Windows 10 Anniversary Update + third-party AV solutions

Discussion in 'other anti-virus software' started by webyourbusiness, Aug 5, 2016.

  1. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    if you run ANY 3rd party AV / anti-malware software, the recently released Windows 10 Anniversary edition will prompt you to turn on Windows Defender (if disabled) - and once Defender is on - it prompts you to REMOVE the 3rd party AV/AM solution - ESET, KIS, Sophos, Bitdefender - it says to remove them all.

    http://www.betterantivirus.com/windows-10-anniversary-update-must-read/

    We got the release about this from ESET yesterday and they are NOT pro-actively releasing this to customers, but instead waiting for the support calls + tickets. We're torn, because we have literally thousands of customers who might be prompted to remove their ESET protection over the weekend. We don't want to send a bulk email, but we don't want our customers tricked into removing their paid protection... Grrr.. Spread the news - Windows Defender is NOT the protection you want... :(
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    Actually the only known problem is that two real-time protection are running at a time if Windows Security Center reports that ESET is not installed but it actually is. This problem should not affect those who haven't updated to the latest version 9.0.396 yet. This version uses a new signature due to which WSC denied communication for ekrn and thus reporting of a correct protection status was not honored by WSC. We are working on a solution which will enforce registration to WSC after a program update. If everything goes well, it will be distributed to users next week.

    If I remember correctly, uninstallation of 3rd party AVs is offered only if the installed security product uses an outdated signature database and protection cannot be ensured.
     
    Last edited: Aug 5, 2016
  3. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    thank you for the update Marcos - one of my team just experienced Windows 10 Anniversary security popups which prompted to turn on Windows Defender, even though they had latest ESET installed. He click "turn on" - and was then asked to remove ESET. It went down that way according to him. I didn't see it with my own eyes and trying to force anniversary update on my ultrabook put the machine into a reboot loop until it eventually removed the update and put me back to the previous win 10 setup.

    So are you saying that older ESET installations will get this issue because they are recognized as a valid 3rd party security solution? ie, no prompt to turn on Defender will appear for older ESET software?

    How about those running endpoint AV + endpoint security?

    the reason I ask is that the email we got out of San Diego did not explain it as you have - I will PM you message we got.
     
  4. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,642
    Location:
    Sneffels volcano
    For me WD is the protection I want and the one and only AV I need. I couldn't be happier with the release of RS1 and the way MS keeps improving WD, so no worries with that issue. I'm sure that 3rd party AV solutions will workaround it soon.
     
  5. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    for some users WD might be fine - I happen to think it is junk - based on working on many, many, many machines and having found malware in place with WD 'protected' machines.
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,616
    Location:
    USA
    Agreed. Running ESS 9.0.386.0 without issue. Looks like it's good I did not know there was an update. Still waiting for 10 to be finished... :isay:
     
  7. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,193
    Location:
    Among the gum trees
    Funny, Windows has never prompted me to uninstal Norton or MBAM [currently running in real-time] since I upgraded to AU. Windows Defender only asked to turn on Limited Periodic Scanning. :rolleyes:
     
  8. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,061
    Location:
    DC Metro Area
    Hello webyourbusiness :)

    At least part of your statement is not correct i.e.,"...if you run ANY 3rd party AV / anti-malware software, the recently released Windows 10 Anniversary edition will prompt you to turn on Windows Defender (if disabled) - and once Defender is on - it prompts you to REMOVE the 3rd party AV/AM solution - ESET, KIS, Sophos, Bitdefender - it says to remove them all..." (my emphasis)

    "Microsoft does not want users to run more than one anti-virus applications. That is why they asked their AV partners to implement a certain switch that all AVs that want to be listed as compatible to Windows 10 AU need to adhere to. If you enable Windows Defender, EAM turns off. If you enable EAM, Windows Defender turns off. If you run Kaspersky and EAM for example, once Kaspersky updated to be fully Windows 10 AU compliant, Kaspersky will turn off the moment you turn on EAM and vice versa. That's all."

    "http://support.emsisoft.com/topic/25038-fabian-win-au-and-emis-clarification-needed/

    https://www.wilderssecurity.com/threads/windows-10-anniversary-update.387581/page-5

    The title of your thread would be more accurate if it read :

    "Windows 10 Anniversary Update + ESET"
     
    Last edited: Aug 5, 2016
  9. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    hawki,

    thx for the input - as I understand it now, there are patches coming out and some vendors are getting them out quicker than others. ESET's patch will be next week we're told - quite honestly, if the announcement from ESET to their US partners had provided this type of information, we wouldn't have been so annoyed and frustrated by this issue. Once again thank you for your thoughts + input.

    fwiw - I couldn't open the support.emisoft.com link- it might be geography - we have a lot of IP ranges blocked at the firewall, but I wasn't aware we'd blocked Germany.
     
  10. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    @webyourbusiness :
    Time to apologise now.
    First for blaming Microsoft.
    Second for not knowing, that you are blocked from accessing German sites.
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,262
    Location:
    Ontario, Canada
    Webroot SecureAnywhere is unaffected by the Upgrade and I have been testing every Preview even before Windows 10 was released and never ran into any issues.

