Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,000
    It's not dangerous at all. As I keep posting, if you keep your system updated and are always very careful about what files you open, then it is very hard to get infected. You can choose to keep believing otherwise if you want, but my opinion is based on decades of my own experience and countless hours spent reading posts on security forums.
     
    Last edited: Feb 24, 2021
  2. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,123
    Location:
    Las Vegas
    If you have backups- all malware is a non-issue. AVs are never a sure thing and anyone that expects them to be are fooling themselves.
     
  3. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,123
    Location:
    Las Vegas
    Agreed but always do daily backup images. It makes all malware a non-issue.
     
  4. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,000
    Yes, it's definitely important to make regular backups.
     
  5. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,373
    Location:
    Under a bushel ...
    True, and I backup my image and file backups, but if there has been malware lurking for some time ... still prefer to have some prevention / warning strategy in place.
     
  6. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,293
    Pretty much this, zero-day is a totally non issue for home users, it is just a waste time and energy to worry about this, keep the system updated, maybe try to change for a standard user account and thats it.
     
  7. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    977
    Location:
    UK
    I wasnt referring to a/v I think they are behind the curve as well. :)

    Agree on backups.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,406
    Location:
    The Netherlands
    Exactly, I agree with you. I also think that security tools are way more important than patches when it comes to protecting home user PC's. And AV's will never give 100% protection, so you need other tools to protect the system in case you ever run into malware, no matter how small the chance is.
     
  9. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,293
    It is just your opinion, nobody is willing to spent a zero-day vulnerability to infect you (domestic "normal" user), besides it is very very hard to get infected otherwise.

    Almost all users in this forum like to test and use security tools, they like to use complex security setups that seems to cover everything, but the fact that it is just a geek hobbie, this is not "real security", most of us dont need any security tool except from a up to date Windows 10 OS.

    There is too much paranoia here that is almost funny and sometimes a little sad too, example:

    https://www.wilderssecurity.com/threads/malware-that-passes-thru-security.436584
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,406
    Location:
    The Netherlands
    What I'm trying to say is that patching your system is way too overhyped. Normally speaking, patching your apps and OS will protect you against exploits, while this isn't even a big risk anymore. So the biggest risk is still users manually downloading malware. Sure AV's will protect against 98% of this malware, but a little bit of extra protection is always nice. Think of anti-loggers and anti-ransomware.
     
  11. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,293
    What kind of Wilders Security user will download and execute Photos.jpg.EXE or Recibe.docx.SCR? Anyway there is a reason why malware creators are moving to LOLbins and LOLBAS, most of "normal" executable files are blocked by Smart Screen, browsers download reputation protection, e-mail filters and so on; most infections happen because the user disable/ignore the protection warnings or it happens by using a remote access vulnerability.

    About anti-loggers and anti-ransomware standalone modules, I think they are just geek tools and IMO totally unnecessary, they are like a safeguard, but you really dont need them.

    The fact that you need to manually download malware says a lot about the state of the Windows security, in the past you just needed to visit a malicious website to get pwned and you needed to buy and use a third party firewall to avoid being infected by worms that would destroy your PC without any interaction at all, nowadays people simple doesnt have to care about this.

    I have to say this again, this unpopular opinion, but most people here are not that interessed in security, they just want to satisfy their OCD and control tendencies.
     
    Last edited: Feb 27, 2021
  12. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    907
    Location:
    Canada
    An updated system and safe habits will protect users 99.% of the time. Throw in an AV and your good to go.
     
  13. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,282
    Location:
    Canada
    It seems reasonable to assume that if an individual is, without exception, careful all of the time, and always chooses the correct choice, then an updated O/S running basic antivirus and other built-in measures such as smartscreen should keep their device secure. But in each the following two examples, someone makes not one, but two mistakes:

    Ryuk Ransomware:

    Sodinokibi Ransomware:

    I added the underlining in the second quote to illustrate an inherent weakness of antivirus.

