Advice Request Why Do You Use Windows Defender Antivirus?

Please provide comments and solutions that are helpful to the author of this topic.

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
Admittedly the scanning produces varying results. I think it depends on how high the severity rating is for the file in question. If it has a low severity rating, WD might leave it alone when you run a static scan. But what if you actually run the file? I am pretty sure it will be blocked.
Maybe @Andy Ful has some insight on this.
That's another case but I'm talking about the temporary exclusion system. I can even see the temporary exclusions on regedit but can't delete or modify it.
 

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
From what you posted, it follows that your daughter has a problem with PUA inside the browser. That could be a problem, if she did not use web filtering. SmartScreen and WD Block at first sight will allow most PUA, because they are often installed legally after accepting the installation by the user. I do not know if Kaspersky web filtering helped your daughter to avoid PUAs for sure (she can learn), but this is a practical solution if it works. It is also better for your daughter than not tweaked WD (without some web browser extensions or DNS filtering). There are also some other solutions without Kaspersky, but there is no reason to replace it if it works well.
The problem is my daughter live to Greece and i live Belgium. I am not near to control her laptop. But realy Kaspersky save me.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
I have a question about Windows Defender, if I restore a file from the quarantine, it's automatically added to exclusions. But it's not shown in the excluded items list, it's added as temporary exclusions. Is there any way to disable this behavior or modify the temporary exclusions? I find this very annoying.
There are several types of WD exclusions by: extension, path, process, temporary path. This feature is not well implemented in WD. If one clear the history of threats, then the only way to see exclusions is looking at the subkeys of the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions
or using PowerShell cmdlet:
(get-mppreference).ExclusionPath
(get-mppreference).ExclusionExtension
(get-mppreference).ExclusionProcess
Those exclusions can be also removed by using the PowerShell cmdlet Remove-MpPreference.

But I did not find the commands to see or remove the temporary path exclusions in PowerShell.

Edit.
It seems that temporary path exclusions can be deleted after booting to Windows recovery cmd (advanced startup options - command prompt):
 
Last edited:

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
There are several types of WD exclusions by: extension, path, process, temporary path. This feature is not well implemented in WD. If one clear the history of threats, then the only way to see exclusions is looking at the subkeys of the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions
or using PowerShell cmdlet:
(get-mppreference).ExclusionPath
(get-mppreference).ExclusionExtension
(get-mppreference).ExclusionProcess
Those exclusions can be also removed by using the PowerShell cmdlet Remove-MpPreference.

But I did not find the commands to see or remove the temporary path exclusions in PowerShell.
Think about telling my daughter to do all of this :ROFLMAO::ROFLMAO:
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Think about telling my daughter to do all of this :ROFLMAO::ROFLMAO:
The average users do not have any problem with this, because they do not exclude files. Most average users do not use WD Security Center for managing threats.
Furthermore, it is not a problem for most users because the samples in temporary exclusions had to be first intentionally recovered by the user from the quarantine. So, the user already decided that they are clean.
Yet, for the advanced users WD lacks the possibility to manually manage exclusions independently from history of threats (it can be done via PowerShell) and to remove the temporary exclusions. If I correctly remember, BitDefender free had the same problem. I do not know how it is solved in Kaspersky free.
 
Last edited:

stefanos

Level 28
Verified
Top Poster
Well-known
Oct 31, 2014
1,712
The average users do not have any problem with this, because they do not exclude files. Most average users do not use WD Security Center for managing threats.
Furthermore, it is not a problem for most users because the samples in temporary exclusions had to be first intentionally recovered by the user from the quarantine. So, the user already decided that they are clean.
Yet, for the advanced users WD lacks the possibility to manually add such entries by the user (it can be done via PowerShell). If I correctly remember, BitDefender free had the same problem. I do not know how it is solved in Kaspersky free.
The first version Bitdefender yes. But the last version i think have not problem. The problem with Bitdefender the last time to i test it is the web filter. if Bitdefender exclude a site. You have not the option to visit the site.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Certain posters are off topic. The thread is not about why WD is a bad choice for certain people. The title of the thread is: Why Do You Use Windows Defender Antivirus?
If you don't use Windows Defender, and have absolutely no interest in using it because you think it's a piece of junk, then this is not the place to express your distaste for it. You are off-topic. There are other threads dedicated to bashing WD -- you will find plenty of them.
 

