Ask a new question

Antivirus program in Windows 10

I am using Windows 10 and i am little bit concerned about its security. Can anybody tell me is Windows defender is safe alone...i know being 100% safe is not possible i am just talking in general sense...or do i need a antivirus program. Personally i don't like antivirus program cause they affect system performance very much

64 people found this helpful

Was this discussion helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this discussion?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this discussion?

Thanks for your feedback.

Depends on a lot of things...

Suggestion to read

May 4, 2018: I won't participate anymore in MC. Enough is enough.

1 person found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Windows Defender is an antivirus program; and it’s currently performing quite well in the AV-Comparatives Real-World Protection Test. But Defender also has the largest user-dependent protection segment in that test, and the highest number of false positives. So if you decide to use it, you might want to consider configuring it for maximum protection:

http://chart.av-comparatives.org/chart1.php?chart=chart2&year=2017&month=11&sort=0&zoom=2

Block at First Sight (Seen):

Windows Defender can now immediately block a suspicious or unknown file; upload a sample for analysis; and generate a signature – all within a matter of seconds. And we can use PowerShell to upgrade the default level of protection for this feature. The upgrade settings aren’t documented, but I tricked PowerShell into telling me their named values by specifying a numerical value that I knew was out of range:

To configure an higher level of cloud protection (Cloud Block Level), run one of these commands at the Administrator PowerShell prompt:

Set-MpPreference -CloudBlockLevel High

Set-MpPreference -CloudBlockLevel HighPlus

Set-MpPreference -CloudBlockLevel ZeroTolerance

And you can also increase the allotted file-analysis time by running this command at the Administrator PowerShell prompt:

Set-MpPreference -CloudExtendedTimeout 50

Windows Defender Exploit Guard:

The exploit protection features that were previously provided by EMET are now integrated into Windows 10; and most users shouldn’t need to modify the default settings for these.

Attack Surface Reduction:

We also have the ability to add Attack Surface Reduction rules in Version 1709, but the only practical way to add these rules in Windows 10 Home is with the PowerShell Set-MpPreference cmdlet:

For example, here’s the first rule that I set up by running a command line at the Administrator PowerShell prompt:

Rule: Block JavaScript or VBScript from launching downloaded executable content:

Set-MpPreference -AttackSurfaceReductionRules_Ids D3E037E1-3EB8-44C8-A917-57927947596D -AttackSurfaceReductionRules_Actions Enabled

Then to add additional rules, we use the Add-MpPreference command:

Rule: Block executable content from email client and webmail:

Add-MpPreference -AttackSurfaceReductionRules_Ids BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550 -AttackSurfaceReductionRules_Actions Enabled

https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction

Controlled Folder Access:

Controlled Folder Access is turned off by default; so you’ll need to turn it on in the Windows Defender Security Center app > Virus & threat protection > Virus & threat protection settings. Once Controlled Folder Access is turned on, standard Windows document folders will be protected by default, and you’ll also be able to add ransomware protection for additional folders, as well as whitelist trusted applications in order to allow them access to your protected folders. If you have trouble whitelisting a friendly app, then you can set this feature to run in Audit Mode, where it will identify access events, but won’t block them. Run this command at the Administrator PowerShell prompt to set Audit Mode:

Set-MpPreference -EnableControlledFolderAccess AuditMode

Then to reset Controlled Folder Access to its blocking mode, run this command:

Set-MpPreference -EnableControlledFolderAccess Enabled

There’s already a lot of confusion about allowing an app through Controlled Folder Access, and some “Windows experts” are responding to this with a just-turn-it-off “solution”. Now I’ll admit that a dialog with “Block” and “Allow” buttons would make this a whole lot friendlier – but if you just jot down the blocked app’s file path that appears in the notification; and then click on the notification, this will bring up the “Allow an app through Controlled folder access” window, where you can quickly add the blocked app to the whitelist:

https://answers.microsoft.com/en-us/protect/forum/protect_defender-protect_updating-windows_10/unauthorized-change-blocked/0939daa3-b556-4494-a478-b151854e1a93

PUA Protection:

Windows Defender has actually been able to detect and block Potentially Unwanted Applications for some time now, but many people still don’t know that this feature is disabled by default and needs to be enabled by running this command line at the Administrator PowerShell prompt:

Set-MpPreference -PUAProtection 1

Then, optionally, you can confirm that PUA Protection was enabled by returning the current state for PUAProtection:

$Preferences = Get-MpPreference

$Preferences.PUAProtection

GreginMich

8 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Discussion Info

Last updated December 30, 2022 Views 1,163 Applies to: