Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > alt.comp.os.windows-10 > #186666 > unrolled thread
| Started by | "Bill Bradshaw" <bradshaw@gci.net> |
|---|---|
| First post | 2025-08-11 08:37 -0800 |
| Last post | 2025-08-14 00:33 +0100 |
| Articles | 10 on this page of 30 — 16 participants |
Back to article view | Back to alt.comp.os.windows-10
Windows Defender Security After October "Bill Bradshaw" <bradshaw@gci.net> - 2025-08-11 08:37 -0800
Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-11 12:12 -0500
Re: Windows Defender Security After October Marion <marion@facts.com> - 2025-08-11 19:17 +0000
Re: Windows Defender Security After October Paul in Houston TX <Paul@Houston.Texas> - 2025-08-11 18:47 -0500
Re: Windows Defender Security After October Joerg Walther <joerg.walther@magenta.de> - 2025-08-12 11:44 +0200
Re: Windows Defender Security After October Marion <marion@facts.com> - 2025-08-12 16:58 +0000
Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 18:37 -0400
Re: Windows Defender Security After October wasbit <wasbit@REMOVEhotmail.com> - 2025-08-13 09:15 +0100
Re: Windows Defender Security After October Marion <marion@facts.com> - 2025-08-13 21:21 +0000
Re: Windows Defender Security After October Hank Rogers <Hank@nospam.invalid> - 2025-08-13 19:14 -0500
Re: Windows Defender Security After October "Carlos E. R." <robin_listas@es.invalid> - 2025-08-12 21:22 +0200
Re: Windows Defender Security After October mick <nospam@junk.mail> - 2025-08-11 20:46 +0100
Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-11 19:47 -0500
Re: Windows Defender Security After October wasbit <wasbit@REMOVEhotmail.com> - 2025-08-12 09:32 +0100
Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-11 17:24 -0400
Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-11 19:59 -0500
Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 01:39 -0400
Re: Windows Defender Security After October wasbit <wasbit@REMOVEhotmail.com> - 2025-08-12 09:41 +0100
Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-12 12:49 -0500
Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 01:51 -0400
Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-12 13:08 -0500
Re: Windows Defender Security After October Windows 11 User <invalid@invalid.invalid> - 2025-08-12 00:01 +0000
Re: Windows Defender Security After October knuttle <keith_nuttle@yahoo.com> - 2025-08-11 21:06 -0400
Re: Windows Defender Security After October "J. P. Gilliver" <G6JPG@255soft.uk> - 2025-08-12 02:15 +0100
Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 02:13 -0400
Re: Windows Defender Security After October Chris <ithinkiam@gmail.com> - 2025-08-13 06:34 +0000
Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-13 02:48 -0400
Re: Windows Defender Security After October "J. P. Gilliver" <G6JPG@255soft.uk> - 2025-08-13 12:04 +0100
Re: Windows Defender Security After October dillinger <dillinger@invalid.not> - 2025-08-13 20:38 +0200
Re: Windows Defender Security After October Bloody Microshit <invalid@invalid.invalid> - 2025-08-14 00:33 +0100
Page 2 of 2 — ← Prev page 1 [2]
| From | VanguardLH <V@nguard.LH> |
|---|---|
| Date | 2025-08-12 13:08 -0500 |
| Message-ID | <15mddvrsxh487.dlg@v.nguard.lh> |
| In reply to | #186700 |
Paul <nospam@needed.invalid> wrote: > VanguardLH wrote: > >> Signature databases are updated at very short intervals, sometimes >> daily. Heuristics, however, often don't change until the next major >> version update. With Defender, its engine is updated with major version >> releases of Windows, not before. While signatures can cause false >> positives (the hash to match is not against all bytes in a file), aging >> heuristics can generate more false positives. > > Not all AVs have heuristics (that is how bad some of them are). > Some of them, you can kinda tell by how clueless the product > is, that they are just signature analysis programs. I think that is how ClamAV operates. It has such poor detection that AV compare sites don't bother listing it. > Malwarebytes started by designing some heuristic protections > with their product, and no signatures. Signature analysis was > added later. Not many other products have worked in that order. > It's just so much easier to clone the ClamAV database and use > that. But ClamAV's detection rate is very poor. MBAM is cloning ClamAV's sig database would explain why MBAM also shows poorly for on-access (real-time) detection. 90% detection rate sounds great until you realize the most difficult to detect are inside the last 2% of coverage, so you need AVs with, at a minimum, 98% detection rates, or higher. 90% means the easy-to-detect or very old pests were detected. There are companies that will add their own signatures into ClamAV's sig database, so you get better pest detection with ClamAV + othersigs. SecuriteInfo claims 90% with their sigs added to ClamAv's, but that means ClamAV's sigs alone have less than 90% coverage. Very poor. https://www.securiteinfo.com/clamav-antivirus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml They have a free tier, and paid tiers for more features. But why bother using ClamAV to then incorporate another sig source rather than getting a better AV in the first place? Yeah, ClamAV is better than nothing, but it is just better than nothing.
