Microsoft Defender service keeps running on Windows 11 22H2

[SeriousHoax 83]

I noticed even when a third party AV is installed and registered on Windows Security in Windows 11 22H2 which is now available on the Beta and Release Preview channel, Microsoft Defender's Antimalware Service still keeps running. Looks like it kind of runs in a hibernation mode, but I do see it using CPU sometimes. It also updates definition a couple of minutes after system booting. It's not just with ESET. I tried another AV products, and it's the same result.

I'm wondering if Microsoft has changed something regarding this? Is this going to be the norm now? Or is it up to the AV vendors to change something to permanently shut-off Defender? 

I guess ESET is already testing their products on 22H2 since it's already on the Release Preview build. Can you provide any info regarding this behavior? Without knowing the reason, it has become complicated for me to install ESET on 22H2 Release Preview build.

[xxJackxx 85]

22H2 seems to have a multitude of problems. I would only use it to test at this point. Which I have stopped doing for the moment. Reporting issues like this is good, it helps these 3rd party vendors discover and fix issues. Though this one is likely on Microsoft as they have made changes to Defender, and also to Core Isolation from what I have heard. I would not recommend it for a daily driver. I'm going to give them a month or 2 before trying it again.

[Nightowl 202]

I usually stay away from new releases by Microsoft , because it takes them a while to sort out all the bugs they produced along the new version

Staying on a stable version will bring you less troubles to spend time with.

[New_Style_xd 69]

38 minutes ago, Nightowl said:

I usually stay away from new releases by Microsoft , because it takes them a while to sort out all the bugs they produced along the new version

Staying on a stable version will bring you less troubles to spend time with.

The problem is knowing which one is stable?

[Nightowl 202]

The LTSC/LTSB versions of Windows are considered to be stable since they don't update features that much frequently they focus on bugs and security stuff

But for normal versions I believe 21H1 and 21H2 should be considered stable , for me I would consider Windows 11 not stable for now, they still need time to iron things out, it happens with every Microsoft's release.

[New_Style_xd 69]

4 minutes ago, Nightowl said:

The LTSC/LTSB versions of Windows are considered to be stable since they don't update features that much frequently they focus on bugs and security stuff

But for normal versions I believe 21H1 and 21H2 should be considered stable , for me I would consider Windows 11 not stable for now, they still need time to iron things out, it happens with every Microsoft's release.

Really the MS releases are getting worse, always with BUG always these problems in the system. I'm still with W10 and by the way you're still with W11

[Nightowl 202]

Microsoft I guess didn't learn from Vista and 8 , and those fast and un-needed releases they are doing is just pain even to those who are experienced with computers , I wonder what kind of experience they give to people who aren't that much experienced to computers , to have them upgrade every few months for no reason.

Windows 11 is basically a re-skin of Windows 10 that would make Microsoft look a bit more like an Apple product with all the additions of Animations, I would totally skip Windows 11 , and keep using Windows 10 till the end of life , unless they offer a better product than 10 for now.

I guess they have to improve their security on that system instead of focusing on making animations..

[New_Style_xd 69]

4 minutes ago, Nightowl said:

Microsoft I guess didn't learn from Vista and 8 , and those fast and un-needed releases they are doing is just pain even to those who are experienced with computers , I wonder what kind of experience they give to people who aren't that much experienced to computers , to have them upgrade every few months for no reason.

Windows 11 is basically a re-skin of Windows 10 that would make Microsoft look a bit more like an Apple product with all the additions of Animations, I would totally skip Windows 11 , and keep using Windows 10 till the end of life , unless they offer a better product than 10 for now.

I guess they have to improve their security on that system instead of focusing on making animations..

I keep asking myself these requirements that MS places for users to install W11 on personal computers. I think this is ridiculous, because LINUX has the same technologies and does not need these requirements. I don't understand.

[Nightowl 202]

4 minutes ago, New_Style_xd said:

I keep asking myself these requirements that MS places for users to install W11 on personal computers. I think this is ridiculous, because LINUX has the same technologies and does not need these requirements. I don't understand.

Yes they have enforced TPM to be inside the processor so it can add hardware security to the system but I still also don't understand it, the world is full with computers that doesn't have the TPM feature.

And linux is much better product than Windows , atleast when they release a new version they won't force it on you like maniacs.
 

Quote

 

Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard.

TPM is used for digital rights management (DRM),^[1]Windows Defender, Windows Domain logon, protection and enforcement of software licenses,^[2] and prevention of cheating in online games.^[3]

One of Windows 11's system requirements is TPM 2.0. Microsoft has stated that this is to help increase security against firmware and ransomware attacks.^[4]

 

 

 

Edited June 12, 2022 by Nightowl

[New_Style_xd 69]

4 minutes ago, Nightowl said:

Yes they have enforced TPM to be inside the processor so it can add hardware security to the system but I still also don't understand it, the world is full with computers that doesn't have the TPM feature.

And linux is much better product than Windows , atleast when they release a new version they won't force it on you like maniacs.
 

 

 

What is chip my PC passed in all requirements, but it was in the processor that is:
Processor Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz 2.60GHz
Installed RAM 16.0 GB (usable: 15.9 GB)

Unfortunately my processor and the 6 GENERATION did not pass. I can't install windows 11.

I even have how to install it in other ways, but officially I can't. because if I install windows 11 in another way, I may run out of security updates in the future and quality updates as well.

[Nightowl 202]

6 minutes ago, New_Style_xd said:

What is chip my PC passed in all requirements, but it was in the processor that is:
Processor Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz 2.60GHz
Installed RAM 16.0 GB (usable: 15.9 GB)

Unfortunately my processor and the 6 GENERATION did not pass. I can't install windows 11.

I even have how to install it in other ways, but officially I can't. because if I install windows 11 in another way, I may run out of security updates in the future and quality updates as well.

According to Microsoft :

Quote

Microsoft will continue to support at least one Windows 10 release until October 14, 2025.

Around that time we should even see Windows 12 or whatever naming they would give it, and I wonder if they force the TPM stuff to minimize their ransomware and exploits surface.

But I hope by that time I won't need Windows at all and stick to Linux.

[New_Style_xd 69]

2 minutes ago, Nightowl said:

According to Microsoft :

Around that time we should even see Windows 12 or whatever naming they would give it, and I wonder if they force the TPM stuff to minimize their ransomware and exploits surface.

But I hope by that time I won't need Windows at all and stick to Linux.

If I don't change that, I'm already keeping an eye on which linux distribution I'm going to use. day to day.

[New_Style_xd 69]

4 minutes ago, Nightowl said:

According to Microsoft :

Around that time we should even see Windows 12 or whatever naming they would give it, and I wonder if they force the TPM stuff to minimize their ransomware and exploits surface.

But I hope by that time I won't need Windows at all and stick to Linux.

About forcing TPM to minimize ransomware I think this is not true. because linux doesn't need TPM and doesn't have that ransomware on linux as far as I know.

[Nightowl 202]

1 minute ago, New_Style_xd said:

If I don't change that, I'm already keeping an eye on which linux distribution I'm going to use. day to day.

I'm several years with Ubuntu MATE LTSB versions, they get supported for 5 years and then after that a new LTSB version will be released  , the only downside is Gaming , not all games are available but these are some kind of tools like Proton which can make Games work on Linux

[New_Style_xd 69]

1 minute ago, Nightowl said:

I'm several years with Ubuntu MATE LTSB versions, they get supported for 5 years and then after that a new LTSB version will be released  , the only downside is Gaming , not all games are available but these are some kind of tools like Proton which can make Games work on Linux

I'm only on WINDOWS yet because of some programs I only have for windows yet.

[Nightowl 202]

5 minutes ago, New_Style_xd said:

I'm only on WINDOWS yet because of some programs I only have for windows yet.

Same for me and also for the Gaming sometimes , otherwise I don't want to keep bothering with Windows Update messages , and Cortana annoying voice , and the messages of "sit tight we are doing everything for you" making me think that I am on the moon and using the best software ever made by Aliens , only the 1 minute after to get a Blue Screen of Death , and so on the privacy issues , security issues .. it's non-ending list from Microsoft.

Anyway Microsoft with each new release they are trying more and more to force users to be logged in through email and not a local user , I don't like this at all , I don't want to be connected through email to Microsoft for my operating system..

Edited June 12, 2022 by Nightowl

[New_Style_xd 69]

3 minutes ago, Nightowl said:

Same for me and also for the Gaming sometimes , otherwise I don't want to keep bothering with Windows Update messages , and Cortana annoying voice , and the messages of "sit tight we are doing everything for you" making me think that I am on the moon and using the best software ever made by Aliens , only the 1 minute after to get a Blue Screen of Death , and so on the privacy issues , security issues .. it's non-ending list from Microsoft.

Actually, there are several sites informing the bugs that are fixed and the new problems that appear. I wonder how the antivirus behaves with these bugs caused by MS every time. how do they fix this problem?

[Nightowl 202]

2 minutes ago, New_Style_xd said:

Actually, there are several sites informing the bugs that are fixed and the new problems that appear. I wonder how the antivirus behaves with these bugs caused by MS every time. how do they fix this problem?

Developers get access to new version before the Public gets access to it

So they can support the new version and develope their software for it or fix possible bugs before the new version of Windows can get released to the Public.

[New_Style_xd 69]

4 minutes ago, Nightowl said:

Developers get access to new version before the Public gets access to it

So they can support the new version and develope their software for it or fix possible bugs before the new version of Windows can get released to the Public.

In this matter comes another problem related to eset.
Because eset has the PRE-RELEASE update.
because eset no longer comes by default this option activated by default. since it's the best?
but from what I see this option doesn't come with another one, called a regular update.

[Nightowl 202]

34 minutes ago, New_Style_xd said:

In this matter comes another problem related to eset.
Because eset has the PRE-RELEASE update.
because eset no longer comes by default this option activated by default. since it's the best?
but from what I see this option doesn't come with another one, called a regular update.

It's better to be set as Off as it's set by ESET , as Pre-Release is test version of their signature/module updates , if it broke something they could fix it before it's gone to normal release which will be distributed to millions of devices.

Pre-release helps ESET find bugs in their updates before it reaches to all devices and cause trouble to all.

[New_Style_xd 69]

12 minutes ago, Nightowl said:

It's better to be set as Off as it's set by ESET , as Pre-Release is test version of their signature/module updates , if it broke something they could fix it before it's gone to normal release which will be distributed to millions of devices.

Pre-release helps ESET find bugs in their updates before it reaches to all devices and cause trouble to all.

What you said has a few things that have to be punctuated:
I watch the forum a lot, I notice that when people have a problem with ESET, the first thing people comment is to put it in the PRE-RELEASE to see if it was fixed.
So what you said is not completely correct.
I don't understand there's a time that and pre-launch another.
Other times it is not better to use pre-launch.
I don't understand.

[Nightowl 202]

6 minutes ago, New_Style_xd said:

What you said has a few things that have to be punctuated:
I watch the forum a lot, I notice that when people have a problem with ESET, the first thing people comment is to put it in the PRE-RELEASE to see if it was fixed.
So what you said is not completely correct.
I don't understand there's a time that and pre-launch another.
Other times it is not better to use pre-launch.
I don't understand.

Yes I see ESET staff ask to do that , it is because the regular update is thought to be causing an problem with 'X'

What eset developers do is revert back their changes or fix the possible bug in a Pre-Release update, and then they ask the affected user to go to Pre-Release so he could get the changes that the developers has done , and they would see if that fixed the issue for the user , after that they can confirm that the bug fix really work in Pre-Release , they can send it to Normal-Release then.

 

Details

Pre-release updates are updates that have been thoroughly tested and will be released soon. Enabling pre-release updates gives access to the most recent detection methods and fixes; however, pre-release updates might not be stable enough at all times, so you should always revert to using normal updates once an issue is resolved.

Edited June 12, 2022 by Nightowl

[New_Style_xd 69]

5 minutes ago, Nightowl said:

Yes I see ESET staff ask to do that , it is because the regular update is thought to be causing an problem with 'X'

What eset developers do is revert back their changes or fix the possible bug in a Pre-Release update, and then they ask the affected user to go to Pre-Release so he could get the changes that the developers has done , and they would see if that fixed the issue for the user , after that they can confirm that the bug fix really work in Pre-Release , they can send it to Normal-Release then.

But as I see in most cases they send it to pre-launch. It wouldn't be better by default for the product to be right in the pre-launch, which I don't understand. I think I would have to define a position on that. because there are moments when I feel unsafe with this coming and going

[Nightowl 202]

4 minutes ago, New_Style_xd said:

But as I see in most cases they send it to pre-launch. It wouldn't be better by default for the product to be right in the pre-launch, which I don't understand. I think I would have to define a position on that. because there are moments when I feel unsafe with this coming and going

I run it all the time on normal updates , unless I am instructed or wanted to see something in Pre-release , otherwise I would prefer stable updates coming to me rather than unstable ones

This is how ESET describes pre-release

 

Quote

 

Details

Pre-release updates are updates that have been thoroughly tested and will be released soon. Enabling pre-release updates gives access to the most recent detection methods and fixes; however, pre-release updates might not be stable enough at all times, so you should always revert to using normal updates once an issue is resolved.

 

 

[New_Style_xd 69]

3 minutes ago, Nightowl said:

I run it all the time on normal updates , unless I am instructed or wanted to see something in Pre-release , otherwise I would prefer stable updates coming to me rather than unstable ones

This is how ESET describes pre-release

 

 

so your ESET and setting for MANUAL update?