Advice Request Why are we even messing with anything other than WD these days?

[ncage]

So i'm wondering why we are even messing with anything else other than WD these days? WD does so good in most of the tests. Maybe it has slightly more FP but the protection seems to be first rate now. You don't have to sell your privacy to the devil (Avast/AVG) or deal with upsell popups. You don't have to screw with upgrading it from version to version (2018 to 2019 to 2020). You don't have to pay for expensive software licenses. I think WD is pretty good out of the box (default settings) and can be made better by hardening it. My main concern has always been 0 days and WD even seems to do good in the 0 day tests now.

So for my main workstation i don't have to worry because i use arch but i use LOTS of windows vms. I also protect my parents, wife, & kids computers. Currently i have a bitdefender family license. I'm happy with bitdefender in terms of protection but unhappy in terms of resource usage. Yes if you have a PC with lots of ram who cares right? But if your like me and runs lots of windows vms in hyper-v with dynamic memory bloat can greatly lower how man vms you can cram on a box. Also some PCs i administer don't have high specs. I was researching what AV product to replace with bitdefender. Then i was like why....wd is excellent now. Why even mess with it anymore? Why doesn't everyone just run WD and be done with it?

 

[blackice]

On this forum I think a lot of it is curiosity, experimentation, and boredom. I ran WD for years with no issue. Even in the “bad years”.

 

[SumTingWong]

WD is still heavily rely on signatures detection. The Smartscreen is decent. 3rd party AV is much better than WD in term of protections.

 

[plat]

Some people cannot stand Microsoft as an entity even though they run Windows, so they ditch the monopoly. I respect that.

Me, I run Defender because I don't want the added bulk and potential problems of a third party package. It's decent protection, doesn't clog my machine, is amenable to small third party helpers and its self-sandbox in 1903 is a nice bonus.

 

[oldschool]

On this forum I think a lot of it is curiosity, experimentation, and boredom. I ran WD for years with no issue. Even in the “bad years”.

I agree, even for non-testers like me.

WD is still heavily rely on signatures detection. The Smartscreen is decent.

Actually, much of the protection comes from the cloud, which is why by default it does not update signatures often. Its other default settings are what make it seem weak, e.g. 10 sec timeout period for cloud check vs. 60 sec. And Smartscreen is quite powerful, especially when implemented across the entire OS (forced Smartscreen). Testing in the Hub gives only the snapshot view under extreme conditions vs. everyday usage for the average user.

Some people cannot stand Microsoft as an entity even though they run Windows, so they ditch the monopoly. I respect that.

I agree. I am that way with Google, FB & Twitter, etc. Watch as WD continues to develop how other companies respond, for example AVG Free now has several privacy opt-outs. These companies may be greedy and make stupid moves but at the end they are market-driven and respond to market forces. WD is one such force. I even go as far as saying AVG Free is one secret surprise offering from Avast, maybe a response to recent events.

Edit: I might also add that the quest for privacy on the web is a tenuous endeavor at best. However, this is a touchy subject so I'll leave it at that.

 

[ncage]

3rd party AV is much better than WD in term of protections.

See from my research most of the test i've seen are saying WD is just a good. Do you disagree with this assessment?

On this forum I think a lot of it is curiosity, experimentation, and boredom. I ran WD for years with no issue. Even in the “bad years”.

Ya i actually really like emsisoft but its cost prohibitive for how many licenses i would need. To bad they don't have a family type plan. I was actually considering SHP but then i asked myself why.....

 

[blackice]

Edit: I might also add that the quest for privacy on the web is a tenuous endeavor at best. However, this is a touchy subject so I'll leave it at that.

Oh the truth in this and the irony of using Windows and bashing WD for privacy. There is an exchange for security and potential abuse from every security vendor. I’ve yet to see proof that M$ is doing anything more than any other security solution.

Ya i actually really like emsisoft but its cost prohibitive for how many licenses i would need. To bad they don't have a family type plan. I was actually considering SHP but then i asked myself why.....

I just gave SHP a try because it was 50% and already priced well for the 10 licenses before that. It gives a good solution for managing a home. However it just needed a little more polish for my taste. Lots of good with a couple issues. But cloud management for multiple computers on home systems is useful.

 

[roger_m]

@ncage Windows Defender sometimes noticably slows down my computers and this is why I never use it, or any other antivirus that causes slowdowns. Many people experience the same.

I use a third party antivirus, because other than when scanning, it never slows down my computer and it actually prompts me to select an action, when it detects something, rather than automatically quarantining it. If Windows Defender was lighter, I would use it on some computers. I wouldn't use it on all of them, due to not liking auto quarantining.

 

[Evjl's Rain]

WD is quite heavy on disk read/write so I don't want to use it (many people are using SSD so they don't clearly see it). Heavier than other AVs
I have tested it many time with many versions and have had similar results

I use other AVs because the AVs I choose allow me to reduce CPU or disk usage or I'm able to customize them for other purposes (blocking telemetry,...)

 

[Burrito]

Q: Why are we even messing with anything other than WD these days?

A: Because WD is still not that great.

And... while it has gotten better, I'm going to guess it will never be a top tier AV.


That is all.

 

[RejZoR]

Because WD is slow and certainly not as good as big players like Kaspersky. It's simple to use and non intrusive, but that's about it. It does the job, but it's hard to entirely trust it your digital life...

