Advice Request Windows Defender - Pro's and Con's

Please provide comments and solutions that are helpful to the author of this topic.

Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,119
Moonhorse said:
...
Kinda stupid question, but are those well known signed files more trusted by WD than some uncommon ones, wich would affect into scanning speed?
...
Click to expand...
If this is a stupid question, then I am stupid too.:giggle::unsure:
See the Lockdown, Evjl's Rain and my posts about WD (free AV) cons. Some things are probably known only to AI that makes the final decision.
 
Last edited:
  • Like
Reactions: vtqhtr413 and Moonhorse
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,119
Lockdown said:
Avast Free and Malwarebytes Free.

Why ?

Because it was recommended to them and it's free.

Everywhere I go, one thing I can count on... is to find Avast Free and Malwarebytes Free.

/s
Click to expand...
Be careful. Some MT readers can overlook a hidden joke.:giggle:
Anyway, I used this setup some years ago. It was OK.
 
  • Like
Reactions: ForgottenSeer 72227, oldschool, Moonhorse and 2 others
B

Bikeman0I17

Level 1
Verified
Sep 22, 2017
48
I still use Avast and Malwarebytes Free here on most systems? is it not a good thing? Trying out Defender and Malwarebytes Free on main Desktop, just hoping it's same protection as I had with Avast for last 10 or more years, and not worst protection
 
Windows_Security

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
I have put Windows 10 Pro on my desktop to replace Windows 7 Enterprise. Setup is simple, hardening through GPO, UAC denies elevation of unsigned, risky commands are disabled except PowerShell through WD Exploit Protection (WD EP). Office is hardened though GPO and WD EP using Andy;s excellent Configure Defender, Protected Folders is on and SRP default deny implemented.

Nice thing of WD that it reports from time to time what it has done: I am proud to announce that the PC officially was infected :). Notice the sneaky location (browser cache). Does someone know whether it is possible to see whether WD found it during on demand disk access (write) or on execution? Would be interesting to know whether it was executed (meaning it had escaped Chrome sandbox).

On the 29th I ran with Chromium stable V71 (I updated to V72 Yesterday). I remember on the 29th in the morning I was collecting information for a blog (of a customer for which I am ghostwriter) and I had to enable scripts for HTTP://* websites (which I have disabled by default in Chrome content settings) to view the content. Chrome Safe browsing and BitDefender Traffic Light did not throw a warning

1548936718872.png
 
  • Like
Reactions: oldschool, shmu26, notabot and 6 others
dash

dash

Level 4
Verified
Well-known
Dec 15, 2018
158
Windows_Security said:
I have put Windows 10 Pro on my desktop to replace Windows 7 Enterprise. Setup is simple, hardening through GPO, UAC denies elevation of unsigned, risky commands are disabled except PowerShell through WD Exploit Protection (WD EP). Office is hardened though GPO and WD EP using Andy;s excellent Configure Defender, Protected Folders is on and SRP default deny implemented.

Nice thing of WD that it reports from time to time what it has done: I am proud to announce that the PC officially was infected :). Notice the sneaky location (browser cache). Does someone know whether it is possible to see whether WD found it during on demand disk access (write) or on execution? Would be interesting to know whether it was executed (meaning it had escaped Chrome sandbox).

On the 29th I ran with Chromium stable V71 (I updated to V72 Yesterday). I remember on the 29th in the morning I was collecting information for a blog (of a customer for which I am ghostwriter) and I had to enable scripts for HTTP://* websites (which I have disabled by default in Chrome content settings) to view the content. Chrome Safe browsing and BitDefender Traffic Light did not throw a warning

View attachment 207614
Click to expand...
Yeah, sounds "simple".
 
  • Like
Reactions: oldschool and Handsome Recluse
TairikuOkami

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,479
Windows Defender ... causes ... issues
Click to expand...
That is pretty much, what comes to my mind, whenever someone mentions WD, that makes me hard to recommend it. It either works or not.

WD is outstanding, when it comes to the detection, though not perfect, but the problem are bugs. It is made by hundreds of people all over the world. Literally: the left hand doesn't know what the right hand is doing - causing various issues, sometimes too serious. It is just made on the go.
 
  • Like
Reactions: CyberTech, Andy Ful, oldschool and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Windows_Security said:
I have put Windows 10 Pro on my desktop to replace Windows 7 Enterprise. Setup is simple, hardening through GPO, UAC denies elevation of unsigned, risky commands are disabled except PowerShell through WD Exploit Protection (WD EP). Office is hardened though GPO and WD EP using Andy;s excellent Configure Defender, Protected Folders is on and SRP default deny implemented.

Nice thing of WD that it reports from time to time what it has done: I am proud to announce that the PC officially was infected :). Notice the sneaky location (browser cache). Does someone know whether it is possible to see whether WD found it during on demand disk access (write) or on execution? Would be interesting to know whether it was executed (meaning it had escaped Chrome sandbox).

On the 29th I ran with Chromium stable V71 (I updated to V72 Yesterday). I remember on the 29th in the morning I was collecting information for a blog (of a customer for which I am ghostwriter) and I had to enable scripts for HTTP://* websites (which I have disabled by default in Chrome content settings) to view the content. Chrome Safe browsing and BitDefender Traffic Light did not throw a warning

View attachment 207614
Click to expand...
If your computer is infected then there is no hope for the rest of us. Sounds like an FP to me. Yesterday when I installed ReHIPS, and it made an isolated environment for Chrome (this entails copying some files from Appdata) Windows Defender told me that it wants to upload something for inspection. I repeated the process of installing ReHIPS, and Windows Defender repeated the inspection of my Chrome data.
 
  • Like
Reactions: oldschool, Windows_Security, Gandalf_The_Grey and 1 other person
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,119
By the way, it is possible for advanced users to adopt no-AV setup, based on SmartScreen + default-deny (SRP and Windows policies) + process monitoring (drivers, script engines, and not whitelisted applications).
The process monitoring, including the kernel drivers, can be easily adopted on every Windows 10 machine via applying WD Application Control (SIPolicy.p7b file):
Discuss - Application Control on Windows 10 Home

Sorry - my post seems to be a counterpart of the topic.:emoji_innocent::giggle:
 
Last edited:
  • Like
Reactions: Gandalf_The_Grey, oldschool, harlan4096 and 1 other person

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Microsoft Defender Antivirus with Andy Ful WHHLight
Replies
38
Views
3,795
Video Reviews - Security and Privacy
LennyFox
L
Tiamati
    • Like
  • Poll
Serious Discussion WD and Free Antivirus programs are bad, says this PC Gamer article. Do you agree?
Replies
13
Views
1,054
General Security Discussions
Ink
Ink
silversurfer
    • Like
    • +Reputation
    • Applause
New Update Microsoft fixes 5 year old Windows Defender bug that affected Firefox's performance
Replies
3
Views
1,042
Microsoft Defender
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top