- Jul 21, 2017
- 358
- Content source
- https://www.youtube.com/watch?v=SxVJsfdSIqo
Kaspersky vs Windows Defender
- Thread starter mkoundo
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Apr 13, 2013
- 3,224
First off, I must say that the production value of this video is superb. Really nicely done!
However I am curious as to why Black Claw was able to infect the WD system. This ransomware was never popular and is relatively old (over 2 years old, actually) and all of the very few samples extent are detected by WD and just about everybody else so should not have caused any issue. I would have been interested to see if an exclusion to this malware was made in WD by an otherwise undetected dropper (similar to that discussed elsewhere last week).
However I am curious as to why Black Claw was able to infect the WD system. This ransomware was never popular and is relatively old (over 2 years old, actually) and all of the very few samples extent are detected by WD and just about everybody else so should not have caused any issue. I would have been interested to see if an exclusion to this malware was made in WD by an otherwise undetected dropper (similar to that discussed elsewhere last week).
cruelsister, im a little confused... how does a final check with HitmanPro give a good picture of what was missed when I thought you found HP "useless" in your testing?
My apologies if I am mistaken or mis-remember your comments on HP (maybe that was Shadowra?).
My apologies if I am mistaken or mis-remember your comments on HP (maybe that was Shadowra?).
I think it's time to test watchguard EPDR in lock mode.
The cost of it is extremely low for a EPDR solution (there are retailers selling it for 60$ year), and the solution is fantastic.
The cost of it is extremely low for a EPDR solution (there are retailers selling it for 60$ year), and the solution is fantastic.
- Apr 13, 2013
- 3,224
I totally agree that using either MB or HMP as a 2nd opinion check is pointless (as I have noted a billion times) as neither of those 2 will detect things like worms or diverse other scriptors. But as this is what the masses expect I'm not surprised to see it used here. I should also add something to my previous comment- the detection issue that WD experienced with the ransomware could also be due to the "gang-bang" approach of running the remaining malware files as some AM products can get overwhelmed.
Nonetheless, his video production was pretty.
Agreed. Both products have a large following but are basically useless and a waste of money.
- Jun 22, 2020
- 189
my opinion: you will forgive me;
Kaspersky: it is not useless as you say. Blocks all ransomware without problems. In pup protection they have always been weak, it doesn't matter, because pup attacks are easy to eliminate unlike serious malware such as ransomware.
MD: for me it is a totally useless AV, which although it protects a little better against pups vs serious malware, does not protect as it should. And even more so if you disable the cloud, since Microsoft Defender depends exclusively on that technology. When a malware bypasses that protection, that av does nothing.
Happy New Year to everyone.
Greetings.
Dude! I think you need to re-read my post, look at the quote for context. I said nothing against Kaspersky!
- Dec 23, 2014
- 8,510
From reliable tests made by professionals, we know that Kaspersky (paid products) can provide better protection than Defender free on default settings. So, this video is an example that AVs' demonstration (not a real test) can show something close to the truth, even if it is unreliable as the AV protection test.
Although the author did not mention it, a few things should be noted:
Although the author did not mention it, a few things should be noted:
- The demonstration looks like a real-world test, but it is not. It is a very special scenario, which has little in common with the attacks against home users.
- The samples are downloaded without using a web browser, so files do not get MOTW.
- The samples are executed with high privileges (the Administrator PowerShell console is used for that).
- Many malicious files are executed one by one in a short time.
- Only one malicious file type is used (*.exe). It is not good, because in many cases, the payloads can be prevented by the AV before they can enter the disk (by blocking/detecting macros, scripts, etc.).
- Such methodology can be used only for EXE payloads on the already (badly) infected computer.
Last edited:
- Mar 9, 2014
- 598
- Jul 29, 2017
- 296
No-one disables the cloud as all PC's (and mobile phones) are constantly online these days.
ALL AV's are heavily dependent on cloud, not just Defender.
- Jun 22, 2020
- 189
I disagree. Not all av depend on the cloud, and it is proven. Bitdefender doesn't depend on cloud, atc works without cloud dependency, system watcher doesn't use cloud either, SONAR doesn't use cloud either, f-secure's deepguard doesn't use cloud either, they're all behavior blockers that don't depend on cloud. WD if you disable the cloud the protection drops to 60% and it catches almost no ransomware, it's av dependent cloud.
Greetings.
- Dec 23, 2014
- 8,510
It is proven for the detection rate. But it is also proven that most AVs (including Bitdefender) have higher online protection rates. In the case of Bitdefender (BIS), the difference is about 2-6%. For Kaspersky (KIS), it is about 20%, etc. The most cloud-dependent AV is TrendMicro (over 50% difference).
The chart has been taken from the AV-Comparatives Malware Protection test.
Last edited:
- Nov 26, 2017
- 729
What? It is not heavy. It is just a myth.
It's heavy on some systems and isn't on others.
- May 10, 2019
- 2,289
I noticed that on Windows 10 22H2 security products are light including MD. It seems that MS has done a great job on the latest build of W10.
Also depends on what you are using it for.
Some tests indicate it can be light on somethings but heavy on others
For example
- Mar 9, 2014
- 598
I use NovaBench to test my PC (the GPU test excluded). For example,
Microsoft Defender scores: 862, 868, 863
Kaspersky Free Antivirus scores: 878, 877, 873
I got the idea from this video:
I don't know how accurate it is, but I also consider feel, e.g., if the system feels heavier or lighter when I browse online or different folders, load apps, etc.
There's also a performance chart here:
Comparison
www.av-comparatives.org
- Dec 23, 2014
- 8,510
So, Defender is obviously heavier, if one can feel the 2% difference.
Anyway, on many machines, there will be a bigger difference when copying/archiving/installing many executables.
Anyway, on many machines, there will be a bigger difference when copying/archiving/installing many executables.
Similar threads
