What's the current status of free anti-virus tools
-
Dan Neely wrote:
I assume this is a negative:
Yes. OK, If you really want to explore deeper and have 30 minutes to investigate then do the following: 1.) Download [Microsoft Message Analyzer](https://www.microsoft.com/en-us/download/details.aspx?id=44226) 2.) Launch the program as Administrator and choose "New Session" 3.) Click the "Add Provider" button and add the Microsoft-Windows-Windows Defender ETW provider to the session. 4.) Choose an appropriate log level (Verbose is default) 4.) Click 'Start' You will get a *very* verbose log of what exactly Windows Defender is doing internally. You can use this to see if Windows Defender is repeatedly scanning the same file/files/folder. Unfortunately I don't think there is a public [OPN Parser](https://docs.microsoft.com/en-us/message-analyzer/managing-microsoft-opn-parser-packages) available for this provider. Best Wishes, -David Delaune
Well, i tried. Not sure if I got it set up correctly. It ran, but with a notice about errors/warnings while loading modules, and an error log that looked like it was having network problems. The collection was on the sparse side afterward. A few hundred items at startup, a hundredish over the next half hour, and then a few hundred more at shutdown. Looking at the entries in the middle, it looks like a list of running processes/services, I didn't notice any of the files resourcemon suggests it's constantly touching. This's probably as far as I can take it in the near term. I need a fully functioning system for tomorrow night, and will be booting MSE for something else in the morning.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
On one of my PC's MS's AV tool has gone retarded and is trying to hog ~2.5 cores 24/7. The suggested fixes available via google were useless. Everyone copy pasta'd the same list: 1) kill scheduled scans to see if one of them was running when you were trying to use the PC. nope. 2) whitelist the MSE executable itself. Because cargo cult??:confused: nope. 3) disable it via registry edit. Works, but has its own problem. :sigh: 4) buy the product of the company posting the copypasta (this one not seen on MS forums for some reason). For the moment I'm hoping that this months windows update will unfubar things and would prefer not to buy something unless this turns out to be a lingering problem...
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
I had this problem under Win7, solution was to just right click on the defender icon on the task bar, find the settings and turn off real time disk/memory scanning. It still kept a watch on what was in memory, and stopped threats getting in, but it wasn't constantly scanning the hard drive looking for threats. Not seen it re-occur since I moved to W10 tho.
-
I had this problem under Win7, solution was to just right click on the defender icon on the task bar, find the settings and turn off real time disk/memory scanning. It still kept a watch on what was in memory, and stopped threats getting in, but it wasn't constantly scanning the hard drive looking for threats. Not seen it re-occur since I moved to W10 tho.
The current version doesn't let you permanently disable major components other than the upload to cloud for analysis stuff because lots of enterprise customers would also balk at that. As do I since the only 2 options when it's enabled are "silently upload anything of concern" and "only prompt for things MSE thinks might have sensitive information". There is no "prompt before all uploads" option. If the latter did exist I'd probably enable the feature, but I don't trust any Artificial Idiot to always get things right.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
The only thing it's hit continuously for the last 20 minutes has been the NTFS volume log, it's admitted to touching at least 4 other files during that time. OTOH the 2 sets of numbers in resmon don't add up and are much lower than the rate that task managers totals are updating. In the last 75m, according to that it's read 210GB and written 80MB. https://i.imgur.com/HuntFLY.png
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
I wonder if running chkdsk at the deepest level (if there's still such a thing nowadays) might fix something that Defender is struggling with...admittedly this is pure speculation from my part...and probably as useless as some of the other suggestions you've already come across. I would also try getting rid of older volume shadow copies - there's no point keeping those around and having Defender scan them (assuming it does) if there's nothing you think you'd ever need to recover. Try this from an admin prompt: vssadmin delete shadows /all Maybe with these gone, it'll quiet down Defender. If it doesn't help...well, that was my best shot so far. I'd be curious to know one way or another if you do find a solution.
-
The current version doesn't let you permanently disable major components other than the upload to cloud for analysis stuff because lots of enterprise customers would also balk at that. As do I since the only 2 options when it's enabled are "silently upload anything of concern" and "only prompt for things MSE thinks might have sensitive information". There is no "prompt before all uploads" option. If the latter did exist I'd probably enable the feature, but I don't trust any Artificial Idiot to always get things right.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
Ah... :-) As I say it was back under Win7 when I used to have those problems. The only problems I have know is how overzelous the damn thing is. "I Found a Trojan in your System, OMG, OMG, OMG.... call the police, sound the alarms...", Erm, yea Defender, that trojan happens to be Sony Sound Forge, I re-installed from it's original CD, and I been using it for years..... repeat ad infinatum....
-
I wonder if running chkdsk at the deepest level (if there's still such a thing nowadays) might fix something that Defender is struggling with...admittedly this is pure speculation from my part...and probably as useless as some of the other suggestions you've already come across. I would also try getting rid of older volume shadow copies - there's no point keeping those around and having Defender scan them (assuming it does) if there's nothing you think you'd ever need to recover. Try this from an admin prompt: vssadmin delete shadows /all Maybe with these gone, it'll quiet down Defender. If it doesn't help...well, that was my best shot so far. I'd be curious to know one way or another if you do find a solution.
I'll poke those and update when I do, but it'll probably be Sunday at the earliest before I have the time.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
Ah... :-) As I say it was back under Win7 when I used to have those problems. The only problems I have know is how overzelous the damn thing is. "I Found a Trojan in your System, OMG, OMG, OMG.... call the police, sound the alarms...", Erm, yea Defender, that trojan happens to be Sony Sound Forge, I re-installed from it's original CD, and I been using it for years..... repeat ad infinatum....
