Windows Defender Hardening and Test vs Malware

Поділитися
Вставка
  • Опубліковано 3 гру 2024

КОМЕНТАРІ • 443

  • @kaze4098
    @kaze4098 4 роки тому +213

    i wish you ran it before hardening, then harden it and run the exact same test for a comparision :(

    • @MusicalInquisit
      @MusicalInquisit 4 роки тому +48

      Ah, controls. Very important in an experiment.

    • @Ezkeef
      @Ezkeef 4 роки тому +3

      well some malware could escape before hardening. ESPECIALLY that half removed one. It could escape completely.

    • @ItzSteveHuh
      @ItzSteveHuh 4 роки тому +18

      He did test with default WD settings about 2 months ago ua-cam.com/video/VXtTgP8JkSk/v-deo.html

    • @bjcanz
      @bjcanz 4 роки тому +1

      just check the start-up services to avoid seeing that dialogue box

  • @schmel7930
    @schmel7930 4 роки тому +560

    this guy's videos makes me wanna download viruses so i can watch a war between them and my antivirus lol

    • @pcsecuritychannel
      @pcsecuritychannel  4 роки тому +293

      Please do not try this at home. lol.

    • @clarkkent1616
      @clarkkent1616 4 роки тому +3

      YES SAME

    • @kekwnet
      @kekwnet 4 роки тому +10

      @@ahsookee he disables internet

    • @Ezkeef
      @Ezkeef 4 роки тому +33

      @@kekwnet no. He uses a VM which is completely isolated and those dont know that they are VM. Doesnt necessarily mean disconnected from internet. Otherwise he couldnt use the cloud servce protection of MS security.cheers

    • @FFAs
      @FFAs 4 роки тому +8

      I need a class on how to configure a secure test system for entertainment purposes....

  • @CaptainXLAB
    @CaptainXLAB 4 роки тому +177

    1:38 "You have to pay 5.9 Million USD" ......... Ransomware thought it's targeting bill gates or what :v

    • @deletevil
      @deletevil 4 роки тому +11

      we should forward these messages to Bill Gates lmao xD

    • @TheUltimateYouTuberyay
      @TheUltimateYouTuberyay 4 роки тому +10

      That ransomware should be fake. It was made by The Jester who is grey hat hacker. He helps defend the US from attacks. He made that to help out the hit TV show. Mr. Robot. So it shouldn't do anything unless someone made it as a joke/not a joke.

  • @IsaacNgui
    @IsaacNgui 4 роки тому +160

    Curious if any malware has ever broken out of your VM containment and infected the host machine

    • @sT1GE3R
      @sT1GE3R 4 роки тому +43

      @Vishal Belbase not true. There are some identificators for virtual machines and if a malware can read them it can interpretate that he is in a virtual machine

    • @AB-ii5uy
      @AB-ii5uy 4 роки тому +51

      Theos Escaping the VM is a whole different challenge.

    • @cannedbeverage7687
      @cannedbeverage7687 4 роки тому +9

      (Quite possibly dumb) Sub-question: If it does escape from a Windows VM but the host runs Linux or Mac, would it be possible for the host to get infected?

    • @spaceorbison
      @spaceorbison 4 роки тому +45

      That's like Agent Smith getting out of the Matrix into the real world

    • @bitelaserkhalif
      @bitelaserkhalif 4 роки тому +16

      Step 1: shared folder
      Step 2: mounted as write read

  • @MarshallRawR
    @MarshallRawR 4 роки тому +25

    Would have been interesting to do the same test with Windows Defender not configured one more time with the same samples just to compare the numbers at the end of the video.

