SIGforum
Why would a system admin disable Windows Defender?
March 27, 2019, 08:33 AM
Oz_ShadowWhy would a system admin disable Windows Defender?
The system admin has disabled Windows Defender for all computers on our network recently. I've had it running for years doing regular scans. Now that it is off guess who keeps getting malware?
Why would this be done across a network?
March 27, 2019, 08:39 AM
David LeeGlad I'm not the only one who liked Windows Defender. I think when 10 came out you got upgraded security. Defender still ran in the background but less noticable. A couple years back I was able to still use it if I wanted to scan but it was a bit different to get it to run. You'll get all kinds of advice on different programs to use but Microsoft always did a fine job for me.
March 27, 2019, 08:46 AM
valkyrie1It can interfere or slow down devices if the sysadmin started using another antivirus software.
March 27, 2019, 08:48 AM
stoic-oneThat's the real question, did they install something else? If not, have you asked why?
March 27, 2019, 08:59 AM
ensigmaticI don't know what its status is now, but, last time I looked into it, though once deemed pretty good, Windows Defender was widely-regarded as not particularly effective.
Besides: If y'all are getting regular malware issues in a business environment, you have bigger problems than Windows Defender not running, IMO.
"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher March 27, 2019, 09:02 AM
smschulzAsk your admin.
March 27, 2019, 09:14 AM
BeancookerWindows Defender sometimes doesn’t play nice with other anti-malware and AV software. It also bogs down resources.
If your admin has a good firewall, and good security, Windows Defender is not needed.
quote:
Originally posted by sigmonkey:
I'd fly to Turks and Caicos with live ammo falling out of my pockets before getting within spitting distance of NJ with a firearm.
March 27, 2019, 09:20 AM
Doc H.quote:
Originally posted by Beancooker:
Windows Defender sometimes doesn’t play nice with other anti-malware and AV software. It also bogs down resources.
If your admin has a good firewall, and good security, Windows Defender is not needed.
This. WD is very basic protection, and I would expect your network has something better. Running more than one malware protection program is a bad idea, for lots of reasons. A someone mentioned, if you're getting malware your business has other security problems than not using a modestly ineffective open-source throw-in from Microsoft.
"And gentlemen in England now abed, shall think themselves accursed they were not here, and hold their manhoods cheap whiles any speaks that fought with us upon Saint Crispin's Day" March 28, 2019, 08:58 PM
K0ZZZIn general Windows Defender is actually a fairly decent anti-malware for individual computers. When they do they malware "shootouts" some times it comes in top 3, some times it doesn't. Symantec, Trend Micro, all the rest, they all do a great but not perfect job.
The problem with Windows Defender is in a larger environment there's no centralized management, so the admins can't tell that all the signatures are updated, or flag those that aren't, get alerts if something is infected, etc.
Like the others have said, the only reason to disable it is during the deployment of a corporate version with centralized management.
March 28, 2019, 09:02 PM
PowerSurgeIt was more than likely disabled because it’s a memory hog.
———————————————
The fool hath said in his heart, There is no God. Psalm 14:1
March 28, 2019, 09:28 PM
RichNquote:
Originally posted by PowerSurge:
It was more than likely disabled because it’s a memory hog.
Memory is cheap. You can't keep all malware out with any one system. Multiple layers of defense are your friend. Firewall, mail server, and anti-virus.
I use Windows Defender on most of our shop floor computers where people are running a small set of programs and aren't receiving email. Regular users have Windows Defender disabled and a more robust and centrally managed anti-virus running.
------------------------------
"They who would give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety."
- Benjamin Franklin
"So this is how liberty dies; with thunderous applause."
- Senator Amidala (Star Wars III: Revenge of the Sith)
March 28, 2019, 09:42 PM
0-0Because it sucks?
Likely your network defenses lie elsewhere.
WD is better than nothing but not much else.
If it was a product sold separatedly it Would most definitely be in my ignore / avoid list.
Just my uneducated opinion.
