Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Yes, this is shocking stuff. And you must ask yourself, how are they able to exploit so many zero days? I mean are all of these people and companies not using decent security software or what? I highly doubt it.

https://www.mandiant.com/resources/zero-days-exploited-2021

I read about it more and more, not sure if it's also easy to disable third party AV's because then it makes no difference of course. I would like to know a bit more about how malware exactly is able to achieve this, because it isn't always explained clearly.

 

I'm not saying that Win Defender is crap and isn't capable of blocking malware. I also don't believe that any AV will be able to block 100% of all malware. However, I personally care more about anti-malware solutions who can block malware without the need for the cloud. That's all I'm saying. I remember that Cylance claimed it could block malware with machine learning even without relying on the cloud, this is the stuff that I would like to see, more innovation. And Cylance didn't actually deliver, but that's another story.

 

Great point, why can other AV's deliver good offline detection rates? And what if for whatever reason you download some files and your internet connection gets cut off, then what, I guess it's game over?

Another good point, back up is mostly important to recover from a ransomware attack. But it won't help against data theft or banking trojan who plunders your bankaccount. So AV combined with other anti-malware solutions is most important besides common sense of course.

 

@Rasheed187, that’s OK I am not a AV expert, but without facts or proof how can I believe that In the mean time I will keep using WD

 

I expect it is unqualified/under qualified IT staff and a lack of budget. The last job I left I was replaced with the President of the company's brother-in-law. He didn't know what IT meant. It is not uncommon for these jobs to go to friends and/or family or be hired by HR people that don't know how to measure skill. Then nobody wants to spend any money on this stuff. It's hard to buy security solutions nobody wants to pay for. This is an upside for Windows Defender, it is included with Windows and certainly much better than nothing or freeware with constant ads.

 

the brother of my girl his cousin his grandpa said... you are talking nonsense.

check out AVC for current and older results and then we might meet again on same level. fact is that defender was bad years ago, but is current detection is same as any antivirus, and MS did their home work so defender si best integrated into windows, not like the other crap around that use vulnerable kernel drivers - which is also a fact. as i wrote before - the target is not to disable, more to abuse its kernel drivers to elevate malware as a hidden process.

what you hypen is the known (!) execution of unknown software. malware dont happen by accident! the weakest factor is always user.

 

No antimalware of any kind can protect 100% from anything malicious, especially when attacks are specifically targeted at some individuals (celebrities, rich people, politicians etc.) or big corporations and institutions. The best protection for individuals is to keep sensitive data offline and restrict banking to small accounts. A fat bank account should not have internet access, period. It would be interesting to find out what protection strategies people like Elon Musk and Jeff Bezos have, they must have armies of crackers trying to break into their systems daily...

 

AV-Comparatives: Microsoft Defender has a large impact on system performance = https://www.ghacks.net/2022/05/04/av-comparatives-microsoft-defender-has-a-large-impact-on-system-performance/

 

Great impact? Not with me because it depends much on your machine. My own testing (and I have tested for decades) shows far different results than AV-Comparatives and not just on this impact analysis but others as well.

Three of my five computers work better on Defender than any other AV including the alleged low-impact Panda. When you get this much variance in results, something is going on and I personally do what works for me- not what test results conclude. Test yourself and see your results- you might be surprised.

 

i notice some "lags" when using my tools, but regular programs have no slow down, even copying seems normal fast/slow. Defender need its time. cloud scanning is active, but not submitting samples.

 

This issue has been dealt ad nauseam in the past, performance is related to machine hardware and software installed. If MD had a noticeable impact on performance I would certainly try something else. The test is a general indication, but cannot be accurate as machines configurations and hardware can vary greatly among users. As far as my machine is concerned the speed is the same as when I had Avira or Kaspersky installed, and turning MD off with third party tools, doesn’t make any difference in performance.

 

Yes, totally agree. One size does not fit all. It always boils down to: demo something and if it's right, use it. One person's experience doesn't guarantee yours will be the same.

I mean, this has been re-iterated prob. a thousand times in this thread. What is the big deal? Who cares? Is it because Microsoft is this big rich corporation and therefore, Defender should be perfect all the time? Yeah right!

 

Although I don't consider AV much I would like to advise forum members to read what is stated in the topic below:

https://malwaretips.com/threads/configuredefender-utility-for-windows-10.79039/page-75#post-986622

 

You are correct but I think the reason this repeats is that every time there is an article or test claiming Defender is slow there are folks that rush to its defense and claim it isn't true, followed up by folks looking to validate the results of said tests. As you stated, one size does not fit all. Anyone expecting that someone posting a different experience than what they had is wrong is probably where it starts.

When I post anything negative about Defender, it is because I want them to fix said thing. I certainly don't want it to go anywhere, but there are things I would like to see addressed. One of the biggest being the same files being scanned over and over. And over.