Peter Shaw wrote:
"I Found a Trojan in your System, OMG, OMG, OMG.... call the police, sound the alarms...", Erm, yea Defender, that trojan happens to be Sony Sound Forge, I re-installed from it's original CD, and I been using it for years..... repeat ad infinatum....
I know that feeling. I installed a trial of FSecure this morning did a full system scan, it flagged an apparent old game install as adware. I didn't do anything before leaving for work, will probably feed it to virus total tonight and see what the rest of the world thinks.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
On one of my PC's MS's AV tool has gone retarded and is trying to hog ~2.5 cores 24/7. The suggested fixes available via google were useless. Everyone copy pasta'd the same list: 1) kill scheduled scans to see if one of them was running when you were trying to use the PC. nope. 2) whitelist the MSE executable itself. Because cargo cult??:confused: nope. 3) disable it via registry edit. Works, but has its own problem. :sigh: 4) buy the product of the company posting the copypasta (this one not seen on MS forums for some reason). For the moment I'm hoping that this months windows update will unfubar things and would prefer not to buy something unless this turns out to be a lingering problem...
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
I tend to stay clear of "free" AV products for obvious reasons already discussed. If you have a good enough reason to buy around 5 licenses, some of the premium security suites can be had for around $5-$8/seat. Even then, you could sell the other licenses you don't need to friends or family. I happen to have that exact number of PC's (5), so I do this every year. As for software utilizing your CPU cores, it might be helpful to know which CPU you are using. Core over utilization can be a real serious thing, especially if you are running WIN10 on an older CPU. Best of luck,
-
I'll poke those and update when I do, but it'll probably be Sunday at the earliest before I have the time.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
I tend to stay clear of "free" AV products for obvious reasons already discussed. If you have a good enough reason to buy around 5 licenses, some of the premium security suites can be had for around $5-$8/seat. Even then, you could sell the other licenses you don't need to friends or family. I happen to have that exact number of PC's (5), so I do this every year. As for software utilizing your CPU cores, it might be helpful to know which CPU you are using. Core over utilization can be a real serious thing, especially if you are running WIN10 on an older CPU. Best of luck,
i7-4790k, overclocked to IIRC 4.8 or 5Ghz.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
On one of my PC's MS's AV tool has gone retarded and is trying to hog ~2.5 cores 24/7. The suggested fixes available via google were useless. Everyone copy pasta'd the same list: 1) kill scheduled scans to see if one of them was running when you were trying to use the PC. nope. 2) whitelist the MSE executable itself. Because cargo cult??:confused: nope. 3) disable it via registry edit. Works, but has its own problem. :sigh: 4) buy the product of the company posting the copypasta (this one not seen on MS forums for some reason). For the moment I'm hoping that this months windows update will unfubar things and would prefer not to buy something unless this turns out to be a lingering problem...
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
Lets see... My time is worth $200/hr. My 3 years of ESET for 6 Computers cost me less than that. Once setup, when I pay in the future, all computers see the new expiration date. AND they include the newest version of the software with this fee structure. It's fast, and if you upgrade early, it extends your expiration date properly (unlike norton). So... 1hr of time buys me 3 years of piece of mind, on all the computers I need. I barely ever NOTICE ESET hogging cpu (over a slow VPN, yeah, but EVERY scanner will do this). Ignoring the time spent "Dealing" with this stuff and the Lost CPU time justify the cost! PS: In a past life, I went in and cleaned up machines for clients that their employees got infected... And it became so common, that they owner said the employee would absorb my charges when it happened on their computer... Funny how much less I showed up after that. LOL.
-
Lets see... My time is worth $200/hr. My 3 years of ESET for 6 Computers cost me less than that. Once setup, when I pay in the future, all computers see the new expiration date. AND they include the newest version of the software with this fee structure. It's fast, and if you upgrade early, it extends your expiration date properly (unlike norton). So... 1hr of time buys me 3 years of piece of mind, on all the computers I need. I barely ever NOTICE ESET hogging cpu (over a slow VPN, yeah, but EVERY scanner will do this). Ignoring the time spent "Dealing" with this stuff and the Lost CPU time justify the cost! PS: In a past life, I went in and cleaned up machines for clients that their employees got infected... And it became so common, that they owner said the employee would absorb my charges when it happened on their computer... Funny how much less I showed up after that. LOL.
I understand where you're coming from and I'm close to being done. If it was a recurring issue I'd agree completely, but this is one glitch on one machine in 20 or 30 years of aggregate runtime across multiple machines; a rate low enough I'm not going to assume MSE is intrinsically worse than any competition I might switch to. And as a one off anything I learn troubleshooting isn't necessarily a loss in that I'm learning stuff I might be able to reuse later. I've more or less bottomed out there, the ETW log someone had me collect wasn't something I could readily figure out, so I'm down to the point where the turtles are replaced with dragons. I've currently got a 30d trial of F-Secure running (recommendation from a trusted friend), and will probably upgrade to paid if the situation isn't auto-resolved within a month.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
On one of my PC's MS's AV tool has gone retarded and is trying to hog ~2.5 cores 24/7. The suggested fixes available via google were useless. Everyone copy pasta'd the same list: 1) kill scheduled scans to see if one of them was running when you were trying to use the PC. nope. 2) whitelist the MSE executable itself. Because cargo cult??:confused: nope. 3) disable it via registry edit. Works, but has its own problem. :sigh: 4) buy the product of the company posting the copypasta (this one not seen on MS forums for some reason). For the moment I'm hoping that this months windows update will unfubar things and would prefer not to buy something unless this turns out to be a lingering problem...
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
