Source
https://www.youtube.com/watch?v=h7wLg-ETwBA
Video Uploaded by
Me (Aerdian)

Aerdian

Level 3
Verified
Joined
Jun 3, 2018
Messages
114
Operating System
Windows 10
Antivirus
Bitdefender
#1

A simple AV test I did of Windows Defender. I try to make these videos quick but helpful since there are so many different options for your AV. Please let me know any recommendations I should change for future videos :)
 

Aerdian

Level 3
Verified
Joined
Jun 3, 2018
Messages
114
Operating System
Windows 10
Antivirus
Bitdefender
#5
Hi

you should say how old the samples are and optionally show them before detection. :)
Thanks for the suggestion :) I'll definitely add that to future videos. I have 2 other videos that I have finished editing and will post those in the following days, but for my future tests, I will do that. Thanks!

You must run the unrecognized samples, otherwise the test is not accurate. Otherwise I can agree with the suggestions above by @Yellowing .
Thanks :) I will add that to future videos! I have already made two more, so those will not include any of the suggestions, but I will include those for later videos. I appreciate the feedback.

I have already stressed the importance of verifying samples and testing dynamic as well as static to show the products true abilities.
Thanks :) I will add in sample verifications and dynamic tests to future videos. I appreciate your feedback!
 

upnorth

Level 26
Content Creator
Verified
Joined
Jul 27, 2015
Messages
1,511
#6
I like it and one can now hear your voice perfect and clear. (y)

Sure you could verify every single sample etc but then it's also a risk you ending up with a video that gets boring and way too long, especially if you have alot of samples. Minimize the amount of samples and then do it like @illumination suggest. Ask if your not sure. Try to use as fresh samples as possible.

Don't make the whole thing too complicated even if I know some people want exactly that but they can go and do review videos themself as I know this takes alot of time, energy and effort. You also do something many others don't. You include alot of high video quality settings and thats rare as many IMO don't understand how important that is. It's after all a video and not a podcast.
 
Last edited:
Joined
Jun 24, 2018
Messages
275
#8
This review was quite confusing, so I'll ask my questions for clarity.

1. Why is there a Comodo process running when you're testing WD?

2. It detected "83%" of what threats? How many threats? How old were the threats? Were there any notable mainstream malware or ransomware? Were they taken from anywhere where credit is due, or did you hunt for the malware yourself?

3. As @illumination already mentioned, dynamic testing needs to be demonstrated. How does WD react to the malware actually being run on the machine? Are they being detected right away? Are they dropping any files or processes, or establishing any connections?
 

Weebarra

Level 13
Verified
Joined
Apr 5, 2017
Messages
621
Operating System
Windows 7
Antivirus
Emsisoft
#9
I like the shorter videos @Aerdian mainly because i don't understand most of it (oh, the shame) and if they are long, i just get pi-ssed off and don't bother watching to the end so then i have no chance of learning anything but i do have a short attention span so that would account for it :emoji_flushed: I appreciate all the reviews that people here at MT take the time to do because it must be quite a lot of work what with the testing and then the editing so very well done to you.
 
I

illumination

Guest
#11
I like the shorter videos @Aerdian mainly because i don't understand most of it (oh, the shame) and if they are long, i just get pi-ssed off and don't bother watching to the end so then i have no chance of learning anything but i do have a short attention span so that would account for it :emoji_flushed: I appreciate all the reviews that people here at MT take the time to do because it must be quite a lot of work what with the testing and then the editing so very well done to you.
There are so many variables involved with testing that there literally is no such thing as a perfect methodology utilized yet that i am aware of anyway. But a basic minimum guideline needs to be established to even remotely begin to show the products abilities, which is the point of the test and video. So while simplified, it produces results that are not accurate thus misleading.

A good portion of testers realize their audiences may not be able to follow along and place end results at either the end of the test, an over view to sum up the test.
 

