Advice Request Security Software obselete on Windows 10?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
Which AV are you using now?
There are some unsigned and unknown apps that will open slow after a reboot, with WD. This is because WD doesn't totally trust them, and it checks them another time. Other AVs "learn" that the app is safe, and they remember, so the app opens fast the second time.

SecureAplus withe Beta APEX engine and avira addon egine / Zemana od scann

Full detail on SECURE: Complete - Quassar - Desktop PC
 

amico81

Level 21
Verified
Top Poster
Well-known
Jan 10, 2017
1,061
2 Questions about WD:

- does he have a behavior blocker ( I only see the smartscreen in action)?
- does he have a anti-phishing-protection without the Internet Explorer/Edge?
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
There was a student game in purpose to help understand people each other. Simply, the student's task was defending the opponent's point of view. So I will try to defend that WD needs to be replaced by another AV.:giggle:
  1. Some people complain that WD is the resource hog, and most users agree that it is not the fastest AV.
  2. Most AVs are much more configurable. WD needs 3rd party configurators for that or the user is forced to use not easy and inconvenient PowerShell cmdlets (on Windows Home).
  3. When opening the folder with many executables, WD always tries dumbly to check them, even when they are were checked already many times.
  4. File copying is slow.
  5. Full scan can last forever.
  6. Some executables are scanned every time on run (for what?).
  7. The Security Center is from the XX century.
  8. etc.
So, why someone still wanted to use it? Am I stupid?

Some people, prefer living in the standard flat, If this is compensated by the fresh air, healthy environment, and activities outside the flat all the day. They leave the home early morning and come back at night to sleep soundly. (y)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
2 Questions about WD:

- does he have a behavior blocker ( I only see the smartscreen in action)?
- does he have a anti-phishing-protection without the Internet Explorer/Edge?
Yes. The second has to be activated by the external tool, PowerShell, or reg tweak.
 

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
There was a student game in purpose to help understand people each other. Simply, the student's task was defending the opponent's point of view. So I will try to defend that WD needs to be replaced by another AV.:giggle:
  1. Some people complain that WD is the resource hog, and most users agree that it is not the fastest AV.
  2. Most AVs are much more configurable. WD needs 3rd party configurators for that or the user is forced to use not easy and inconvenient PowerShell cmdlets (on Windows Home).
  3. When opening the folder with many executables, WD always tries dumbly to check them, even when they are were checked already many times.
  4. File copying is slow.
  5. Full scan can last forever.
  6. Some executables are scanned every time on run (for what?).
  7. The Security Center is from the XX century.
  8. etc.
So, why someone still wanted to use it? Am I stupid?

Some people, prefer living in the standard flat, If this is compensated by the fresh air, healthy environment, and activities outside the flat all the day. They leave the home early morning and come back at night to sleep soundly. (y)

read my 2 point above in post and add 3rd) are fanboys (not matter how sux, they will still defend it with no reason, like outdated emsisoft where peoples cant belive his old good day are gone long time ago :D
 
D

Deleted member 178

Some people, prefer living in the standard flat, If this is compensated by the fresh air, healthy environment, and activities outside the flat all the day. They leave the home early morning and come back at night to sleep soundly. (y)
If the flat being Win10, WD is probably the dumb security guard with no memory, asking the occupants their ID card every single time they want come in.
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
2 Questions about WD:

