Do AV companies check each definition update against windows?

By +Warwagon
in Smart Home, Network & Security

 Share

Recommended Posts

Veteran

xWhiplash

Posted
Posted

oh, so they should just not bother then :facepalm:

seriously, that's your argument ?

and use a quality AV, which pretty much excludes all the free ones and you're pretty damn close to 100%, even on zero day viruses if you keep the heuristics on and at a decent setting

No my point was that you saying they cannot skip Windows files because they cannot guarantee 100% that they are clean, yet they are signed by Microsoft. They cannot guarantee Microsoft files are clean, but they cannot guarantee your computer is 100% clean either (close to 100% is still not 100%, so there is no sticker on the box that says "we guarantee your computer is 100% clean at all times").

Not once did I say they should just not try. These are Microsoft signed files we are talking about. You said they cannot guarantee they are 100% clean, but no AV has 100% detection rate anyway. I did not say they should just give up and go home.

Grand Master

HawkMan

Posted
Posted

Again, you're missing the context here. We are talking about files signed by Microsoft. Unless there is a disgruntled employee writing Windows, there is a 0% chance a stock Microsoft signed file will be infected with something. I see no reason why Microsoft couldn't be trusted for publishing clean files in their OS. There's no logic in believing this would be a security risk. Scanning these files only adds unnecessary reliability risks.

I think you're missing the point.

it doesn't matter WHO signed the files. The very purpose of security company is to NOT trust anyone elses security.

Also there's only a risk if you use a company with bad Q&A, generally all the free ones and the crappier paid ones. despite it previous bad rep, Norton is actually a very good AV today, with high performance, next to no system impact they actually make sure these things don't happen, and they're one of the best one zero day threats, and web threats that other AV's won't touch because they're not considered "viruses".

so pick one of the better security suites that cover a little more than just AV, and has a good rep and this isn't a problem, stay with the free ones, and expect to have you system files broken at some point.

Grand Master

Astra.Xtreme

Posted
Posted

I think you're missing the point.

it doesn't matter WHO signed the files. The very purpose of security company is to NOT trust anyone elses security.

Actually it does matter because in this context, Microsoft is signing the files... You know, the one who creates the actual OS itself...

Never in the history of Windows has there been a built-in virus created by Microsoft themselves. And I'm sure there never will be.

Even if a core .dll (or such) was infected, the only option would be to delete it which would crash the system anyway. What good does that do for anybody? I'll say it again, there's no reason to scan something that will never be broken as long as checksums line up. All the trust you need is in the checksum. Nothing magical about it.

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted

Actually it does matter because in this context, Microsoft is signing the files... You know, the one who creates the actual OS itself...

Never in the history of Windows has there been a built-in virus created by Microsoft themselves. And I'm sure there never will be.

Even if a core .dll (or such) was infected, the only option would be to delete it which would crash the system anyway. What good does that do for anybody? I'll say it again, there's no reason to scan something that will never be broken as long as checksums line up. All the trust you need is in the checksum. Nothing magical about it.

Sometimes you can disinfect system files or restore the original.

Grand Master

HawkMan

Posted
Posted

Actually it does matter because in this context, Microsoft is signing the files... You know, the one who creates the actual OS itself...

Never in the history of Windows has there been a built-in virus created by Microsoft themselves. And I'm sure there never will be.

Even if a core .dll (or such) was infected, the only option would be to delete it which would crash the system anyway. What good does that do for anybody? I'll say it again, there's no reason to scan something that will never be broken as long as checksums line up. All the trust you need is in the checksum. Nothing magical about it.

ugh

:facepalm:

Grand Master

remixedcat

Posted
Posted

I would like to see webroot's take on this. I know we have a rep or two that posts here.... I'd love for them to participate in this thread.

