Not open for further replies.


Level 31
Test Windows Defender Antivirus (or other security software)

Windows Defender Antivirus is the default security application for devices running Microsoft's Windows operating system.

Like Windows Firewall, it may not offer the best protection or functionality, but it is there to protect systems directly after setup.

The installation of another security program replaces Windows Defender on the system and takes its role to block attacks.

Regardless of whether Windows Defender or another security software is protecting the device, you may want to test the protection to make sure it works correctly.

We covered a couple of methods to test security software in the past: check out our articles on Comodo Leaktest or the Eicar test.

Windows Defender Antivirus tests

Microsoft maintains two test sites for Windows Defender security tests. The first, called Windows Defender SmartScreen Demo Pages, is all about SmartScreen protection.

SmartScreen Filter is a component of Windows Defender designed to protect against malicious sites, downloads and programs.

Note: none of the pages or tests are malicious. They are designed to appear malicious to find out if running security software protects the system against different attack types.
The following tests are available:
  • Is This Phishing -- Displays a suspicious page warning and prompts the user for action.
  • Phishing Page -- Known phishing page that the security software should block.
  • Malware Page -- A page used to host malware. It should be blocked.
  • Blocked Download -- A download starts on page load. That downloaded should be blocked because of the URLs reputation.
  • Exploit Page -- A page designed to attack browser vulnerabilities.
  • Malvertising -- A page that embeds advertising that is considered malicious.
  • Known Good Program -- The program should not be blocked.
  • Unknown Program -- Windows Defender SmartScreen should display a warning page.
  • Known Malware -- SmartScreen should block the program.
Click on any of the available tests to run them. Again, none of the tests are malicious but they are designed to appear as if they are.

Windows Active Defense is the name of the second test page. Some of the tests require that you sign in on the site, others can be run without signing in.
The following tests and options are available:
  • Cloud Delivered Protection -- Test cloud-delivered protection on the computer.
  • Potentially Unwanted Applications (PUA) -- Downloads a fake PUA file to test whether potentially unwanted programs are blocked.
  • Network Protection -- Loads a suspicious URL to test the network protection.
  • Exploit Protection -- Apply custom Exploit protection settings
  • Controlled Folder Access -- Download the Controlled Folder Access test tool.
  • Block at First Sight (sign-in required) -- With the feature, new files will be analyzed and blocked shortly after on any computer.
  • Attack Surface Reduction (sign-in required) -- Downloads samplees to trigger ASR rules.
Some of the tests require preparation before they can be run. A click on a test describes the test scenario and setup.

Closing Words
The tests are designed specifically for Windows Defender Antivirus. While third-party antivirus solutions may block certain simulated malicious activities as well, some tests won't deliver the desired results unless Windows Defender Antivirus is used.

Source: Test Windows Defender Antivirus (or other security software) - gHacks Tech News
Not open for further replies.