Advice Request Why Do You Use Windows Defender Antivirus?

[shmu26]

But WD hasn't performed well in any testing

It protects against malware at least as well as other leading free AVs, in all recent tests by the big testing companies. It suffers from performance issues in certain situations -- depends on your user habits.
It fails in MalwareHub testing, mainly because it is designed to work as an integral part of Windows security. It is a team player. It is not a solo artist. MalwareHub testing isolates it from the other Windows security features that it needs.

By the way, I get a lot more false positives from Kaspersky than I do from Windows Defender. I guess it depends on your taste in software. I don't think me and Eugene would be good dinner companions.

 

[Andy Ful]

...But WD hasn't performed well in any testing, even in the Malware Hub.

On the contrary, WD has performed very well in the real world tests (AV-Comparatives, AV-Test). It did not perform well on Malware Hub, because it is not good against never-seen-malware (PE executables). But, the chance of being infected by such a malware in the home environment is close to 0.
Of course in the enterprises, many of paid AVs are much better than WD without ATP features.

Reason why everyone started talking about the Anti-Tamper in WD, which clearly shows lack of testing from you guys, as the Anti-Tamper in WD has proven to be ineffective and still in testing.
...

The malware cannot change WD settings with standard rights. If the malware can get the high privileges, then it can hide in the system in many ways, without changing WD settings. Tampering WD is the least problem for the home users.

So no, WD is not a good AV for casual users, and as for us advanced users we don't need an AV in the first place, so using us as benchmark and claiming WD is good, is not exactly a good idea.

I could say, WD is as good as any other free AV for casual users, and probably they need something more to be well protected. But, saying that any free AV, except WD, will be better is not exactly a good idea.
I agree (like most people here) that casual users need someone who can apply more protection. This can be done on Windows 10 with or without WD.

 

[ForgottenSeer 72227]

@Raiden But WD hasn't performed well in any testing, even in the Malware Hub.

The first question everyone asks in those negative tests is "Is this using Hard Configurator?"

Considering the majorly of users use WD with Default Settings, that is irrelevant, not to mention even with Strict Settings, WD is easily bypassed by Malware constantly (and malware that targets WD is actually used in Home Systems, since it's the default AV).

Reason why everyone started talking about the Anti-Tamper in WD, which clearly shows lack of testing from you guys, as the Anti-Tamper in WD has proven to be ineffective and still in testing.

So no, WD is not a good AV for casual users, and as for us advanced users we don't need an AV in the first place, so using us as benchmark and claiming WD is good, is not exactly a good idea.

That's very fair and I agree.

My main point really is that while a 3rd part may be a little better than WD, if the user doesn't practice safe habits, at some point they will be showing up at your door asking you to help them with their malware infection. The way I see it, no product should be a substitute for poor security habits. We shouldn't be recommending that people use either x or y, because they practice unsafe habits. What we really should be focusing on is educating them and helping them improve their security 101 and it doesn't have to be complicated. Also, if someone really wants whatever program they think they want, they will get it, even if it means turning of their AV, at that point the 3rd party is useless. When I hear people say they get got infected by using x product, I often want to go, actually no, they didn't get infected by using x product, they got infected because they were doing things like opening/downloading email attachments from unknown sources, clicking on every link/ad they see, etc...

I see it no different than someone driving in the winter and crashing into a snow bank and going, stupid car, it's traction control didn't work. Mean while you find out that it was a blizzard, they weren't driving to the conditions and were going well over the speed limit. So in reality, whose really to blame, the car, or the individual driving? Problem is, like in security, no one wants to admit, or take the blame for their own doing.

 

[RoboMan]

To me it’s all about trying it out and seeing for yourself. I’ve been running it on both my systems for a while now and I can say with 100% confidence that I have not experienced any of the issues, performance and so on that is constantly talked about when it comes to WD. I think some people either haven’t tried it, or haven’t tried it in a very long time. Even @RoboMan has tried it out recently and was very surprised how good it has become and how much it’s performance has improved. I’m happy to hear his comments because it too confirms what many of us have been trying to say for a while now.

Whoever knows me or reads my posts here knows I have no fanatism for certain software, and I'm more likely to constantly change my security according to the tests I do from now to then. I've used and loved great suites like Kaspersky and ESET, and I used to hate WD, because when I tried it back then, it was as bugged as Comodo back in the day, it slowed my whole system down and it was unbearable.

