Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.
Of course, Roger.
When I first started using windows defender I also noticed quite a bit of hard drive activity for awhile, but as I kept using it those things just seemed to settle down. (not suggesting this would be the case in xxjackxx situation) Unfortunately I have no info to share as to why that happened.
It does seem strange that Ms would not have it such that if the program detects no change in a file or folder there would not be a scan.
Then it's time to start, you can store 500 GB of installer files on an external drive. So you don't waste your SSD and you will have no problems with Windows Defender any more. It's so easy and I really like it.
Exclusion doesn't fix the issue I mentioned.
While I agree, that I could manage my downloads better, opening a large download folder is not the only time that Windows Defender slows down my computer. As a result, I'll stick with a third party antivirus, which is lighter and also gives me me control of how to handle suspicious files.
My experience on an i3 W10 laptop is that WD causes a 2-3 sec. delay as it scans at the end of a download or on running a large .exe. It also causes the fan to run audibly and the icons to hang for a few seconds if I open a folder full of .exe's, especially larger ones (over 10 MB). Nonetheless, it's free, it gives me no FP's, it gets decent test lab scores, and it doesn't nag me to buy stuff, so I'm OK with it.
Just curious about defender log -
C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-20191124-232111 (where the date is approx. when feature 1903 was installed)
Typical line, about 14MB of this sort of thing (there are other items, but make sense and there are fewer of them):
at that time process 1004 was LSASS.exe and 3884 is my Sphinx Window10 Firewall Service.exe.
- What is Windows Defender HipsRule 0x800000? all lines have that number.
- Is this log going to grow forever or will it ever rollover?
I don't need control of how to handle suspicious files because it only happen every 2-3 years. However, better performance of Windows Defender is always welcome.
BTW, I just saw this tool, may come in handy sometimes:
To be determined is if this would bypass WD's self-protection option.
WD considers this a generic HackTool and quarantines it. You must disable Tamper Protection to use it. I get it from the developer's site. https://www.sordum.org/9480/defender-control-v1-6/
I thought WD tamper protection was auto enabled in the 1909 Feature Upgrade? I just upgraded my daughter's notebook from 1803 to 1909 via in-place .iso upgrade and tamper protection was not enabled.
I use it, no problems. Just do an exception for it.
"Tamper Protection will be turned on by default, if you install 1909 clean. If you upgrade, for compatibility reasons, it will not be turned on by default, but instead, a new warning is introduced, that the new standards are not met, so you may decide whether you want to have it on."
You might not see the warning right away, but it should show up eventually.
Hello, I am new using Windows Defender, but there is a few things i do not understand.
I noticed there is several services that are manual at default and do not run never, or run at start and then stop and I dont know if there is something broken and Defender is not working as intended.
About these services:
- Windows Defender Antivirus Service, WinDefend, Auto: This is always run, I understand this is the real time protection and have to run always.
- Windows Defender Antivirus Network Inspection Service, WdNisSvc, Manual: This run at start but at later time it stop, is this normal? What do this service?
- Windows Defender Advanced Threat Protection Service, Sense, Manual: This is why I am asking, this service never start and if i try to run manually give an error that say was running and stopped, but not run. Is something broken here?
In security center I have all options checked and get defender updates, so its seems its work as intended, but I want to know what is the Sense service and why its not run.
Also is set defender in sandbox by setting setx /M MP_FORCE_USE_SANDBOX 1, recommendable?
@mesit0 Some WD features are not yet enabled.
Please go here https://hard-configurator.com/download.html and it will lead you to the download site for the stand-alone ConfigureDefender app. This will allow you to easily setup and harden Windows Defender. For more info and questions you may go here https://malwaretips.com/threads/configuredefender-utility-for-windows-10.79039/
I would not bother with Windows Defender sandbox. It already has Tamper Protection, which you may need to enable depending on OS version.
It's used by Windows Defender ATP which is only supported on Win Pro+ versions: https://docs.microsoft.com/en-us/wi...n/microsoft-defender-atp/minimum-requirements . I assume you are running Win 10 Pro? The service doesn't exist on my Win 10 Home vers..
WD ATP is an optional subscription feature.
WD moves to extended support only on 10/13/2020. Sounds to me Microsoft is "pulling the plug" on it:
@mesit0 here is the correct link https://github.com/AndyFul/ConfigureDefender
In Windows 2004, incl. Group Policy console, it's now "Microsoft" Defender. So, it's understandable. Thanks for this info.
@Bertazzone Thank you, I will check it this tool.
Yes, I have Win10Pro, if its a optional paid feature there is nothing to do then. So, the basic service we need to be running is the WinDefend, MsMpEng.exe, right?
The two WD services that should be running are:
Windows Defender Antivirus Service
Windows Defender Antivirus Network Inspection Service
At the end of the decade, there will only very few vendors left.
WD does it's job, and can be tweaked with ConfigureDefenderMaster,
or supported with NoVirusThanks OSArmor, or HMP.A.
Does anyone disagree?
I think there will be less vendors but more than your list. M$ is undoubtedly putting pressure on the industry. Who knows?
You mean the end of the 2020's? We'll see.
Maybe no Symantec / Norton... it may not even take that long. Again, we'll see.