Grand Master

goretsky Supervisor

Posted
  • Supervisor
Posted

Hello,

Some anti-malware companies check Microsoft Windows Updates. That means applying the update across all combinations of Microsoft Windows in all service pack levels, editions, and languages that they support, in combination with all of their products. This might be one or two thousand different configurations, so it's usually the sort of thing that's done headless in a server lab running all those configurations as VMs, although it could involve native hardware if there were a specific reason to do so (e.g., a strategic partnership between the anti-malware company and a device manufacturer for some kind of turnkey solution).

Regards,

Aryeh Goretsky

Grand Master

remixedcat

Posted
Posted

Hello,

Some anti-malware companies check Microsoft Windows Updates. That means applying the update across all combinations of Microsoft Windows in all service pack levels, editions, and languages that they support, in combination with all of their products. This might be one or two thousand different configurations, so it's usually the sort of thing that's done headless in a server lab running all those configurations as VMs, although it could involve native hardware if there were a specific reason to do so (e.g., a strategic partnership between the anti-malware company and a device manufacturer for some kind of turnkey solution).

Regards,

Aryeh Goretsky

many people are allergic to hypervizors....

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Display Driver Uninstaller (DDU) 18.1.5.5

      By Copernic · Posted

      Display Driver Uninstaller (DDU) 18.1.5.5 by Razvan Serea Display Driver Uninstaller (DDU) is a utility for completely removing AMD/NVIDIA/INTEL graphics drivers and related packages from your system, attempting to eliminate all leftovers (including registry entries, folders and files, driver store). Though AMD/NVIDIA/INTEL drivers can usually be removed via the Windows Control Panel, this uninstaller tool was created for situations where standard uninstall fails, or when you need to fully remove NVIDIA or ATI graphics card drivers. After using this driver cleaner, your system will behave as though it’s the first time you’re installing a new driver—similar to a fresh Windows installation. As with all such tools, we recommend creating a restore point beforehand, allowing you to undo changes if issues arise. If you're having trouble installing an older or newer driver, try it—there are reports that it resolves such problems. Recommended usage: The tool can be used in Normal mode but for absolute stability when using DDU, Safemode is always the best. Make a backup or a system restore (but it should normally be pretty safe). It is best to exclude the DDU folder completely from any security software to avoid issues. You do NOT need to uninstall the driver prior using DDU. Requirements: .NET Framework 4.8 Compatible with Windows 7, 8, 8.1, 10, and 11 (32-bit or 64-bit) Note: Using on Insider Preview builds is at your own risk. Display Driver Uninstaller (DDU) 18.1.5.5 changelog: Added 'Reset to recommended' button for the Options. General fixes and improvements. Download: Display Driver Uninstaller (DDU) 18.1.5.5 | 1.7 MB (Freeware) Download: DDU Portable | 1.2 MB Links: Display Driver Uninstaller Home Page | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • WACUP 1.99.51.24568 Preview

