App Review Microsoft Defender Antivirus (High Level Configuration)

The associated review may contain personalised views and opinions.
Content created by
Shadowra

Shadowra

Level 31
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,078
Microsoft Defender is the security solution provided by default in Windows since Windows 8.
On Windows 7, the product was called Microsoft Security Essentials.

After a long period in which Microsoft's tools lagged far behind threats, Microsoft overhauled its copy in 2016 by being the first to deploy AI Machine Learning technology. It was the first to block Emotet!

For this test, I was asked to also use ConfigureDefender, which enables additional product settings, which I did.




Interface: 10/10

The interface is very simple, and you end up with a security center.
Microsoft provides many tools free of charge: Antivirus, anti-malware, firewall, Web protection (via Edge), parental controls, etc.
It's clear and easy to read.
However, Microsoft Defender still has this deletion bug when it detects a lot of malware!

Protection:10/10 Web / Fake crack 1/1 impossible to note / PC partially infected

Microsoft Defender is an excellent protection system that provides first-rate protection and can rival the paid-for tenors!
It's very fast, very up-to-date - well done Microsoft!

On the pack, it's impossible for me to say how much is left...
Microsoft Defender knew ALL the malware I submitted to it. On the scripts, Microsoft Defender blocked executions outright!
It even had the luxury of blocking a bloated file containing RacoonStealer! Well done!
Unfortunately, NetSupport managed to partially install itself.
Microsoft Defender tried to stop it, but NetSupport had already modified the launch bar icons...

A little disinfection is necessary, but the protection is very good!

Result :
Microsoft : 0
NPE : 0
KVRT : 1
Emsisoft : 1 (False Positive - Kill Switch)

Recommand : Yes
System Clean : System partially infected

@rhythm request
 

Shadowra

Level 31
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,078
A little bit hard to see on my laptop so I'm not sure but it looks like you tested with SAC > Off. Correct?

Yes indeed... It is disabled on my virtual machine, and for a reason unknown to me, I cannot reactivate it...

There will be a separate test for SAC at a later time. ( @Andy Ful request)
 

rhythm

Level 11
Apr 13, 2023
535
@Shadowra Thank you for testing the custom setup. I really appreciate your work and time! The result was exactly what I expected. “High” Protection Level with “Block Executables” is very effective and offers better zero-day protection. I believe it’s excellent and easy-to-use protection, especially for regular users and real-world scenarios.
 

Sandbox Breaker

Level 9
Well-known
Jan 6, 2022
400
@Shadowra Thank you for testing the custom setup. I really appreciate your work and time! The result was exactly what I expected. “High” Protection Level with “Block Executables” is very effective and offers better zero-day protection. I believe it’s excellent and easy-to-use protection, especially for regular users and real-world scenarios.
This rule is one of the best if not the best next to block obfuscated scripts.
 

Shadowra

Level 31
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,078
How impactful it was on the system performance when compared against FSecure, ESET or KAV? With a butt in a seat feeling did it feel heavier than the other ones?

I didn't notice any slowdown. However, during system analysis or when scanning an unknown file, Microsoft Defender can heavily use the CPU.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top