From Newsgroup: alt.comp.os.windows-10

After using Windows 11 on a new mini computer I am worried about upgrading some of my windows 10 computers to 11. If you go through some contortions MS is going to provide defender upgrades but it appears you also have to have Microsoft accounts rather than local accounts. Why not forget defender and
go to a commercial antivirus? So I would have pay for a license but that I
am not concerned about that.

<Bill>


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Bill Bradshaw <bradshaw@gci.net> wrote:

After using Windows 11 on a new mini computer I am worried about
upgrading some of my windows 10 computers to 11. If you go through
some contortions MS is going to provide defender upgrades but it
appears you also have to have Microsoft accounts rather than local
accounts. Why not forget defender and go to a commercial antivirus?
So I would have pay for a license but that I am not concerned about
that.

You could wait to see if Defender updates dry up. If not, no need to
change. If so, first try a free Av, like Bitdefender, or Avira*.

* I had problems with Avira. Once I access removable storage (e.g.,
floppy drive), all removable devices got re-polled at 1-minute
intervals. Avira could not reproduce, so it never got addressed. Few
users got hit with the defect, but I was not alone.

You could adding MalwareBytes Anti-Malware (MBAM), but not as the
primary protection layer, and make sure to disable its on-access
(realtime) scanner since only one should be active at a time. Use MBAM
as a second opinion on-demand (manual) scanner. However, MBAM has far
more false positives, even on tweaks you performed yourself to improve
security (they don't know you made those tweaks).

Don't waste time with Avast to endure their marketing campaigns, and AVG
is the same as Avast since Avast acquired AVG for $1.3 billion way back
in 2016. Avoid McAfee and Norton. If you're willing to pay for AV, you
get extra features and improved pest detection. If you don't practice
safe hex, eventually you will get infected, so of importance may be how
well an AV santizes and heals your system. Disinfection is never
perfect, so setup scheduled image backups permitting you to revert your
system back to a known and uninfected state. Don't rely solely on an AV
to repair and mend your system. Backups should be scheduled. If they
are manual initiated, they don't happen at short enough intervals, or
may not happen at all. Manual backups don't get done. How granular are
the backups determines how much you lose in a restore. Use a backup
program that lets you scheduled full, differential, and incremental
backups, so you can pick the granularity for restore, like monthly full,
weekly differential, and daily incremental. If you do just fulls,
you'll run out of storage space which means you have to do less of them
to fit into available storage.

You could visit av-comparatives.org to see how each fares now for best coverage, lowest false positives, and other attributes interest you.
However, understand they don't test freeware unless that is the only way
to get it.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Mon, 11 Aug 2025 12:12:17 -0500, VanguardLH wrote :

Don't waste time with Avast to endure their marketing campaigns, and AVG
is the same as Avast since Avast acquired AVG for $1.3 billion way back
in 2016. Avoid McAfee and Norton.

When is the last time any of us, who've been here forever, got a virus?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

VanguardLH used his keyboard to write :

Bill Bradshaw <bradshaw@gci.net> wrote:

After using Windows 11 on a new mini computer I am worried about
upgrading some of my windows 10 computers to 11. If you go through
some contortions MS is going to provide defender upgrades but it
appears you also have to have Microsoft accounts rather than local
accounts. Why not forget defender and go to a commercial antivirus?
So I would have pay for a license but that I am not concerned about
that.

You could wait to see if Defender updates dry up. If not, no need to
change. If so, first try a free Av, like Bitdefender, or Avira*.

* I had problems with Avira. Once I access removable storage (e.g.,
floppy drive), all removable devices got re-polled at 1-minute
intervals. Avira could not reproduce, so it never got addressed. Few
users got hit with the defect, but I was not alone.

You could adding MalwareBytes Anti-Malware (MBAM), but not as the
primary protection layer, and make sure to disable its on-access
(realtime) scanner since only one should be active at a time. Use MBAM
as a second opinion on-demand (manual) scanner. However, MBAM has far
more false positives, even on tweaks you performed yourself to improve security (they don't know you made those tweaks).

Don't waste time with Avast to endure their marketing campaigns, and AVG
is the same as Avast since Avast acquired AVG for $1.3 billion way back
in 2016. Avoid McAfee and Norton.

