Windows defender??

Is it enough to just have Windows Defender looking after your machine? i used to have the free versions of Ccleaner & malawarebytes, but local computer shop didnt advise using them due to too much bloatware.

Real answer? No.
Then again NO security software will be sufficient to look after your machine. When million/billion dollar companies are compromised who have bigger budgets than the entirety of registered users on this board multiplied by many hundreds, perhaps even thousands, you begin to see the reality of how things work when it comes to security. Just to put it into perspective, a team of highly qualified penetration testers (good guys who can hack who emulate the bad guys who can hack) given enough freedom over a network of computer systems will succeed in breaking in well above a 90% success rate. This is regardless of whether the place they are attacking is hidden in a bunker underground or a server room a few storeys above a main street in a city somewhere. These are by the way good guys who would never cause you any harm although their experience and knowledge allows them to if they wanted to turn rogue and start doing illegal stuff. Now imagine that there are bad guys who do this stuff EVERYDAY who aren't interested in joining the good guys and yet still have the same tools, same resources, same knowledge, experience etc.

This is the reality when we talk about whether antivirus really works or not. If a group of people with a desire to break into some of the richest corporations on the planet can do it, and antivirus is something these corporations could literally spend millions on each year and still pay their executive six-seven figure bonuses, you already have an answer to your question.

If Windows Defender was enough do you think we would still have a problem with viruses and such? No. Windows Defender would therefore be the antidote and we wouldn't have to ever worry about our networks/systems getting infected. Windows Defender, just like any other antivirus solution, would be a cure and never again would anyone ever mention hacking or anything related to compromising networks/systems.

Alas, it happens every day, every minute. If you Google malware threat map you will come across some very well designed maps of current threats globally almost in real time. They are delayed by a few minutes, sometimes several hours in fact, but if they are happening so fast and in such quick succession during that particular period of time the activity of the map is alluding to then you can be assured the world hasn't fallen into silence a few hours later. Cyber attacks are happening 24/7 against entire country infrastructures, healthcare systems, banking systems, transport systems, big businesses and even on governments themselves.

Do you think Windows Defender is standing there alone against an entire global threat in cyber attacks? Just one standalone software package that comes shipped by default with the Windows operating system? Do you think the US government is sat behind a wall of Windows Defenders hoping that the latest definitions update keeps them safe and secure? No. They have an entire army of elite hackers breaking down digital doors all over the world doing the same thing the bad guys are doing to them, the same things that every bad guy is intending to do around the world when they launch an attack of any kind.

So do not rely solely on Windows Defender. Do not also put your trust into any other antivirus solution. Antivirus is but one method of defense out of an entire armory of methods of defending. Unfortunately much of mainstream society only have knowledge of very few methods for protecting themselves and are preyed upon by clever marketing to put so much trust into the products they use without really knowing the truth behind their ability to protect them.

On a scale of protection, 100 being completely protected and 0 being no protection at all, antivirus offers at the most a 5, maybe a 10 if it's configured to deal with specific threats ie with certain protective features that give it a much more proactive role instead of sitting there and just scanning files against known signatures of malware. With a firewall you might be able to boost that number to 15, with a more secure operating system and subsequent hardening maybe 20 or 25. Even with a team of highly skilled and experienced experts you won't find that number going over 50-60. The risk you take in using a computer and especially with using the internet will always substantially lower your level of protection. In most cases the best protection is to unplug yourself from the internet and/or not use computers at all. They can be hacked through other ways and ultimately if physically obtained can be manipulated very very easily.

Use antivirus but not take the level of protection as concrete. No antivirus whether it's made by Microsoft or Mother Teresa is going to be sufficient if and when a determined attack takes place. You may detect low lying fruit ie common threats but you won't stop what the antivirus doesn't know about and/or cannot even comprehend. Just remember people out there do hacking for a living and they break into the richest companies as their day job in order to try and educate these companies on how best to prepare and prevent attacks. Whenever you come across antivirus just remember that and then ask yourself whether the bad guys who actually don't care and cannot do the right thing are going to be thwarted by antivirus when they can do far more when attacking far bigger targets.

Windows Defender combined with common sense if good enough for a vast majority of computer users who mostly just surf the internet, play games, shop etc. Why would hackers try to hack ordinary users when hacking a corporation is much more profitable? Most people get infected now thru social engineering using emails or by downloading shady programs, not by being hacked. However, I don't believe in a one solution setup as nothing is 100% effective, combine Defender with something such as Configure Defender, OSArmour or Voodoo Shield and your good as gold.

