Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Do a repair on Edge. Worked for me.
     
  2. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    :thumb:;):)
     
  3. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Has a Definition update come down the pipeline, I wonder? I think that's how they handle these issues nowadays.
     
  4. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Nothing else has broken in the last 5 hours so I would have to assume it has been resolved.
     
  5. Jimmy9190

    Jimmy9190 Registered Member

    Joined:
    Jan 1, 2014
    Posts:
    67
    Location:
    United States
    There are a few threads on the other security forum that say MS has issued a fix for the problem, it was related to a problem with Defender updates. Of course that does nothing to help the folks who now have to go back and reinstall/restore all their shortcuts and program links. I was ready to change to a third party AV but it looks like I will not need to do that now. I have a Windows 11 laptop with the Home Edition of Defender and it was not affected. I am also trying out the Beta of MBAM Premium version 5 and really did not want to change any of that.

    Jimmy
     
  6. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    580
    ms fixed this like 5+ hours ago (a defender signature update, rolling back changes to an ASR policy)
    unless you are tweaking and enabling ASR rules you wouldn't of been affected, restoring shortcuts if you regularly backup is not a major issue. but it really should not of happened in the first place, many enterprise / businesses relying on Defender Endpoint ( usually deployed via intune policies ) would of had a very very bad day and many support phone calls!/tickets I can only feel their pain today.

    i was affected by this personally, i fired up my laptop this morning and at first i thought a brave update had done something weird.....
    but defender history showed exactly why, and the ASR rule that did it.. and easily disabled it, and it was seconds to restore any shortcut files (*.lnk) from backup using macrium mounted image & robocopy any shortcut files (*.lnk)...

    again the average home defender user on home, that doesn't tweak or use ASR wouldn't of had any idea this had even happened.... and has nothing to do... business as usual

    I can only imagine the carnage that would of happened if it did affect all users!!!!

    I raise a glass to those in Enterprise/MSP support with thousands of affected users
     
    Last edited: Jan 13, 2023
  7. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    I'm still trying to figure out why it happened to me. It's not an Enterprise version and I even went so far as to install a copy of DefenderUI to see if anything ASR was enabled and none of it was. Oh well, just glad to be done with it.
     
  8. kC_

    kC_ Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    580
    still baffled by this, and was thinking possibly you had previously installed dui or configure defender and left your asr rules on?!

    as you just confirmed you hadn't , so im stumped... i do suspect that something is showing wrong somewhere, if your shortcuts were deleted, today then im as sure as **** you had ASR enabled, more specifically, the exact ASR rule
    "Block Win32 API calls from office apps"

    if you cant reliably determine that rule is on or off... you should do a fresh instal................. ASAP!


    but so far glad your all good

    ** bit of googling ..... can you show your ASR status?? here? https://blog.ciaops.com/2020/11/23/show-asr-settings-for-device-with-powershell/

    i think you must of had asr rules enabled someohow

    fyi ive been back in full ASR since the updated signatures... and no issues (apart from .exe prevelence)
    https://ibb.co/LzPX7cn
     
    Last edited: Jan 13, 2023
  9. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    It wiped out many of my icons, etc. A real ******* as far as I am concerned.

    I am running Windows10 Home on the computer that was affected-not Enterprise. My other three were not -but two of them are running Windows11 Home.
     
  10. monkeylove

    monkeylove Registered Member

    Joined:
    Dec 10, 2013
    Posts:
    226
    It's best to have backups, prevention, and protection.
     
  11. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen
    I'm reading this much interesting thread but, just for the things said here - think about cruelsister's tests - I would never use only an antivirus on my systems, as someone already said here. Threats and attacks are so diverse and sophisticated that it' absolutely necessary to have a multilayered defense. Especially, also if they seems to be forgotten or snubbed, an HIPS.
     
  12. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    https://www.theverge.com/2023/1/13/23553370/microsoft-start-menu-taskbar-shortcuts-windows-disappearing-removed-problem

    Also happened to me - on only one Windows 10 (non-Enterprise, Pro) instance, almost vanilla, except for Andy Ful's Hardware Configurator - on default settings.
     
  13. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    I lost edge and keepass icons on my Taskbar on Windows 11 Pro, 21H2.
     
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    If the problem is restricted to a few softwares it is better to reinstall.
    With Thunderbird and Firefox I did it this way.

    Even now I still precautionarily have the ASR rule disabled.
    With these "geniuses" trusting is good but not trusting is even better.
     
  15. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    So glad I don't run Edge on either of my Windows drives. It's just another proof-positive that too much of a monopoly on the desktop is bound to go south sometime. It's too embedded for my comfort.

    Edge is great in some ways: it's fast, secure, etc etc. Even if something like this *never* happens again, I'll live very well without it.
     
  16. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Also in Start.
    Do an Edge repair as recommended by @xxJackxx :thumb:
    is the only way.
     
  17. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    I tried that but the edge icon came back transparent, so I just right-clicked the executables for edge and keepass and selected pin to taskbar to get them back :thumb:
     
  18. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    its ASR related, not Edge which is not the point here. but you should be aware that more and more software need msedgeview - mandantory.

    i dont have ASR, although this is windows enterprise, Win10/11 same, nothing deleted.

    PS edge is not pinned to the taskbar here.
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    Microsoft communication:

    P.S.

    "should prevent" is a rather insecure statement.

    3.jpg

    So I'm supposed to be safe.:D

     
    Last edited: Jan 14, 2023
  20. Jan Willy

    Jan Willy Registered Member

    Joined:
    Jan 29, 2021
    Posts:
    226
    Location:
    Netherlands
    To be sure I let this ASR-rule in ConfigureDefender for some time disabled.

    Schermafbeelding 2023-01-14 153442.jpg
     
  21. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    +1 ;)
     
  22. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Yes, according to Microsoft, you "should" be safe. :) Should.
     
  23. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,343
    Location:
    Italy
    :argh:
    Even yesterday I thought (but was wrong) that I was safe.
     
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    It's at work, will have to wait until Monday.
     
  25. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Agreed, and I do. Hopefully anyone that was slack about doing backups will be motivated by this.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.