Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

MS Defender by being "free" has put immense pressure on their competitors. From a performance standpoint, there is not that much difference.

My deduction is, MS will clear them out of the consumer marketplace as profit margins and market prices shrink. Yes, some firms are still (even at discounts) charging $45.00 or more, but realistically, how long can this last? People are being squeezed financially and the last thing they will do is pay up for an AV. MS will win- they always have- anti-trust or not.

 

It definitely works here as well. Thanks to everyone involved in solving this pesky little issue.

 

For whatever it is worth.

https://www.neowin.net/news/microso...mprove-in-the-latest-av-comparatives-ranking/

 

I think the problem with it is that the things that people complain about are never addressed. It's the same thing, month after year. If they would fix those things it would mostly silence the complaints. To be fair the false positives have improved. The rest is pretty much the same.

 

Defender has same result as Eset which is recommended a lot here, funny, heh?

 

There are not much complaints regarding detection capabilities nowadays but other areas IMO need improvement also.

 

I guarantee that if they both cost the same there would be a large shift in users.

 

i hope so
i dont have doubt in avc results but for me the real world protection test has more weight because the most common malware ITW (in the wild). i still use defender with most of its original settings, but i disabled sample transmission and activated PUA. checking with configuredefender i did not touch the ASR section because there is no reason for me to do so (no ms office). cpu consumption is limited to 50% - this currently do not work on windows 11 as i read theses days. if i need to recommend another antivirus, ESET would it be. ok, this is from my experience in the past (10 years ago now) - that time eset 2 was perfect, eset v3 and v4 not. meanwhile they are on v15 (assuming each year a # higher)

 

Defender is sux compared to other AV vendors, how much suck depend to which one AV you wanna compare
There is a lot testers and vidoes which prove how much Windows Defender leaks however 3rd AV still also might leak too.

And that why put more efor on use other solution security like SRP / HIPS Virtaulization instead use only standalone AV and left naked system as is go with mind AV will find and delete all virus.
But of deal with that, they also not cover in 100% system. But for sure system will be more safe if you use gather few techniques for defense system.

Prevent and limit infection because for cure can be to late..
that suppose be your 1st layer of fight not scan and delete.

But im glad M$ work on defender. Always core defense suppose be high as can only be.

 

Some people love to donate money to AVs companies, there is still a strong belief in the malware dogma that you get what you pay for...

 

And what you pay for is (or must be?) better...but that is the fallacy...the tests show MS Defender is a good as any of them. AV companies are now like charities- give me a donation and we will do good works.

 

Windows Defender can Significantly Impact Intel CPU Performance, We have the Fix
https://www.techpowerup.com/295877/...-impact-intel-cpu-performance-we-have-the-fix

 

Yes, I read this article and...I think I'll pass on the fix which is a small software by the developer of Throttlestop where it resets the cpu counters whenever Defender bites off more than it's entitled to chew.

Though the comments following the article are generally positive viz: the fix, this Defender issue obviously doesn't affect everyone who uses it. Mind you: not a fan of Defender in the least. But at least it's not to where I would turn to fixes like this one.

I would be interested in anyone's view who has tried this fix.

 

Would explain why some folks have more complaints than others. Hopefully now that it's exposed Microsoft will fix it.

 

I have a 6th gen i3 which is probably not affected, but I dl'ed the software just to check it out. Although the .exe is validly signed, MS Defender blocked it even from being run via Smart Screen

 

So did I, to check it out. SmartScreen interfered for you? Hmm, here it went thru but I don't have ASR rules or anything like that enabled. This is what it looks like, and I actually have no idea what I'm looking at. This is after I clicked the "reset counters" button.

Guess I'll read the documentation and try to figure it out. But already, I'm thinking it's one and done for me.

Spoiler

 

If it says "normal," then you're not affected by the "bug."

I currently have C_D set to MAX, so the ASR rule blocked it before Smart Screen could even check it, probably because the software could be considered as "tampering" with Defender settings. Task Manager here shows very little CPU or disk usage with Defender, and from the Counter Control documentation it sounds like the "bug" only affects Intel generations 8 or newer.

 

AMD CPU weren’t tested yet

https://www.techpowerup.com/forums/...rformance-we-have-the-fix.295877/post-4782853

 

I'm not effected.
Has this "bug" been found on a large number of machines,
or is it just a very seldom fluke?

 

Did anyone else see that video on TPSC where Leo showed a demo of that exploit in MSDefender?

With a fileless attack the registry can be searched to find MSD's exclusions and then another fileless attack can drop malware into the excluded folders and execute it.

They patched the exploit in windows 11, but not in windows 10.

This got me thinking about how MSD can be disabled very easily. All you need is for the malware to be unknown and to act like it's installing an antivirus to completely disable MSD. Plus, without defender UI on aggressive or configure defender on max, it's not that great.

It's better than a lot of other solutions. Some of which cost money, but without advanced knowledge of how to activate the hidden features or need-to-know knowledge of what tools to get to configure it, it's just not that great.

 

Leo did the test wrong, like he does often. In Windows 10 he ran PowerShell as administrator, that's why it was able to see the exclusions.
In Windows 11 PowerShell was run with standard rights. That's why it didn't work. Microsoft patched the bug in February.
I didn't notice his fault either. Andy Ful pointed it out in the Malwarwtips forum. Also keep in mind, Microsoft Defender has to be active as the real time AV. If you try to test it where you're using a third-party AV then the exploit will still work.

 

Leo has an explicit bias against Defender and his "tests" are not objective in my view.

 

Well what about that other way of exploiting MSDefender? Where the malware is unknown and registers as an antivirus? That might not be so easy with defender UI on aggressive or configure defender on MAX, but what about the default config?