Advice Request Why Do You Use Windows Defender Antivirus?

[stefanos]

Well my opinion of WD, It's a good AV for those who know. But for those who are not lucky enough to be in MT it is still bad.
It is good in the hands of an expert, but not for the whole World.
Everyone does not know H_C or configure Defender only what we are in MT with the help of the geniuses that walk around here we can realize the potential of WD.

You said everything about Defender. You saved me from trying to translate into the bad google translate. Goodnight to everyone. We all wrote our opinions, They do not need others.

 

[RoboMan]

I'm using WD in 1903 and I have never ever seen a lighter antivirus and such an unnoticeable CPU consume. It's literally like having nothing.

 

[stefanos]

Did you try the same links against SmartScreen in Edge + WD "Block at first sight" which are turned ON by default in Windows 10? If not, then such test can be easily questioned.
In practice the default Windows 10 protection is OK and SmartScreen anti-phishing filter is good.
The AV web filtering has the advantage to block some malicious downloads by scripts, macros, etc., which are done outside the web browser. But, it is not especially efficient - you can see it on Malware Hub. Also, It is not as efficient for blocking phishing websites, as web browser extensions. WD has better script/macros protection than, for example, Avast so in the end, the protection is similar. Furthermore, Avast web filtering (true for many AVs) has an impact on web browser performance, and many users turn it OFF.

We can talk a long time about details, but this will not change the fact, that for the home users on Windows 10, WD protection is similar to any free AV. You can look at the professional real world tests (AV Comparatives, AV Test). The exception can be the user who downloads cracks, pirated software, etc. From my personal experience, WD is not very good against Coin miner malware, but I cannot generalize this as the real WD issue.

Last coment. My opinion is for persons without experience. Good night at all

 

[Andy Ful]

One site with online movies have more virus from malcode. Many home users visit sites like this.
View attachment 212079

Did you try this site against WD + SmartScreen to see if you will be infected? Furthermore, blocking something does not mean that it could infect you, and also it does not mean that you could not be infected some days ago without seeing such alert.:notworthy:

For many of the gurus and experts on this thread.... they are right. With all the different ways they can tweak things or add other products, Windows Defender is fine.

But...

For many of us here, we can do many of those same things (talked about in this thread) with a Norton, ESET, Bitdefender, Cylance, CrowdStrike... and end up with better and lighter protection. Granted, it may only be a tiny bit better... but it IS better. And lighter.

Many of us here at MT want the best available AV to serve as the cornerstone of the system. That's why we are here, to learn about and select the best and lightest products and additional products (extensions...) and apply the best tweaks.

'The best' is not Windows Defender.

Yes, it's gotten significantly better. And that's great.

And it may be best for you.

There does not exist the best AV for most users. There does not exist the lightest AV for most users. So, also WD cannot be the best and the lightest. It has only one advantage to be most compatible with Windows.
Why we cannot think about WD as about other free AVs? Why we must compare it with paid AVs?

I will not continue the comments do not help anywhere. Everyone has an opinion. What I know is that in a good product the first defense is the web filter and the most important is the behavior blocker. Thats my opinion.

Your opinion is not questioned, and I do not say that you are wrong with it. You must understand that examples which you posted cannot prove anything. Furthermore, it is possible that you can be right, and no one can prove it.

 

[Andy Ful]

In several posts, I was defending WD.
But one could say: "Andy, why do you defend WD? Did not you develop ConfigureDefender and Hard_Configurator, because you noticed that WD protection is not sufficient? You should rather support people who say that WD is not good without tweaking, and even then the system is not safe without using SRP and Windows hardening."
That is true. It is also true for any free AV. The free third-party AVs have some advantages for many users, but I do not think that they can protect home users on Windows 10 much better than WD. I also do not believe that there is an essential difference in overall protection between the best free AVs.
That can be seen in the real world tests, if one can believe such tests. But the most convincing is the fact that most AVs adopted similar anti-malware techniques based on AI systems with advanced machine learning models + fast malware fingerprints in the cloud. The free AVs cannot usually make use of full AI capabilities. For, example many advanced WD settings are available only in Windows E5 edition, the same is probably true for some third-party AVs. If I have to choose the free AV that could be better for the home users than WD, then maybe I should mention the Kaspersky product, because of available advanced modules. But, I could not prove it. Furthermore, if this could be the real advantage, then WD has an advatage to be more compatible with Windows.

