And then when you add on UAC and SmartScreen and use those properly with an ad-blocker... Well damn. You're good to go.
     
  15. guest

    guest Guest

    @mWave well said , that is what everybody should do...problem is they are either too lazy or busy to learn the basics or brainwashed Vendors/pseudo-experts blogs telling Windows built-in tools are crap...
     
  16. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I agree completely. That has been my experience over a number of years, that if you are careful, it's very hard to get infected. With the exception of when I was using a computer that was not updated, the only times I've ever got infected is when I've opened something I shouldn't have.
    The problem is not laziness. Unfortunately, the average user believes that antivirus software is all they need to keep them protected. Partly, this is caused by antivirus companies claiming how awesome thier antivirus software is, how well it will keep them protected and how much better it is than the alternatives. This leads people to believe that antivirus software is all they need to keep their computers protected. When people open a malicious email attachment or download, and get infected, they blame their antivirus for not detecting it. They don't stop to thnk that if they had not opened the suspicious file, they would have not got infected, and that if they are more careful in the future they can avoid being infected again.
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    The point is that if Win Def can detect malware then so can Win SS. They probably make use of the same blacklist. A third party AV might have a better blacklist, so third party AV + Win SS is the better choice in theory.
     
  18. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    As long as microsoft feels only windows 10 is worth developing for (I assume only windows 10 is getting these improvements) and windows 7 and 8.1 have a userbase then these vendors will always have a market. This thread is making the assumption that only windows 10 is relevant.

    I agree on some points made in this thread that I think its wrong for testers to deliberately weaken the OS security to test security software.

    My personal reasons in the past and present for not using WD is performance overheads, it made my system more laggy and also had a habit of scanning my system when the system is idle, I dont like that type of behaviour. Whether or not this has been fixed in the latest variant of WD I dont know, but I accept if WD implements cloud reputation systems and EMET features it is becoming a beast.
     
    Last edited: May 27, 2017
  19. mWave

    mWave Guest

    Most tests done on security products are stupid IMO and every single test should be taken with a grain of salt. More often than not, in reality the tests done by AV testing corporations mean absolutely nothing in the real world.

    Just because Bitdefender scored higher in a test than Windows Defender doesn't mean its "better". I've noticed that there are many people out there who don't understand things like this.
     
  20. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,983
  21. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
  22. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  23. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    WD is both a traditional signature AND cloud AV. So its a hybrid AV/anti-malware product.
     
  24. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Question.

    I enabled these changes on my test pc of W10 Enterprise x64 CU. It is currently not connected to a domain. I noticed since that time, Cloud Protection is enabled but grayed out. Is that normal?

    Capture.PNG
     
  25. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    ATP is not available for home users though correct?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.