Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Now I am confused. WD ATP is an add-on subscription service supposedly for Enterprise ver. only. That Win service doesn't exist on my Win 10 x(64) 1809 Home installation. I really don't know why anyone using WD would want to disable ATP use.

 

You are not confused, you are right. WD ATP is subscription only.

 

Is it possible that PUA tweak decreases performance?

 

Windows 10 pro, latest released updates.

 

The minimum requirements for WD ATP haven't changed: https://docs.microsoft.com/en-us/wi...s-windows-defender-advanced-threat-protection .

What I believe MS did in 1809 was to include the WD ATP service in the Pro vers. to support the enhanced WD cloud scanning option capability. This .pdf shows what ATP features are available by OS ver.: https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf. Note that WD ATP EDR protections are only available on E5 version w/ATP subscription.

 

I dont know, but I have the impression that when PUA protection is active there is more system impact, really strange ...

 

I have it on Enterprise, and also set to manual start, so not active; so no big deal.

 

I heard that enabling PUA detection in Windows Defender creates a lot of False Positives

 

I've never felt the need for it. I don't really understand why people turn it on, unless you're part of IT for an organization.

 

Me and you probably don't need it but it's good for n00bs who just go on clicking next, next, next blindly when installing software which may contain PUPs

 

Malwaretips has a posting on the full cost of running WD ATP:

https://malwaretips.com/threads/windows-enteprise-and-windows-defender-atp-pricing.87227/

 

i've used Unchecky for a long time and put it on all my friends computers. it is not 100% but it does a good job

 

@Ultra Male

to me that eset and WD are the lightest (perhaps panda dome too but ditched it after 2 days), I dunno what to make of such charts
on the other hand Kaspersky, avast was heavy. If I want fast system even on old hardware (like a 6 y old laptop) I use WD with some small enhancements/blockers. I am positive 100% and fine with WD if not for some privacy concern

 

Windows Defender has come a long way for sure compared to its early day. I still however use a 3rd party solution because I feel it suits my needs better.

If you use Defender with other things I am sure it could be good enough for the average home user, but I feel it needs help, it can't be that alone.

 

How about Defender teamed up with say Comodo Firewall?

 

Read @cruelsister postings over at malwaretips.com on what she thinks of using only the Comodo Firewall. Additional features of it, like sandboxing, need to be deployed in combination with it.

 

Yes, the Cruel One herself says it's fine. CF may do the heavy lifting, depending on how you have WD configured.

 

Defender doesn't do anything alone, it's paired with Microsoft Smartscreen. There is 0 need for 3rd party solutions.

 

For average Joe, smartscreen is a wall of paper unless set to block by the "admin" of the house.

 

I guess you haven't installed Windows 10 in a while. The default is now "block". You need to manually go into buried settings just to find the option to add "allow" to the SmartScreen popup.

So yes, SmartScreen & Defender work fine together without the need for 3rd party nonsense that's usually coded like $#!+.

 

Yes indeed, you have to be a geek or very determined to get past smartscreen these days on windows 10.

Problem is those moments when it isn't available, and cases where it won't work at all, like unzipped rar folders, files ported over by flash drive, etc.

 

last clean install was last month...and i'm quite sure (not 100% tough) it was set to "warn" by default, i use 1809 enterprise and home on SUA with Microsoft account (maybe the reason why).

MS code like **** honestly, just look at Memory Integrity BS, the thing enabled itself by default and you can't turn it off (even using reg tricks); it use Hyper-V so basically while it is enabled you can't use a VM on the same system; not saying some 3rd party apps can't run because of it...
Every admins knows that MS Windows is plain BS, but it is a standard, we need it so we cope with it.

Personally, the 3rd party apps are better made , of course i don't use crap softs...

 

Literally no one that works in the security and bug hunting industry agrees with this. You're just making stuff up and hoping it's true, like a religion.
Microsoft knows their OS better than anyone and knows exactly what API is available. Defender is the best coded AV available, this is not up for debate. You can debate their detection rates if you wish.

I don't pollute my main machine with VMs so it's not really a concern for me.
We're also getting a Hyper-V sandbox next Windows version so it's even less of a concern.

Assuming you're correct I will just guess this is because it's the enterprise version then.

 

Btw, I work in the security industry, and even in the past for some security vendors.
So i know probably a bit more than the common forum member.
Many in the industry despise MS Windows, even more Win10 that keep changing the OS structure every 6 months by introducing dozens of issues/vulnerabilities via rushed features and so called "improvements"...

For you a simple built-in scanner that manages to be heavier on the system than several 3rd party ones is good coding?
For you waiting years to isolate WD's processes because they realized it can't even self-protect itself is good coding?
If yes, there is not much more i can say...

if MS were good coders, we won't have endless issues/bugs/vulnerabilities reported almost in a daily basis...compared with Linux, the difference is mindblowing...

The incoming windows sandbox, it is not even close to a VM, just a program sandbox... and Average Joe won't even get it, reserved for Pro/Ent users.

VMs are crucial to corporations and professionals whatever form it takes.
However, i agree with you, classic Home user don't need VMs.

Anyway i said enough about it, feel free to disagree, not my goal to persuade you, everybody has an opinion well-founded or not.

in Enterprise, yes, "warn" by default. i don't recall for Home version, but when i clean installed it i dont touch this setting, and my home version (1809 latest build) is also set to warn.