[toc] | [prev] | [next] | [standalone]
| From | Windows 11 User <invalid@invalid.invalid> |
|---|---|
| Date | 2025-08-12 00:01 +0000 |
| Message-ID | <107e0a0$3261$1@paganini.bofh.team> |
| In reply to | #186666 |
On 11/08/2025 17:37, Bill Bradshaw wrote: > After using Windows 11 on a new mini computer I am worried about upgrading > some of my windows 10 computers to 11. If you go through some contortions MS > is going to provide defender upgrades but it appears you also have to have > Microsoft accounts rather than local accounts. Why not forget defender and > go to a commercial antivirus? So I would have pay for a license but that I > am not concerned about that. > > <Bill> > > Commercial antivirus providers will only sell to you if you create an account with them. They will require your mobile or landline number so that they can provide you with further services in Alaska, where Donald Trump will have the opportunity to meet his hero, Vladimir Vladimirovich Putin.
[toc] | [prev] | [next] | [standalone]
| From | knuttle <keith_nuttle@yahoo.com> |
|---|---|
| Date | 2025-08-11 21:06 -0400 |
| Message-ID | <107e41q$2v7gi$1@dont-email.me> |
| In reply to | #186666 |
On 08/11/2025 12:37 PM, Bill Bradshaw wrote: > After using Windows 11 on a new mini computer I am worried about upgrading > some of my windows 10 computers to 11. If you go through some contortions MS > is going to provide defender upgrades but it appears you also have to have > Microsoft accounts rather than local accounts. Why not forget defender and > go to a commercial antivirus? So I would have pay for a license but that I > am not concerned about that. > > <Bill> > > It is possible that you can get a free version of a commercial antivirus program from your internet provider. I know the ATT provides a free version of commercial antivirus program. It was one of the first things I installed on my new computer.
[toc] | [prev] | [next] | [standalone]
| From | "J. P. Gilliver" <G6JPG@255soft.uk> |
|---|---|
| Date | 2025-08-12 02:15 +0100 |
| Message-ID | <107e4jf$2vckk$2@dont-email.me> |
| In reply to | #186691 |
On 2025/8/12 2:6:1, knuttle wrote: [] > It is possible that you can get a free version of a commercial antivirus > program from your internet provider. [] I think I've also seen banks offer something.-- J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf In the words of my grandpa, a woman is as old as she looks. A man is never old until he stops looking. - Alice Apfel, designer, 1921-2024 (102)
[toc] | [prev] | [next] | [standalone]
| From | Paul <nospam@needed.invalid> |
|---|---|
| Date | 2025-08-12 02:13 -0400 |
| Message-ID | <107em22$336h3$1@dont-email.me> |
| In reply to | #186691 |
On Mon, 8/11/2025 9:06 PM, knuttle wrote:
> On 08/11/2025 12:37 PM, Bill Bradshaw wrote:
>> After using Windows 11 on a new mini computer I am worried about upgrading
>> some of my windows 10 computers to 11. If you go through some contortions MS
>> is going to provide defender upgrades but it appears you also have to have
>> Microsoft accounts rather than local accounts. Why not forget defender and
>> go to a commercial antivirus? So I would have pay for a license but that I
>> am not concerned about that.
>>
>> <Bill>
>>
>>
> It is possible that you can get a free version of a commercial antivirus program from your internet provider.
>
> I know the ATT provides a free version of commercial antivirus program. It was one of the first things I installed on my new computer.
<rolls eyes>
Absolutely DO NOT do that.
Internet providers hand out JUNK. Remember that
the reason they got a deal on the AV product in the
first place, is the AV company is badly in need of
"promotion", so the ISP is getting a copy of an AV for a buck.