 

well said. but on the other side there exist no problem here with defender because it intercepts other programs in a way that other antivirus do. it inserts no unwanted extension, it has no SSL inspection (no MITM), so i never had security alerts about certs in my browsers, never. it has no web filter against ads, any decent extension is superior. and ofc it currently has no bypass like avast and avg fixed it now after 10 years running a kernel bug, vulnerable even as a standard user.

although i see advantage on other antivirus and its overwhelming amount of features, i do not care a bit of it. using defender as the smallest impact to my system was no diced decision.

 

Your posts have some constructive criticism about Microsoft Defender and no doubt you are doing it in good faith, the problem is that some folks here are just bashing or showing concern troll behavior about the software, always repeating the same thing and changing the goalpost everytime that Microsoft improves the software.

I wont post examples because that is against forum rules, but if you pay attention you will see what I am talking about, this is been occurring literally for years.

 

I don't understand why 9/10 people just looks at the number and the position of AV products in the performance test without actually reading the whole thing.
From the test, it's clearly visible that Microsoft Defender is only slow at File Copying and mediocre at Installing Applications.
A regular user don't copy files or installs application everyday on their system. Even then, barely anyone cares or notices if an application takes 13 seconds to install instead of 10 seconds with another AV product. There can be people who copy files regularly on their system, but that's very rare.
If you look at other important sections like Launching Applications, Downloading Files and Browsing Websites, here Microsoft Defender's performance is very fast. These are the activities a user performs daily on their device, specially launching apps and browsing. So Microsoft Defender is very fast in the two most important categories. So for most users, unless it's a pretty old system, overall Microsoft Defender is a fast AV.
So, it's very important to read the whole thing. MRG-Effitas also has a different type of performance test, which is also interesting.
There are some other aspects too that no Performance tests would show like Kaspersky's high CPU usage while browsing which makes it not suitable for people who use laptops on battery, then there's Bitdefender which writes high amount of data on the disk on each update, so it will increase your SSD's write bytes, there's F-Secure's slow launching speed of unsigned apps after every signature update, there's Avast/AVG which slows down system shutdown speed by a few measurable seconds, there's also AVs which does HTTPS scanning on most sites (eg: Kaspersky, ESET) which results in slightly slower browsing speed, etc.

 

I get what you mean and I don't disagree. Some posts are trolling and others are troll bait. I believe I said it before but the title of this thread is troll bait in my opinion and I'm not surprised that it encourages some of the posts that are made. I'd like to see it all be more constructive as maybe it would encourage folks to be more helpful. There are multiple discussions on here that I don't participate in because I don't have anything good to say, so I have no reason to bother. I'm hoping Microsoft will see what I post here and be motivated to do something about it. Not that I don't give them direct feedback but I assume more is better. Sometimes someone here even posts a solution or workaround I did not realize existed, validating the reason for having the discussion at all.

 

Well versed in etiquette and the truest example of a gentleman and a scholar. Just my 1.25 cents worth of editorial observation (inflation matters).

 

As Andy suggested, I set "Cloud Protection Level" = Block

 

defender (this thread concerns defender) has 2 levels for cloud protection. the 1st just ask for hashes only, the 2nd upload samples. blocking means running offline with nothing as signatures and this is not clever. in such case you can disable defender and switch to mbam v2 which is same good - or bad if you read some tests.

 

@Brummelchen

if you are going to comment on a member's post, then please use the quote tags or at least the @username option, otherwise you come off looking sneaky and evasive.

Cloud protection has five blocking levels, accessible via the Pro/Enterprise Windows versions or a 3rd-party utility.

 

it was right under your posting, so whom may it concern?

and if you changes settings in GPO you should say so, the official option has only 2 levels, for any windows build, incl HOME which has no GPO.

the shown GPO settings concerns only cloud protection, not upload.
btw there is nothing chosen, "Block" seems setting 0x6

if you need such settings...

 

No correct, but lately I have been watching a couple of YouTube AV tests and none of them could protect against all malware samples so the best protection is the person behind the PC, namely the user. I didn't get infected in the last 20 years or so, most likely because I almost never download malware. And the times I did, the malware got spotted by VirusTotal or my behavior blocker blocked it from doing any damage. Keep in mind I didn't even use an AV for 10 years because I got so fed up with them.

 

Same over here, I would love to see Win Defender to get even better. But constantly scanning the same files is a joke and it shouldn't rely solely on the cloud. It should also be able to block malware with locally based behavior blocker. Performance wise it's pretty good, it barely slows down my system. Of course the GUI needs a rehaul, it's a bit dull and unhandy.

LOL, that would certainly explain things. And BTW, I was thinking about giving the new and improved Bitdefender Free a try but then I read it won't work without signing up for a Bitdefender account, are these guys for real? No thanks, I'll stick with Win Defender which is good enough.