What are your reasons for avoiding McAfee and Norton?
A friend of mine uses McAfee and swears by it. I have used Norton
since before the turn of the century and it has never caused me a
problem (contrary to the claims that is slows down your pc).
--
mick
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Mon, 8/11/2025 12:37 PM, Bill Bradshaw wrote:

After using Windows 11 on a new mini computer I am worried about upgrading some of my windows 10 computers to 11. If you go through some contortions MS is going to provide defender upgrades but it appears you also have to have Microsoft accounts rather than local accounts. Why not forget defender and go to a commercial antivirus? So I would have pay for a license but that I am not concerned about that.

<Bill>

Observe the file pattern here.

https://www.microsoft.com/en-us/wdsi/defenderupdates

There is more to the story, the story has details

1) Defender signature definitions (the above files). Free, but signature definitions
are not a very strong method of protection.

2) Defender Engine Update (not available necessarily that way, might be a separate package).
3) Patch Tuesday security updates for known CVE
($30, MSA account, only lasts one year, limited duration)
Or as an alternative, 0Patch subscription (select CVE patched by a third party company).
4) The $30 likely buys you other sorts of files or packages, but not new features.
Maybe you'd still get certificate updates or something. IDK the details.
Perhaps a certificate helps the SChannel to work (Firefox does not use the SChannel and
has its own certificate store). There might be the odd third-party Windows utility,
that relies on the SChannel for TLS/SSL.

Paul
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Marion wrote:

On Mon, 11 Aug 2025 12:12:17 -0500, VanguardLH wrote :

Don't waste time with Avast to endure their marketing campaigns, and AVG
is the same as Avast since Avast acquired AVG for $1.3 billion way back
in 2016. Avoid McAfee and Norton.

When is the last time any of us, who've been here forever, got a virus?

Roughly 1995 for me.
I have never used any active antivirus on my machines and don't plan to.
All of my comps have accessed the web via multiple bridges, natting,
and routers, each with a hardware or software firewall.
Running online scans or with updated Linux boot disk scanners once every
few months have never turned up anything that I was not already aware of (virus simulators, etc.). However, most of my work and friend
acquaintances are not comp literate and they like to click on the little
green buttons that say "Click here".
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 11/08/2025 17:37, Bill Bradshaw wrote:

After using Windows 11 on a new mini computer I am worried about upgrading some of my windows 10 computers to 11. If you go through some contortions MS is going to provide defender upgrades but it appears you also have to have Microsoft accounts rather than local accounts. Why not forget defender and go to a commercial antivirus? So I would have pay for a license but that I am not concerned about that.

<Bill>

Commercial antivirus providers will only sell to you if you create an
account with them. They will require your mobile or landline number so
that they can provide you with further services in Alaska, where Donald
Trump will have the opportunity to meet his hero, Vladimir Vladimirovich Putin.
















--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

mick <nospam@junk.mail> wrote:

What are your reasons for avoiding McAfee and Norton?

When Norton's transparent proxy becomes unresponsive, web traffic halts.
Users don't know it's Norton causing the outage. They reboot, and the
problem goes away. I reported the issue, and how to reproduce it to
Symantec. They were mute. I finally figured out a way to stop the
service, kill which processes, and in which order, and in which order to restart or reload them to get their transparent proxy functional again.

McAfee: Way too many false positives. No free version, either. And
trials are not freeware.

Both are extremely difficult to eradicate from your system. Their
uninstall is very dirty. In fact, the Norton devs said the only reason
anyone uninstall their software was as a troubleshooting step, and
absolutely always would reinstall right after uninstall, so leaving a
bunch of crap in the registry facilitated the re-setup. Artifacts of
their dirty uninstall were shell extensions that were no longer valid,
but would screw up explorer.exe when trying to load them. The vast
majority of users don't have the expertise to overcome dirty uninstalls,
know what might be the source of a problem, or diagnose a problem.
They're lost when a problem arises, and don't even know it's due to the
AV software. They're good as long as they always function, and you
never uninstall them.

Both are good for pest detection, but more trouble than worth the effort
when compared to other free solutions. While the OP hinted he may pay
for a 3rd-party anti-malware product, why pay for what you can get for
free? He indicated nothing that infers he needs more than the default
feature set in freeware AV.

