Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Indeed. I don't tend to take seriously any test/review where graphs don't start at 0 (i.e. truncated graphs).

Just look at Microsoft's graph on page 10.

 

I agree, but I doubt that it will happen.

 

yes, noticed it right away, and the details in very small fonts so no one would care to read...

 

So what are you saying, WD is crap compared to full AV suites? This test clearly shows that WD is simply not good enough, and the reason why doesn't matter. If other AV's use more advanced detection methods (like BB) then perhaps this should be added to WD also. It seems like a fair test to me, they only give it a pass if AV clearly indicates it's malware, and don't leave the decision making up to the user, as is the case with SmartScreen.

OK, so you guys are saying that SmartScreen is part of WD? Then why if I disable WD, it continues to work? Sorry guys, this is getting silly, this is the exact reason why I call some of you fanboys. Again, SmartScreen is a separate component that also works in conjunction with third party AV's. And who guarantees that all of the 86 (!) missed samples would have been blocked by SmartScreen?

 

Like I said, I don't consider SS to be part of Win Defender. And BTW, I'm not a fan of third party AV's either, I use none of them. But I think it's a bit ridiculous how people keep defending WD. It doesn't matter how malware is delivered (via exploits, email, website or USB stick) an AV should be able to stop them, without the need for SmartScreen.

BTW, it seems like you must have missed the "Crazy Bad" Windows Exploit that was related to Win Defender. Apparently it was this bad, that M$ decided to fix it almost immediately.

 

Rasheed, I have to disagree a little, as I smell a little something with the test methodology and the side of the bread that is buttered. Despite the MRG CEO's response in the MRG thread, still not satisfied. In that case, then, test Defender as separate entity in a separate category because it is simply built and configured differently. It's like racing a greyhound and a peke together and then screaming at the peke for losing the race.

I'm not speaking out of both sides of my mouth, some months ago I was critical of the way pre-Creators Build Windows Defender was marketed as "number 1 antivirus solution on Windows 10." Clearly my views are not applicable to Creators Build onward, but I don't deviate from this stand one iota. Just have to mind the gangstas on this and "other security forums" who amuse me mightily. It's the corporate thing I'm interested in, that's where all the "good" stuff lies.

If one has much of the facts and a good gut instinct, one can stand up to sponsored bullies. I did.

 

Edge settings:

 

Windows Defender settings:

 

And so you see it can be configured to block without user action required.

 

OK cool, this isn't the case with Win 8 I believe. But if it truly is a component of WD, then it should be disabled when you disable WD, and the options should be visible from the WD interface. Because if I disable third party AV, then all of its component are disabled AFAIK. Also, if SS is that good, why not stop using AV's completely? Because apparently it's capable of blocking everything that WD misses.

 

I have real time disabled and only run manual scans a few times a week. I think but could be wrong, when a third party AV turns off WD the smart screen features still keep working. There is just no other real time protection going on. I am on the latest insider build which has other changes as well.

 

https://www.wilderssecurity.com/thr...rogramme-q-1-201-7.393921/page-2#post-2674940

 

ok let use an analogy, will you?
You need a car for you daily usage, so you buy a classic one, right? which fit your needs and has a balance between safety and usability. (aka WD)
Now let say you becomes become a security adviser for the President , and then you may be targeted by terrorists, then you will surely use a armored car. (3rd party AVs)

Yes they do already but for Pro/Enterprise version of Win10.

When you get an alert from SS (unlike UAC), the user must think twice (and maybe do some more research before running it), because it mean that the executable is unknown or suspicious at minimum, malicious? not sure.

you just don't understand it , SS isn't a WD feature, WD needs SS, that is different, as i said thousands times, they work in some kind of "symbiosis" (can't find a better word to make you understand).

Nothing silly or fanboyism there. It is just being fair to a product.

yes nobody said the opposite. SS is part of Windows built-in mechanism , not part of WD.

again nobody said that also. so why you say that.

do you know what was an AV? AV was originally just a real-time scanner based on signature, no more , no less; then with the appearance of 0-days which signarure can't catch up , those vendors started to add prevention features (HIPS/BB/webfilters/sandboxes, etc...). ,
For your information i am too a real disliker of AVs (i use WD because disabling it doesn't give me more pros than its Cons), i just prefer SRP or sandboxes.

Nothing is perfect, doesn't mean it is useless.

 

I have just found this webpage where you can test SmartScreen: https://demo.smartscreen.msft.net/

So, as the picture I posted before shows, on Windows 10 SmartScreen is made of 3 parts:

1. System wide (on-execution alerts of files downloaded from Internet)
2. Integrated in Edge and maybe IE (url and download alerts)
   
3. Integrated in Windows Store (url and download alerts)

If you use for example Chromium, SmartScreen won't alert you about malicious websites or downloads (it will alert you if you try to run a file downloaded from Internet)

 

Side note: if you download a file from the web, you can disable the SmartScreen check by right-click --> Properties, then under "General" tab, at the bottom you can find an "Unblock" button

 

Exactly and this is what i said earlier.
btw, thanks for the link

 

you are welcome

 

The problem is, if you download a zip file with a malicious exe inside, then SmartScreen won't kick-in when you run the exe

 

Except that IT WILL, try yourself.

Even if you download zip files for Chrome, they will have the "mark of the web" in them.

 

Exact

 

the mark of the web is on the zip file, not on the exe

 

And why the zip file has the mark of the web? Because of the content inside it !

Zip files are harmless per se, so when a zip file has a mark of the web in it, everything inside has it too.

Before Windows 8.1 SmartScreen was different, but now it doesnt check only .exe files, many times I received a Smart Screen warning while opening files on zip containers.

 

Try to dowload this zip or 7z file, extract the exe and tell me if the exe has the mark of the web
https://www.geekuninstaller.com/download

EDIT: I think you meant running an exe from the zip, I meant running an exe after extracting it

 

Sure, take a look (running and extracting)
http://image.prntscr.com/image/f9fa0d52f62d4da2a40bb07b6f2b763e.png

 

I have to double check on my pc, when i extract that exe, it doesn't have the mark of web