The Little Windows Defender Icon Who Cried Wolf

[Garretta]

.

 

[primetime]

First i hear of that one! Odd cause I don't use sleep either!

 

[bigdogchris]

Go to Control Panel\System and Security\Security and Maintenance then click on Change Security and Maintenance settings and uncheck every box that you can. See if that helps.

 

[BulletDust]

Has anyone else noticed how Windows Defender sits there not reporting anything like everything's fine, you perform a scan using Malwarebytes and all of a sudden Defender pipes up on how it's found suspicious items?

I'm quite possibly more sensitive to the issue as I run Malwarebytes multiple times a day, I just found it very interesting....

 

[bigdogchris]

Has anyone else noticed how Windows Defender sits there not reporting anything like everything's fine, you perform a scan using Malwarebytes and all of a sudden Defender pipes up on how it's found suspicious items?

I'm quite possibly more sensitive to the issue as I run Malwarebytes multiple times a day, I just found it very interesting....

Well because Defender by default does quick scan. The files found by it are read when Malwarebytes touches them are probably in a spot only detectable during a Defender full scan.

A good example of this is I have a File History drive that has some Nirsoft tools on it which Defender detects as PUP. It doesn't see them on the drive until File History runs the first time.

 

[BulletDust]

Well because Defender by default does quick scan. The files found by it are read when Malwarebytes touches them are probably in a spot only detectable during a Defender full scan.

A good example of this is I have a File History drive that has some Nirsoft tools on it which Defender detects as PUP. It doesn't see them on the drive until File History runs the first time.

Shouldn't Windows Defender be running full real time protection? As soon as that Malware hits the hard drive shouldn't Defender pick it up?

I mean, it obviously recognizes the signature.

 

[bigdogchris]

Shouldn't Windows Defender be running full real time protection? As soon as that Malware hits the hard drive shouldn't Defender pick it up?

I mean, it obviously recognizes the signature.

Sure, if the malware is on the computer after Defender is installed. It's also possible the definition to pick it up was installed after it hit the drive.

 

[BulletDust]

Sure, if the malware is on the computer after Defender is installed. It's also possible the definition to pick it up was installed after it hit the drive.

Next time I see it happen I'll have to take note as to how old the Malware is.

It just worries me that Defender isn't as effective as I hoped it would be in relation to real time monitoring.

 

[B00nie]

My experience with Defender has been poor. It's usually not detecting anything and even when it is, it can't counteract.

 

[B00nie]

Oubadah if you're surfing with Windows I would strongly suggest to surf only with script block enabled. Ad blocker does a lot already but it won't save you from malicious javascript directly in the site.

 

[B00nie]

Regrettably, bigdogchris's suggestion did not resolve the issue (thanks for the suggestion though), so still looking for ways to prevent this annoying behavior.

What Microsoft are doing here is effectively the same as if a car manufacturer decided spam the "check engine" light whenever the driver sets the air-con to a temperature that the manufacturer happens to deem uncomfortable or uneconomical.

I would just change the car brand but that's me.

 

[Denpepe]

Maybe havez a look at this if you haven't already https://support.microsoft.com/en-ph...dd-an-exclusion-to-windows-defender-antivirus

 

[thebufenator]

Please be aware that defender on 10 is legit, and drastically different from what is on windows 7.

 

[B00nie]

Please be aware that defender on 10 is legit, and drastically different from what is on windows 7.

It's still not trustworthy. Even less than any general antivirus is.

 

[thebufenator]

It's still not trustworthy. Even less than any general antivirus is.

That's not accurate. But I am sure you are a security expert or you wouldn't be giving your opinions on that.

 

[B00nie]

That's not accurate. But I am sure you are a security expert or you wouldn't be giving your opinions on that.

Ok, I guess you can prove me wrong. You must have some comparison tests which show it's not as abysmal as it used to be. Missing 80% of attacks

 

[thebufenator]

No, see, I have a sec+ so I am pretty much a security expert.

