Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Security Statistics and Reports
[CheckLab.pl] - Test of free antivirus
Message
<blockquote data-quote="Adrian Ścibor" data-source="post: 847703" data-attributes="member: 71496"><p><strong><span style="font-size: 22px"><span style="color: rgb(184, 49, 47)">Our findings:</span></span></strong></p><p></p><p>First:</p><p>Machine with Comodo Internet Security. Antivirus engine has been disabled to check the settings you have recommended with SmartScreen and MOTW. Anyway... Windows system detects Comodo which is a basic anti-virus. Enabled SmartScreen for EDGE and Windows Defender SmartScreen for Apps.</p><p></p><p>[ATTACH]230496[/ATTACH]</p><p></p><p>Second:</p><p>Machine with Windows Defender. Default settings. Only UAC was disabled so that it does not interfere with the approval of automatic actions.</p><p></p><p>Third:</p><p>Machine with Bitdefender. Protection was disabled to confirm our findings.</p><p></p><p>Fourth:</p><p>Machine with G DATA. As above protection was disabled and SmartScreen for apps and EDGE was set as WARN.</p><p></p><p><span style="color: rgb(184, 49, 47)"><strong><span style="font-size: 22px">What was done:</span></strong></span></p><p></p><p>1. Machine with Comodo. Windows recognize Comodo as primary antivirus.</p><p>a. downloading malware from EDGE.</p><p>Result: The file has been downloaded. MOTW is visible in the properties of the downloaded file:</p><p></p><p>[ATTACH]230497[/ATTACH]</p><p></p><p>b. downloading malware from Chrome.</p><p>Result: The file has been downloaded at all. MOTW does not exist. It is not visible in the properties as above.</p><p></p><p>[ATTACH]230498[/ATTACH]</p><p></p><p>2. Machine with Windows Defender.</p><p>a. Downloading malware from Chrome.</p><p>Result: MOTW exists. The file has been blocked by Windows Defender. Malware cannot be moved or started.</p><p>b. Download from EDGE. MOTW also exists. The file has been blocked before executed.</p><p></p><p>3. Machine with Bitdefender. Protection was disabled. Windows recognize Bitdefender as primary AV.</p><p>a. Downloading malware from Chrome.</p><p>Result: MOTW doesn't exist. File is downloaded without problem (as in Comodo machine).</p><p></p><p>[ATTACH]230499[/ATTACH]</p><p></p><p>b. Downloading from EDGE.</p><p>Result: File was downloaded. But the MOTW exist.</p><p></p><p>4. Machine with G DATA.</p><p>a. Downloading malware from Chrome.</p><p>Result: File is downloaded and no MOTW.</p><p>b. Downloading malware from EDGE.</p><p>Result: MOTW exist.</p><p></p><p></p><p><strong><span style="font-size: 22px"><span style="color: rgb(184, 49, 47)">General conclusions: </span></span></strong></p><p></p><p>MOTW does not exist in Chrome if any antivirus, other than Windows Defender is installed in Windows. I suppose...</p><p>MOTW works only with EDGE if 3rd party antivirus is installed on Windows.</p><p>MOTW works with EDGE and Chrome if Windows Defender is primary antivirus.</p><p></p><p></p><p><strong><span style="font-size: 22px"><span style="color: rgb(184, 49, 47)">Whats next?</span></span></strong></p><p></p><p>What we can do as AVLab.pl/CheckLab.pk organization? We can easly adapt Windows Defender with default settings to our methodology with Chrome browser. Rest of antiviruses could be tested without changes. </p><p></p><p></p><p><strong>Dear readers, thanks for this lesson. Do you have any suggestion or own experience that you can share with us?</strong></p></blockquote><p></p>
[QUOTE="Adrian Ścibor, post: 847703, member: 71496"] [B][SIZE=6][COLOR=rgb(184, 49, 47)]Our findings:[/COLOR][/SIZE][/B] First: Machine with Comodo Internet Security. Antivirus engine has been disabled to check the settings you have recommended with SmartScreen and MOTW. Anyway... Windows system detects Comodo which is a basic anti-virus. Enabled SmartScreen for EDGE and Windows Defender SmartScreen for Apps. [ATTACH alt="1.png"]230496[/ATTACH] Second: Machine with Windows Defender. Default settings. Only UAC was disabled so that it does not interfere with the approval of automatic actions. Third: Machine with Bitdefender. Protection was disabled to confirm our findings. Fourth: Machine with G DATA. As above protection was disabled and SmartScreen for apps and EDGE was set as WARN. [COLOR=rgb(184, 49, 47)][B][SIZE=6]What was done:[/SIZE][/B][/COLOR] 1. Machine with Comodo. Windows recognize Comodo as primary antivirus. a. downloading malware from EDGE. Result: The file has been downloaded. MOTW is visible in the properties of the downloaded file: [ATTACH alt="2.png"]230497[/ATTACH] b. downloading malware from Chrome. Result: The file has been downloaded at all. MOTW does not exist. It is not visible in the properties as above. [ATTACH alt="3.png"]230498[/ATTACH] 2. Machine with Windows Defender. a. Downloading malware from Chrome. Result: MOTW exists. The file has been blocked by Windows Defender. Malware cannot be moved or started. b. Download from EDGE. MOTW also exists. The file has been blocked before executed. 3. Machine with Bitdefender. Protection was disabled. Windows recognize Bitdefender as primary AV. a. Downloading malware from Chrome. Result: MOTW doesn't exist. File is downloaded without problem (as in Comodo machine). [ATTACH alt="4.png"]230499[/ATTACH] b. Downloading from EDGE. Result: File was downloaded. But the MOTW exist. 4. Machine with G DATA. a. Downloading malware from Chrome. Result: File is downloaded and no MOTW. b. Downloading malware from EDGE. Result: MOTW exist. [B][SIZE=6][COLOR=rgb(184, 49, 47)]General conclusions: [/COLOR][/SIZE][/B] MOTW does not exist in Chrome if any antivirus, other than Windows Defender is installed in Windows. I suppose... MOTW works only with EDGE if 3rd party antivirus is installed on Windows. MOTW works with EDGE and Chrome if Windows Defender is primary antivirus. [B][SIZE=6][COLOR=rgb(184, 49, 47)]Whats next?[/COLOR][/SIZE][/B] What we can do as AVLab.pl/CheckLab.pk organization? We can easly adapt Windows Defender with default settings to our methodology with Chrome browser. Rest of antiviruses could be tested without changes. [B]Dear readers, thanks for this lesson. Do you have any suggestion or own experience that you can share with us?[/B] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