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Certain posters are off topic. The thread is not about why WD is a bad choice for certain people. The title of the thread is: Why Do You Use Windows Defender Antivirus?
If you don't use Windows Defender, and have absolutely no interest in using it because you think it's a piece of junk, then this is not the place to express your distaste for it. You are off-topic. There are other threads dedicated to bashing WD -- you will find plenty of them.

I dunno. The initial post lists reasons Windows Defender is bad (satire or not).

Seems to me that the posts of this thread are on-topic.

And... this has been a pretty good thread. It's increased my overall understanding of Windows Defender -- both good and bad.

Original Post:
Windows Defender Antivirus is:
  • Invades Your Privacy
  • Sends All Data to Microsoft Servers
  • Very Weak Protection
  • Slows Down My PC
  • Scans All My 1000 Downloaded Files
  • Low Detection Rate
  • Easily Bypassed
  • No Real Firewall
  • Uses All My RAM (Memory)
  • Broken White-listing Settings
  • Lack of Customization
  • Cannot Be Trusted
  • ..
 
Last edited:

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
There are several types of WD exclusions by: extension, path, process, temporary path. This feature is not well implemented in WD. If one clear the history of threats, then the only way to see exclusions is looking at the subkeys of the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions
or using PowerShell cmdlet:
(get-mppreference).ExclusionPath
(get-mppreference).ExclusionExtension
(get-mppreference).ExclusionProcess
Those exclusions can be also removed by using the PowerShell cmdlet Remove-MpPreference.

But I did not find the commands to see or remove the temporary path exclusions in PowerShell.
This is the location of temporary exclusions: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths
 
F

ForgottenSeer 72227

If you get infected with third-party AVs, you sure as hell are getting infected with WD.

Well to be fair, anyone can get infected with any AV. Personally I don’t think it’s necessarily worse than 3rd parties. To be honest if you practice unsafe habits your playing with fire and eventually your luck will run out. IMO changing AV products without changing your habits is still playing with fire and gives a false sense of security. Sure it may do a slightly better job, but you can’t guarantee it won’t happen again.

reasons why I never use WD:
personal: too high disk activity with my type of usage
general, for other PCs I configure:
- people in my country download cracks packed in zip files with password -> BAFS & smartscreen are intentionally bypassed. Have seen too many PCs infected this way. Recently disinfected some PCs with WD installed
- people are still using external storage a lot -> another way to bypass
- most PCs around me are using HDDs with =<4GB of RAM and old CPUs => Windows 10 is a burden

I don't mind good things or theories/advanced features other people are saying about WD. This is what I observed
nobody uses tweaked settings, same for other AVs

avast and kaspersky seem to cover better most malwares in my country because everyone is using them while other AVs may end up with infection

the best AV for you is the one you can squeeze the best out of it by tweaking or combining it with something else + you feel comfortable + you don't get any infection for years

This is a good reason why security could/should be tailored to specific uses. There’s no one security fits all. Your examples prove that those poor security behaviours are fairly common place where you live. They may be better off with avast and or kaspersky, but there’s no guarantee that they will be protected every time. I’m not arguing with you just playing devils advocate ;) I’ve said this in another thread, but I think justifying using a certain product because you use poor security habits isn’t really the best approach, as it too will fail at some point. Personally we should b asking people to change their habits, not say well if you use this product, you can do what ever you want, because it really is a false sense of security. Again just playing devils advocate.:)



WD is not user friendly, it lacks GUI and it is part of the Windows and people take it as such. Virtually all AVs scream at the user: You Are Protected, but WD just quietly sits in the background doing its job, but that makes people uncertain, whether it is actuall ydoing anything. They need reassurance. MS failed at selling WD to the public. MS only says, that it is free, but that makes it worse, how can it be better compared to $100 AV?

Actually this is one of the reasons i like WD over 3rd parties as I don’t need it to tell me its doing something. Sitting quietly in the background is how it should be IMO. Constantly telling me it’s doing something is an annoyance and IMO is trying to justify their existence. Their UI is a little clunky, but how much time does one spend really spend in their AV UI? Again just playing devils advocate here.:)
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
Why do not I use WD, why I use W7. But I have friends that if they use it and they tell me, it is a big CPU consumer that they have tried to use it and in the end they have eliminated it. I'm not talking about old CPUs, but i7 and i5. and 16GB of RAM and SSD
 
F

ForgottenSeer 72227

I dunno. The initial post lists all the reason Windows Defender is bad (parody or not).

