Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

No that's surely the case with most software programs and applications, by using a valued & trusted uninstaller it's able to properly find and remove any leftovers.

 

I have never used an uninstaller that removes all leftovers- not even close. I think they are a waste of time.

 

My general feeling is less is more. I don't really get say why I need CCleaner when I have one already pre-installed. I could be wrong though.

 

Yes, but I assume these are not executables like .exe and .msi files? Because normally speaking you can't get affected by video and image files. Now that I think of it, I noticed that Win Defender seems to scan image files, I see it when opening thumbnails with XnView, does anyone know if this is normal?

 

I saw your latest video, I liked the 90's beat. But anway, are you saying that when someone loads malware it can simply add itself to exclusions and WD will then be blind? I still can't picture this, because shouldn't WD always send this file to the cloud?

 

The actual malware has a command tree. First the command for Defender to exclude things (drives, directories, or files) will be run first (at 3:07 of the video), then whatever can be sent to that place (at 3:35- in actual malware it would be a silent script and NOT the actual 7-Zip app, of course). But as was seen when a malicious file is placed in an area that was previously excluded it will not be either detected or sent to the cloud, unlike previously when that same file was detected and deleted (at 1:17).

Please understand that this video just breaks down the steps that were actually used (but not seen) by the malware in my previous "Defender vs a Novel Stealer" video. Apologies for any confusion but I have a habit of not being crystal.

 

OK cool, but this means that this malware is able to perform certain suspicious stuff like loading a script and executing system processes without WD being able to react to this by sending it to the cloud? This seems very weird, do other AV's also have this achilles heel? And why wouldn't ALL malware perform this if it was so simple to bypass WD? Or perhaps I'm misunderstanding.

 

No, you are not misunderstanding.This is a totally specific WD issue. The coding isn't all that simple as a number of steps have to be in place and it wasn't formerly done- but it IS being done now which is why I made the last 2 videos in the hope that the WD only folk would badger MS.

 

I'm not part of that crowd, although I use Defender augmented with H_C and OSArmor, but I hope you are badgering MS, fortified with your test results and the clout of your obvious way above average malware testing skill set. They are far more likely to take you seriously than a typical home user of Defender.

 

you are wrong. if you cant read the results you are not able to judge whats right or wrong. in fact ccleaner will slow down your system, and that's related to your other question. the view to your system gets more and more complete - and i think it's user related. relying on too many lies here and there. right now i wont give a dime on your system, its time to recreate your windows from scratch without any tuners or cleaners.

you were asked to give some examples for other antivirus. if not this is considerable pointless defender bashing and not helpful.

 

Let's not shoot the messenger.

 

the information is appreciated, but the bashing behind when repeating it on and on and on... without any comparison.

i found a reasonable answer
https://malwaretips.com/threads/defender-vs-a-novel-stealer-variant.119212/post-1014322

 

Exactly.

WD is trash and has been bypassed many times. But if you're not bright enough to move on from it, you deserve what you get.

There are plenty of other security programs that are much better...for me, av's are not up to the task.

 

maybe, maybe not

i still ask for a comparison, but sister seems to dare so i just have some facts for you people.
using cve.mitre.org to search and to read:

https://support.norton.com/sp/static/external/tools/security-advisories.html

overtaking other vendors means same code meanwhile. it does not matter which one of the portfolio you use, in worst case all of them are vulnerable.

or kaspersky
https://support.kaspersky.com/general/vulnerability.aspx?el=12430
all products use the same code base, if one is vulnerable, the others in most cases too.
the latest (nov.) is nice to read - the installer and also the remover were vulnerable in the past.
defender has no installer and no remover.

the stupid bashing on defender is absolutely futile.

 

Some people have made a career out of bashing Microsoft/Defender here, yet they still continue to use some iteration of Windows, I mostly ignore them.

 

+1 I agree with you. I suppose anything is possible but I don't see how a malware could bypass or turn off Defender when I am using my Standard account. Unless the malware can run admin privileges without my permission. I still think I would get a pop-up from MS about that.

Jimmy

 

pfft, if credibility matter to someone, maybe read some posts better and pay attention.