Digmor Crusher said:

Windows Defender combined with common sense if good enough for a vast majority of computer users who mostly just surf the internet, play games, shop etc. Why would hackers try to hack ordinary users when hacking a corporation is much more profitable? Most people get infected now thru social engineering using emails or by downloading shady programs, not by being hacked. However, I don't believe in a one solution setup as nothing is 100% effective, combine Defender with something such as Configure Defender, OSArmour or Voodoo Shield and your good as gold.

That's not true. There is a romance in pop culture surrounding antivirus protection. Of course many romances in pop culture are deliberately forged in order to push a particular ideology and/or products. That agenda is pushed by those seeking profit and dominance over a particular market. Diamonds were never considered to be desirable until they were marketed as such. Now you'll rarely find a woman that doesn't expect a diamond wedding ring! It's no different with antivirus. The value of antivirus is in the grand scheme of things, especially when isolated and not run in conjuction with extensive security measures and practices, completely superficial. It's much like diamonds in that 99% of it's worth comes from clever marketing and then the general public taking the bait. This isn't to say that it's completely useless, just as it's incorrect to say diamonds have no use either (think diamond coated drills for example). But on it's own and seen for it is is pretty much obsolete. The only people who push the contrary are those looking to sell antivirus, or connected with such promotion of said products, or those who are the consumers who do not understand the way in which corporations work, and they rarely work without aggressive marketing and/or strategies for profit and market dominance.

Windows Defender on it's own in ANY context is absolutely not enough. I could disable every last bit of critical operating of Windows Security with one registry file. Combine that with a batch file that runs silently (done very easily with a few parameters added to the script, and without user interaction, again another simple parameter to add, and running with full priveleges and now Windows Defender along with everything else is toast. You can hide the script among a genuine executable and then get that executable ask for admin priveleges and now everything that runs under this parent process ie the originated executable, gets admin priveleges. Disable notifications just to make sure the user doesn't receive a nagging toolbar telling them to enable protection. Force a restart to ensure system has been configured to run with no security protection. Viola.

And whose to say that attackers don't go for 'ordinary' people? Aren't people working in corporations 'ordinary'? The only difference is entirely subjective and spurious. Even a CEO is ordinary in that he isn't seperate to the human species therefore he's still like everyone else even if he has got millions in the bank and doesn't really care about those lower in the chain of command. Ordinary people get hacked all the time. Antivirus is designed specifically for ordinary people. Because ordinary people admittedly know nothing about the technology they are using. It's a way to hold your hand because you are in many ways a child in a very challenging world that can and will gobble you up. You won't find much need for antivirus in corporate environments because any well versed security expert knows they are pointless in the grand scheme of things. If they are used they are not used in the capacity you are suggesting. They are used specifically for very low priority tasks. There is far more at work to protect corporate environments.

You can combine software with software all you want. It makes little difference. You're just applying band aids to a gaping gun shot wound. You can never trade knowledge and experience for software that is incapable of encompassing several years, maybe even decades, of systems administration and security (in all contexts). Seriously, try it out for yourself. Find someone who knows how to hack and whose not going to destroy your life maliciously if they got the chance to, make some friendly arrangement, some sort of test, and see how long your computer holds up with as many software packages installed as you wish. Even with firewall installed for example there's nothing stopping them attacking your home network or hacking a device on the network and then using that device to then pivot across the network. You'll be surprised that 99% of what people are told is a myth. It's marketing. It's why diamonds are a girls best friend. It's why people buy Coca Cola instead of the cheap stuff for half the price. It's why you buy designer clothes instead of clothes half the price.

You also mentioned social engineering. Isn't that a form of hacking? Not all hacking is computer related. Peoples' brains get hacked all the time in the way they are exploited ie through impulsivity, manipulation etc. Social engineering IS a form of hacking. And downloading a shady program often infers the downloading of a backdoor which is fundamentally one of the oldest forms of hacking a computer by poking a hole in it by means of forming an outgoing connection (often a reverse shell for instance) to the attackers computer instead of attacking the old old fashioned way and potentially getting blocked through firewall. When the connection is outgoing it's often far more trusted than any incoming connection. And when it's an outgoing connection that happens in the guise of genuine software, like a software installation executable for instance which connects out to contact the developer server for many reasons, very little can done to stop this unless the traffic being sent is known to security software as being malicious but this usually only happens when well known penetration testing frameworks are used. So, this is hacking 101. It's all hacking. And everyone is a target, in the real world anyway.

Ok, well I choose not to discuss this any further as it would be pointless, but just curious, what do you use for protection? Enlighten us please. I apologize if you mentioned in another reply but I didn't have time to re-read all of your novels.