0-0
"OP is a troll" - Flashlightboy, 12/18/20
March 28, 2019, 10:12 PM
Hamden106Windows Defender has somehow volunteered to be secondary inn the background for me as I have Malwarebyted premium as #1.
seems to work fine
SIGnature
NRA Benefactor CMP Pistol Distinguished
March 28, 2019, 10:26 PM
SpinZoneI have WD disabled because I run symantic end point protection and malwarebytes. They seem to play well together but WD doesn’t play well with others.
“We truly live in a wondrous age of stupid.” - 83v45magna
"I think it's important that people understand free speech doesn't mean free from consequences societally or politically or culturally."
-Pranjit Kalita, founder and CIO of Birkoa Capital Management
March 28, 2019, 10:32 PM
rusbro^^^In my experience, Malwarebytes operates alongside your anti-virus. I've used it in conjunction w/Symantec Endpoint Protection, IT Brain, McAfee, without issue. So, maybe when you install it but have only Windows Defender, Windows won't disable Windows Defender. When I install a 3rd party AV, Windows disables Windows defender.
March 28, 2019, 11:03 PM
380SwiftBecause it's the worst anti virus client on the market and he might have deployed something better. That's my first guess anyway.
March 29, 2019, 10:58 AM
trapper189Without an antimalware program, how do you know you are getting malware?
March 29, 2019, 11:21 AM
ensigmaticquote:
Originally posted by rusbro:
^^^In my experience, Malwarebytes operates alongside your anti-virus.
That was always my experience.
quote:
Originally posted by trapper189:
Without an antimalware program, how do you know you are getting malware?
I'm afraid I have bad news for you: Anti-Virus/-Worm/-Trojan/-Malware software isn't particularly good at defending against infection/compromise. This is a Dirty Little Secret that network security people have known for a long time, which the makers and sellers of the stuff don't want known.
When I was still doing that job, I employed a four-prong defense:
- Strong border security
- Avoid commonly-exploited operating systems and applications to the extent possible
- End-user education
- Anti-Virus/-Malware software
You'll notice what came last, there. That's because, of the four measures I took, IME that was
by far the least effective.
Somebody will certainly point out I left "Keep software up-to-date." That's because that's often little more effective than anti-virus/-malware software. Take, for example, Adobe Flash. They cranked-out vulnerability-closing updates on essentially a
weekly basis. And each release would address as many as
dozens of newly-discovered holes. (We either did not install Flash or we removed it if it came pre-installed, unless the user could demonstrate a
business need for it. [See item #2.]) That's not to say you shouldn't do it, but to say simply doing that won't necessary do a lot to keep you safe.
"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher March 29, 2019, 12:32 PM
GregYquote:
Originally posted by ensigmatic:
quote:
Originally posted by rusbro:
^^^In my experience, Malwarebytes operates alongside your anti-virus.
That was always my experience.
quote:
Originally posted by trapper189:
Without an antimalware program, how do you know you are getting malware?
I'm afraid I have bad news for you: Anti-Virus/-Worm/-Trojan/-Malware software isn't particularly good at defending against infection/compromise. This is a Dirty Little Secret that network security people have known for a long time, which the makers and sellers of the stuff don't want known.
When I was still doing that job, I employed a four-prong defense:
- Strong border security
- Avoid commonly-exploited operating systems and applications to the extent possible
- End-user education
- Anti-Virus/-Malware software
You'll notice what came last, there. That's because, of the four measures I took, IME that was
by far the least effective.
Somebody will certainly point out I left "Keep software up-to-date." That's because that's often little more effective than anti-virus/-malware software. Take, for example, Adobe Flash. They cranked-out vulnerability-closing updates on essentially a
weekly basis. And each release would address as many as
dozens of newly-discovered holes. (We either did not install Flash or we removed it if it came pre-installed, unless the user could demonstrate a
business need for it. [See item #2.]) That's not to say you shouldn't do it, but to say simply doing that won't necessary do a lot to keep you safe.
I believe you have missed the point.
Reread the OP. Something is finding the malware. Perhaps his local admins are using something else.
March 30, 2019, 09:58 AM
trapper189quote:
Originally posted by ensigmatic:
quote:
Originally posted by trapper189:
Without an antimalware program, how do you know you are getting malware?
I'm afraid I have bad news for you:...
I really was just wondering what indications the OP had that he was getting malware.