- Feb 25, 2017
- 2,585
Windows 11 vs Ransomware [TPSC]
- Thread starter Kongo
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Aug 2, 2020
- 549
Its a shame he didn't test CFA. Would have been nice to see if it does really work.
Wait a minute he tested Ransomware protection on W11 without having the Ransomware protection enabled?
Wait a minute he tested Ransomware protection on W11 without having the Ransomware protection enabled?
Last edited:
- Nov 4, 2011
- 582
He has many security partners so you won't see perfect result from Defender. He is the biggest troll in the galaxy.
- Aug 19, 2019
- 1,157
Oh great another TPSC review.
Still happy with my Hard_Configurator hardened system. None of that stuff would run without being checked by smartscreen and cloud and and that shell lock wouldn't have happened either
Still happy with my Hard_Configurator hardened system. None of that stuff would run without being checked by smartscreen and cloud and and that shell lock wouldn't have happened either
- Mar 29, 2018
- 7,600
He never has it enabled in any of his "tests".Wait a minute he tested Ransomware protection on W11 without having the Ransomware protection enabled?
Absolutely. And I absolutely love his "machine gun" approach to executing malware. Not even close to a real-world test.
OTOH, he narrates and presents his vids in a polished manner. No doubt this is why so many viewers believe his trash! Like Leo says, 'Stay informed and stay secure."
- Jul 27, 2015
- 5,458
- Dec 23, 2014
- 8,500
I would not be so harsh for the author. The intention of this test was probably to show that Defender's protection is cloud-dependent. This is nothing new and can be seen in all AV-Comparatives Malware Protection tests.
This test has two parts:
Although the short video test cannot prove anything interesting, we can conclude that it is consistent with the below supposition:
This test has two parts:
- Test with Internet connection (cloud backend) = 100% protection
- Test without Internet connection = exact result unknown, but a few samples infected the system (probably 90% protection).
Although the short video test cannot prove anything interesting, we can conclude that it is consistent with the below supposition:
- Defender has got excellent anti-ransomware protection against in-the-wild samples when using cloud backend.
- Defender's protection without cloud backend is not so good.
- Defender's anti-ransomware protection without cloud backend is probably much better than for other malware types.
Last edited:
- Jun 11, 2019
- 408
The question is not "How you running Microsoft Defender on Linux?"
, but the question is "Why are you running Microsoft Defender on Linux?" 
- Aug 22, 2013
- 884
- Aug 19, 2019
- 1,157
So, it seems a lot of AVs are relying more on cloud detection over their antivirus engine these days which is why I prefer the default deny approach like your Hard_Configurator, VoodooShield, Comodo etc. Each of these tests are informative but only a minute glimpse of the product capabilities/real-world detection as @Andy Ful has explained in other posts. Anyways, I'm still not a fan of his automated script that runs all the viruses.
Defender wouldn't provide 100% protection in this test even with Internet connection.
- Jun 24, 2016
- 2,483
I consider this test to be very misleading. To start with, why even test without internet connection? Average computer is connected to the internet 24/7. Even if it wasn't, worst case scenario you'd be dealing with a ransomware executable via USB, not a hundred ransomware samples at once, without internet connection. I feel like this is a strategy to make Defender look useless, which it isn't. Also, why didn't SmartScreen pop up once?
- Jun 11, 2019
- 408
There are incomparably more malicious programs under Windows than under Linux, and it is much easier to run them on Windows than on Linux. And it's not a fact that a malicious program written for Linux will still work correctly, but on Windows, on the contrary, most malicious programs run and work perfectly. From this point of view, Linux is much safer. However, when it comes to browser scripting or phishing attacks, everything is the same.
- Dec 23, 2014
- 8,500
In fact, it did.
If one listens carefully then Leo says that the first part has full access to the Internet (time 1:09).
Of course, you are right that any result in this test (and similar video tests) alone does not prove much about Defender's anti-ransomware protection.
Last edited:
- Dec 23, 2014
- 8,500
If AV-Comparatives can do it why Leo should not do it?
Last edited:
- Jun 24, 2016
- 2,483
Hency why ALL testing should be taken with a grain of salt. There are some very misleading standards.If AV-Comparatives can do it why Leo should not do it?
- Apr 5, 2021
- 619
- Dec 23, 2014
- 8,500
This was not Real-World test but Malware Protection test. In the Malware Protection test, the malware samples are not downloaded directly from the Internet. They do not have MOTW attached, similarly to files from a flash drive (FAT 32) or files unpacked from the archives. Most video tests are Malware Protection tests because the author usually download samples packed in the archive (ZIP, 7-ZIP, RAR) and uses the archiver application that does not preserve MOTW after unpacking.
- Apr 17, 2021
- 453
Which is why he never includes it into his tests comparisons. Polluted and biased results otherwise.
Similar threads