Moonhorse

Level 21
Content Creator
Verified
Joined
May 29, 2018
Messages
1,056
Operating System
Windows 10
Antivirus
Comodo
#12
Yeah, your voice is perfect and clear makes it very pleasant to watch, editing and video quality is good too

But about the review, it really told nothing about windows defender. People who are looking for antivirus alternate want to have more detailed review than this

Anyway, keep going(y)
 

Weebarra

Level 13
Verified
Joined
Apr 5, 2017
Messages
621
Operating System
Windows 7
Antivirus
Emsisoft
#13
@Weebarra is it really a problem for you if they are 5min. long?
No, but i have seen some that last like 20 mins (sometimes longer) and by that time i have lost interest. As stated, i don't understand a lot of what the testing actually is but i have more chance of watching a shorter video.


I do understand where a lot of you guys are coming from and i'm sure that @Aerdian appreciates your input as he has asked for your opinions on how to make them better, which i am sure he will take on board for his upcoming reviews .
 

Aerdian

Level 3
Verified
Joined
Jun 3, 2018
Messages
114
Operating System
Windows 10
Antivirus
Bitdefender
#15
I like it and one can now hear your voice perfect and clear. (y)

Sure you could verify every single sample etc but then it's also a risk you ending up with a video that gets boring and way too long, especially if you have alot of samples. Minimize the amount of samples and then do it like @illumination suggest. Ask if your not sure. Try to use as fresh samples as possible.

Don't make the whole thing too complicated even if I know some people want exactly that but they can go and do review videos themself as I know this takes alot of time, energy and effort. You also do something many others don't. You include alot of high video quality settings and thats rare as many IMO don't understand how important that is. It's after all a video and not a podcast.
Thanks for the suggestions, comments, and recommendations :) In future videos, I will try to add more tests, like sample verification, etc. but still keep it short(ish).

I very much like reviews @Aerdain and look forward to yours in the future.
Thanks! I'm glad you enjoy :) I will try to make future videos better.

This review was quite confusing, so I'll ask my questions for clarity.

1. Why is there a Comodo process running when you're testing WD?

2. It detected "83%" of what threats? How many threats? How old were the threats? Were there any notable mainstream malware or ransomware? Were they taken from anywhere where credit is due, or did you hunt for the malware yourself?

3. As @illumination already mentioned, dynamic testing needs to be demonstrated. How does WD react to the malware actually being run on the machine? Are they being detected right away? Are they dropping any files or processes, or establishing any connections?
I do understand the confusion. I will try to clarify these things in future videos. So to answer your questions:

1.) I use Comodo Firewall in my testing VM.
2.) The first threat detection percentage is of the file threats, then the second is of the web threats. For the file threats, I try to use samples that are less than 3 days old, preferably less than 1. I did not use any mainstream malware, but I could definitely add that into future tests and I hunted around for the malware myself.
3.) In future videos, I will add dynamic testing :)

Thanks for your questions! The more questions and comments I receive, the more I learn about what I should and shouldn't do in future videos.

I like the shorter videos @Aerdian mainly because i don't understand most of it (oh, the shame) and if they are long, i just get pi-ssed off and don't bother watching to the end so then i have no chance of learning anything but i do have a short attention span so that would account for it :emoji_flushed: I appreciate all the reviews that people here at MT take the time to do because it must be quite a lot of work what with the testing and then the editing so very well done to you.
Thanks :) I'm glad you enjoyed. It actually takes longer to edit the shorter videos than it would to do longer videos. In full content, I always have well over an hour recorded total and then I shrink it down to the shorter video, which I do a voice-over for.

Yeah, your voice is perfect and clear makes it very pleasant to watch, editing and video quality is good too

But about the review, it really told nothing about windows defender. People who are looking for antivirus alternate want to have more detailed review than this

Anyway, keep going(y)
Thanks :) This is a similar suggestion to what others have mentioned. I will do my best to keep it decently short but have much more information in the future.

No, but i have seen some that last like 20 mins (sometimes longer) and by that time i have lost interest. As stated, i don't understand a lot of what the testing actually is but i have more chance of watching a shorter video.