Digmor Crusher said:

Ok, well I choose not to discuss this any further as it would be pointless, but just curious, what do you use for protection? Enlighten us please. I apologize if you mentioned in another reply but I didn't have time to re-read all of your novels.

Protection is knowledge and experience. It's not software. You may be confusing security with software. Software implementations for security are just that, they are not security itself. Security is a broad and complex field in the tree of computing and spans many other fields. You have been sold that protection entails downloading software but like I've said this is not even a small percentage of the actual reality. I'm writing this because I spent a substantial amount of time studying security and what I learned completely changed how I look at computers. There is so much to the subject of security that it's mind boggling to attempt to comprehend it all. That's why threats are so real and so dangerous because when that comprehension is realized you're looking at weapons that are akin to nuclear bombs but in a digital age. It took us hundreds of thousands of years of our evolution to create the atom bomb. It's taken us even longer to create bombs that can destroy millions and millions of computers and affect the lives of billions of people.

Much of what I learned came down to opsec, or operational security. It's not about what you install so much as how you operate in your daily life. Sounds paranoid but a day in the life of someone who practices very good opsec you'll find their footprint barely exists in comparison to your average user. Not to say they don't exist on the web and that they are not identifiable and their systems invincible. Their actions are what help to protect them, not the software they use. Security is in many ways a lifestyle choice more than it is a decision to download software. It is a decision to learn about the environment you are in and then prevent threats against yourself in that environment. Buying a gun and knowing how to shoot it and protect your family are two different things. Watching kung-fu movies and training in MMA with a view to defend yourself in a street fight are two different things. Downloading antivirus and practicing security are two different things. You can be the great pretender and reckon to be a computer expert because you've spent time on a technical forum and you can actually spend time to learn about the subjects you profess to know about. The latter will always serve you better. The former is merely an attempt to bolster a fragile ego, someone who wants to appear superior but who is essentially a charlatan and couldn't protect a network even if it meant simply unplugging a cable.

I use security software but I know they do a very small and limited job. The best protection out of everything is likely the one thing people know very little about and that's firewalls. Hardware firewall is considerably better but then again as are managed switches for managing traffic on a network. Most people know nothing about networking. They couldn't tell you how IP addresses are made or what a class C network is, or a class B. They couldn't even tell you the difference between network and host in an IP address. They don't even know what an octet is or how this relates to an IP address. They know little about DHCP, about TCP or UDP, CIDR, NAT, about how hubs, switches, network topology. They couldn't tell you how a packet can be theoretically visualised ie header, payload, trailer etc. They don't know what the OSI model is. They couldn't tell you what port number web traffic is sent and received. But they tell you to install antivirus and firewall. What does a firewall do? What does antivirus do even? These people have no idea. Should I download it because someone told me to? Someone who doesn't even know what they actually do? This is the reality of the world we live in. So there is a BIG difference between what you are saying and what actually is the truth.

I know that if there was a 0 day vulnerability used today it would very likely compromise my system, like it would yours and everybody elses, but the lifestyle choice of practicing security is what will prevent longterm damage, hence the emphasis on knowing the difference between software and the actual overarching subject of security. One is simply click and forget, the other is a continuous decision to learn, adapt, grow and prevent. One is a disaster waiting to happen, the other is a strong contigency plan waiting to be rolled out.

It's up to you how you to choose to respond to the environment you're in. I'm on this forum to provide information based off my own experience. If you're offended by my reply and you seem like you are perhaps you should take some time to actively study the topics you're professing to know about. I don't claim to be an expert but I also know enough to know what you're saying is simply not true. If you can't handle that then that's simply a projection of your own insecurity around being wrong and perhaps not actually knowing what you profess to know about. A simple cure to this is to actually learn and do the work, put in the time, learn from experience, experiment, understand how these things work. Or simply be that guy who think he's a pro because he's on a help forum but couldn't even tell you the difference between port 80 and port 443.

Learning is key. And that's why we are all here. Take care.

Steve C said:

FWIW I just use Defender augmented by offline scans using AdwCleaner...

and I have also enabled PUA detection in Windows Security, much easier now that 2004 has added a switch to turn it on.

Enable or Disable Windows Defender PUA Protection in Windows 10.

system security for windows consists of so many components, windows defender alone is just a tiny fraction.

for example firewall is also part of system security, but just having it turned on doesn't mean you're done with firewall, you will need a bunch of rules for firewall to be well set.

Then, UAC is as important as AV and Firewall, you do not want to use administrative account at all, local user instead where UAC is a gateway to administrative tasks.

next, there is browser security which in turns consists of multiple sub components, then also password security, just having strong password isn't all the part of it.

Then also encryption/signing is another component, email security is another one..

The list can be pretty much long! and configuring each component requires some time and research.