Viruses vs Antiviruses
Posted: 09 Jan 2022, 19:55
Security has long been the main topic of criticism about Microsoft's Windows product. I've grown to ignore their feeble attempts in the past and found ways to get by without any direct AV detection installed outside of what MS forces upon me. The criticism has been excessive in my opinion especially that coming from the Linux community, but for the most part security has not been give the attention it should have until recent years. I won't speak to Linux this time, but I can say that with Windows 10 security has taken a turn for the better.
Now that I have replaced Windows 7 with Windows 10 I'm experiencing some security issues I never saw before. There are some programs that are classified as "Potentiality Unwanted Programs" or PUP's. These are not intentionally malicious programs, but they can do things Microsoft, and others, would question the validity of doing. One such item is a scanner I have installed to read the Procuct ID of the license for my Windows installation. It's obvious why Microsoft would classify it as a PUP, but I have needed that information more than once and never removed the program. So, when I updated the software Windows Defender objected. We battled it out for quite a while and I finally found the settings which allow suspicious programs and activities to run. The problem detecting all these PUP's only shows up when I do backups. Windows does not want to copy anything it thinks is malicious. It might even remove it and quarantine it if it thinks it's really bad. All this is a good thing for people who are not hacks, unlike me. I congratulate Microsoft for their efforts. I just need to find a way to make them back off when I don't want to be protected.
But, then, there are times when I should pay closer attention.
I keep copies of this website, and it's two sisters, safely stashed away on an auxiliary encrypted data hard drive. As you must know from past experiences I often crash the site and shut it down completely when I run into problems updating the software. That is when these backup copies of the site come in handy. From time to time I make backup copies of these website backups. I can't say enough about the value of redundancy. I've not done that since I upped the version of Windows from 7 to 10 on this computer. So a few days ago I got around to backing up the backups and received an error message from Windows Defender. It quarantined two files I had been safely saving for nearly a year. These two files were .html index pages from one of the archive websites I maintain. It classified the threat as severe which raised my eyebrows. Normally a PUP is just a nuisance, but this time I was being warned, protected, and quarantined.
The long and the short of it is that the two files were indeed infected with a few viruses. Let me tell you, it's not easy to extract any information from Windows Defender nor is it easy to stop it from quarantining what it doesn't like. I tried to do both but failed. Eventually I downloaded the files in question from the server and sent them up to VirusTotal, which is an online virus checker. It's not that I didn't trust Microsoft ... well, I didn't. But, lo and behold they were right. These two files were severely infected.
I probably should not be writing about all this because that means those infected files have been on the server for the better part of a year. Fortunately they were in an archive which doesn't get very much traffic. The same files on this site are clean, which makes me wonder why they bothered to infect the archive but not the main site. Regardless, it's all cleaned up now, thanks to Micorsoft's Defender antivirus program that I can't shut off or stop in any way.
So, yeah, they are getting serious about security. I am impressed.
Now that I have replaced Windows 7 with Windows 10 I'm experiencing some security issues I never saw before. There are some programs that are classified as "Potentiality Unwanted Programs" or PUP's. These are not intentionally malicious programs, but they can do things Microsoft, and others, would question the validity of doing. One such item is a scanner I have installed to read the Procuct ID of the license for my Windows installation. It's obvious why Microsoft would classify it as a PUP, but I have needed that information more than once and never removed the program. So, when I updated the software Windows Defender objected. We battled it out for quite a while and I finally found the settings which allow suspicious programs and activities to run. The problem detecting all these PUP's only shows up when I do backups. Windows does not want to copy anything it thinks is malicious. It might even remove it and quarantine it if it thinks it's really bad. All this is a good thing for people who are not hacks, unlike me. I congratulate Microsoft for their efforts. I just need to find a way to make them back off when I don't want to be protected.
But, then, there are times when I should pay closer attention.
I keep copies of this website, and it's two sisters, safely stashed away on an auxiliary encrypted data hard drive. As you must know from past experiences I often crash the site and shut it down completely when I run into problems updating the software. That is when these backup copies of the site come in handy. From time to time I make backup copies of these website backups. I can't say enough about the value of redundancy. I've not done that since I upped the version of Windows from 7 to 10 on this computer. So a few days ago I got around to backing up the backups and received an error message from Windows Defender. It quarantined two files I had been safely saving for nearly a year. These two files were .html index pages from one of the archive websites I maintain. It classified the threat as severe which raised my eyebrows. Normally a PUP is just a nuisance, but this time I was being warned, protected, and quarantined.
The long and the short of it is that the two files were indeed infected with a few viruses. Let me tell you, it's not easy to extract any information from Windows Defender nor is it easy to stop it from quarantining what it doesn't like. I tried to do both but failed. Eventually I downloaded the files in question from the server and sent them up to VirusTotal, which is an online virus checker. It's not that I didn't trust Microsoft ... well, I didn't. But, lo and behold they were right. These two files were severely infected.
I probably should not be writing about all this because that means those infected files have been on the server for the better part of a year. Fortunately they were in an archive which doesn't get very much traffic. The same files on this site are clean, which makes me wonder why they bothered to infect the archive but not the main site. Regardless, it's all cleaned up now, thanks to Micorsoft's Defender antivirus program that I can't shut off or stop in any way.
So, yeah, they are getting serious about security. I am impressed.