If you listen to the users whine about what a piece
of "crap" their free gift was, you would not be
so fast to latch onto an item like that. Look at Vanguards
description of the "left-overs" products like that leave
behind. Even if you use the "cleaner application" the
AV company hands out, even that can't remove everything.
This is because, at the heart of it, an AV is a root kit.
There is nothing finer as an AV, than latching onto the
kernel and injecting yourself. That's your "perch" where
you can watch the world go by. The more lazy you are as an
AV company, the more dirty your "little trick" is.
And you'll notice recently, Microsoft had a dialog with its
friends, about what intrusions in Ring0 were costing Microsoft.
And that means, the AV companies might not be sitting on the
same perch they were sitting on last week. They could end up
in a container, like NVidia and RealTek (the excessive usage
of virtualization, for OS control).
(sample article)
https://www.theverge.com/news/692637/microsoft-windows-kernel-antivirus-changes
I believe that Kaspersky as a product, is good enough, it
could survive in a knife fight in Ring 3. Not a lot of other
products are that good. I was really impressed, the one time
I needed that. It took three reboots, but on the third
reboot, Kaspersky had tunneled in, and the malware was dead.
I was impressed by the little show.
On the first reboot, the machine didn't last very long.
On the second reboot, the knife fight took a bit longer,
before the malware won. But on the third reboot, Kaspersky
had managed to do something on that second cycle,
to slay the malware, and the little fight was over.
And with Kaspersky, there was no little box on the screen
saying "we fix 8000 things". There was no gloating.
There was just the knife fight... and then I was in control
of the machine again.
It was similarly funny, when I was attempting to install FRAPS.
That's a frame counter program and capture program, for recording
video game play. It worked up to Windows 7 or so, but does not work
on later OSes. It works, by "injecting" a DLL in each Program Files
folder. Well, Kaspersky *hates* seeing an activity like that,
and Kaspersky and FRAPS got into a knife fight (because FRAPS
was dumping 200 copies of the same DLL onto C: ), and after
maybe five seconds or so, the machine was frozen. Reboot time.
Paul
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2025-08-13 06:34 +0000 |
| Message-ID | <107hbld$3oajs$1@dont-email.me> |
| In reply to | #186666 |
Bill Bradshaw <bradshaw@gci.net> wrote: > After using Windows 11 on a new mini computer I am worried about upgrading > some of my windows 10 computers to 11. If you go through some contortions MS > is going to provide defender upgrades but it appears you also have to have > Microsoft accounts rather than local accounts. Why not forget defender and > go to a commercial antivirus? So I would have pay for a license but that I > am not concerned about that. > Commercial vendors will quickly drop Win10 support.
[toc] | [prev] | [next] | [standalone]
| From | Paul <nospam@needed.invalid> |
|---|---|
| Date | 2025-08-13 02:48 -0400 |
| Message-ID | <107hcf9$3ogmq$1@dont-email.me> |
| In reply to | #186732 |
On Wed, 8/13/2025 2:34 AM, Chris wrote:
> Bill Bradshaw <bradshaw@gci.net> wrote:
>> After using Windows 11 on a new mini computer I am worried about upgrading
>> some of my windows 10 computers to 11. If you go through some contortions MS
>> is going to provide defender upgrades but it appears you also have to have
>> Microsoft accounts rather than local accounts. Why not forget defender and
>> go to a commercial antivirus? So I would have pay for a license but that I
>> am not concerned about that.
>>
>
> Commercial vendors will quickly drop Win10 support.
>
Some in fact, already did. There were a number of computers
with no drivers for Windows 10, and this is happening well before
Windows 10 is done and dusted.
AV do not drop their support immediately. You can continue
to subscribe to third party ones, if you want. There are
free ones of that nature you can use as well, but the bloat
in them ("I include My Secure Browser") are a wee bit of
an acquired taste. I can't stand that approach to software
design, the throwing in of an unnecessary ice cube maker.
The practices then, are topic-related. Each area can have
a different policy for you to discover.
Paul
[toc] | [prev] | [next] | [standalone]
| From | "J. P. Gilliver" <G6JPG@255soft.uk> |
|---|---|
| Date | 2025-08-13 12:04 +0100 |
| Message-ID | <107hrgd$3ldm0$3@dont-email.me> |
| In reply to | #186735 |
On 2025/8/13 7:48:8, Paul wrote:
> On Wed, 8/13/2025 2:34 AM, Chris wrote:
>> Bill Bradshaw <bradshaw@gci.net> wrote:
[]
>>> Microsoft accounts rather than local accounts. Why not forget defender and
>>> go to a commercial antivirus? So I would have pay for a license but that I
>>> am not concerned about that.
