The same situation is with HIPS and BB when one uses any good AV.
Fortunately, that usually last only for a few days, until the AV will get the proper signatures.
WD (or another AV) is still welcome for two reasons:
- It will clean (after some time) the blocked (by H_C settings) but previously not detected malware files.
- It can detect the more sophisticated malware that could bypass H_C settings.
The sophisticated malware will usually hit first Enterprises and Institutions via targetted attacks, so they are not 0-days when trying to hit home users. Such malware can be detected by something like WD "Block first sight" feature (or Kaspersky KSN).
H_C is not inventing the wheel. This kind of protection is well known from years.
I simply chose the well known security 'lego bricks' which could be useful in the home user environment.
One brick (SmartScreen) required some invention to fit it into the smart-default-deny pattern.
Next, I put all of them into one configurator GUI and gathered the hardly found pieces of information in help files (+ manual) to make all of this more understandable. Furthermore, It was necessary to add the integration with some useful external tools (Sysinternals Autoruns, NirSoft FullEventLogView, 7-ZIP) for troubleshooting. In the end, I made some setting profiles which can be useful in a daily work for inexperienced or advanced users.