That you and your friend have good luck with Norton AV and McAfee AV
does not obviate all the complaints about them. If you want more
reasons, do the research yourself. You can visit av-comparatives.org to compare various anti-malware products, like looking at:

https://www.av-comparatives.org/consumer/comparison/

Hover over each data point to get quick stats on each AV, like:

Bitdefender
- Blocked: 99.8%
- User dependent (user still had option to run malware): 0%
- Compromised: 0.2%
- False positives: 3

Avira
- Blocked: 99.3%
- User dependent: 0%
- Compromised: 0.7%
- False positives: 5

Norton
- Blocked: 99.5%
- User dependent: 0%
- Compromised: 0.5%
- False positives: 9

McAfee
- Blocked: 99.3%
- User dependent: 0%
- Compromised: 0.7%
- False positives: 9

High pest detection is nice, but false positives will waste your time
trying to determine they were false positives, or having to research
just what is the cause of the alert. If you have a car with TPMS (Tire Pressure Monitoring System), would you want it telling you there was a
flat when there wasn't? Or your doorbell ringing when no one pushed the doorbell button?

With Norton and McAfee, you can report false positives. You first have
to determine it was a false positive, and how many users are going to
report it? Most users can't even do the first step. You want an AV
with high pest detection AND low[est] false positives. Security for the
end user should be transparent, not a job.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Paul <nospam@needed.invalid> wrote:

Observe the file pattern here.

https://www.microsoft.com/en-us/wdsi/defenderupdates

What pattern? A history of update dates is not listed, so no way to
determine there how often or at what intervals Defender gets updated.

There is more to the story, the story has details

1) Defender signature definitions (the above files). Free, but signature definitions
are not a very strong method of protection.

Signature databases are updated at very short intervals, sometimes
daily. Heuristics, however, often don't change until the next major
version update. With Defender, its engine is updated with major version releases of Windows, not before. While signatures can cause false
positives (the hash to match is not against all bytes in a file), aging heuristics can generate more false positives.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 08/11/2025 12:37 PM, Bill Bradshaw wrote:

After using Windows 11 on a new mini computer I am worried about upgrading some of my windows 10 computers to 11. If you go through some contortions MS is going to provide defender upgrades but it appears you also have to have Microsoft accounts rather than local accounts. Why not forget defender and go to a commercial antivirus? So I would have pay for a license but that I am not concerned about that.

<Bill>

It is possible that you can get a free version of a commercial antivirus program from your internet provider.

I know the ATT provides a free version of commercial antivirus program.
It was one of the first things I installed on my new computer.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 2025/8/12 2:6:1, knuttle wrote:

[]

It is possible that you can get a free version of a commercial antivirus program from your internet provider.

[]

I think I've also seen banks offer something.--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

In the words of my grandpa, a woman is as old as she looks. A man is
never old until he stops looking.
- Alice Apfel, designer, 1921-2024 (102)
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Mon, 8/11/2025 8:59 PM, VanguardLH wrote:

Paul <nospam@needed.invalid> wrote:

Observe the file pattern here.

https://www.microsoft.com/en-us/wdsi/defenderupdates

What pattern? A history of update dates is not listed, so no way to determine there how often or at what intervals Defender gets updated.

Windows 7 still receives updates.

Paul

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Mon, 8/11/2025 8:59 PM, VanguardLH wrote:

Paul <nospam@needed.invalid> wrote:

Observe the file pattern here.

https://www.microsoft.com/en-us/wdsi/defenderupdates

What pattern? A history of update dates is not listed, so no way to determine there how often or at what intervals Defender gets updated.

There is more to the story, the story has details

1) Defender signature definitions (the above files). Free, but signature definitions
are not a very strong method of protection.

Signature databases are updated at very short intervals, sometimes
daily. Heuristics, however, often don't change until the next major
version update. With Defender, its engine is updated with major version releases of Windows, not before. While signatures can cause false
positives (the hash to match is not against all bytes in a file), aging heuristics can generate more false positives.

Not all AVs have heuristics (that is how bad some of them are).
Some of them, you can kinda tell by how clueless the product
is, that they are just signature analysis programs.

Malwarebytes started by designing some heuristic protections
with their product, and no signatures. Signature analysis was
added later. Not many other products have worked in that order.
It's just so much easier to clone the ClamAV database and use
that.

I think AV-comparatives may have had a test for heuristic detection
at some point. Maybe ESET was known at the time, to have some
heuristic means.

Microsoft has on a couple of occasions, made reference to some
magic they have, but there is never any real-world event
that correlates with their description. For example, Microsoft
claims they can turn off your computer "in 10 microseconds"
in the event Windows Defender detects something it cannot
stop by conventional means. As a user, if you were not informed
of that possibility, you might never guess what such a scenario meant.
You would not know how to interpret that sort of dirty shutdown.
It implies the shutdown is fast enough, there would be nothing
in the Event Viewer. They also did not give any examples of
triggers that would cause that to happen. To the user, you would
not be able to tell that, from a THERMTRIP. Or a bad PSU.

