Boring

Level 1
Hi Guys

Just want to find out if Windows Defender + Malware Defender will be sufficient for general security level?

Because i am having a hard time with a BitDefender while i am using my game trainer, and i would like to find out if you guys can provide alternative solutions.

Regards
Boring
 

Gandalf_The_Grey

Level 31
Verified
Hi Guys

Just want to find out if Windows Defender + Malware Defender will be sufficient for general security level?

Because i am having a hard time with a BitDefender while i am using my game trainer, and i would like to find out if you guys can provide alternative solutions.

Regards
Boring
Windows Defender came a long way and can be used as general security maybe enhanced by configure defender and helped by an adblocker like uBlock Origin and or AdGuard.
I would advise you to create a security config so that we all can help you even better.
Never heard of Malware Defender, what kind of program is that?
 

silversurfer

Level 62
Verified
Trusted
Content Creator
Malware Hunter
Hi Guys

Just want to find out if Windows Defender + Malware Defender will be sufficient for general security level?

Because i am having a hard time with a BitDefender while i am using my game trainer, and i would like to find out if you guys can provide alternative solutions.

Regards
Boring
Your OS is Windows10 right?
Which vendor provides "Malware Defender" 🤔

Bitdefender users may are able to help you for the best setup of Bitdefender: @Robbie
 

ichito

Level 9
Verified
Content Creator
Never heard of Malware Defender, what kind of program is that?
Which vendor provides "Malware Defender" 🤔
:oops:
Seriously??
and longer discusses
One of the most famous HIPS software...although not compatibile with latest Windows...
--------------
edit:
This is the last version with short description of features...link to download is active and everyone can get it
 
Last edited:

ichito

Level 9
Verified
Content Creator
I wouldn't use a security product that haven't been updated in 8 years

View attachment 236508
Simply saing...that fact is not important. Not in aplication like MD or in wider sense like HIPS/monitors, anti-exe, restriction policy/isolation/virtualisation and firewalls...and even backup apps. Shortly describing...malware detection is based in general on 3 questions:
- who?...it applies to most commonly used apps like AV and its signatures that discribe dangerous objects
- how?...it applies to behavioural monitoring/analisys where the most important matter is - is detected action suspicious/dangerous or not?
- where and what?...it applies to apps like HIPS that try to answer what object is trying to access some specified and vital parts of system/data/devices.
Core objects in supported system are precisely pointed and still the same (more or less) so is not important how old is security app if its work is done still on high level. Signatures are useless in this case.
 
Last edited:

Malakke

Level 5
As Gandalf said, you should make a security config. I'd advice just simply using Windows Defender with a browser adblock such as UBlock Origin. Using AndyFul/ConfigureDefender I've used High with in Defender settings setting Smartscreen to block can also increase security.
I left KIS due to some problems of slowdown system, browsing and especially certificates issues, so now i stay with Defender. I wonder if Andyful ConfigureDefender is secure and can to revert config to original settings if there is some issue. Thanks
 

Back3

Level 5
I have WD and Configure Defender ( high settings). I'm wondering if WD would stop something like Astaroth malware ? Should I add more security?
 

silversurfer

Level 62
Verified
Trusted
Content Creator
Malware Hunter
I have WD and Configure Defender ( high settings). I'm wondering if WD would stop something like Astaroth malware ? Should I add more security?
The new and dangerous Astaroth malware:
View attachment 237776

In the case of Astaroth, attackers hide binary data inside the ADS of the file desktop.ini, without changing the file size. By doing this, the attackers create a haven for the payloads, which are read and decrypted on the fly.

So, how can this be stopped with H_C settings?
After the user downloads the malware and runs the unpacked content, the shortcut (LNK file) is normally executed which will be blocked by SRP. Even if the user applied the settings that allowed shortucts, then the shortcut normally runs JavaScript file via command-line (BAT commands are included in the shortcut - not in the BAT file), and the script will be blocked by SRP (blocked Windows Script Host).
This malware would be blocked by any predefined H_C setting profile (except All_OFF). It could be also stopped by blocking some Sponsors in H_C (bitsadmin.exe or ExtExport.exe), but this is not necessary (as usual) because of the previous protective layers.

The malware is prepared to avoid AV protection and can bypass SysHardener (if "Turn Off Windows Script Host" is unticked). SysHardener has an option to block the outbound connections of bitsadmin.exe, but unfortunately, this will not stop Astaroth from downloading payloads.

Edit.
SysHardener has several options to restrict Windows Script Host. Some options will block only such scripts when manually executed by the user (unassociated script extensions) and the second option which blocks all attempts of running such scripts (by the user or any process - including malware).
 

Andy Ful

Level 60
Verified
Trusted
Content Creator
I have WD and Configure Defender ( high settings). I'm wondering if WD would stop something like Astaroth malware ? Should I add more security?
It is not an easy question. There always can happen a malware that is able to bypass your current or future setup (even very strong). The Astaroth malware can be probably blocked by one of the anti-script WD ASR rules (included in WD HIGH Protection Level).

I wonder if Andyful ConfigureDefender is secure and can to revert config to original settings if there is some issue. Thanks
Yes, it is secure and you can revert the settings. But be aware that it is the developer's opinion.:)
 

Malakke

Level 5
It is not an easy question. There always can happen a malware that is able to bypass your current or future setup (even very strong). The Astaroth malware can be probably blocked by one of the anti-script WD ASR rules (included in WD HIGH Protection Level).


Yes, it is secure and you can revert the settings. But be aware that it is the developer's opinion.:)
:giggle: A very valid opinion anyway. Thanks for this utility mate. I configured my three machines with Defender and High setting.
 
Top