- does he have a behavior blocker ( I only see the smartscreen in action)?
- does he have a anti-phishing-protection without the Internet Explorer/Edge?
- BB: not in default settings since I have never ever seen it working. It got infected with every sample I threw in if they are not detected by signatures. After enabling the advanced settings, WD can behave like it having BB and it works quite well to be honest (I don't believe in text/description from vendors, I believe in my eyes). Because the signatures are so so bad, the BB can't catch up to malwares. Smartscreen can save the day unless the malwares come from non-internet sources
- anti-phishing and malware filter: yes, but must be enabled, again, and it's quite weak compared to Windows defender browser protection extension
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Nvm lol andy answered. Isnt it just behaviour monitoring
You are right. I missed the word 'blocker'. Instead of the behavior blocker there are ASR rules and Cloud Security level (can be set to block). But, they are technically not the same. Both, requires the external tool, PowerShell cmdlets, or reg tweak (on Windows 10 Home).
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
read my 2 point above in post and add 3rd) are fanboys (not matter how sux, they will still defend it with no reason, ... :D
True, but you will find much more fanboys defending any AV, and poke fun at WD.:giggle:
I like Emsisoft, just block scripts, make some system hardening and you are OK.
 

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
Yes and no... if you can get more efective product in same price or even less.. or at last stay on all defaul security and dont wonde when you lose data cause belive if test where amlost all av got 100% with tercent on foward xDDD,
while every day on Free Automated Malware Analysis Service - powered by Falcon Sandbox and other vedonr you can discover copule malware sampels which are detected only by very few AV..
 
  • Like
Reactions: oldschool

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
while every day on Free Automated Malware Analysis Service - powered by Falcon Sandbox and other vedonr you can discover copule malware sampels which are detected only by very few AV..
Those samples are like the meteors which hit the Moon. The average user will 'never' feel them on Earth.
There are some very nasty malware samples, but they first hit Enterprises, Public Institutions, etc.
For the home users, they are as dangerous as meteors that came on Earth in the spaceship.
Actually, the home users do not need the 100% security.
You do not have to be the fastest antelope in the herd. It is OK if you are healthy and faster than average. Predators (and malware in the wild) are evolving to attack the weak and average prey.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
dunno offen time i see on some security media mass infection on big scale :)
i guess becasue they sit on defeual setting on system or use marketing bulk security software...
Good point.(y)
People who are using extensively the social media, are also an easy target, like anybody who allows a lot of people to visit his/her home. Furthermore, the social media networks have some vulnerabilities similar to Enterprise networks.
The massive infections are visible in Enterprises (Wanna Cry, Not Petya, etc.). Furthermore, in the case of Wanna Cry, the targets were protected below average (unpatched systems).
In the case of the Enterprises, it is impossible to prevent the targetted attack. All that can be done, is make it harder and mitigate the malware.
Most Public Institutions are an easy prey, because they have computer networks with the security below average.:emoji_disappointed:

But, let's get back to the topic.:coffee:
 
Last edited:

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
Miscorosft have good basis to make good detection rate with thier agresive telemetry casue not all use secuity software from 3rd vendor but most use microsoft product/system
 
  • Like
Reactions: oldschool

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Miscorosft have good basis to make good detection rate with thier agresive telemetry casue not all use secuity software from 3rd vendor but most use microsoft product/system
The Windows 10 built-in security is attractive on Windows 10 for many reasons. The home users can benefit from Advanced Thread Protection used in Enterprises, because of the 'Block at first sight' feature.
Enterprises can also benefit from 'Block at first sight', because the home users are the 'Guinea pigs' for detecting the malware in the wild. The advanced features like SRP, ASR and Network Protection can be activated in Windows Home, even when officially they are supported only on Pro (SRP) or Enterprise versions.
And there exist the simple and more advanced configurators which can quickly activate/deactivate the important hidden security features.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
- BB: not in default settings since I have never ever seen it working. It got infected with every sample I threw in if they are not detected by signatures. After enabling the advanced settings, WD can behave like it having BB and it works quite well to be honest (I don't believe in text/description from vendors, I believe in my eyes). Because the signatures are so so bad, the BB can't catch up to malwares. Smartscreen can save the day unless the malwares come from non-internet sources
- anti-phishing and malware filter: yes, but must be enabled, again, and it's quite weak compared to Windows defender browser protection extension
@Evjl's Rain have you tested WD with the ASR rule for "Block executable... unless they meet a prevalence, age or trusted list criteria"?
How well does this rule perform?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top