 

[blackice]

I found WD recently to be quite pleasant and haven’t had any issues. I never had much of a performance impact, though. I also never had any false positives. I’m a fairly simple user as this forum goes, and don’t test malware, though. I have been trying ESET since I got a deal on a license, but I’m tempted to go back to Defender plus NVT OSA with 1903’s improvements. ESET has a smaller memory footprint, but I’ve seen no change in system performance. That’s probably due to having a good amount of ram in my machine. The full scans are twice as fast if not better, though, which is a big difference.

 

[ForgottenSeer 72227]

@Spawn I really enjoy your satire posts.

Personally I use WD after trying/using many 3rd party programs, as I've found annoyances with each one. WD IMO and in my experiences is the least annoying, protection is top notch (has improved greatly), is light (I don't even notice it on any of my systems), doesn't expire, no ads, always works with W10 (even after major updates), etc...

I hope Microsoft will fix false positive issue. This is the only negative thing in WD.

They definitely have some work to do on that front. In saying that, I have to be brutally honest that I haven't had any issues whats so ever with FPs, when using WD. I know there have been some, but in my experience it's not as bad as it's made out to be. All major AV companies have had issues with FPs, some even big ones like Norton flagging Fortnite.

Windows Defender is more than adequate for home users; dont buy the paranoia propaganda, dont be a victim of security fadigue and keep your software (and hardware) up to date and you will be fine.

Spot on!

IMO I think the fear and paranoia is one of the biggest issues with security setups in general. People in general and even security forums in general tend to feed into this, hence why you have people constantly switching programs/setups, or even piling on security programs to the point of overkill. WD has come along ways in terms of protection. When you look at all the tests being done, they all seem to confirm this. Is it perfect, no, but no product can offer you perfect protection. IMO people's expectations of security software is too much. I constantly read comments from people freaking out and saying x product is crap because it score 98%. Last I checked, 98% is an excellent mark.

What I also hate about this is the simple fact that all security vendors feed into this fear and paranoia in order to sell their products, which isn't helping things.

I still disagree with you because system impact is machine dependent and the average user isnt surfing on Malcode.

+1

I'm using WD in 1903 and I have never ever seen a lighter antivirus and such an unnoticeable CPU consume. It's literally like having nothing.

I have to agree 100%. IMHO (this is from using WD for a while) WD keeps getting lighter and lighter with each major release. To be brutally honest I don't eve notice it. Windows boots up significantly faster, all of my programs load up much faster, my web browsing is significantly faster, etc... This is true for me on both my gaming system and my laptop which is significantly less powerful than my gaming rig.

There does not exist the best AV for most users. There does not exist the lightest AV for most users. So, also WD cannot be the best and the lightest. It has only one advantage to be most compatible with Windows.
Why we cannot think about WD as about other free AVs? Why we must compare it with paid AVs?

This^^

There's no such thing as a perfect product both in general and protection wise. When it comes to performance, every program WD and 3rd parties, will have some sort of an impact and will vary from system to system. Some times and I could be very wrong, but I think there's an unfair expectation of WD. What I mean is, there seems to be this general expectation that some how WD HAS to be PERFECT on all fronts, in order for it to be "considered" a good AV program. Like we both said, there's no such thing as a perfect product WD and all 3rd parties included. While trust in WD is improving, it will still take some time to get the vast majority of people to come around.

 

[blackice]

@Spawn I really enjoy your satire posts.

Personally I use WD after trying/using many 3rd party programs, as I've found annoyances with each one. WD IMO and in my experiences is the least annoying, protection is top notch (has improved greatly), is light (I don't even notice it on any of my systems), doesn't expire, no ads, always works with W10 (even after major updates), etc...



They definitely have some work to do on that front. In saying that, I have to be brutally honest that I haven't had any issues whats so ever with FPs, when using WD. I know there have been some, but in my experience it's not as bad as it's made out to be. All major AV companies have had issues with FPs, some even big ones like Norton flagging Fortnite.




Spot on!

IMO I think the fear and paranoia is one of the biggest issues with security setups in general. People in general and even security forums in general tend to feed into this, hence why you have people constantly switching programs/setups, or even piling on security programs to the point of overkill. WD has come along ways in terms of protection. When you look at all the tests being done, they all seem to confirm this. Is it perfect, no, but no product can offer you perfect protection. IMO people's expectations of security software is too much. I constantly read comments from people freaking out and saying x product is crap because it score 98%. Last I checked, 98% is an excellent mark.

What I also hate about this is the simple fact that all security vendors feed into this fear and paranoia in order to sell their products, which isn't helping things.