Paul
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Mon, 8/11/2025 9:06 PM, knuttle wrote:

On 08/11/2025 12:37 PM, Bill Bradshaw wrote:

After using Windows 11 on a new mini computer I am worried about upgrading >> some of my windows 10 computers to 11. If you go through some contortions MS >> is going to provide defender upgrades but it appears you also have to have >> Microsoft accounts rather than local accounts.-a Why not forget defender and >> go to a commercial antivirus?-a So I would have pay for a license but that I >> am not concerned about that.

<Bill>

It is possible that you can get a free version of a commercial antivirus program from your internet provider.

I know the ATT provides a free version of commercial antivirus program. -aIt was one of the first things I installed on my new computer.

<rolls eyes>

Absolutely DO NOT do that.

Internet providers hand out JUNK. Remember that
the reason they got a deal on the AV product in the
first place, is the AV company is badly in need of
"promotion", so the ISP is getting a copy of an AV for a buck.
If you listen to the users whine about what a piece
of "crap" their free gift was, you would not be
so fast to latch onto an item like that. Look at Vanguards
description of the "left-overs" products like that leave
behind. Even if you use the "cleaner application" the
AV company hands out, even that can't remove everything.

This is because, at the heart of it, an AV is a root kit.
There is nothing finer as an AV, than latching onto the
kernel and injecting yourself. That's your "perch" where
you can watch the world go by. The more lazy you are as an
AV company, the more dirty your "little trick" is.

And you'll notice recently, Microsoft had a dialog with its
friends, about what intrusions in Ring0 were costing Microsoft.
And that means, the AV companies might not be sitting on the
same perch they were sitting on last week. They could end up
in a container, like NVidia and RealTek (the excessive usage
of virtualization, for OS control).

(sample article)

https://www.theverge.com/news/692637/microsoft-windows-kernel-antivirus-changes

I believe that Kaspersky as a product, is good enough, it
could survive in a knife fight in Ring 3. Not a lot of other
products are that good. I was really impressed, the one time
I needed that. It took three reboots, but on the third
reboot, Kaspersky had tunneled in, and the malware was dead.
I was impressed by the little show.

On the first reboot, the machine didn't last very long.
On the second reboot, the knife fight took a bit longer,
before the malware won. But on the third reboot, Kaspersky
had managed to do something on that second cycle,
to slay the malware, and the little fight was over.
And with Kaspersky, there was no little box on the screen
saying "we fix 8000 things". There was no gloating.
There was just the knife fight... and then I was in control
of the machine again.

It was similarly funny, when I was attempting to install FRAPS.
That's a frame counter program and capture program, for recording
video game play. It worked up to Windows 7 or so, but does not work
on later OSes. It works, by "injecting" a DLL in each Program Files
folder. Well, Kaspersky *hates* seeing an activity like that,
and Kaspersky and FRAPS got into a knife fight (because FRAPS
was dumping 200 copies of the same DLL onto C: ), and after
maybe five seconds or so, the machine was frozen. Reboot time.

Paul
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 11/08/2025 20:46, mick wrote:

VanguardLH used his keyboard to write :

Bill Bradshaw <bradshaw@gci.net> wrote:

After using Windows 11 on a new mini computer I am worried about
upgrading some of my windows 10 computers to 11. If you go through
some contortions MS is going to provide defender upgrades but it
appears you also have to have Microsoft accounts rather than local
accounts.a Why not forget defender and go to a commercial antivirus?
So I would have pay for a license but that I am not concerned about
that.

You could wait to see if Defender updates dry up.a If not, no need to
change.a If so, first try a free Av, like Bitdefender, or Avira*.

* I had problems with Avira.a Once I access removable storage (e.g.,
floppy drive), all removable devices got re-polled at 1-minute
intervals.a Avira could not reproduce, so it never got addressed.a Few
a users got hit with the defect, but I was not alone.

You could adding MalwareBytes Anti-Malware (MBAM), but not as the
primary protection layer, and make sure to disable its on-access
(realtime) scanner since only one should be active at a time.a Use MBAM
as a second opinion on-demand (manual) scanner.a However, MBAM has far
more false positives, even on tweaks you performed yourself to improve
security (they don't know you made those tweaks).