 

[ebocious]

WD is garbage. Updates are infrequent, and its protection results are actually not that great. I might possibly forgive the fact that they have the highest rate of FPs out of all the major vendors, if they had the best protection to go with it. But they don't. Perhaps the reason why they have so many FPs is because they're trying to compensate for the slow updates by overdoing the heuristics. And as Evjl's Rain pointed out, it really is heavy on disk read/write, and apps and files take forever to open. That's why everyone doesn't just run WD and be done with it.

 

[Andy Ful]

So i'm wondering why we are even messing with anything else other than WD these days? ...

There was a special thread for people who like to talk about WD:
https://malwaretips.com/threads/the-truth-about-windows-defender-on-windows-10-home-pro.88142/
:emoji_pray:

 

[Local Host]

Why?

• High resource usage (slows computer to a crawl),
• Lack of customization without third-party tools (poor default settings that will fail to protect you against most malware, check malwarehub),
• Slow updates and fixes (due to relying on Windows 10 Feature Updates, same issue Microsoft Edge had),
• Exclusions don't work properly (ignores whitelisted files you just recovered from quarantine and quarantines them over and over again),
• High rate of false positives (with the issue above, and the fact it quarantines all files without asking makes it extremely frustrating to use).

I have no sane reason to use Windows Defender with all the issues above.

 

[Windows_Security]

When settings are set to high (or the even higher zero tolerance mode) and extra's of attack surface reduction, protected folders and exploit protection (e.g. only allowing Edge-chromium to load Microsoft DLL's) are applied, it is by far the best security a home user can get for free. WD is the reason, I stopped messing with HIPS (I posted setups and reviews of HIPS for years on the other security forum under my old nickname Kees1958).

 

[Andy Ful]

Why?

• High resource usage (slows computer to a crawl),
• Lack of customization without third-party tools (poor default settings that will fail to protect you against most malware, check malwarehub),
• Slow updates and fixes (due to relying on Windows 10 Feature Updates, same issue Microsoft Edge had),
• Exclusions don't work properly (ignores whitelisted files you just recovered from quarantine and quarantines them over and over again),
• High rate of false positives (with the issue above, and the fact it quarantines all files without asking makes it extremely frustrating to use).

I have no sane reason to use Windows Defender with all the issues above.

All true on some computers and not important for most users.

• High resource usage (slows computer to a crawl) - generally not true on updated WIndows 10, (can be sporadically true on some computers)
• Lack of customization without third-party tools - TRUE, but not important for most users. There is nothing wrong with using third party tools.
• poor default settings that will fail to protect you against most malware, check malwarehub - WD was tested a long time ago on MH , indepedent Lab tests do not support poor protection in the real world tests.
• Slow updates and fixes (due to relying on Windows 10 Feature Updates, same issue Microsoft Edge had) - it is not an issue due to Block At First Sight feature, except working off line.
• Exclusions don't work properly (ignores whitelisted files you just recovered from quarantine and quarantines them over and over again) - generally not true, but there is another known bug with temporary exclusions after cleaning the history.
• High rate of false positives (with the issue above, and the fact it quarantines all files without asking makes it extremely frustrating to use). - independent tests do not support this, in fact, the false positives rate is close to average for high and medium prevalence files; most users will not feel the false positives rate for low and very low prevalence files.

 

[Back3]

Windows Defender is an important part of Windows 10. It's not an addon. Windows Defender is Windows.To enhance Windows I can disable that part and replace it with other security or I can harden it and or add extra security like VoodooShield, Comodo etc...
Most people live with Windows as it is and nowadays, the protection is good. Most people around me want Windows to work as a toaster. They have absolutely no interest in tweaks or to pay for extra security. They want a very dependable toaster. Nothing to read or watch to make it run. Like an Ipad.

 

[uduoix]

I have WD on 3 desktop PCs and 6 laptops. No problems at all.
I have WD on 28 PCs in company and no problems at all. Over 80 people using PCs and we never got infected, which is really weird since WD is such a garbage as some claim.

 

[Andy Ful]

It is the user choice, what security choose to feel safe. The same is when someone prefers beer over the wine. In most cases, the preferences are based on personal experience, which cannot be generalized.
It is OK that there is WD built into Windows, and it is OK that there are other AVs. Diversity of products is welcome.
The WD fans should keep their fingers crossed to support 3-rd party AVs, which are probably responsible for improving WD (and vice versa). :emoji_pray:

 

[Evjl's Rain]

I have WD on 3 desktop PCs and 6 laptops. No problems at all.
I have WD on 28 PCs in company and no problems at all. Over 80 people using PCs and we never got infected, which is really weird since WD is such a garbage as some claim.

it depends on user type. For example, in my country, the number people being infected with WD is countless since they frequently look for cracks, patches which are delivered via password-protected zip/rar files
in this case, WD only functions as a signature scanner, no more. Cloud can't save it as I demonstrated in some of my tests
advanced features like block at first sight and smartscreen are intentionally bypassed
forget about tweaking because 99% of WD users don't know about tweaking. If they know, they are unlikely to be infected in the first place

People will argue that people playing with cracks will be infected regardless of AVs they use => my argument: much less likely with other AVs, although it's still frequent

WD is a highly conditional AV, which functions in certain situations but doesn't in others (USB, password-protection archives, or anything not coming from your browser)