Seems to me that the posts of this thread are on-topic.

And... this has been a pretty good thread. It's increased my overall understanding of Windows Defender -- both good and bad.

Original Post:
Windows Defender Antivirus is:
  • Invades Your Privacy
  • Sends All Data to Microsoft Servers
  • Very Weak Protection
  • Slows Down My PC
  • Scans All My 1000 Downloaded Files
  • Low Detection Rate
  • Easily Bypassed
  • No Real Firewall
  • Uses All My RAM (Memory)
  • Broken White-listing Settings
  • Lack of Customization
  • Cannot Be Trusted
  • ..

I think @Spawn post was more of satire/joke very similar to his thread on why you use W10. He’s really listing all the arguments against, many of which are pretty silly anyways, hence the satire. As I’ve already said, I think WD gets unfair treatment, as people are always constantly looking for the negatives with it. You can’t have a discussion or a test where WD does very well without people going, but, but, but. No other 3rd party AV goes through this, not to this degree anyways IMO.

Personally there are some who are basically putting their hands over their ears and going, not listening, not listening, not listening, every time someone shows/talks about how WD has/is improving.

To me it’s all about trying it out and seeing for yourself. I’ve been running it on both my systems for a while now and I can say with 100% confidence that I have not experienced any of the issues, performance and so on that is constantly talked about when it comes to WD. I think some people either haven’t tried it, or haven’t tried it in a very long time. Even @RoboMan has tried it out recently and was very surprised how good it has become and how much it’s performance has improved. I’m happy to hear his comments because it too confirms what many of us have been trying to say for a while now.

No I want to be clear that I am in no ways saying WD perfect, it’s far from it, but it has improved on many fronts and I think people just need to try it for themselves. No product can offer you 100% protection and no product is perfect. I am not saying that people who have had poor experiences with WD are wrong, everyone has different experiences and the same can be said for any security product. At the end of the day, choose what you like and what works best for you.:)
 
F

ForgottenSeer 72227

Why do not I use WD, why I use W7. But I have friends that if they use it and they tell me, it is a big CPU consumer that they have tried to use it and in the end they have eliminated it. I'm not talking about old CPUs, but i7 and i5. and 16GB of RAM and SSD

See I have a system very similar and one less powerful and if anything running WD makes my systems faster than most 3rd parties. I’m not saying your wrong, I’m just speaking from experience. As with any product, it will vary from system to system.(y)

+1
But I do get a little tired of posters who feel they must convince everyone else why WD is garbage. They don't do this with other AVs.

Same here, it’s getting a little tiresome. TBH where I get a laugh is when people call us WD fanboys and say we are justifing (for the record no one in this thread said this, just speaking generally here) using WD, however the amount of energy some people put into bad mouthing WD is telling, because if you look at their arguments, they are grasping at straws.:)
 
L

Local Host

@Raiden But WD hasn't performed well in any testing, even in the Malware Hub.

The first question everyone asks in those negative tests is "Is this using Hard Configurator?"

Considering the majorly of users use WD with Default Settings, that is irrelevant, not to mention even with Strict Settings, WD is easily bypassed by Malware constantly (and malware that targets WD is actually used in Home Systems, since it's the default AV).

Reason why everyone started talking about the Anti-Tamper in WD, which clearly shows lack of testing from you guys, as the Anti-Tamper in WD has proven to be ineffective and still in testing.

So no, WD is not a good AV for casual users, and as for us advanced users we don't need an AV in the first place, so using us as benchmark and claiming WD is good, is not exactly a good idea.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Certain posters are off topic. The thread is not about why WD is a bad choice for certain people. The title of the thread is: Why Do You Use Windows Defender Antivirus?
If you don't use Windows Defender, and have absolutely no interest in using it because you think it's a piece of junk, then this is not the place to express your distaste for it. You are off-topic. There are other threads dedicated to bashing WD -- you will find plenty of them.
I agree (mostly). :giggle:
But fortunately, people on this thread are kind and respectful to each other, even when they had very different experience with WD. The discussion is also very rational and can be helpful for the readers. So, I would like to thank for all posts (also slightly off topic).(y)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top