>>>
>>
>> Commercial vendors will quickly drop Win10 support.
>>
>
> Some in fact, already did. There were a number of computers
> with no drivers for Windows 10, and this is happening well before
> Windows 10 is done and dusted.
>
> AV do not drop their support immediately. You can continue
Indeed. I can see (e. g.) driver manufacturers dropping support for
older OSs - they (or their paymasters) are in the business of selling
new hardware after all. But AV seem to maintain support _well_ after
EOS: I'm not using my Windows 7 machine at the moment, but that was
certainly getting AV updates until a year ago, and may still.
> to subscribe to third party ones, if you want. There are
> free ones of that nature you can use as well, but the bloat
> in them ("I include My Secure Browser") are a wee bit of
> an acquired taste. I can't stand that approach to software
> design, the throwing in of an unnecessary ice cube maker.
I agree the nagware/fakery is irritating, but - for something free - it
hasn't for me reached my threshold of making me remove it. By fakery, I
mean - I have AVG - the way it says something like "you have ten
security risks", and then _pretends_ to go through a process of finding
them.)>
> The practices then, are topic-related. Each area can have
> a different policy for you to discover.
>
> Paul
Yes, I wonder why AV vendors _do_ support older OSs; one presumes they
find they still get enough revenue (from people who take up the paid
version) to make it worth while (plus a smidgin of good PR). Of course,
if done properly rather than lazily, continuing to support older OSs
_shouldn't_ involve much overhead anyway.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf
Everyone learns from science. It all depends how you use the knowledge.
- "Gil Grissom" (CSI).
[toc] | [prev] | [next] | [standalone]
| From | dillinger <dillinger@invalid.not> |
|---|---|
| Date | 2025-08-13 20:38 +0200 |
| Message-ID | <9l2vml-ri7p2.ln1@spock.lan> |
| In reply to | #186666 |
On 8/11/2025 6:37 PM, Bill Bradshaw wrote: > After using Windows 11 on a new mini computer I am worried about upgrading > some of my windows 10 computers to 11. If you go through some contortions MS > is going to provide defender upgrades but it appears you also have to have > Microsoft accounts rather than local accounts. Why not forget defender and > go to a commercial antivirus? So I would have pay for a license but that I > am not concerned about that. > > <Bill> > > Your Windows will not be patched anymore, this is not the same as dropping defender updates, they will likely continue, at least until IOT Enterprise 2021 runs out of support. FWIW, defender still is updated on Windows 8.1 today, more than 2.5 years after W8 EOL.
[toc] | [prev] | [next] | [standalone]
| From | Bloody Microshit <invalid@invalid.invalid> |
|---|---|
| Date | 2025-08-14 00:33 +0100 |
| Message-ID | <107j7vh$jl4k$1@paganini.bofh.team> |
| In reply to | #186744 |
On 13/08/2025 19:38, dillinger wrote: > On 8/11/2025 6:37 PM, Bill Bradshaw wrote: >> After using Windows 11 on a new mini computer I am worried about >> upgrading >> some of my windows 10 computers to 11. If you go through some >> contortions MS >> is going to provide defender upgrades but it appears you also have to >> have >> Microsoft accounts rather than local accounts. Why not forget >> defender and >> go to a commercial antivirus? So I would have pay for a license but >> that I >> am not concerned about that. >> >> <Bill> >> >> > Your Windows will not be patched anymore, this is not the same as > dropping defender updates, they will likely continue, at least until IOT > Enterprise 2021 runs out of support. > FWIW, defender still is updated on Windows 8.1 today, more than 2.5 > years after W8 EOL. I can't get this update: <https://support.microsoft.com/en-gb/topic/kb5021123-description-of-the-security-update-for-sql-server-2012-sp4-gdr-february-14-2023-74a1bd4d-63c0-41a5-8c9a-12e6b9f9ef43> Microsoft wants me to pay for it. Bloody Microshit!!!
[toc] | [prev] | [standalone]
Page 2 of 2 — ← Prev page 1 [2]
Back to top | Article view | alt.comp.os.windows-10
csiph-web