I tried to keep this at a minimum. Airing out a few things, so I hope you don’t mind I get on my soap box.
I’ll open by stating that I very much dislike dealing with malware and AV products, including Defender. It gets worse every year. Heaven help those who write and administer malicious code, but sometimes I don’t know who’s worse > Them or the AV industry in general. To me it’s like one has to pick the lesser of all the evil with what seems to me deceit that goes on about which product is better than the other.
I’ve got to say I’m really leery once more of this AMTSO organization. Another non-for-profit org out to defeat evil. Ok. Sounds good, but someone has to pocket some money somewhere. You know > It’s like one of those non-for-profit donation orgs where the CEO makes $30MIL.
Perhaps I’m a bit too pessimistic.
On their “About Us” page they give a physical address to c/o a rather large law firm out of San Francisco? This really threw up a red flag for me. What is that? > “Don’t you dare try to sue us if you have a problem!???
AMTSO - About Us
Ok. Let’s assume this is a legit organization that’s really trying to help conquer the evil.
There is no perfect AV. I think we can all agree on that. Actually we are our best defense against them by means of our surfing habits and knowledge of how they attack, such as email attachments, internet site pages (especially sexual subject), misleading browser links, and the like. Here’s just one good thread that encompasses practical guidance and solutions. I totally agree with the disk image solution at the end > Refresh/replace rather than detect/repair in extreme cases. BTW, Wolfgang’s ISO is still available for download.
http://www.eightforums.com/system-security/19637-just-dealt-worst-malware-i-ve-ever-seen.html
I used MSE since introduction in September of 2009 while using W7 Pro. In the past 4 years I’ve gotten 2 viruses, of which Defender has caught and quarantined. I used to use SpyBot spyware (free edition) along with that scanning approximately once a month for spyware. Although a little leery of MSE’s effectiveness at first, what I liked about it was that it used far, far less resources while running in the background. I think I was using Norton before I switched. It was free via my ISP. It used far more resources, especially with Vista. I have not had a virus while using 8RP, 8, or since using 8.1 to date.
Anywho > For the real meat and potatoes for this thread. Defender only passed two tests on my machine. I got Defender Modern/Metro warning popups when files attempted to load during the first two tests, of which I didn’t allow download. The next 3 tests (with no warning popups) files got downloaded of which I allowed. I did a quick scan straightway and as you can see it detected and quarantined them.
One question I have > Is it fair to test Defender with these files since MS isn’t a “participating vendor”?
Vendor Participation
The way these tests work is really quite simple. Participating antivirus vendors just agree that they will configure their product to detect specific harmless files or Web pages the same way they would a malicious file. Fifteen major vendors have signed on so far, though not all of them support all of the feature checks. Tony Anscombe, AMTSO’s VP of Marketing, explained that “AMTSO expect more vendors will add detection of these tools to their solutions in the future.”
Obviously all the tests’ files were in Defender’s dictionary otherwise I wouldn’t have gotten the popups or that it found them. I see the last test failed and they embedded in my user files.
BTW, there’s some things I don’t like about Defender. The big one is that it’s not very configurable so far as its interface. E.g. I have
change the argument in Defender scan properties within Task Scheduler to perform a full scan, not a quick scan, which just scans system files. I never understood why MS didn’t set up full scan as default. Don’t they care about personal files?
http://www.eightforums.com/tutorials/14264-windows-defender-scheduled-scan-set-up-windows-8-a.html
Perhaps I have to rethink Defender, perhaps not. Bottom line with them all > I think we all still wonder what sits on our machines even if we have AV.