The truth about Windows Defender on Windows 10 (Home & Pro).

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
It seems that the simple terminology is not so simple at all. But we do not want to write the scientific book. Maybe the general understanding will be sufficient. Anyway, we can also start from another question.
Is the below 'Simple Stupid Security' (SSS) competetive to a good free AV (like Kaspersky Free AV)?
Simple Stupid Security = WD + SmartScreen (set to Block) + blocked Windows scripts.

SSS is not intended for MT members (MT average users).

It is easy to create SSS configuration application with only two settings ON and OFF.
But why to compete with something good, like KFA? The only reason is Windows 10 system & software compatibility. Most people usually forget, that the users have as many problems with system & software incompatibilities, as with malware infections. The good free AV is not just a signature based AV. The better protection, the greater impact on the system.
 
Last edited:

overdivine

Level 2
Verified
Aug 21, 2013
90
yes but windows defender is/used to be baseline for some antivirus tests. Also between two people using windows defender (because the thread is about it) who is the average one. The one who gets infected or the one who doesn't ?
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
yes but windows defender is/used to be baseline for some antivirus tests. Also between two people using windows defender (because the thread is about it) who is the average one. The one who gets infected or the one who doesn't ?
That is not so easy. My friend is an average user as compared to my wife (she studied informatics). My friend has used WD since Windows 8.1 and was not infected. My wife has been infected when using Avast free set to Hardened Aggresive Mode.
If you want to take advantage of the Lab tests, then WD for many months has as good detection as any free AV.

Edit.
My wife ignored the Avast alert.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
The example of my wife is interesting. She is not an average user when we are considering the knowledge about informatics and computers, but she uses her computer like the average users do. She is happy with the extremely restricted setup:
WD (advanced settings on max) + SRP default-deny + no elevation on SUA account + Windows hardening (all made by H_C).

She does not even install the new applications - she could not, because installers usually require elevation. Two times a year, I have to turn off SRP, and she installs the GPS software on the memory card. That is all I have to do. Everything updates/upgrades without any issues, she does not make full scans, at all - no third party real-time security, no optimizers, etc. Zero problems for me and her. The system is silent as grave, fast and responsive for 3 years, without any manual maintenance.
Before using the above WIndows built-in security setup, she installed a few AV, used optimizers, registry cleaners, etc. She infected computer by PUA, because she ignored the Avast alert. The system was not responsive, so I had to reinstall Windows and then asked her to apply restricted setup. She agreed.
 
Last edited:

overdivine

Level 2
Verified
Aug 21, 2013
90
yes srp default deny +User Account Control: Only elevate executable files that are signed and validated is so strong.

i've already read them and i'm good with those traits. He uses the pc like he uses his phone.
but where does an average user stand from an infection point of view?
if windows defender the "bad antivirus" is good for an average user where do other people who get infected using "best antivirus" stand ?
is it luck ? are they below average? does it matter if someone is an average user?
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
yes srp default deny +User Account Control: Only elevate executable files that are signed and validated is so strong.
...
No elevation on SUA is another UAC setting (ConsentPromptBehaviorUser = 0). It applies on all SUA accounts the requirement of no elevation to all processes started on SUA. So, it will block also the signed processes started on SUA. Of course, all processes started as administrator are not blocked, like system scheduled tasks, Windows updates, Microsoft Store updates.

i've already read them and i'm good with those traits. He uses the pc like he uses his phone.
but where does an average user stand from an infection point of view?
if windows defender the "bad antivirus" is good for an average user where do other people who get infected using "best antivirus" stand ?
is it luck ? are they below average? does it matter if someone is an average user?
Any user can be infected, like any driver can be killed in the traffic accident. The chances of infection depend mostly on the users' actions and habits. The user, who applies cracks & pirated software or click everything, is like the driver who kiss his/her lover while driving.
To be safer when kissing, the driver can buy a car with 15 air bags and the ejection seat with parachute (AV + ATP), or driving in the desert (highly restricted system). But usually, the seat belts (free good AV) and the reasonable actions are considered to be sufficient (but not 100% safe).
If the user has to engage in the risky actions, then the paid AV with ATP or restricted setup is necessary, alongside with the reasonable counter-actions.
 
Last edited:

Bikeman0I17

Level 1
Verified
Sep 22, 2017
48
I tried Windows Defender briefly, while the scan times were long on my I7 Desktop, maybe I had the settings too high who knows, But of course found out my 3rd party software today needs Data sharing with 3rd party analytics to have Advanced Threat Protection for it's behavior shield on, so debating if i should finally remove it for good from all systems. And Stick to Defender, and be very careful
 

KonradPL

Level 5
Verified
Well-known
May 1, 2018
229
I tried Windows Defender briefly, while the scan times were long on my I7 Desktop, maybe I had the settings too high who knows, But of course found out my 3rd party software today needs Data sharing with 3rd party analytics to have Advanced Threat Protection for it's behavior shield on, so debating if i should finally remove it for good from all systems. And Stick to Defender, and be very careful
Windows defender scans very slow it`s true. But overall I have a good experiences with WD performance
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top