App Review Microsoft Defender Antivirus with Andy Ful WHHLight

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

Shadowra

Level 36
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,560
Microsoft Defender has been the standard antivirus provided by Microsoft since Windows 8.
On Windows 10, Microsoft considerably improved its antivirus, and continued with Windows 11.
In this test, I've been asked to add @Andy Ful WHHLight with settings predefined by the editor.
I'm also adding MSOffice anti-exploit and FirewallHardening, which blocks all connections by Trojans using system processes (LOLBins).
SWH adds more rules later.



User interface :

Microsoft Defender's interface is well integrated into Windows, making it part of Windows.
It's very clear and detailed, I love it!

Web protection: 10/10

For the URL test, I deliberately disabled Edge's Web filtering to be in the best conditions to provoke Microsoft Defender's detections.

Well, I'm very surprised. Microsoft Defender reacted correctly to my URL test, blocking all infected downloads!

Fake crack : 1/1

Microsoft Defender won't let me extract the fake crack by detecting it directly! The only antivirus that does this for me! Congratulations!

Malware Pack : Remaining 9 out of 309 threats. (Windows shows 10 but Defender blocks 1 more when I access the folder)

Microsoft Defender's engine has really improved, and for me it's one of the best on the market!
WHHLight adds an extra layer of protection by prohibiting scripting.
Congratulations!

Final scan :
Microosft : 0
NPE : 0

Final opinion:

Microsoft Defender really surprised me.
Microsoft has done a lot of work on the detection side, and it can compete with the big names in free and even paid antivirus!
WHHLight provides a good layer of protection by strengthening the system.
Recommended protection.

@oldschool , @ZeroDay and @simmerskool request
 
Last edited:

TuxTalk

Level 12
Verified
Top Poster
Well-known
Nov 9, 2022
557
Avast has a good scanner, and is even very fast.
Surprisingly, Avast refused to process any threats outside the video! I had to restart a scan with automatic deletion...

But I've also noticed that the Avast lab is less reactive than before. It lets several Trojans through. Even if IDP managed to block some infections, as well as CyberCapture.
The machine is partially infected, but can still be saved.

Final scan :
Avast: 0 (detection comes from AtlasOS, I don't know)
NPE: 5
KVRT: 5

Final opinion: Avast is an antivirus recommended for cautious surfers.
However, it is not suitable for small PCs, as Avast often consumes a lot of resources.
There's still work to be done on unknown detections.
Avast @Shadowra ? I think you mixed the text a bit :-D
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,368
Thanks a lot for this nice test-review.
Microsoft Defender detected all EXE samples in ConfigureDefender HIGH settings, so the WDAC security layer in WHHLight had no work.
Generally, it is not easy to find dangerous EXE malware (non-Adware and non-PUA) that could bypass popular AVs.
Of course, it is possible that in another test Microsoft Defender could be bypassed and then we might probably see WDAC in action.:)
 

Shadowra

Level 36
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,560
Thanks a lot for this nice test-review.
Microsoft Defender detected all EXE samples in ConfigureDefender HIGH settings, so the WDAC security layer in WHHLight had no work.
Generally, it is not easy to find dangerous EXE malware (non-Adware and non-PUA) that could bypass popular AVs.
Of course, it is possible that in another test Microsoft Defender could be bypassed and then we might probably see WDAC in action.:)
Yes, I did have other exploits but Defender deleted them too :)
WHH also played its part! It prevented VBS from launching :)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,368

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Anyone know of an good software updaters. Because I'm going to switch from Kaspersky to this config I could do with a software updater because Kaspersky usually does all that for me. I'm very happy with Kaspersky. This is just a lighter config. And I Love the fact that it's all Windows based.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,368
Anyone know of an good software updaters. Because I'm going to switch from Kaspersky to this config I could do with a software updater because Kaspersky usually does all that for me. I'm very happy with Kaspersky. This is just a lighter config. And I Love the fact that it's all Windows based.

Which Kaspersky edition?
If you have the edition with Application Control, then you do not need WHHLight (use @harlan4096 settings).
If not (and when you like Kaspersky very much), then you can use the WHHLight package with Kaspersky (skip ConfigureDefender).
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top