Don't waste time with Avast to endure their marketing campaigns, and AVG
is the same as Avast since Avast acquired AVG for $1.3 billion way back
in 2016.a Avoid McAfee and Norton.

What are your reasons for avoiding McAfee and Norton?
A friend of mine uses McAfee and swears by it.a I have used Norton since before the turn of the century and it has never caused me a problem (contrary to the claims that is slows down your pc).

Bloat.
--
Regards
wasbit
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 12/08/2025 06:39, Paul wrote:

On Mon, 8/11/2025 8:59 PM, VanguardLH wrote:

Paul <nospam@needed.invalid> wrote:

Observe the file pattern here.

https://www.microsoft.com/en-us/wdsi/defenderupdates

What pattern? A history of update dates is not listed, so no way to
determine there how often or at what intervals Defender gets updated.

Windows 7 still receives updates.

As does Windows 8.1, although my routine is to update the definitions
manually every day after turning on the PC, then either scanning or
walking away for 10 minutes allowing Defender to automatically start a
scan when it detects no PC activity.
--
Regards
wasbit
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Paul in Houston TX wrote:

When is the last time any of us, who've been here forever, got a virus?

Roughly 1995 for me.
I have never used any active antivirus on my machines and don't plan to.
All of my comps have accessed the web via multiple bridges, natting,
and routers, each with a hardware or software firewall.
Running online scans or with updated Linux boot disk scanners once every
few months have never turned up anything that I was not already aware of >(virus simulators, etc.). However, most of my work and friend
acquaintances are not comp literate and they like to click on the little >green buttons that say "Click here".

Apparently we both have been using the same virus scanner for ages then.
It's called BRAIN 1.0.

-jw-
--
And now for something completely different...
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Tue, 12 Aug 2025 11:44:03 +0200, Joerg Walther wrote :

most of my work and friend

acquaintances are not comp literate and they like to click on the little >>green buttons that say "Click here".

Apparently we both have been using the same virus scanner for ages then.
It's called BRAIN 1.0.

I'm gonna agree most of us haven't gotten a virus in years for, oh, maybe
two reasons, but the main reason is Brain 1.0 doesn't "click here now!".

I'm not sure if the other reason might be that Windows Defender is on by default, it's updated by default, and maybe it's doing it's job????

Is it?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Paul <nospam@needed.invalid> wrote:

VanguardLH wrote:

Paul <nospam@needed.invalid> wrote:

Observe the file pattern here.

https://www.microsoft.com/en-us/wdsi/defenderupdates

What pattern? A history of update dates is not listed, so no way to
determine there how often or at what intervals Defender gets updated.

Windows 7 still receives updates.

Wouldn't that just be signature updates? And those are not for virus,
or other malware, just spyware (see last paragraph). I thought Defender
got engine updates with new versions (builds) of Windows, but the
following Microsoft article lists when there were engine & platform
updates:

https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-updates

July-2025 (Platform: 4.18.25070.5 | Engine: 1.1.25070.4)
August 5, 2025 (Engine) / August 6, 2025 (Platform)
June-2025 (Platform: 4.18.25060.7 | Engine: 1.1.25060.6)
July 22, 2025 (Engine) / July 22, 2025 (Platform)
May-2025 (Platform: 4.18.25050.5 | Engine: 1.1.25050.6)
June 13, 2025 (Engine) / June 13, 2025 (Platform)
April-2025 (Platform: 4.18.25040.2 | Engine: 1.1.25040.1)
May 14, 2025 (Engine) / May 22, 2025 (Platform)

That is as far back as that list shows. Maybe there is another list
showing older history. So, about once per month Defender gets engine
and platform updates.

That article does not list versions of Windows, just "Windows" for the supported platform.

https://www.microsoft.com/en-us/wdsi/definitions/antimalware-definition-release-notes

By picking different versions, it looks like sig updates occur on the
same day (zero days), or every 1 to 2 days, not after a month.
Algorithms (heuristics) are not signatures, so presumably those are in
the engine/platform updates at monthly intervals.

Before Windows 8, Defender was just a spyware detector. In Vista and 7,
users were pointed at MS Security Essentials (MSE) to get AV protection.
MSE was discontinued back with Windows 7, and its updates supposedly
ceased in Feb 2025.

https://en.wikipedia.org/wiki/Microsoft_Security_Essentials#Discontinuation
Although support for Windows 7[36] ended on 14 January 2020 Microsoft
will continue to update virus definitions for existing users until
2023."