It's one thing to try to maintain a realistic and honest view of an antivirus (esp. heavily promoted by a trillion-dollar firm) rather than falling for the words of Defender defenders and slick Microsoft advertising. Example: Why is adware not OK for other apps but perfectly fine and unavoidable using, say, the MSN News app? Outta here!

I take security software very seriously nowadays. But it has to play nicely on my computer. If it doesn't, there's other fish out there. But for now Defender does fine. It's decently protected here, no worries.

 

I use windows defender on my windows 10 laptop and it runs just fine..security is behind the keyboard.If you continually download and execute different programs you will likely get bit at some point.I only use trusted software which is half a dozen at best.

 

to extend this: security is a concept, defender as an antivirus is part of it.
user can extend it reasonably, additional (!) software or some kind of "hardening", without locking a system down. it makes no sense to strengthen security and afterwards create exclusions or similar.

 

@cruelsister has provided evidence with her own testing in another forum that there is malware that bypasses UAC, so no alerts to the user. All she is trying to get across is that Defender does not always properly detect malware - even recent variants no less - and alert the users about it, and she doesn't believe it should be up to the user to determine if a download is safe or not, but instead the AV solution should determine that, which of course Defender has failed on several of her tests with very recent malware samples. In short, it has weaknesses that other AV solutions don't have.

 

I am on the other forum too and have read CS's posts about her AV tests there and here too. I know she is very highly respected, knows her stuff and she has already forgotten more than I will ever know about computer security. I have never watched any of her test videos though. To be honest I have a hard time following AV test videos.

I have been trying to stick with Defender for a pretty good while now. I have tried other AV's but always came back to Defender. No third party AV I have used has ever alerted me to any malware. Not Bitdefender or Avast or even Kaspersky. Bitdefender used to throw up warning windows all the time about this, that or the other security breach or a PC virus somewhere halfway around the world that demanded my attention. Once I had WD warn me that it has blocked a possible trojan but that is the only time I ever got a legitimate AV warning.

I have read so many posts and threads about how Defender is good enough for the home user. There are good and bad points about all AV's and it is hard to know which is best. A lot of people say Defender is as good as any other AV so I use it, also use it because it is baked into Windows, it works together with Smart Screen, does not slow down my laptop and Defender is said to be the least likely to cause conflicts with Windows updates and such. I use MBAM Premium in real time too. I have read that some folks do not like MBAM now but I have a lifetime license so I use it for a little extra peace of mind. I use Chrome with the Defender browser guard and MBAM extensions and Adblocker Ultimate. On Firefox I use Ublock and the MBAM browser extension.

I watch my step online and use good common sense, and keep trying to remind myself that the sky is not falling, Defender is doing a good job. I don't download anything much, once in a while I will buy an MP3 album from a trusted legitimate site online but that is all. I play chess and Tetris online but have been using the same sites for years now, no need to download anything there. I don't play modern video games at all. I figure I am pretty safe with Defender but I always wonder what AV it is that people have the most faith in, if Defender can be so easily defeated?

Jimmy

 

I feel safe enough with Defender as well for a number of reasons, not the least of which is utilizing common sense and careful decision making with file downloads and email links. So from my experience over the years, Defender is "good enough" for me.

 

That plus your Standard acct. seems some way-good protection. I tried to use a LUA a while back and it got on my nerves too often. But then again, I'm the sole user of this machine so it can be a trade-off. I mean, since when is any software a one-size-fits all?

It's sad that one who uses Defender (or not) should be feeling ashamed or defensive--omG--based on the extreme stand some seem to take for- or against-. This is an old problem anyway. Things used to get WAY more shrill a few years ago, let me tell ya.\

More for a peace of mind and to forget this stuff, I use two small programs to supplement Defender that have zero impact. But I'm sure there are many who can recommend a good and strong third party antivirus. ESET, BitDefender, etc.

 

It's pretty easy to get past UAC if you have not set it to maximum. Even then it is still possible.

 

Nonsense and a mere assertion on your part. WD is fine and if you get infected- look in the mirror 99.9% of the time.