    Cheers,

    Daniel :thumb:
     
  12. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,061
    Location:
    DC Metro Area
    I don't believe that webyourbusiness owes anyone an apology. If anyone owes an apology the name begins with an E and ends with a T for the statement published at the link in the OP. [W]ebyourbusiness had no reason not to rely on that E. . . T statement. E. . .T got caught with it's pants down. Whether or not it knew it when the statement was published, I dunno. Evidently E. . T knows it now per Marcos' post, who, to his credit, has always been quick to respond/inform/help in situations when E. . . T has had it's pants down.

    OoOps: My Bad. I forgot. E. . .T doesn't wear pants.

    https://www.cepteteb.com.tr/Content/img/eset_detay.jpg
     
    Last edited: Aug 6, 2016
  13. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    1,444
    Location:
    "An Apple a Day, Keeps Microsoft Away"
    :D :thumb:
     
  14. guest

    guest Guest

    WD becomes better everytime = 3rd party AVs unhappy because loss of $$$ = 3rd party AVs whining and publish biased articles = me LoLing because i dont care of 3rd party AVs :D
     
  15. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    I will need to check it out with our testers next week as there was really a message "Windows Defender Real-time protection is off because you are using another AV program. Uninstall your existing AV program to turn on Windows Defender." displayed when a 3rd party antivirus was detected. Perhaps this was changed just in the final AU release. The above advice is not correct towards other vendors and instead of uninstalling the existing AV it should rather suggest to disable real-time protection.
     
  16. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Nope, that did not happen here...running WSA not ESET...but nothing of note happened. Just to confirm what Daniel posted previously.
     
  17. escalibur

    escalibur Registered Member

    Joined:
    Jun 29, 2013
    Posts:
    118
    Commercial site claiming that their product is better than the one you can have for free. For some unknown reason charts were made without other AVs. :)
     
  18. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    162,658
    Location:
    Texas
    https://blogs.technet.microsoft.com...-10-to-provide-additional-malware-protection/
     
  19. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,616
    Location:
    USA
    As the admin of 20 PCs and a Windows Insider I can say I have seen these updates aggressively uninstall and/or break many 3rd party AV installations. If it didn't happen to you then great, but it does happen. This is not addressed at anyone in particular.
     
  20. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,193
    Location:
    Among the gum trees
    We have been advised that anyone running any earlier version of Norton than 22.7.x would be have issues but not if you have the latest version, as was my experience.
     
  21. dbrisendine

    dbrisendine Registered Member

    Joined:
    Jul 15, 2006
    Posts:
    51
    Location:
    BC, Canada
    I did not have any problem with the latest version of ESS v9.0.386.0 . The AU seems to have gone fine. Problem with MBAM rootkit driver, on the other hand, is still on going.
     
  22. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    we're a security solutions reseller - this was my blog article on our ESET website, that I put together using graphics from an article from ESET - it was SPECIFIC to the product being recommended as a replacement - ie, WD. If you want to start a 'my AV is better than your AV' - I think the discussion will get shut down quickly, but I can readily supply you details on the metrics which ESET beats bitdefender - and as an ESET, BitDefender, Kaspersky and Sophos partner, I'm well aware of the relative strengths (and weaknesses) of each vendor.
     
  23. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    Never had a prompt from Windows to uninstall Avira during the Anniversary Update, although both WD and Avira were disabled during the process.
     
  24. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    Tencent PC Manager was still installed with its protection enabled after upgrading.
     
  25. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    We're exploring some very particular scenarios around how this windows defender suggestion might occur.

    Marcos from ESET has provided information that this windows Anniversary update suggesting WD get turned on scenario can occur when 3rd party AV signatures are > 7 days out of date.

    I'm wondering how new the customer's computer was - and if their internet connection is 'always on' - my idea is along the lines of:

    a. the first customer we encountered a problem on is 'older'
    b. their computer may have been 'older'
    c. it's possible their CMOS battery was not charged
    d. they are in the habit of turning OFF the computer (some people cannot be persuaded that this is a bad idea)
    e. their internet connection is one where they must manually join the network

    So - power off - no CMOS = date on computer very wrong.
    Date very wrong + no internet connection at reboot = no way to correct time from timeserver
    date > 7 days out of alignment with virus signature database could trigger windows AU to prompt for Windows Defender to be turned on.

    The other scenario we're trying to work out if it existed relates to an incorrect Username + Password in their ESET software + failed updated.

    At this time, I can say, that I was NOT the tech who worked on this machine and we've just moved to a different helpdesk so I don't have access to the ticket in the old system to get more information. But I am pretty sure based on Marcos's explanation, that this was a fairly rare situation - the date on the computer, or the updates failing are likely to have factored into this.

    where I can't get my head around this - is that AU was supposedly pushed to 'newer' computers first. So can the CMOS have failed on a newer computer? Well - if they are in the habit of turning off their machine, yes, I think it can - especially in a hotter climate.

    I'm still investigating these scenarios - but for myself, I can't even get AU to install on my Samsung Ultrabook - it has tried to apply + hung up, then reverted to previous Win10 setup TWICE now... and as I run ESET Endpoint Security, not the home editions, I'm not entirely sure that the scenario on my computer will be a valid test of this.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.