Since you say you are using the old spyware-only Defender back in
Windows 7, you are no longer an existing MSE user; however, updates
supposedly ceased for MSE a while ago.

Not until Windows 8 did Microsoft roll their Endpoint client into
Windows to make Defender a true AV product, not just for spyware.

https://en.wikipedia.org/wiki/Microsoft_Defender_Antivirus#Conversion_to_full_antivirus

If you are using Defender under Windows 7, it was only a spyware
detector, and you should really switch to a 3rd-party AV. You probably
cannot get a new install of MSE on Windows, anymore.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Paul <nospam@needed.invalid> wrote:

VanguardLH wrote:

Signature databases are updated at very short intervals, sometimes
daily. Heuristics, however, often don't change until the next major
version update. With Defender, its engine is updated with major version
releases of Windows, not before. While signatures can cause false
positives (the hash to match is not against all bytes in a file), aging
heuristics can generate more false positives.

Not all AVs have heuristics (that is how bad some of them are).
Some of them, you can kinda tell by how clueless the product
is, that they are just signature analysis programs.

I think that is how ClamAV operates. It has such poor detection that AV compare sites don't bother listing it.

Malwarebytes started by designing some heuristic protections
with their product, and no signatures. Signature analysis was
added later. Not many other products have worked in that order.
It's just so much easier to clone the ClamAV database and use
that.

But ClamAV's detection rate is very poor. MBAM is cloning ClamAV's sig database would explain why MBAM also shows poorly for on-access
(real-time) detection.

90% detection rate sounds great until you realize the most difficult to
detect are inside the last 2% of coverage, so you need AVs with, at a
minimum, 98% detection rates, or higher. 90% means the easy-to-detect
or very old pests were detected.

There are companies that will add their own signatures into ClamAV's sig database, so you get better pest detection with ClamAV + othersigs. SecuriteInfo claims 90% with their sigs added to ClamAv's, but that
means ClamAV's sigs alone have less than 90% coverage. Very poor.

https://www.securiteinfo.com/clamav-antivirus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml

They have a free tier, and paid tiers for more features. But why bother
using ClamAV to then incorporate another sig source rather than getting
a better AV in the first place?

Yeah, ClamAV is better than nothing, but it is just better than nothing.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 2025-08-11 21:17, Marion wrote:

On Mon, 11 Aug 2025 12:12:17 -0500, VanguardLH wrote :

Don't waste time with Avast to endure their marketing campaigns, and AVG
is the same as Avast since Avast acquired AVG for $1.3 billion way back
in 2016. Avoid McAfee and Norton.

When is the last time any of us, who've been here forever, got a virus?

1988.

One of the reasons is I do use an antivirus when using Windows (not necessarily "scan on load").
--
Cheers,
Carlos E.R.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Tue, 8/12/2025 12:58 PM, Marion wrote:

On Tue, 12 Aug 2025 11:44:03 +0200, Joerg Walther wrote :

most of my work and friend

acquaintances are not comp literate and they like to click on the little >>> green buttons that say "Click here".

Apparently we both have been using the same virus scanner for ages then.
It's called BRAIN 1.0.

I'm gonna agree most of us haven't gotten a virus in years for, oh, maybe
two reasons, but the main reason is Brain 1.0 doesn't "click here now!".

I'm not sure if the other reason might be that Windows Defender is on by default, it's updated by default, and maybe it's doing it's job????

Is it?

It would find a way of reporting to you, if it was actually under attack.

When it complains about ProduKey being "hackerware", you are informed. You can try testing with that, by downloading it, and having it instantly disappear
as it is scooped out of your grasp. I keep my copy in an encrypted 7Z file. Like I worked for the bomb squad or something :-)

While a number of AVs react to EICAR, not all do. Some products have
a public policy, to not react to it. I've used that before,
to check that some of the more "lethargic" products, are actually loaded
and running.

Load into Virustotal.com (owned by Google), and search with it. EICAR SHA256

275A021BBFB6489E54D471899F7DB9D1663FC695EC2FE2A2C4538AABF651FD0F

The fleet reacts pretty good, to a test.

https://www.virustotal.com/gui/file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f

Paul
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Bill Bradshaw <bradshaw@gci.net> wrote:

After using Windows 11 on a new mini computer I am worried about upgrading some of my windows 10 computers to 11. If you go through some contortions MS is going to provide defender upgrades but it appears you also have to have Microsoft accounts rather than local accounts. Why not forget defender and go to a commercial antivirus? So I would have pay for a license but that I am not concerned about that.

