App Review Windows Defender VS Ransomware, Controlled folder access feature tested

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Protomartyr

Level 7
Sep 23, 2019
314
@ksgsystem I didn't realize you were the one who created the video!

I appreciate the fact that you went in and displayed how Defender was configured. You showed what you included/did not include in the Protected folders and that there were no exclusions. I also watched your Kaspersky Anti-Ransomware video and you did a thorough overview of the configuration settings there as well.

Some of the videos I've watched on YouTube have the tendency to just show that the antivirus protection is active but not how it is configured. Having 'active' protection could mean anything. Thank you for your attention to detail.

Hope to see more videos from you!
 

ksgsystem

Level 1
Thread author
Jul 27, 2019
13
@ksgsystem I didn't realize you were the one who created the video!

I appreciate the fact that you went in and displayed how Defender was configured. You showed what you included/did not include in the Protected folders and that there were no exclusions. I also watched your Kaspersky Anti-Ransomware video and you did a thorough overview of the configuration settings there as well.

Some of the videos I've watched on YouTube have the tendency to just show that the antivirus protection is active but not how it is configured. Having 'active' protection could mean anything. Thank you for your attention to detail.

Hope to see more videos from you!
Thank you for your appreciation...
 

Outpost

Level 5
Verified
Well-known
Jan 11, 2020
220
every single time someone posts something about Windows Defender or Windows Security
certain individuals some running to the thread and immediately start to pick the test apart and belittle it
that is a blatant effort to discredit
it is widely-known at this point across the web on different security forums that this forum has become a Windows Security echo chamber

I use a gif that you used

 

Outpost

Level 5
Verified
Well-known
Jan 11, 2020
220
@Umbra

No duel. If that comment had come from a non-partisan user I would have accepted it. But being criticized for not being impartial by a user who is clearly impartial to other SW, I do not accept it.

I am old enough to have overcome much more serious problems in my real life. I've been attending security forums for over twenty years, so I'd say I'm mature enough not to make "religious wars".

Having said that about her friendship and resentment, I don't give a damn and I'll get over it.

giphy.gif
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
@manchesterunited,

Please, let's talk about what has been posted in this thread. What is the point of discussing here what was posted about WD on other threads, if this has not happened here? :unsure:

Edit.
All guys who posted to this thread already knew that WD at default settings is not a top AV, and they use other security solutions to cover this. All of them also know that the same is true for all free AVs. (y)
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Windows 10 is up to date, i forgot to show it on test.. jenkins detected by almost all famous av vendors not by defender
I asked because 12.02.2020 Microsoft patched a lot of Windows vulnerabilities. Some of them were exploited in the wild. So, you probably made a test at the last moment, without this update. That is good, because the Buran ransomware would be probably neutralized with this update (I am not sure about Jenkins ransomware) and we could not see the rare case of malware in the wild exploiting vulnerabilities on updated Windows 10.(y)

If you made the test with the update, then we cannot exclude that the encryption of protected folders was prevented partially by closing the vulnerability (not fully by Controlled Folder Access). But anyway, Controlled Folder Access is intended to work on a well-updated system.:unsure:
 
Last edited:

koloveli

Level 4
Well-known
Sep 13, 2012
191
when testing anti-ransomware protection, we should disable antivirus and protection cloud modules;
We also owe ransomware that exploits secure or system files (at least that's how I test software)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
when testing anti-ransomware protection, we should disable antivirus and protection cloud modules;
We also owe ransomware that exploits secure or system files (at least that's how I test software)
Not in the case of WD. If you disable WD real-time protection then the ransomware protection is also disabled. The only possibility would be blocking WD updates for a month, and make a test with old signatures without the Internet connection.
It would be an interesting test alongside some other anti-ransomware applications (not AVs) tested at the same time in the same circumstances (WD as the only AV). But, such a test procedure is not also fully appropriate for an anti-ransomware module integrated with AV dependent on cloud protection.
The procedure from the video is appropriate for AVs with an integrated anti-ransomware module, because the anti-ransomware module may depend in some way or be optimized to work with AV protection. The downside of it is that one has only a few samples that can bypass AV and hit directly the anti-ransomware module.
 
Last edited:
F

ForgottenSeer 823865

Anyway, you don't test modules separately.
Windows 10 security is a multi-layer interdependent solution, and must be treated as such.
While testing KIS or ESET IS, you don't test just one module, you test the whole package, so tthe same should be made for Win10 security; and in this regard, it is far from weak.
Considering Win10 security otherwise is plain noobitude.
 

Behold Eck

Level 15
Verified
Top Poster
Well-known
Jun 22, 2014
717
Anyway, you don't test modules separately.
Windows 10 security is a multi-layer interdependent solution, and must be treated as such.
While testing KIS or ESET IS, you don't test just one module, you test the whole package, so tthe same should be made for Windows 10 security; and in this regard, it is far from weak.
Considering Windows 10 security otherwise is plain noobitude.

I`d like to echo that.

Regards Eck :)
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
LOL. I'm a Win10ent. Enthusiast. :p

I would be a WD fanboy if I dare to say WD is better than any other AV. I just say that if taken as a piece of a larger "solution", the said solution is as good or better than some 3rd party ones.
I was totally kidding!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top