  • @FouadBallan
    @FouadBallan 4 роки тому +30

    Leo again as I always said thank you for your great work and amazingly informative videos to watch

  • @bhringer
    @bhringer 4 роки тому +5

    Great stuff Leo. Looking forward to follow-up videos you mentioned. Thanks

  • @alessandro3950
    @alessandro3950 4 роки тому +16

    Quite disappointed that Microsoft removed the "Desktop" location from controlled folders access by default. That is probably because it was causing conflicts when newly installed software was trying to create desktop shortcuts to lauch the program (I experienced these false positive blocks)

    • @notAvn
      @notAvn 4 роки тому

      @@HotCakeX wow a whamen that's interested in any sort of computing 🥰

    • @shadowguardian3612
      @shadowguardian3612 4 роки тому

      @@HotCakeX yeah and 99% of pepole doesnt have it and is a insider beta.No one cares about name before defender it was called Windows Security Essentials. Its the same 20h1 doesnt change much and how do you know what version is he using.

  • @cyberweapontime4067
    @cyberweapontime4067 4 роки тому +20

    Do a test for Norton security

  • @ari73692
    @ari73692 4 роки тому +3

    Would be good to see how well ransomware is stopped using OpenDNS, Cisco Umbrella, Cloudflare 1.1.1.1 Family etc with AV protection (double layers of security) Keep up the great work... :)

  • @wingsphoenix3484
    @wingsphoenix3484 4 роки тому +49

    Brother, where are you?
    Brother?
    Brother this is the fifth boot.......plz no....brother!
    therefore, Leo and his VM is haunted and this error will arise in his dreams

  • @wilfredotorres6628
    @wilfredotorres6628 4 роки тому +5

    Hi Leo, I like what you did you beef up WD and you could have beefed it up, even more, there are other settings within-group edit where you could have made some other minor changes. You can see where this becomes a powerful tool to use an a enterprise environment as well as the home user.

  • @igoresque
    @igoresque 4 роки тому +11

    2:35 in Windows 10 2004 the folder is named "Microsoft Defender Antivirus"

    • @nonvideo
      @nonvideo 4 роки тому

      Yeah I was a bit confused when I looked under my Edit Group Policies and it wasn't there.

    • @vinnyc365
      @vinnyc365 4 роки тому

      @@nonvideo I can't even find Edit Group Policies

    • @nonvideo
      @nonvideo 4 роки тому

      @@vinnyc365 You need Windows 10 Pro. Windows 10 Home won't let you access it.

    • @xbotscythe
      @xbotscythe 4 роки тому

      @@nonvideo That's true, but you can install gpedit on home

  • @augusto3045
    @augusto3045 4 роки тому +3

    So friend congratulations on the excellent test with Windows Defender, I think that if you had removed the powershell as the main one and had deactivated it and left only the CMD as the main one this error might not occur in the end ... But even with this error in the end if u were at Start and located the error and remove with CCleaner or privacy eraser at the start of windows nothing would appear and the pc would be clean ... Congratulations Windows Defender has stood out in profound improvements with the artificial intelligence that was recently implemented. ..

  • @MrChezco1995
    @MrChezco1995 4 роки тому +7

    Damn that hardening did the trick! Thou I use WinDef (and also common sense to not click random stuff), this is impressive! Great video!

  • @OutreRim
    @OutreRim 4 роки тому +60

    You on the latest windows version? You still have all the old icons ?

    • @TheFPSPower
      @TheFPSPower 4 роки тому +10

      The new icons are delivered through the windows store, he's probably just using a local account.

    • @TheOkamotoo
      @TheOkamotoo 4 роки тому +5

      @@TheFPSPower I use a local account and i got the new icons

    • @miguelangeldel6394
      @miguelangeldel6394 4 роки тому +2

      Probably the LTSC version, which doesn't have all the crap of other Windows editions

    • @v1ncend
      @v1ncend 4 роки тому

      It is ltsc soo it's not a revelant for windows 10 normal edition

    • @Mario583a
      @Mario583a 4 роки тому

      The new icons are being delivered in waves I hear.