(that's a joke)

From real world experience Win 10 defender is very capable.

 

[Chuklr]

Ok, I guess you can prove me wrong. You must have some comparison tests which show it's not as abysmal as it used to be. Missing 80% of attacks

Here's the tests results from February 2018 done by av-comparatives.org: https://www.av-comparatives.org/wp-content/uploads/2018/03/avc_factsheet2018_02.pdf .

Show us the current comparison test(s) to prove your assertion?

EDIT: Here's the link to the av-test.org's December 2017 results for Windows defender.

 

[B00nie]

Here's the tests results from February 2018 done by av-comparatives.org: https://www.av-comparatives.org/wp-content/uploads/2018/03/avc_factsheet2018_02.pdf .

Show us the current comparison test(s) to prove your assertion?

EDIT: Here's the link to the av-test.org's December 2017 results for Windows defender.

Just look at your own links results for defender for October 2016. Abysmal detection rate. And none of those AV suites catch 0-day attacks with any measure of reliability - so all you do is fool yourself into false security.

It seems that Defender has upped its play, still on 2017 it was considered poor as most.

 

[Chuklr]

Just look at your own links results for defender for October 2016. Abysmal detection rate. And none of those AV suites catch 0-day attacks with any measure of reliability - so all you do is fool yourself into false security.

View attachment 60151

It seems that Defender has upped its play, still on 2017 it was considered poor as most.

Please reply to the links I posted for February 2018 and December 2017.

 

[Wild1]

I uninstalled Defender and turned it off through group policy. Waste of resources. I don't use any antivirus and haven't had any malware in 8 years. It's not that hard, just don't click on anything, think about it first.

 

[leezard]

Just look at your own links results for defender for October 2016. Abysmal detection rate. And none of those AV suites catch 0-day attacks with any measure of reliability - so all you do is fool yourself into false security.

View attachment 60151

It seems that Defender has upped its play, still on 2017 it was considered poor as most.

You ask for comparison proving his statement which he provides by giving results from less than a month ago. Your counter is to provide data from over a year ago?

 

[thebufenator]

I am a big fan of disabling defender and then running a bigger resource hog that is less effective that costs money.

MUCH BETTER. VERY WOW.

 

[bigdogchris]

I am a big fan of disabling defender and then running a bigger resource hog that is less effective that costs money.

MUCH BETTER. VERY WOW.

I've got 16GB of ram. If I expected it to sit there unused I would be a moron.

This isn't Windows XP and 512MB days anymore. If a program can run faster by using more memory, please do, that's what it's there for.

 

[Mazzspeed]

I've got 16GB of ram. If I expected it to sit there unused I would be a moron.

This isn't Windows XP and 512MB days anymore. If a program can run faster by using more memory, please do, that's what it's there for.

Of course the problem with this comment is that coders are just becoming less efficient due to 16GB of ram and upwards. They're not exactly making effective use of increased memory, they're just being lazy, meaning that users of slower machines with 4GB of ram have an experience that's slow as molasses.

I can't believe how well Windows 2000 on a Pentium 3 runs with 256MB of ram compared to Windows 10 on a budget AMD APU with 4GB of ram and the same speed mechanical HDD's. One experience is pleasurable, one is as pleasurable as getting teeth pulled.

 

[B00nie]

You ask for comparison proving his statement which he provides by giving results from less than a month ago. Your counter is to provide data from over a year ago?

No, the data I provided was what my comment was based on. It used to be piss poor and I don't hold any confidence that it will remain as effective as this in the long run.

Not to mention that no antivirus gets a 100% detection rate, most of which are downright poor against 0-day exploits. Some antiviruses are targets of attack themselves.

 

[bigdogchris]

Of course the problem with this comment is that coders are just becoming less efficient due to 16GB of ram and upwards. They're not exactly making effective use of increased memory, they're just being lazy, meaning that users of slower machines with 4GB of ram have an experience that's slow as molasses.