    Two mistakes were obviously made in the first example, and most likely this seems to be the case with typical ransomware; someone clicks a malicious link, then executes the malicious download. So these people are maybe:

    1. having a bad day
    2. fatigued
    3. distracted
    4. security-unaware
    5. day dreaming
    6. emotionally charged over something
    or some combination of the above. Whatever the case, humans aren't perfect, so maybe having some sort of additional security to detect suspicious file activity could be beneficial. If you're confident you'll never screw up, you're probably perfectly secure against these types of attacks, at least.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,406
    Location:
    The Netherlands
    That's exactly my point. But it's a fact that a lot of AV's can't offer 100% protection especially if we're dealing with malware that is brand new. So that's why I do think it makes sense to use extra tools like anti-ransomware and anti-loggers, they will automatically block suspicious behavior without relying on the user. I think these tools are more important than keeping a system up to date. But I guess we need to agree to disagree.

    Yes I agree, even experienced users can get tricked. And besides, I remember that years ago thousands of home users in The Netherlands were infected with ransomware, you're not going to tell me that those guys were not using any AV.
     
  15. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    907
    Location:
    Canada
    All AV's have an anti -ransomware module now, I would trust them more than an stand alone anti-ransomware product. And anti-loggers only work if you already have an keylogger installed on your system. To each their own but I've moved away from installing hoards of security programs on my computer.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,406
    Location:
    The Netherlands
    No not really, Win Defender hasn't got a dedicated anti-ransomware module AFAIK. But it does do a good job blocking them via signatures. And your second comment is a bit weird, all security tools will only be able to block malware until you are actually faced with malware, that's a no brainer.
     
  17. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,031
    yes, it does. it's called "controlled folder access".
     
  18. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,070
    Location:
    Brooklyn, NY
    Well, now, Controlled folder access can protect against ransomware. Mine is likened to Swiss Cheese what with all the apps I allow. But technically, it's protecting my docs and whatnot at defaults. Whenever I remember to turn it back on after annoying me, that is. :cautious:

    Source
     
  19. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,031
    you know you should have a ms account to fully take advantage of cfa, right? otherwise, you won't be able to restore your personal files in case of a ransomware attack, that is unless of course you regularly back up your personal files via a 3rd party sw to an external/offline device.
     
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,406
    Location:
    The Netherlands
    It's simply a folder protection tool and not as advanced as for example AppCheck and HMPA who watch for suspicious file modification. I wouldn't be using AppCheck if it did exactly the same as Win Defender, because that would be pointless.
     
  21. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,070
    Location:
    Brooklyn, NY
    Yes and speaking for myself, I already use a Microsoft account because I happen to run Insider builds. I actually trust my offline storage hdd way more, plus it's checked periodically for errors and bad blocks. I actually don't know why I try to keep CFA enabled like I do as it's not strictly needed on here and can get pretty dern annoying with its false positives. Oh well.

    Yes, AppCheck is a decent software, isn't it? I don't use too many third party software myself but can appreciate the rationales of those who do.
     
  22. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,352
    Location:
    Milan and Seoul
    I couldn't agree more, most of the time layers of security programs will just make Windows prone to errors and instability, MS Defender + a reliable backup/imaging system it's all one needs to cope with any malware scenarios (if any).
     
  23. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,282
    Location:
    Canada
    So if MS Defender misses an exploit, are you happy that you can at least recover it from a backup or imaging tool? Who cares that your private, personal data has been stolen?
     
  24. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,000
    That's not the case for all antiviruses. But for those that don't they provide protection against known ransomware using signatures, and some protection against unknown ransomware if they have behaviour blocking. I also don't feel the need to use separate anti-ransomware software.
    Yes. While I don't actually use WD, I do only use antivirus software (and backups) to protect me. I find it to be extremely hard to get infected and this is exactly why I have a very basic security setup. If it was easy to get infected, then I would boost my security setup, but as it stands right now, I don't need to.
     
  25. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,282
    Location:
    Canada
    I can enhance the security of my device beyond that of antivirus and latest updates without compromising the stability or speed of my O/S, with little or no penalty to my pocketbook, so why not? I do so because I can, and because I don't necessarily undermine the abilities of the malicious actors, although I've been guilty of this latter attitude before. I'd rather take a pro-active approach and prepare for something antivirus could miss, even though it might never happen.

    I just can't embrace keeping up to date and using antivirus as the "be all and end all" to security, especially with the rapid way threats evolve.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.