  • @frankiesparkes3947
    @frankiesparkes3947 4 роки тому +3

    Might be worth noting that the Group Policy isn't available in the Home SKU. Don't know if any of the policies can be edited in the registry directly

    • @leonwalter1222
      @leonwalter1222 4 роки тому +1

      It is available, you just have to activate it, you can find some instructions easily in the internet, does not take longer than only a few minutes

    • @Mario583a
      @Mario583a 4 роки тому

      Here's a hint: Everything that he just said can be achieve via the Registry.

  • @cammy85
    @cammy85 4 роки тому +1

    Cool!! I added these to the Advanced Settings video posted a few months ago by Computer Solutions, so we'll see how it goes.

  • @MikeCorp1357
    @MikeCorp1357 4 роки тому +2

    Do you have the list of Windows Defender tweaks you did (in the video) on your website or on a document/PDF? Thanks!

  • @321bluff
    @321bluff 4 роки тому +1

    Bro I always told you defender is very powerful and it is my favourite. I will always love it. This is your first unbiased video. Like from my side.

  • @GreggRoberts
    @GreggRoberts 4 роки тому

    I added this video to my watch list. I'm at work right now but have always been a fan of Bastille so I must watch.

  • @JCtheMusicMan_
    @JCtheMusicMan_ 4 роки тому +6

    I have a 32 core machine. I’m excited to know I can use this configuration.

    • @doge7831
      @doge7831 3 роки тому

      You will get more false-positives with absolutely max settings.

  • @robertmassey7391
    @robertmassey7391 4 роки тому

    Just found this video. Great job making complex instructions, make sense to us simpletons.

  • @JTvlogs984
    @JTvlogs984 2 роки тому +1

    have you done any research on Basic "FREE" AVG vs Windows Defender?

  • @Cyber.Operator.0
    @Cyber.Operator.0 Рік тому

    I didn't know about the PUAProtection command. Thank you. Just did it on my machine.

  • @Ograws
    @Ograws 4 роки тому

    I love the new format it makes these videos feel more like a show you'd see on TV!

  • @akberkhan1184
    @akberkhan1184 4 роки тому +10

    I always knew, one day Microsoft will make a good av, now it is true. No more 3rd party craps

  • @Prophet1cus
    @Prophet1cus 4 роки тому

    Looks to me those MAPS group policy settings are not needed to harden if you already turn on "cloud-delivered protection" and "automatic sample submission" in your regular virus & threat protection settings. The group policy for 'Join Microsoft MAPS' states "In Windows 10, Basic membership is no longer available, so setting the value to 1 or 2 enrolls the device into Advanced membership."
    The pre-reqs for block at first sight are: Join MAPS enabled (defaults to advanced if cloud-delivered protection is enabled), send file samples for analysis enabled (default to 'safe files' if automatic sample submission is enabled) and scan all downloaded files/attachments enabled (enabled by default if real-time protection is on). So all pre-reqs are already met.
    Furthermore the windows event logs show this when enabling the block at first sight policy:
    "Windows Defender Antivirus Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
    Old value: Default\SpyNet\DisableBlockAtFirstSeen = 0x0
    New value: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet\DisableBlockAtFirstSeen = 0x0"
    In other words, it was already not disabled...so enabled.

  • @rhys5447
    @rhys5447 4 роки тому +5

    Great content Leo, thanks!

  •  4 роки тому

    Windows Pro and Enterprise users that have their systems not in domain, you cannot summon Group Policy(gpmc.msc). However, you can summon Local Policy Editor(gpedit.msc), which is technically the same thing. Most changes are enacted after restart because most of them are registry keys.

  • @retroman7581
    @retroman7581 4 роки тому +3

    Hey, could you go over the national security letter which any cooperation based in the USA can receive?

  • @Joshua17891
    @Joshua17891 2 місяці тому

    Going through my watch later. Man this is an old video. I remember watching this when it released and it introduced me to something I never knew I'd love so much. I can't say I'm perusing a serious career in cybersecurity yet, but the amount I've learned through these years is unbelievable.