I can't believe how well Windows 2000 on a Pentium 3 runs with 256MB of ram compared to Windows 10 on a budget AMD APU with 4GB of ram and the same speed mechanical HDD's. One experience is pleasurable, one is as pleasurable as getting teeth pulled.

On my computer at this moment, Windows Defender service is using under 75MB of memory, and the tray icon is using around 1.5MB.

So I don't know exactly what program you are referring to, since we are talking about Defender here, but I wouldn't call the utilization that I see as "lazy programing".

 

[AltTabbins]

No, the data I provided was what my comment was based on. It used to be piss poor and I don't hold any confidence that it will remain as effective as this in the long run.

Not to mention that no antivirus gets a 100% detection rate, most of which are downright poor against 0-day exploits. Some antiviruses are targets of attack themselves.

Soap doesn't kill 100% of germs. Maybe I should stop washing my hands after I piss.

 

[B00nie]

Soap doesn't kill 100% of germs. Maybe I should stop washing my hands after I piss.

Technically speaking there's no need to wash your hands after urinating unless you urinate on your fingers. Even then, urine is free of harmful bacteria on healthy persons.

There's way more bacteria in the kitchen sponge than in your groin.

Oh and by the way, regardless of hand washing millions of people still get sick. And millions of Windows users still get infected even with working AVs.

Then again people who isolate themselves from public places and avoid physical contact with strangers, do not get sick as easily.

 

[Mazzspeed]

On my computer at this moment, Windows Defender service is using under 75MB of memory, and the tray icon is using around 1.5MB.

So I don't know exactly what program you are referring to, since we are talking about Defender here, but I wouldn't call the utilization that I see as "lazy programing".

It was a comment in general, did I mention the words 'Windows' and 'Defender' in that post?

As far as lean AV goes, I agree, Windows Defender is pretty much the leanest AV around.

 

[x509]

I uninstalled Defender and turned it off through group policy. Waste of resources. I don't use any antivirus and haven't had any malware in 8 years. It's not that hard, just don't click on anything, think about it first.

Good luck with that. Ever hear of "drive by downloads?" "Malvertising?" Legit websites get forcibly corrupted all the time.

x509

 

[B00nie]

Good luck with that. Ever hear of "drive by downloads?" "Malvertising?" Legit websites get forcibly corrupted all the time.

x509

That's completely safe given you have no wifi and plug off the ethernet. Coincidentally the only way I would use Windows av or not.

 

[Nobu]

Technically speaking there's no need to wash your hands after urinating unless you urinate on your fingers. Even then, urine is free of harmful bacteria on healthy persons.

There's way more bacteria in the kitchen sponge than in your groin.

Oh and by the way, regardless of hand washing millions of people still get sick. And millions of Windows users still get infected even with working AVs.

Then again people who isolate themselves from public places and avoid physical contact with strangers, do not get sick as easily.

Well, until they one day visit a public place and start kissing random strangers at least. Keep your AV up to date and scan occasionally and you'll probably be fine. Oh, and don't go kissing random strangers on the street.

They also show a warning when you don't share your executables with them. Never mind you might have to pay for excess bandwidth usage...

 

[B00nie]

Well, until they one day visit a public place and start kissing random strangers at least. Keep your AV up to date and scan occasionally and you'll probably be fine. Oh, and don't go kissing random strangers on the street.

They also show a warning when you don't share your executables with them. Never mind you might have to pay for excess bandwidth usage...

Kissing strangers on the street is the best time ever. Haven't you tried it?

 

[Deleted member 126051]

I don't trust Windows Defender for anything.
Microsoft? Policing it's own mess?

BWAHAHAHAHA!

I'll stick with a third party AV/Anti-Malware product.
Mainly because Microsoft has no real impetus to make Defender a viable Anti-whatever solution.

 

[The Cobra]

Windows Defender (even though much improved since the product was released years ago) should still be used as a baseline for an antivirus program....you know the old adage of better than nothing. Install whatever program you feel comfortable with. I myself use both Sophos with Intercept-X and Cylance with no issues to speak of.