Nevertheless, after every major Windows Update, I always grab my secondary laptop, clean install the update and try Defender. Despite all minor changes, never big surprises. But 1903 changed that. Maybe with the light theme, maybe with great and significant changes to the antivirus. But the truth is: it works. I paired it with Configure_Defender and CFW. It works.

It's light. It's effective. It's non-intrusive. It's secure.

Sounds to me what I was looking for all this time.

 

[blackice]

That's very fair and I agree.

My main point really is that while a 3rd part may be a little better than WD, if the user doesn't practice safe habits, at some point they will be showing up at your door asking you to help them with their malware infection. The way I see it, no product should be a substitute for poor security habits. We shouldn't be recommending that people use either x or y, because they practice unsafe habits. What we really should be focusing on is educating them and helping them improve their security 101 and it doesn't have to be complicated. Also, if someone really wants whatever program they think they want, they will get it, even if it means turning of their AV, at that point the 3rd party is useless. When I hear people say they get got infected by using x product, I often want to go, actually no, they didn't get infected by using x product, they got infected because they were doing things like opening/downloading email attachments from unknown sources, clicking on every link/ad they see, etc...

I see it no different than someone driving in the winter and crashing into a snow bank and going, stupid car, it's traction control didn't work. Mean while you find out that it was a blizzard, they weren't driving to the conditions and were going well over the speed limit. So in reality, whose really to blame, the car, or the individual driving? Problem is, like in security, no one wants to admit, or take the blame for their own doing.

This is so relevant. The behaviors of the user are more telling of the likelihood of infection than what AV they use. Nothing will save a user, especially an average joe, who wants something for free enough to click through warnings. Simple steps make a big difference: I don’t use Office or Adobe products for home use and that reduces the attack surface of my home machine. My work laptop has a corporate endpoint solution (WD plus CFW and STICT UAC).

Edit: Also relevant to this thread, as a less sophisticated user I found WD did not had the FP issues that is always considered a negative. In fact I’ve never seen a FP with WD on Win 10.

 

[Andy Ful]

...
Nevertheless, after every major Windows Update, I always grab my secondary laptop, clean install the update and try Defender. Despite all minor changes, never big surprises. But 1903 changed that. Maybe with the light theme, maybe with great and significant changes to the antivirus. But the truth is: it works. I paired it with Configure_Defender and CFW. It works.

It's light. It's effective. It's non-intrusive. It's secure.

Sounds to me what I was looking for all this time.

WD worked well on many computers also in earlier Windows compilations. Your problem was probably solved because of drivers update. I also noticed that in some cases the factory software/drivers can cause problems. For example, some Lenovo software can cause long boot time when using ASR rule that restricts WMI.
On many laptops, installing fresh Windows 10 with Windows drivers (skipping the factory drivers and other software/bloatware) makes the laptop much faster.

 

[shmu26]

On many laptops, installing fresh Windows 10 with Windows drivers (skipping the factory drivers and other software/bloatware) makes the laptop much faster.

Another piece of conventional wisdom is challenged! People often say that the drivers that Windows update pushes on you are not the right drivers.

 

[Andy Ful]

Another piece of conventional wisdom is challenged! People often say that the drivers that Windows update pushes on you are not the right drivers.

Sometimes that can be true. If the driver does not work well, then the factory driver is required.
I have no problems with Dell laptops. But, there can be a problem for some older peripherals.

 

[ForgottenSeer 72227]

On many laptops, installing fresh Windows 10 with Windows drivers (skipping the factory drivers and other software/bloatware) makes the laptop much faster.

I usually build my own systems, so I usually don't run into the issue very often mostly due to the fact that I download the latest version from the hardware vendor themselves (ie: Nvidia, Intel, etc...). On my Laptop however, I just blew out all the garbage that comes with it, did a clean install of W10 and just downloaded the most up to date drivers again from each manufacture and shes running like a dream.

More often that not I find that the various PC manufactures are terrible at keeping up to date drivers. You can own the computer for a couple of years, go to Dell's website for example and download the "latest" drivers, only to find out that the "latest" drivers are from like 2015-2016. Unfortunately for average users this isn't helping matters. This is why I say it's not always MS fault for issues when it comes to things like WD and or Windows in general. MS definitely does create their own problems at times, but it's not always their fault. Even 3rd party software in general can cause issues, but it's always MS fault.