+1



I have to agree 100%. IMHO (this is from using WD for a while) WD keeps getting lighter and lighter with each major release. To be brutally honest I don't eve notice it. Windows boots up significantly faster, all of my programs load up much faster, my web browsing is significantly faster, etc... This is true for me on both my gaming system and my laptop which is significantly less powerful than my gaming rig.



This^^

There's no such thing as a perfect product both in general and protection wise. When it comes to performance every program WD and 3rd party will have some sort of an impact and will vary from system to system. Some times and I could be very wrong, but I think there's an unfair expectation of WD. What I mean is, there seems to be this general expectation that some how WD HAS to be PERFECT on all fronts, in order for it to be "considered" a good AV program. Like we both said, there's no such thing as a perfect product WD and all 3rd parties included. While trust in WD is improving, it will still take some time to get the vast majority of people to come around.

Great points. To be honest in the past I didn’t worry about security too much and used Defender on my gaming machine in its bad years. Never got infected, though I don’t torrent and did just light browsing and mostly gaming (the typical home user). I also avoid certain popular areas of the internet due to common sense.

 

[Handsome Recluse]

I don't.

 

[Local Host]

Comparing Free AVs with Default Settings, WD is pretty much among the worst.
When we add the performance hit, false positives, broken exclusions, hidden settings in the Group Policy Editor and Regedit. It only makes it even worse.

Most of the APIs Windows Defender uses for your protection, are available to third-parties as well, Kaspersky being among the few companies that uses them.

Every time I tried to leave a computer with Windows Defender, they always come back with either Malware or Performance complaints. Ever since I started installing Kaspersky Free on their computers, the only reason those computers come back to me is to upgrade Windows 10 to the latest build.

The only place where I can recommend Windows Defender is in the Enterprise with the advanced Control Panel and Features in the ATP.

How many users know about kaspesky free or bitdefender free? For averge user is still better extension then 3rd party AV in case if it comes to conflicts with OS.

And this tests has nothing to do with real life. 99.9% users are not looking for malware or any other way to get infected. Even systems with kaspersky/bitdefender/whatever get infected.
Check other IT forums and you will see how many people have 3rd party AV and got infected.

If you get infected with third-party AVs, you sure as hell are getting infected with WD.

 

[outlawxtorn]

I'm using WD in 1903 and I have never ever seen a lighter antivirus and such an unnoticeable CPU consume. It's literally like having nothing.

100% Agree!

 

[Evjl's Rain]

reasons why I never use WD:
personal: too high disk activity with my type of usage
general, for other PCs I configure:
- people in my country download cracks packed in zip files with password -> BAFS & smartscreen are intentionally bypassed. Have seen too many PCs infected this way. Recently disinfected some PCs with WD installed
- people are still using external storage a lot -> another way to bypass
- most PCs around me are using HDDs with =<4GB of RAM and old CPUs => Windows 10 is a burden

I don't mind good things or theories/advanced features other people are saying about WD. This is what I observed
nobody uses tweaked settings, same for other AVs

avast and kaspersky seem to cover better most malwares in my country because everyone is using them while other AVs may end up with infection

the best AV for you is the one you can squeeze the best out of it by tweaking or combining it with something else + you feel comfortable + you don't get any infection for years

 

[TairikuOkami]

WD is not user friendly, it lacks GUI and it is part of the Windows and people take it as such. Virtually all AVs scream at the user: You Are Protected, but WD just quietly sits in the background doing its job, but that makes people uncertain, whether it is actually doing anything. They need reassurance. MS failed at selling WD to the public. MS only says, that it is free, but that makes it worse, how can it be better compared to $100 AV?

 

[SeriousHoax]

I have a question about Windows Defender, if I restore a file from the quarantine, it's automatically added to exclusions. But it's not shown in the excluded items list, it's added as temporary exclusions. Is there any way to disable this behavior or modify the temporary exclusions? I find this very annoying.

 

[stefanos]

Did you try this site against WD + SmartScreen to see if you will be infected? Furthermore, blocking something does not mean that it could infect you, and also it does not mean that you could not be infected some days ago without seeing such alert.:notworthy:


There does not exist the best AV for most users. There does not exist the lightest AV for most users. So, also WD cannot be the best and the lightest. It has only one advantage to be most compatible with Windows.
Why we cannot think about WD as about other free AVs? Why we must compare it with paid AVs?


