Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,623
    Location:
    USA
  2. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    Guys, this so-called bug just means that you need to do a one-time reboot after changing system settings. I am sure you all do that anyways, it is very well known that you need a full reboot for some of the system settings to change properly.
     
  3. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,933
    Location:
    UK
    It's one of the first things I disable on a machine.
     
  4. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    310
    Location:
    USA
    Any problems or pitfalls in running Defender in sandbox mode?
     
  5. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    Yeah. It might not work right. It needs a lot of testing.
     
  6. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    145
    Location:
    Cambridge Ontario,Canada

    Running good here
     
  7. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
  8. JasonUK

    JasonUK Registered Member

    Joined:
    Nov 24, 2017
    Posts:
    112
    Location:
    UK
    I'll want to see a lot more expert(industry/user) opinion on WD and benefits of sandboxing an AV before I turn off my existing AV setup. I've run Avast + Malwarebytes in tandem for years and the worst I've experienced is the odd PUP threat so I'll need to be certain before I set aside this effective comfort blanket!
     
  9. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    145
    Location:
    Cambridge Ontario,Canada
    I just did some of those test at random on chrome
    seemed okay here
    One file dnldd but wouldn't allow to run
    So have to see
     
  10. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    Google Project Zero's James Forshaw (aka Chrome sandboxing wizard) pointed out the potential for some bypass potential with the Defender sandbox mechanism. Keep in mind that the bug report linked below is older, from 2017. Therefore just an example at the moment. However, he hints at this being a possible avenue for bypassing the sandbox. I imagine he will be digging into this further.


    Link: https://twitter.com/tiraniddo/status/1059680151330525185
     
  11. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    525
    The latest Transparency report - Examining the AV-TEST July-August results - are now available.

    It can be downloaded here (PDF) :
    Code:
    https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y
     
  12. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    145
    Location:
    Cambridge Ontario,Canada
    I've set mine up to block potentially unwanted apps as well
     
  13. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    How do you put up with Windows Defender? GRRR
    I just found out that it silently detected and deleted 5 to 6 files on 06.11 and 08.11, without telling me anything at all!
    I also found suspicious entries in the run folder in the registry: "C:\WINDOWS\SysWOW64\conime.exe.exe" and another one I deleted before copying/remembering. The files weren't there anymore and Defender never deleted them. So what do I know what happened?!

    Good thing is, I appear to be clean. HitmanPro doesn't show anything and Defender does not do either, of course. (anymore)

    Worst thing is, they were all in the temp folder and the names don't have any information attached to them that could help me identify WHAT PROGRAM IT EVEN WAS THAT CREATED THEM! I could have been able to identify it, if only Defender told at the exact time of detection!
    It was obviously one of these search programs I tested because I needed to search something in a billion source code files. But which one? Impossible to know...

    These files, some were installers, were allowed to be downloaded and run by me. They created malicious files in the temp folder and some were even allowed to run - as it is visible by the registry entries. But then they were silently deleted. What kind of protection is that? I don't think they were zero-day malwares either. The programs are all quite old.

    Not only that, but a few days ago I tested my PC with Emsisoft, ESET, Malwarebytes, and HitmanPro within like 2 to 4 hours. Now I am running a Defender scan (for other reasons) and this alone takes 5 hours! Bullc*ap!


    This is the last time I gave Defender a chance. I go back to KFA.
     
  14. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    This is strange. Just scan my PC with Windows Defender this morning, it took about 20 minutes...
     
  15. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    @_Nikopol

    check its notification settings...
     

    Attached Files:

  16. Bertazzoni

    Bertazzoni Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    652
    Location:
    Milan, Italia
    If you're talking about "Quick Scan", mine take about 5 minutes! Deep scan a few hours.
     
  17. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    I already installed Kaspersky and can't see them anymore. But I used ConfigureDefender a while back and there should be no reason that they were deactivated - except when Microsoft chose to do so per update!
     
  18. hawaii007

    hawaii007 Registered Member

    Joined:
    May 20, 2018
    Posts:
    27
    Location:
    Hawaii
    The first thing I noticed with Windows Defender, is some application take much longer to load. A non starter for me.
     
  19. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
    If you used ConfigureDefender, or you otherwise enabled ASR, that's why.
    One or more of the ASR rules will silently delete files. Not sure which one it is, but it happened to me a couple times.
     
  20. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    so how was False Positive Friday been for you guys? eventful i assume
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Was there a problem with FPs I don't know about?
    This week at work, we had problems with our remote desktop software, being quarantined by WD and MSE. Were there other problems with FPs?
     
  22. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    WD has FP problems with everything, everytime.
    Check what happened with Voodooshield, even after Microsoft claimed the FP is fixed, it was still not fixed.
     
  23. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    145
    Location:
    Cambridge Ontario,Canada
    42 sec for quick scan here
    39 min 13 sec full scan
     
    Last edited: Nov 11, 2018
  24. Tyreman

    Tyreman Registered Member

    Joined:
    Feb 3, 2003
    Posts:
    145
    Location:
    Cambridge Ontario,Canada
    Those configure defender and asr enableable rules look pretty radical
    glad I didn't go that route
     
  25. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    I guess... why does it do that? Nobody wants that. I can't find a setting that even sounds like that, except maybe 'hide the whole defender'.

    Anyway. I'm glad I decided to just move away from this trainwreck. Why would you even need ConfigureDefender just to make it easier, or possible itfp, to change important settings. I can't stand it anymore. Gui-garbage.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.