I used Kaspersky Standard (IIRC) several months ago, seemed a tad slower here than MS Defender. I am sure Avast is very good, I see its test reports, but for me Avast has always been problematic, and I could never figure out why. Last time, I tried Avast One which lasted a few days and uninstalled. I'll get around trying Avast Free again in the near future. Is Free going to stay available or is One going to be the only version available in foreseeable future, if you know.
Sorry I didn't see the post before. But yeah, changing cloud protection level will have an impact on malware detection. On default cloud protection level, files with 90% malicious certainty by the cloud ML are detected which is enough for most samples. High put it down to 80% so would detect more. High plus/equivalent to Highest in Configure Defender should lower it down further. I haven't found any document/blog where Microsoft shared the exact value of High plus but it's probably 70%.It seems to me that Defender changes the way it scans in aggressive mode, basing itself on infection patterns.
@SeriousHoax could answer better than me
This is not related to protection. It's not needed for home users.
Good info, for clarification (for me) I'm running DefenderUI. I have (had) it set to Recommended Profile and Basic | Cloud Protection is High+ with 20 sec timeout & User = SmartScreen . I just increased timeout to 30s. I do not have noticeable slowdown with MD on my win10_VM, it's all relative.
(changing the timeout to 30s, now I have a Custom Profile)
What is it related to? Threat hunting and remediation?
What is it related to? Threat hunting and remediation?
@SpyNetGirl enables it with her hardening script. Harden Windows Security | Only with official documented methods | Always up to date
Yeah, maybe something for threat hunting or maybe for performance but that part doesn't make much sense. For personal users, I only see downsides because this will increase CPU usage as MD will have to compute the hash of every scanned executables. MD also seems to remove cache after a system shutdown (if fast startup is disabled) and reboot, so this will probably make MD compute hash again and again on every reboot.
Enabling file hashing has to be pair with Defender Threat Intelligence - which is available to Volume License (Enterprise) subscribers to the commercial\government product line. The hash is used to create an "Indicator" that can be used to create alerts (rule-based upon the various "Indicators" that can be configured).What is it related to? Threat hunting and remediation?
@SpyNetGirl enables it with her hardening script. Harden Windows Security | Only with official documented methods | Always up to date
Like threat hunting, etc.
Or whatever Microsoft is calling it now. From 2021 to 2023 Microsoft renamed so many of its products, needlessly added names to features to make people think they're getting something new, and re-shuffled the product alignments & licenses to the extent that not even Microsoft personnel can figure out their own employer's products. In fact, only Senior specialists at Microsoft really know how to decipher the Microsoft products & licenses Rosetta Stone. Virtually none of the Microsoft Support personnel have a clue. Microsoft Partners have complained for decades about Microsoft's obnoxious "product re-name" culture.
Trying to find accurate, intelligible and pertinent official documentation is virtually impossible, and at best exceedingly difficult.
Everyone experiences this. It is not unique to Windows Home users. Microsoft Partners\Resellers, every local, state, and federal government institution or agency, Managed Service Providers (MSP), Managed Security Service Providers (MSSP), developers, program managers, contractors, etc.
no kidding! I was looking at MS Defender for Business a few months ago, never installed it, but somehow MS is / has been charging me $3.95/month with no way to contact them, no way to login to whatever MS account is making that charge. At that price I haven't gone to extreme lengths yet to get this fixed, but sorta amazing to me they're charging me for a product they know or should know I'm not using, never used, never fully deployed.
Either you have direct M$ contacts that know and supply the infos or you join a multitude of M$ Communities and post a lot of questions - of which you might get accurate, inaccurate, partial, not relevant, or other superfluous infos. But generally getting accurate infos involves persistence over a very long period of time, asking questions on the various M$ GitHub projects (Discussions), submitting questions to the official Microsoft Document keepers (their contact infos are usually on the webpage or at GitHub), submitting questions directly to the various Microsoft Product teams, and posting questions on:
These forums are next to useless for Windows Home and Pro users. Searching on the forums themselves is impossible, so we're mostly relegated to Google or other search engines.
Long-time participation on the Tech Communities can lead to online working relationships with some Microsoft employees. I am not sure where @SpyNetGirl gets her infos, but I do know she participates or did participate a lot on the Tech Communities and Windows Insider Program. Probably still does.
From Avast website:Is Free going to stay available or is One going to be the only version available in foreseeable future, if you know.
So I think Avast Free will stay.