I do understand where a lot of you guys are coming from and i'm sure that @Aerdian appreciates your input as he has asked for your opinions on how to make them better, which i am sure he will take on board for his upcoming reviews .
I do very much appreciate all the input I have been receiving, including yours :) Most people seem to be more interested in longer videos, but you seem to be enjoying the shorter content. That is actually the main reason why I actually started testing. I felt that most tests were just far too long. People who want to change their AV need to watch lots of reviews to decide. If they are all 20+ minutes long, they will be spending at least a few days choosing their new program, assuming they take a look at most of the choices.

yea, I guess it is pretty hard to make a video very informative and short at the same time. :)
I am trying to get the best of both worlds, which means I'll probably start making them a bit longer :)
 

Aerdian

Level 3
Verified
Joined
Jun 3, 2018
Messages
114
Operating System
Windows 10
Antivirus
Bitdefender
#16
There are so many variables involved with testing that there literally is no such thing as a perfect methodology utilized yet that i am aware of anyway. But a basic minimum guideline needs to be established to even remotely begin to show the products abilities, which is the point of the test and video. So while simplified, it produces results that are not accurate thus misleading.

A good portion of testers realize their audiences may not be able to follow along and place end results at either the end of the test, an over view to sum up the test.
Thanks for the suggestions! I will try to add more tests in the future to make sure my videos are more accurate, but still keep it simple enough to try to keep people's attention for the most part.
 
I

illumination

Guest
#17
1.) I use Comodo Firewall in my testing VM.
Consider using Tinywall instead if you are looking for outbound control of the test bed. It will certainly interfere less then CF will with tests.

2.) The first threat detection percentage is of the file threats, then the second is of the web threats. For the file threats, I try to use samples that are less than 3 days old, preferably less than 1. I did not use any mainstream malware, but I could definitely add that into future tests and I hunted around for the malware myself.
Utilize methods to show sample verification during tests. There are many among us that know finding zero day samples is quite a task, and watch many "youtubers" claim to be using fresh samples when this is not the case.

3.) In future videos, I will add dynamic testing :)
This, is to be fair to the product and company. Static testing only, is a waste of everyone's time. If you do find something that can actually bypass all of the products modules and infect the test bed, by all means, please submit that sample to the company for analysis.
 
Joined
Jun 24, 2018
Messages
275
#18
1.) I use Comodo Firewall in my testing VM.
Consider using Tinywall instead if you are looking for outbound control of the test bed. It will certainly interfere less then CF will with tests.
For real-world testing and reviewing, the OS settings should be default with no tweaks, and definitely no change in firewall. It is highly unlikely that a casual user would supplement Windows Defender with Comodo Firewall or Tinywall.
 
I

illumination

Guest
#19
For real-world testing and reviewing, the OS settings should be default with no tweaks, and definitely no change in firewall. It is highly unlikely that a casual user would supplement Windows Defender with Comodo Firewall or Tinywall.
If the user is wanting to analyze a sample without triggering it or allowing it to connect to the C&C, then outbound control is required, this may be required for sample verification as well as monitoring/recording sample procedures.

For real world testing, many factors would need to be addressed, such as how the samples are obtained and where from, the machine would need to be set up as closely to an average users machine as possible to help fool VM aware samples, exploitable applications that are generally used by all such as office suites ect need to be installed, older frame work like Net. framework 3.5 on up need to be installed for certain samples to run for testing... A plain, stripped test bed will not allow you to get an accurate picture as there are many variables of how a machine can become infected, not to mention criteria needed for many samples to run properly.
 

Aerdian

Level 3
Verified
Joined
Jun 3, 2018
Messages
114
Operating System
Windows 10
Antivirus
Bitdefender
#20
For real-world testing and reviewing, the OS settings should be default with no tweaks, and definitely no change in firewall. It is highly unlikely that a casual user would supplement Windows Defender with Comodo Firewall or Tinywall.
Alright :) Thank you to both you and @illumination for letting me know. I guess it really doesn't work then to be doing my testing on a VM with a bunch of malware analysis programs :ROFLMAO:
 
Likes: oldschool