Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,352
    Location:
    Milan and Seoul
    That is highly debatable, I think MS Defender is as good as most paid well known names even at default settings. Of course if you think 'you get what you pay for' is the defining mantra for security programs, then there is no debate.
     
  2. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,064
    Location:
    Brooklyn, NY
    Microsoft has more to prove to consumers because of its trillion-dollar status and its ubiquitousness. Its real and perceived failures related to its operating systems carry over naturally to its antivirus.

    I believe that non-ATP Defender (Home "free" :rolleyes: version) augmented with Hard_Configurator or NVT OSArmor is more akin to a paid third party suite. I wasn't able to come up with a formal test of Defender plus H_C over at Malwaretips nor on the net. I would definitely welcome one such test if it's located.

    The author of H_C does a lot of his own testing and posts his findings now and then over there. An example--one of many:

    https://malwaretips.com/threads/how...containing-a-threat.107234/page-3#post-935562

    Personally, I would not run Home-version Defender solo at defaults because I have too healthy a fear of zero days. For me, a small third party supplement is a must, like a daily vitamin. Doesn't make me a traitor, just a little cautious.
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,444
    Location:
    USA
    Agreed. I had actually thought about posting something similar to the first part myself. I'm not sure I get how folks can be so supportive of Defender when it is made by the same company that makes they OS they all complain about. No intention of offending anyone, and yes, it has improved, and the price is right, but getting the cure from the same people that provide the need for one seem counterintuitive. I'd rather have something made by someone else. It's always good to put another set of eyes on something. Checking your own work leaves you to miss what you missed the first time.
     
  4. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,064
    Location:
    Brooklyn, NY
    The author of Hard_Configurator has posted some test data on H_C specifically--have a look:
    Updates - Hard_Configurator - Windows Hardening Configurator | Page 163 | MalwareTips Community

    Agreed, absolutely! A monopoly can have its own special circumstances.
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,580
    Location:
    U.S.A. (South)
    Probably not sufficient nor intended to be BUT with the always present danger of the methods practiced at Microsoft Defender, does anyone have any ideas whether MSRT is or can be in a support role of some fashion to prevent the MD files from becoming tampered with like REVil Ransomware is just proved it can. Adding Tamper Prevention apparently was inert and neutral as a few of the core AV Anti-Malware files were overtaken and used to fudge entire systems.
     
  6. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,899
    Location:
    Among the gum trees
  7. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,580
    Location:
    U.S.A. (South)
    I don't purpose it at all. Effective immediately, many feel it's Microsoft's responsibility to better shore up it's much heralded AV better then it has after it's been proven easily overcome by notorious ransomware and actually was used to perpetrate a disaster.

    To me and worse yet others who lost systems in mass, that is NOT "Becoming the Powerful Antivirus That Windows 10 Needs"
     
  8. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,899
    Location:
    Among the gum trees
    You asked a question and I answered it. That is all.
     
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,580
    Location:
    U.S.A. (South)
    I understand. And responded.
     
  10. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,899
    Location:
    Among the gum trees
    By the way, if you scroll down on the link I posted above it shows a list of the malware the latest MSRT scans for.
     
  11. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,031
    Location:
    Baden Germany
    In my opinion MD, formerly WD, tuned with Configure Defender, is already the best protection,
    if uBlock is used in the browser.
    From my experience with hundreds of customer PCs, non was compromised.

    But I know, that the discussion will go on and on..., until only a few will care.
     
  12. Bertazzone

    Bertazzone Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    381
    Location:
    Milan, Italia
    Most comprehensive testing has been done @ Malwaretips Malware Hub AFAIK.
     
    Last edited: Jul 16, 2021
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,373
    Location:
    The Netherlands
    To clarify, I'm not saying that all people should be using all of these tools. In theory, if you never encounter malware you don't need any security at all. And AV+firewall will probably block 99% of all attacks. But I'm strictly speaking about advanced malware attacks, I think that's what most of the people on this forum are trying to tackle, it's about the 1% of the time that most AV's will fail to protect.

