AV-Comparatives: Real-World Protection Test – August 2017

Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,118
Using 'Standard User Account + Windows Hardening' is a beautiful idea in its simplicity, effectiveness and low-resources requiring. For example: what for to scan the scripts, if their execution can be restricted/disabled by the system policy? As about Standard User Account, it can mitigate alone, about 80% Windows malware (including exploits and 0-day malware).
The above is a good solution, if the user knows when and how he/she should un-harden the system or can be advised by the more experienced user.

Edit.
The cons is that many users who could use it, are using Administrator Account in fact. They have a strong need to test security software and change system settings frequently, so using Standard User Account is rather painful. But anyway, such security solution can be adopted by an experienced user on computers of family members or friends, if he/she has the ability to advise and help them from time to time.
 
Last edited:
  • Like
Reactions: plat1098
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,118
legendcampos said:
I'm not sure about that, because SmartScreen already has the default to deny that the application is executed.
Click to expand...

As it was mentioned by @21eta, AV-Comparatives real world tests "evaluate the suites 'real-world' protection capabilities with default settings (incl. on-execution protection features)". Windows Defender in default settings has no user dependent functions except SmartScreen Application Reputation, which in Windows 10 is a part of Windows Defender.
Defender + SmartScreen can give better results than any antivirus, if the samples are not ignored by SmartScreen. The examples of files ignored by SmartScreen Application Reputation were noted in my previous post : AV-Comparatives: Real-World Protection Test – August 2017
Other examples are the scripts : ps1, js, vbs, wsf, wsh, and many other files like documents: doc, docx, pdf, etc.
So, the results of Defender + SmartScreen security, strongly depend of malware samples.
If someone wants to see not so good results, the "MRG Effitas 360 Assessment & Certification Programme Q2 2017" is the right example, where Defender + SmartScreen scored only about 95% (Blocked in 24h).
 
Last edited:
  • Like
Reactions: Venustus, mlnevese, tonibalas and 2 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Applause
    • Wow
AV-Comparatives Celebrating 20 Years of Excellence in Cybersecurity
Replies
1
Views
356
Security Statistics and Reports
Bot
Bot
Spartan
    • Like
AV-Comparatives AV-Comparatives Real-World Protection Test Jul-Aug 2023
Replies
77
Views
4,709
Security Statistics and Reports
B-boy/StyLe/
B-boy/StyLe/
vtqhtr413
    • Like
    • Applause
    • +Reputation
Hot Take Kaspersky Standard wins Product of the Year award from AV-Comparatives
Replies
31
Views
2,461
Kaspersky
micasayyo
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top