Your opinion is not questioned, and I do not say that you are wrong with it. You must understand that examples which you posted cannot prove anything. Furthermore, it is possible that you can be right, and no one can prove it.

I hope you understand what I say because my language is very difficult to translate.
I can not prove it because I have not kept pictures or videos from infections I have seen on my daughter laptop all the time she had windows defender. The most infections is adware and browser hijackers from youtube downloaders fron online movies etc. Every time I went to Greece I had to clean up her laptop. From the moment I installed KFA I have not seen any infection here for almost a year. And the other proof is the video with the test. Infected by an old virus very easy. It may have been upgraded in recent years, but it remains weak to me. And signatures of viruses are still weak, and have not behavior blocker. I conclude by saying that we all have an opinion according to our experience with some protection product. I am not trying to impose my opinion. I just say my experience with windows defender.

 

[Andy Ful]

...
Every time I tried to leave a computer with Windows Defender, they always come back with either Malware or Performance complaints. Ever since I started installing Kaspersky Free on their computers, the only reason those computers come back to me is to upgrade Windows 10 to the latest build.

I believe you. But please note, that your personal experience cannot be generalized, just like the personal YouTube video tests. You can see on this and other threads some people that were not infected when using WD and did not have performance issues (except well known). There can be several sources of your bad experience with WD:

1. WD is often preinstalled on the computers with Windows 10. So there is much greater chance that you will see someone infected with WD than with another AV.
2. After infection, many people learn something and are more cautious. So, when you install another AV (after WD), you cannot be sure that it is better than WD.
3. You may have a bad luck (statistical fluctuation) with WD.

If you get infected with third-party AVs, you sure as hell are getting infected with WD.

That is probably true. The user starts with WD and gets infected. He/she installs 3-rd party AV and gets infected. It usually means that he/she did not learn much. So, why he/she should not be infected with another AV?

 

[Andy Ful]

I hope you understand what I say because my language is very difficult to translate.
I can not prove it because I have not kept pictures or videos from infections I have seen on my daughter laptop all the time she had windows defender. The most infections is adware and browser hijackers from youtube downloaders fron online movies etc. Every time I went to Greece I had to clean up her laptop. From the moment I installed KFA I have not seen any infection here for almost a year. And the other proof is the video with the test. Infected by an old virus very easy. It may have been upgraded in recent years, but it remains weak to me. And signatures of viruses are still weak, and have not behavior blocker. I conclude by saying that we all have an opinion according to our experience with some protection product. I am not trying to impose my opinion. I just say my experience with windows defender.

From what you posted, it follows that your daughter has a problem with PUA inside the browser. That could be a problem, if she did not use web filtering. SmartScreen and WD Block at first sight will allow most PUA, because they are often installed legally after accepting the installation by the user. I do not know if Kaspersky web filtering helped your daughter to avoid PUAs for sure (she can learn), but this is a practical solution if it works. It is also better for your daughter than not tweaked WD (without some web browser extensions or DNS filtering). There are also some other solutions without Kaspersky, but there is no reason to replace it if it works well.

 

[shmu26]

I have a question about Windows Defender, if I restore a file from the quarantine, it's automatically added to exclusions. But it's not shown in the excluded items list, it's added as temporary exclusions. Is there any way to disable this behavior or modify the temporary exclusions? I find this very annoying.

Are you sure it gets added to exclusions?
My experience is that it does not get added to exclusions, and the next time you navigate to the folder with that file, it will get quarantined again. But if you stay away from the folder, the file might sit there undisturbed for a long time.

 

[SeriousHoax]

Are you sure it gets added to exclusions?
My experience is that it does not get added to exclusions, and the next time you navigate to the folder with that file, it will get quarantined again. But if you stay away from the folder, the file might sit there undisturbed for a long time.

In my case it doesn't even detect the file if I do a right click scan. It has to be at the exact same location. If I cut it pase it somewhere else then it will be detected. Currently I'm not using WD but I tested this like 2 weeks ago. Many other people faced this issue too.

 

[shmu26]

In my case it doesn't even detect the file if I do a right click scan. It has to be at the exact same location. If I cut it pase it somewhere else then it will be detected. Currently I'm not using WD but I tested this like 2 weeks ago. Many other people faced this issue too.

Admittedly the scanning produces varying results. I think it depends on how high the severity rating is for the file in question. If it has a low severity rating, WD might leave it alone when you run a static scan. But what if you actually run the file? I am pretty sure it will be blocked.
Maybe @Andy Ful has some insight on this.