    That's why I used the CCleaner "supply chain attack" as an example, the chances of ever seeing such an attack were slim to none, yet it did happen and it could have been disastrous for millions of home users. Lucky for us those hackers were only interested in corporations. So if you don't care about advanced malware attacks, you probably don't need any additional tools, but I personally don't take any chances.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,373
    Location:
    The Netherlands
    BTW, it happened again. I sometimes update signatures after a few weeks and once again I saw svchost.exe download at least 100MB. So are those updates so big or is the whole Win Def engine being updated or something, I find it to be quite weird.
     
  15. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    818
    Location:
    The Netherlands
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,373
    Location:
    The Netherlands
    OK thanks, I think this is probably it, some kind of platform update.

    Correct, trojans might be able to access and upload private data, so backups aren't good enough protection.
     
  17. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    39,273
    Defender Control - Open source windows defender disabler
    Website
    Download
     
  18. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,967
    a piece of bad scripting, it kills the smartscreen.exe in a bad manner and leave the system not stable behind.

    https://github.com/qtkite/defender-control/blob/main/src/defender-control/dcontrol.cpp
    Code:
      void kill_smartscreen()
          {
            auto pid = util::get_pid("smartscreen.exe");
            auto proc = OpenProcess(PROCESS_TERMINATE, FALSE, pid);
            TerminateProcess(proc, 0);
          }
        
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,580
    Location:
    U.S.A. (South)
    Wishful thinking but it sure would fare better all way around if Microsoft would (please) visit (offer) Windows 7 & 8 series with current Windows 10 Microsoft Defender and of course before doing that revamp and really strengthen it's Windows 10 AV with smarter innovation and move along that progression.

    Reason being it would show Microsoft cares enough to reach back a little as a final farewell for those users who you now will be many that will stay on 7 & 8 after 'extended' support (at least as it reaches it's support conclusion time limit on them.

    Don't get me wrong. Microsoft is on the right track, trying hard, and is made positive strides in that area.
     
  20. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,444
    Location:
    USA
    I've already spoken to the thread title being bait for arguments, anyway are we blaming their AV for being overcome by ransomware or the OS itself? I feel there should be more OS level protection for that. And no, blocking all unrecognized files is not a reasonable solution. They should probably be moving in the direction of making sure that anything the encrypts or mass deletes files is not malicious. Difficult? Probably. Impossible? No.
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,580
    Location:
    U.S.A. (South)
    Hey @xxJackxx - Would you think its just out of their realm of possibility or a cost measure that prevents them from integrating a powerful virtualization feature? I mean look at all the malware-free intrusion-free happy campers who use third party Shadow Defender and it really works efficiently. Something of that nature might even lighten the burden AND always present overconfident expectations placed on Microsoft Defender AV. When it's bypassed they catch the heat big time and even puts them on the spot/hot seat. A virtualization feature (to me anyway) seems perfectly more logical than chasing the mouse around it's O/S when some penetrator achieves the joy of either breaking it or infiltrating past it's AV.

    I dunno. Maybe that's grasping at straws but it seems a very viable option for them to explore at some point.
     
  22. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    7,994
    It's strange that they would name it that, where there is an existing tool which does the same thing, which has the same name,
     
  23. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,352
    Location:
    Milan and Seoul
    You are right, I actually thought this was un update to the 'existing tool' but the website is different. I gave it up anyway, as MS Defender always manages to flag it as malware and disactivates it even if it is in the exclusion list...
     
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,444
    Location:
    USA
    It sounds like a good idea. It will never happen. Unless they can find a way to make it an OS feature that can't be claimed to be anti-competitive.
     
  25. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    39,273
    Microsoft Defender ATP now secures removable storage, printers
    July 26, 2021
    https://www.bleepingcomputer.com/ne...r-atp-now-secures-removable-storage-printers/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.