Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Is Windows Defender just as good as any other free antivirus solution?
Message
<blockquote data-quote="Andy Ful" data-source="post: 738515" data-attributes="member: 32260"><p>Defender on Windows 10 has local AI + AI in the cloud (with malware detonation in the sandbox), so it can catch as many 0-day malware as any other good free AV. This is especially true for EXE, DLL, and SCR malicious files. That can be seen when analyzing MRG Effitas tests Q1 2018, Q4 2017. The level of catching 0-day malware depends on Defender settings:</p><ul> <li data-xf-list-type="ul">Cloud Protection Level: Default, High, Highest, Block (not available on Windows Home versions).</li> <li data-xf-list-type="ul">Cloud Check Time Limit (10-60 seconds, 10 sec. by default).</li> <li data-xf-list-type="ul">ASR rules (not activated by default).</li> <li data-xf-list-type="ul">Network Protection (not activated by default).</li> </ul><p>As in the case of other AVs, some 0-day malware can still fool the local AI (and sometimes detonation procedure, too). Also, the 0-day script & scriptlet malware (highly obfuscated) can be still dangerous.</p><p></p><p>The top paid AVs have some additional features like monitoring the network traffic, Anti-Exploit modules, etc., which can be useful for detecting 0-day malware (especially in Enterprises). Yet, such AVs should be rather compared to Windows Defender with ATP (paid subscription).</p><p>.</p><p>The performance of Windows Defender is below the average when:</p><ul> <li data-xf-list-type="ul">copying many files</li> <li data-xf-list-type="ul">opening folders with many executables</li> <li data-xf-list-type="ul">installing/uninstalling applications with many executables</li> <li data-xf-list-type="ul">managing the quarantine</li> <li data-xf-list-type="ul">performing the full scan</li> </ul><p>For the daily tasks like web browsing, launching applications, reading/writing documents, performing the quick scan, Defender behaves similarly to other AVs.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 738515, member: 32260"] Defender on Windows 10 has local AI + AI in the cloud (with malware detonation in the sandbox), so it can catch as many 0-day malware as any other good free AV. This is especially true for EXE, DLL, and SCR malicious files. That can be seen when analyzing MRG Effitas tests Q1 2018, Q4 2017. The level of catching 0-day malware depends on Defender settings: [LIST] [*]Cloud Protection Level: Default, High, Highest, Block (not available on Windows Home versions). [*]Cloud Check Time Limit (10-60 seconds, 10 sec. by default). [*]ASR rules (not activated by default). [*]Network Protection (not activated by default). [/LIST] As in the case of other AVs, some 0-day malware can still fool the local AI (and sometimes detonation procedure, too). Also, the 0-day script & scriptlet malware (highly obfuscated) can be still dangerous. The top paid AVs have some additional features like monitoring the network traffic, Anti-Exploit modules, etc., which can be useful for detecting 0-day malware (especially in Enterprises). Yet, such AVs should be rather compared to Windows Defender with ATP (paid subscription). . The performance of Windows Defender is below the average when: [LIST] [*]copying many files [*]opening folders with many executables [*]installing/uninstalling applications with many executables [*]managing the quarantine [*]performing the full scan [/LIST] For the daily tasks like web browsing, launching applications, reading/writing documents, performing the quick scan, Defender behaves similarly to other AVs. [/QUOTE]
Insert quotes…
Verification
Post reply
Top