  • @steve00055
    @steve00055 4 роки тому

    computing requires an enormous amount of mathematical type thinking ... AND THIS IS YOUR BEST VIDEO TO DATE !!! good music and the warehouse door slamming SOUND AFFECT is also great ...

  • @schmel7930
    @schmel7930 4 роки тому +4

    does bitdefender total security slow down gaming performance?

    • @gabrielandy9272
      @gabrielandy9272 4 роки тому +4

      all antivirus take cpu cycles.... theres some that take less other more.

  • @gonzaloxm
    @gonzaloxm 4 роки тому +7

    Leo: I'm concerned the antivirus consumed up to 50% CPU
    Also Leo: makes the antivirus deal with 1k malware files executed at once

    • @murphy1138
      @murphy1138 3 роки тому

      It’s running through 1500 samples . This is not real world but a massive test all at once . 26 to 50% is fine when it does better than crowdstrike and cylance

  • @Sitharii
    @Sitharii 4 роки тому

    About the fragmented malware which causes an error icon to appear in every restart :
    i'm most certain that if you had used AVG's *before- boot-to -windows -scan* this …. "haunted malware" as you called it , would have disappeared without the need for a PC-format .
    I have told you in the past how good is this unique scan from AVG , and to be honest ,I find it very weird that you don't even mention it at all !! .
    I believe that a unique protection feature such as this , would be worthy of some kind of mentioning ….
    Anyway , once again ,you have made another great video !! I really enjoy them !!

    • @augusto3045
      @augusto3045 4 роки тому

      AVG??? hes use the windows defender not AVG of Avast

    • @Sitharii
      @Sitharii 4 роки тому

      @@augusto3045 CORRECT , but he has a standard procedure during his tests .
      When he finishes the initial test , afterwards he performs PC-scan with several antivirus in order to check that everything is fine with the PC ( in this video check at @7:18 to see what I mean ). That's what I meant .
      I believe that if he had performed AVG's before ""boot to windows scan"" , instead of the standard scanning with Antivirus like Norton , Hitman Pro , i'm very confident that the issue with the ""haunted-malware"" would have been solved.
      That's what I meant.

    • @AlpineTerrier
      @AlpineTerrier 4 роки тому

      Powernod - he could simply have used WD scan in offline mode which reboots, checks the boot sector and runs in safe mode, then reboots back into normal mode and gives you results. No need to install yet another AV.

  • @frankdenunzio4184
    @frankdenunzio4184 4 роки тому +2

    The malware at the end of the video was probably successful because Attack Surface Reduction rules were not enabled. Testing malware files on the local network completely negates Block at First Sight even with this setting enabled via GPO (because the samples are missing the Mark of the Web.) At least this test method is better than his previous "tests" of WD, but his video is more a demonstration of WD's features than something resembling a real-world test.

    • @markharburn1076
      @markharburn1076 4 роки тому +1

      true, also there is MDATP to add to this.....

    • @AlpineTerrier
      @AlpineTerrier 4 роки тому +1

      Yep, he’s not as smart as he thinks. His tests are generally unrealistic.

    • @frankdenunzio4184
      @frankdenunzio4184 4 роки тому

      @@AlpineTerrier Too bad most of his fans take his word as The Gospel!

    • @evantanuwidjaja8017
      @evantanuwidjaja8017 3 роки тому

      true

  • @jagth8138
    @jagth8138 4 роки тому +10

    I honestly wonder if my logic is correct.
    Modern windows is more solid so it rather shouldn't get infected easily like xp, vista or 7.
    So;
    1. Using custom firewall
    2. UAC with password for changes
    3. Browser with anti malware adons
    4. Opening unknown documents in the browser/one drive/sandbox
    is that enough?

    • @NightmareQueenJune
      @NightmareQueenJune 4 роки тому

      I would guess so. But I would also say that no antivirus and just visiting genuine websites with adblocker turned on and making backups regularly _could_ be enough. I still use Kaspersky since I know I will at some point visit a dodgy website or download a dodgy executable. These few bucks a year are worth it for me since I like the data on my pc enough to spend that money.