      By Copernic · Posted

      WACUP 1.99.51.24568 Preview by Razvan Serea WACUP (WinAmp Community Update Project) is a modern, enhanced version of the classic Winamp music player, designed for better stability, performance, and compatibility. Built for Windows, WACUP retains the familiar Winamp interface while adding 64-bit support, bug fixes, and new features like improved audio format support, customizable skins, and optimized playlist management. Unlike bloated alternatives, WACUP focuses on lightweight performance and regular updates, making it the best choice for fans of the classic Winamp experience. Basically, if you miss the good old days of Winamp and want a modern upgrade that doesn’t mess things up, WACUP is for you! WACUP key features: Classic Winamp Feel – Keeps the familiar interface and functionality. Bug Fixes & Stability – Fixes old Winamp issues and improves performance. 64-Bit Support – Works better on modern systems. More Formats & Plugins – Supports additional audio formats and third-party plugins. Customizable UI – Skins and tweaks for a personalized look. Better Library Management – Improved playlists, media organization, and search. No Bloat – Focuses on performance without unnecessary extras. Regular Updates – Community-driven development with new features and fixes. WACUP 1.99.51.24568 Preview changelog: Fixed a deadlock seen from the recent crash reports when doing some of the drag + drop actions within the media library window Fixed a loading crash seen related to a problem with some of the artwork cache image files being restored which should now be better handled allowing for the bad image to be removed without it failing Fixed a deadlock seen from the recent crash reports when the internal metadata cache clearing is triggered which could block the main ui thread for too long with this now being moved to a background thread Fixed some performance issues with some of the methods related to determining artwork support which mainly affected the local library import / refresh (this is still slower for some compared to other players because there's more data & artwork aspects being checked for which means doing more processing on a single file despite the best of attempts to reduce duplicate / heavy processing where possible) Fixed a crash with the JTFE based missing files hotkey which no one seems to have used for an age for this to appear (maybe it's time to seriously consider stripping out features that aren't being used) Fixed how some of the file types which use extra information to reference their sub-songs is handled which was preventing some from being correctly resolved back to their base file (noticed fixing above) Fixed an issue with the handling of files with underscores in their filepath which wasn't being correctly handled causing some of the filename to be lost when shown as the title if title reading is delayed Fixed a few things that might be behind NotSoDirect not being stable for some setups though am still not certain that the changes done for this are going to fully resolve the problem from the crash reports Fixed the OS toast handling when there's no prior shortcut in the OS start menu to now create the shortcut (needed to allow the yes/no buttons for the new build / post-release toast) to be done as a hidden one so it's less likely to cause annoyance for those not wanting to see it whilst still allowing this less than ideal OS api implementation requirement to be met to avoid toasts without the needed buttons Fixed a regression when moving from taglib1 to taglib2 which broke some of the handling in place to allow for external programs to still access files when wacup has a held open cached instance of the file Everything else Updated cppwinrt (gen_win10shell.dll) to 3.0.260520.1 (26 May 2026) Updated libcurl (libcurl.dll) to 8.2.1 (24 Jun 2026) Updated Monkey's Audio (in_ape.dll) to 13.15 (28 Jun 2026) Updated mpg123 (mpg123.dll) to 1.33.6 (6 Jun 2026) Updated OpenSSL (libcurl.dll) to 3.5.7 (9 Jun 2026) Updated pugixml to 1.16 (16 Jun 2026) Updated taglib (tag2.dll) to 2.3.0 (11 May 2026) Updated vgmstream (in_vgmstream.dll) to the latest Git commit from 28 Jun 2026 Download: WACUP 64-bit | 9.6 MB (Freeware) Download: WACUP 32-bit View: WACUP Website | Screenshots Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Dbrand thought they could get away with this Steam Machine case, Valve disagreed

      By Doli · Posted

      "over a thousand engineering hours" and started selling it but could not take a couple of minuets to send an AI email to ask permission. What an expensive lesson.
    • Can't access the forum on mobile

      By WITHOUT-ME · Posted

      just tested it yesterday, a simple page with autoloading ADS takes 60mb....just 1 page for 60 megabytes.   poor people with a limited internet never will visit neolose
    • Tor Browser 15.0.17

      By Copernic · Posted

      Tor Browser 15.0.17 by Razvan Serea Protect your privacy. Defend yourself against network surveillance and traffic analysis. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody from watching your Internet connection and learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained. Tor Browser 15.0.17 changelog: All Platforms Updated Tor to 0.4.9.11 Updated NoScript to 13.6.25.1984 Build System / All Platforms Bug tor-browser-build#41821: Update gpg subkeys for boklm Bug tor-browser-build#41827: Update morgan's keychain with renewed key Download: Tor Browser (64-bit) | Tor Browser (32-bit) | 109.0 MB (Open Source) View: Tor Browser Website | Other Operating Systems Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • Reacting Well
      Wakeen1966 earned a badge
      Reacting Well
    • Rookie
      Almohandis went up a rank
      Rookie
    • Apprentice
      jahara21 went up a rank
      Apprentice
    • Reacting Well
      NovaEdgeX earned a badge
      Reacting Well
    • Week One Done
      NovaEdgeX earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      526
    2. 2
      +Edouard
      265
    3. 3
      PsYcHoKiLLa
      146
    4. 4
      Steven P.
      99
    5. 5
      macoman
      55
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!