Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,424
    Location:
    Dubai
    I wish Windows defender had a whitelisting feature like NOD32 where it wouldn't scan a file over and over again if the file hash hasn't changed. That would bring down its performance impact significantly.
     
  2. guest

    guest Guest

    Defender Control 2.1 (March 1, 2022)
    Website
     
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    WD uses such feature, but i think you speak about manually started scans - IMO that will force a full scan. right?
     
  4. Bertazzoni

    Bertazzoni Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    652
    Location:
    Milan, Italia
    You are correct about the full scan but I think @Spartan may be referring to Defender scanning when copying files, etc.
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    If it indeed uses such feature (caching) it's just terrible. Performing file operations (read/write) can be significantly slower when MD is enabled. And even if you repeat operation a minute latter it will still be slow as before even though files were not changed.
     
  6. darts

    darts Registered Member

    Joined:
    Feb 19, 2009
    Posts:
    456
    Location:
    Netherlands
    I have Windows 11 with Kaspersky, but i want to get rid of Kaspersky eland replace it with Windows Defender but what do i need more of i run Windows Defender for the safety?
     
  7. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,156
    Location:
    Canada
    Running a secondary program to compliment your AV is a good idea imo.

    Some of these include, OSArmour (paid), Malwarebytes (paid), Configure Defender, Simple Windows Hardening, Hard Configurator, Voodoo Shield, Defender UI and Wise Vector. Use only one of these, ( CD and SWH can be used together.)

    There are other options I'm sure will be mentioned but these are the only ones I would consider.
     
  8. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    I agree with @digmor crusher. On one of my computer I have been running WD with the paid version of OSArmor for 2 years. No problem at all and it's very light.
     
  9. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    WD is enough. I run it with Configure Defender and have had no issues.
     
  10. Pat MacKnife

    Pat MacKnife Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    620
    Location:
    Belgium
    Last edited: Mar 3, 2022
  11. darts

    darts Registered Member

    Joined:
    Feb 19, 2009
    Posts:
    456
    Location:
    Netherlands
    Where can i find configure Defender?
     
  12. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
  13. MeAgain

    MeAgain Registered Member

    Joined:
    Sep 2, 2011
    Posts:
    66
    Does anyone think SecureAPlus Lite or SecureAPlus Essentials along with Windows Defender would be a good combination? I've read it runs light and is a good product. Thank you.
     
  14. Bertazzoni

    Bertazzoni Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    652
    Location:
    Milan, Italia
    Yes. No need for the paid version along with Defender.
     
  15. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    I would not use anything in addition to WD- no need in my view. Just run an image backup every day just in case.
     
  16. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    735
    Location:
    South Park, CO
    Yesterday I discovered that MS Defender is using behavioral signature updates much like Kaspersky does. This one, specifically for tamper protection, appeared in yesterday's update changelog (despite the date).

    BehaviorWin32MpTamperRemoteProc.A.png
     
  17. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    looks like ordinary signature. the page only shows that defender is able to catch such malware als shown. defender has anti-exploit, but a behavior scanner? means: hips? i am not aware of such feature.
     
  18. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    735
    Location:
    South Park, CO
    It says "generic detection for suspicious behavior," so I hope that means MS is improving its tamper protection, which had been a weakness in Defender according to recent news articles.
     
  19. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,869
    a little research about
    https://www.microsoft.com/en-us/wds...in32/MpTamperRemoteProc.A&ThreatID=2147811242
    (please insert link text time)

    if you use (paid) ATP, then bevaior deetection is possible:
    ATP is not available on user machines.
    https://www.bleepingcomputer.com/ne...adds-new-malicious-behavior-blocking-feature/
     
  20. SeriousHoax

    SeriousHoax Registered Member

    Joined:
    Mar 27, 2019
    Posts:
    99
    Location:
    Bangladesh
    Actually, these are not new. They have been using behavioral signatures at least since, 2016. Maybe behavioral signatures were created less frequently back then. As the name suggest, these are based on behaviors, so only comes into play post execution. I've seen this a few times in action while testing Microsoft Defender.
     
  21. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    735
    Location:
    South Park, CO
    Thanks guys for the info. I find MS documentation inscrutable, since most of it applies to their EDR and often describes features that have similar names ("behavior block") as those in the consumer versions ("behavior monitoring").
     
  22. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
  23. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    False Positive?
    WDFP.jpg
     
  25. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    4,208
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.