Look at the latest issue with Firefox and AV's causing issues with their TLS certs. One could argue , why is Mozilla maintaining their own cert store, which is a fair point, but my argument is, well it was working fine until now and it sure as heck wasn't Mozilla's fault.

 

[Andy Ful]

...
More often that not I find that the various PC manufactures are terrible at keeping up to date drivers. You can own the computer for a couple of years, go to Dell's website for example and download the "latest" drivers, only to find out that the "latest" drivers are from like 2015-2016.
...

That is why sometimes the native Windows drivers work better. I always start from Windows native drivers and install the factory drivers if they do not work well. It works for me because my hardware is pretty standard. That is probably why I have no issues with Windows stability and Windows Updates.

 

[Bikeman0I17]

Laptop Drivers are sometimes a pain, example Intel video drivers for my HP Omen Intel I7 laptop, tried to install ones from Intels site, and it goes not supported, last ones on HP site is October 31st 2018 lol. As for Windows Defender after getting it setup on the 2 most used systems so far, not seeing any issues so far with performance, so pretty happy so far.

My Desktop is mostly standard Gaming System I suppose lol, Asus G11CD-K Desktop, most of these drivers I get from manufactuers sites, and Nvidia and no issues at all, system running like a dream.

As for avoiding the Reserved storage in 1903 when releases, might just do a clean install of 1809 before it releases, and therefore I think avoid Reserved storage, then reset laptop prior to 1903 release, and should be good

 

[shmu26]

I have i5 6500. Intel integrated graphics.
Should I download drivers from Intel, or just use what Windows feeds me?

 

[Andy Ful]

I have i5 6500. Intel integrated graphics.
Should I download drivers from Intel, or just use what Windows feeds me?

Let Windows 10 to update.

 

[Andy Ful]

I am curious if anyone tested free AVs against PUAs (PUPs)?
WD on default settings can detect some PUAs. But it is probably not the maximum detection because there is a special anti-PUA setting available via PowerShell (used in ConfigureDefender).
On Kaspersky forum, I noticed that some users had problems with PUA detection:

Join the Kaspersky Club

forum.kaspersky.com

I remember that there were also similar problems with BitDefender.
From my experience, Avast had an aggressive PUA scanner, but I am not sure how it works nowadays.

I think that most of home users' complaints about AVs, may have the source in PUA detection. On VirusTotal many AVs detect PUAs incorrectly, for example as trojans, etc.

 

[Bikeman0I17]

Well i did my full scan last night, and with Configure Defender I do have PUA Protection on with Windows Defender, Showed avcfree.exe was severe, believe it was a pua protection, funny thing is 2 weeks ago i was running Avast Free, and Avast never detected it as such

Avast always said Great--No Threats found after scans with that program

 

[Janl1992l]

because its integrated and part of windows. I have no slowdowns at all, no fps drops(heavy gamer). Most other free avs have fps drops even if you dont notice them. I use it with SecureAPlus together as a anti-exe+cloud av+ai offline engine. Good adblocker and nothing more needed.

 

[Nightwalker]

I disabled my third party antivirus solution (Kaspersky) to test Windows Defender and I noticed a much lower cpu usage compared to some months ago, maybe Microsof made some optimizations in the engine recently.

I am pleased so far ...

 

[ForgottenSeer 72227]

I disabled my third party antivirus solution (Kaspersky) to test Windows Defender and I noticed a much lower cpu usage compared to some months ago, maybe Microsof made some optimizations in the engine recently.

I am pleased so far ...

Glad to hear it!

I honestly think this is one of those things that they have been quietly working on in the background, as I haven't seen any mention of it in any of their release notes. All I have to say is that compared to many 3rd parties, including those that were considered lighter than WD in the past, I find WD right now to be one of the lightest and my overall system performance actually has improved from switching back to WD.

 

[DeepWeb]

The primary reason I never used WD is because the UI is hideous. Especially Exceptions. I still don't know if I have to just include the name of the program or "program.exe" or the entire file path to add something to the exclusions. There is no functioning closed loop feedback in the communication between the AV's UI and the user. You never feel sure that it actually works. But it does eat up all your CPU while scanning 10x slower than the competition.

 

[plat]

My ugly but capable machine doesn't notice Windows Defender and since there is a small OS drive, a built-in antivirus is preferable. I like seeing how smaller third party software blend in to make a more secure system (Sandboxie, OSArmor). Simplicity" and low, low maintenance--that's the ticket.

"I don't touch Windows Defender default settings, using OSA and GP at my convenience instead.