Commercial vendors will quickly drop Win10 support.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Wed, 8/13/2025 2:34 AM, Chris wrote:

Bill Bradshaw <bradshaw@gci.net> wrote:

After using Windows 11 on a new mini computer I am worried about upgrading >> some of my windows 10 computers to 11. If you go through some contortions MS
is going to provide defender upgrades but it appears you also have to have >> Microsoft accounts rather than local accounts. Why not forget defender and >> go to a commercial antivirus? So I would have pay for a license but that I >> am not concerned about that.

Commercial vendors will quickly drop Win10 support.

Some in fact, already did. There were a number of computers
with no drivers for Windows 10, and this is happening well before
Windows 10 is done and dusted.

AV do not drop their support immediately. You can continue
to subscribe to third party ones, if you want. There are
free ones of that nature you can use as well, but the bloat
in them ("I include My Secure Browser") are a wee bit of
an acquired taste. I can't stand that approach to software
design, the throwing in of an unnecessary ice cube maker.

The practices then, are topic-related. Each area can have
a different policy for you to discover.

Paul
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 12/08/2025 17:58, Marion wrote:

On Tue, 12 Aug 2025 11:44:03 +0200, Joerg Walther wrote :

most of my work and friend

acquaintances are not comp literate and they like to click on the little >>> green buttons that say "Click here".

Apparently we both have been using the same virus scanner for ages then.
It's called BRAIN 1.0.

I'm gonna agree most of us haven't gotten a virus in years for, oh, maybe
two reasons, but the main reason is Brain 1.0 doesn't "click here now!".

I'm not sure if the other reason might be that Windows Defender is on by default, it's updated by default, and maybe it's doing it's job????

Is it?

Or maybe the router is doing it's job.
--
Regards
wasbit
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 2025/8/13 7:48:8, Paul wrote:

On Wed, 8/13/2025 2:34 AM, Chris wrote:

Bill Bradshaw <bradshaw@gci.net> wrote:

[]

Microsoft accounts rather than local accounts. Why not forget defender and
go to a commercial antivirus? So I would have pay for a license but that I
am not concerned about that.

Commercial vendors will quickly drop Win10 support.

Some in fact, already did. There were a number of computers
with no drivers for Windows 10, and this is happening well before
Windows 10 is done and dusted.

AV do not drop their support immediately. You can continue

Indeed. I can see (e. g.) driver manufacturers dropping support for
older OSs - they (or their paymasters) are in the business of selling
new hardware after all. But AV seem to maintain support _well_ after
EOS: I'm not using my Windows 7 machine at the moment, but that was
certainly getting AV updates until a year ago, and may still.

to subscribe to third party ones, if you want. There are
free ones of that nature you can use as well, but the bloat
in them ("I include My Secure Browser") are a wee bit of
an acquired taste. I can't stand that approach to software
design, the throwing in of an unnecessary ice cube maker.

I agree the nagware/fakery is irritating, but - for something free - it
hasn't for me reached my threshold of making me remove it. By fakery, I
mean - I have AVG - the way it says something like "you have ten
security risks", and then _pretends_ to go through a process of finding
them.)>

The practices then, are topic-related. Each area can have
a different policy for you to discover.

Paul

Yes, I wonder why AV vendors _do_ support older OSs; one presumes they
find they still get enough revenue (from people who take up the paid
version) to make it worth while (plus a smidgin of good PR). Of course,
if done properly rather than lazily, continuing to support older OSs _shouldn't_ involve much overhead anyway.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Everyone learns from science. It all depends how you use the knowledge.
- "Gil Grissom" (CSI).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 8/11/2025 6:37 PM, Bill Bradshaw wrote:

After using Windows 11 on a new mini computer I am worried about upgrading some of my windows 10 computers to 11. If you go through some contortions MS is going to provide defender upgrades but it appears you also have to have Microsoft accounts rather than local accounts. Why not forget defender and go to a commercial antivirus? So I would have pay for a license but that I am not concerned about that.

<Bill>

Your Windows will not be patched anymore, this is not the same as
dropping defender updates, they will likely continue, at least until IOT Enterprise 2021 runs out of support.
FWIW, defender still is updated on Windows 8.1 today, more than 2.5
years after W8 EOL.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On Wed, 13 Aug 2025 09:15:38 +0100, wasbit wrote :

On 12/08/2025 17:58, Marion wrote:

On Tue, 12 Aug 2025 11:44:03 +0200, Joerg Walther wrote :

most of my work and friend

acquaintances are not comp literate and they like to click on the little >>>> green buttons that say "Click here".

