Jump to content

Again and Again and Again, Windows is a Threat


marcL

Recommended Posts

Today I wanted to check the versions of some plugins on my laptop. I wasย shocked because when I clicked the check version Windows Defender reported a severe threat. First I thought that this vendor really had some virus issues in its plugins. But when I tried with another vendor's plugin the same thing happened again.

Googling for "Win32/Hive.ZY" threat listed the following interesting article that mentions this as a new Microsoft issue:

https://www.windowslatest.com/2022/09/05/microsoft-confirms-behaviorwin32-hive-zy-false-error-bug-in-windows-defender/

It is unbelievable how Microsoft is the worst threat in always stealing myย time and my precious hardware capacity! And this for years!ย ๐Ÿ‘Ž

This is the reason why I don't want to have my DAW pcs always online (for authorization and cloud stuff), because it exposes your pc for the MS Update threat!ย ๐Ÿ˜‰

  • Thanks 1
  • Haha 1
  • Sad 1
Link to comment
Share on other sites

Yes youโ€™ve made that very clear in other posts youโ€™ve made.

Some of us donโ€™t have several PCโ€™s, so we have to keep our DAW on line.

If you are careful, youโ€™ll not have issues. As least I donโ€™t.

And, after all,ย you can exclude your VST ย andย Cakewalk files from being scanned by Defenderโ€ฆโ€ฆโ€ฆ.

J

  • Like 2
  • Great Idea 1
Link to comment
Share on other sites

1 hour ago, Jeremy Oakes said:

And, after all,ย you can exclude your VST ย andย Cakewalk files from being scanned by Defenderโ€ฆโ€ฆโ€ฆ.

Thanks, I had already done this before. But in the special case above it does even not work, i.e. Windows complains anyway!ย ๐Ÿ˜‰

Link to comment
Share on other sites

False-positives have been an annoyance for as long as there have been malware scanners. Anti-malware has gotten more sophisticated over the years, but it often still relies on "signatures", meaning a (hopefully) unique string of binary values that can identify a bad actor. But of course any random string of bits can occur that do not necessarily represent a signature. Developers use common libraries, so it's to be expected that innocuous software A might be using the same library as malicious software B. Software installers in particular are notorious for being flagged as malware, just because of the nature of what they do.

The good news is that no audio plugin has ever been identified as a virus. Which makes sense; what mischief could an evil delay plugin really do? It's just not an attack vector that bad guys would be attracted to. Can you really picture a North Korean hacker gleefully informing his boss that "here's the thing - he he -ย they'll dial in a quarter-note delay but really get an eighth note"?

It's one more reason to keep your VSTs well-organized: makes it easier to whitelist them from your virus scanner.

  • Like 4
Link to comment
Share on other sites

13 minutes ago, antler said:

If you can, I'd recommend using a third-party AV instead of the built in one. The built in one is fast, but it's usually one of the most unreliable in AV comparisons.

I can't stand third party AVs. I have had more problems with them than I ever had with Windows Defender. So much bloatware and so intrusive. Canย  you recommend a third party AV that does not block your every move and is a light as WD?

  • Like 1
Link to comment
Share on other sites

1 minute ago, Doug Rintoul said:

I can't stand third party AVs. I have had more problems with them than I ever had with Windows Defender. So much bloatware and so intrusive. Canย  you recommend a third party AV that does not block your every move and is a light as WD?

I can't really think of any that are as light as WD. That said, in the last AV comparison I looked atย (which admittedly was a while ago), there weren't that many that performed worse.

Don't get me wrong, it's better than nothing. Just that there are better alternatives; they might just be heavier. It might be better to look at more up-to-date info:

https://uk.pcmag.com/antivirus/8141/the-best-antivirus-protection

Link to comment
Share on other sites

My first-hand experience with Linux audio:

OS: Ubuntu, Fedora, OpenSUSE, Debian
DAW: Ardour / Mixbus / Reaper / Waveform
DAW (WINE): Mixcraft, FL Studio
VI (Native): Surge / Vital / OB-Xd / Dexed / u-he Diva, Hive, Zebra 2 / TAL J8, UNO LX, BassLine 101 / Tracktion F.'em, BioTek, Collective / Ugritone Drums / Pianoteq
VI (WINE): AIR Music Tech everything / Sonivox everything / IK Miroslav Philharmonik 2, Sampletank / UVI Workstation, Kontakt
FX (native/WINE): So many to type here...

Everything above works like a charm.

Link to comment
Share on other sites

Microsoft Defender in its Win10 & Win11 incarnations is the most compatible real-time AV that you can run on your PC. It also allows you to set exclusions for files, folders, or processes that you do not wish to be scanned. I have all of my audio stuff excluded.

Defender now scores competitively in "Real World Protection" comparison tests with paid AV products. It scored 99% in the most recent test, and actually tied for top place with zero false positives!ย  https://www.av-comparatives.org/tests/real-world-protection-test-february-may-2022/

https://www.av-comparatives.org/real-world-protection-test-methodology/

The old Microsoft Security Essentials for WinXP & Win7 were bottom of the barrel on detection, false positives, and performance. So bad, it was almost a joke! 3rd party AV used to be mandatory, but no longer.

Just don't click willy-nilly on everything you see, download unknown files, or open unsolicited attachments and you will be fine. :)

Edited by abacab
  • Like 1
Link to comment
Share on other sites

FWIW, My DAWs are all connected to the Internet... and most run 24/7.

Never a problem...

First, make sure you have proper backup.

Next, make sure you're running Win10x64 Pro... so you can fully disable all automatic updates.

Not a fan of any 3rd-party AV application on any high-performance machine...

  • Like 2
Link to comment
Share on other sites

3 minutes ago, Jim Roseberry said:

First, make sure you have proper backup.

That right there is the best malware protection! ๐Ÿ‘

And there are some good free solutions out there! No excuse not to be doing that for your valuable DAW!

I'm not sure that I would ever trust a machine that actually got infected to be "clean" after removing the malware. I would just rather nuke and restore the entire system drive from a backup image made prior to the infection. :)

  • Like 2
Link to comment
Share on other sites

4 hours ago, antler said:

I can't really think of any that are as light as WD. That said, in the last AV comparison I looked atย (which admittedly was a while ago), there weren't that many that performed worse.

Don't get me wrong, it's better than nothing. Just that there are better alternatives; they might just be heavier. It might be better to look at more up-to-date info:

https://uk.pcmag.com/antivirus/8141/the-best-antivirus-protection

I use AVG on some of my company computers. Every time I ran a new program, it flagged it as suspicious and would not let me run it until it had uploaded some sort of signature to its website. Terrible behaviour IMHO.

Edited by Doug Rintoul
  • Like 1
  • Thanks 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
ร—
ร—
  • Create New...