Apparently we both have been using the same virus scanner for ages then. >>> It's called BRAIN 1.0.

I'm gonna agree most of us haven't gotten a virus in years for, oh, maybe
two reasons, but the main reason is Brain 1.0 doesn't "click here now!".

I'm not sure if the other reason might be that Windows Defender is on by
default, it's updated by default, and maybe it's doing it's job????

Is it?

Or maybe the router is doing it's job.

Hi wasbit,

You know your stuff, particularly free software, which I respect.

I really don't know routers. I just set them up once every few years as I
buy the penultimate version (as I wait a few years for the prices to drop).

My current router is an older Netgear Nighthawk RAX200, where I never added anything in particular for the router to do firewalling or AV tasks.

Other than block direct attacks by default, what does the router block?
All I can tell that it blocks might be
a. NAT (keeping my network away from the Internet)
b. Direct intrusion attempt blocking by stateful packet inspection
c. Logging (but I almost never check the logs but I see attacks when I do)
d. Anything else?

Without subscriptions to protection like Netgear Armor or other addons, as
far as I know, a router is not scanning for malware, phishing attacks, or malicious domains as the router, by default anyway, is just doing the front gate work of keeping random inbound connections out.

Am I setting up my router wrongly?
Can I do anything else, for free, to prevent attacks?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

On 13/08/2025 19:38, dillinger wrote:

On 8/11/2025 6:37 PM, Bill Bradshaw wrote:

After using Windows 11 on a new mini computer I am worried about
upgrading
some of my windows 10 computers to 11. If you go through some
contortions MS
is going to provide defender upgrades but it appears you also have to
have
Microsoft accounts rather than local accounts.-a Why not forget
defender and
go to a commercial antivirus?-a So I would have pay for a license but
that I
am not concerned about that.

<Bill>

Your Windows will not be patched anymore, this is not the same as
dropping defender updates, they will likely continue, at least until IOT Enterprise 2021 runs out of support.
FWIW, defender still is updated on Windows 8.1 today, more than 2.5
years after W8 EOL.

I can't get this update:

<https://support.microsoft.com/en-gb/topic/kb5021123-description-of-the-security-update-for-sql-server-2012-sp4-gdr-february-14-2023-74a1bd4d-63c0-41a5-8c9a-12e6b9f9ef43>

Microsoft wants me to pay for it.

Bloody Microshit!!!

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: alt.comp.os.windows-10

Marion wrote on 8/13/2025 4:21 PM:

On Wed, 13 Aug 2025 09:15:38 +0100, wasbit wrote :

On 12/08/2025 17:58, Marion wrote:

On Tue, 12 Aug 2025 11:44:03 +0200, Joerg Walther wrote :

most of my work and friend

acquaintances are not comp literate and they like to click on the little >>>>> green buttons that say "Click here".

Apparently we both have been using the same virus scanner for ages then. >>>> It's called BRAIN 1.0.

I'm gonna agree most of us haven't gotten a virus in years for, oh, maybe >>> two reasons, but the main reason is Brain 1.0 doesn't "click here now!". >>>
I'm not sure if the other reason might be that Windows Defender is on by >>> default, it's updated by default, and maybe it's doing it's job????

Is it?

Or maybe the router is doing it's job.

Hi wasbit,

You know your stuff, particularly free software, which I respect.

I really don't know routers. I just set them up once every few years as I
buy the penultimate version (as I wait a few years for the prices to drop).

My current router is an older Netgear Nighthawk RAX200, where I never added anything in particular for the router to do firewalling or AV tasks.

Other than block direct attacks by default, what does the router block?
All I can tell that it blocks might be
a. NAT (keeping my network away from the Internet)
b. Direct intrusion attempt blocking by stateful packet inspection
c. Logging (but I almost never check the logs but I see attacks when I do)
d. Anything else?

Without subscriptions to protection like Netgear Armor or other addons, as far as I know, a router is not scanning for malware, phishing attacks, or malicious domains as the router, by default anyway, is just doing the front gate work of keeping random inbound connections out.

Am I setting up my router wrongly?
Can I do anything else, for free, to prevent attacks?

Damn, I thought you knew everything! What happened?

--- Synchronet 3.21a-Linux NewsLink 1.2