    • @kimakhiangte
      @kimakhiangte 4 роки тому

      @AM 9. Use your phone for visiting shady sites and downloading from free file sharing/streaming sites.

    • @TheStevenWhiting
      @TheStevenWhiting 4 роки тому

      UAC has never really been any good as people have developed ways to bypass it.

    • @TotalNonstopThemes
      @TotalNonstopThemes 4 роки тому +1

      ​@@kimakhiangte How about don't visit file sharing/streaming sites to begin with. Stealing software is how morons get infected, and illegal streaming sites are a hotbed for malvertising.

    • @BarafuAlbino
      @BarafuAlbino 4 роки тому +1

      @@TotalNonstopThemes You just called 1/3 of a whole planet morons, because for them it is the only way to get software and movies.

  • @O_Kikiwi
    @O_Kikiwi 4 роки тому +1

    These settings are something interesting and that I didn't know existed. But for those who do not have the policy editor, such as Windows 10 Home users, how do you change these options?

    • @Mario583a
      @Mario583a 4 роки тому

      www.maketecheasier.com/harden-windows-defender/

  • @Unicus1
    @Unicus1 4 роки тому

    Equally entertaining and informative. Excellent quality 👍

  • @breakingthe4thwall260
    @breakingthe4thwall260 4 роки тому +2

    Thanks Leo you do a great job and i learn something new every time i watch your video's. i Look forward to your video on hardening windows 10.

  • @MrRetroIsland
    @MrRetroIsland 4 роки тому +2

    Wow, what a suprise

    • @Azure70
      @Azure70 4 роки тому +1

      Hardening was incomplete. It needed ASR rules
      github.com/AndyFul/ConfigureDefender

  • @AtiiG
    @AtiiG 4 роки тому

    Will you do the same hard setting to other products?

  • @MichaelMarohn
    @MichaelMarohn 4 роки тому

    of course you would want the firewall on.. I know some MSPs & ERP providers that would disagree. Always fun to see that disabled because otherwise it's difficult to troubleshoot..lol

  • @karlparker4962
    @karlparker4962 3 роки тому

    Had the same sort of ghost as you put it that would appear everytime you boot up after being infected by malware, Used Autoruns software and found the entry of the component that was trying to start in the scheduled task tab, deleted the reg entry and all good after that, system was thoroughly cleaned first, might be handy for others that were left with the same problem

  • @wilbertvb
    @wilbertvb 4 роки тому +1

    Yes, I want to see the hardening of windows. :)

  • @Nunzio_77
    @Nunzio_77 4 роки тому +2

    You can test Comodo Antivirus (proactive configuration). Thank you.

    • @Nunzio_77
      @Nunzio_77 4 роки тому +2

      @NossR94 I don't think so ... Comodo Antivirus has the sanbox, the HIPS and the behavioral analysis that makes it armored compared to other free or paid ones.

    • @AlpineTerrier
      @AlpineTerrier 4 роки тому

      Nunzio d'Abbruzzo - the HIPS is a nightmare, it doesn’t train properly, nor create rules for safe applications properly, and finally doesn’t always remember the settings and keeps triggering for something already saved. Comodo is a very nice idea, but it’s not tested properly and quality issues, I always feel like a beta tester, yet it’s released for production.

  • @ebereiboko5555
    @ebereiboko5555 3 роки тому +1

    How do you turn it on

  • @DavesChaoticBrain
    @DavesChaoticBrain 4 роки тому

    What are thoughts on Windows Defender as an Enterprise install vs Sophos and Sophos Central?

  • @CantFightRobots
    @CantFightRobots 4 роки тому

    Really would love a video about general Windows or PC hardening! Some kind of "essentials" series on defense would rule. Found this channel today because I accidentally infected my computer yesterday with over 500 files. First time every doing something like that. I felt so stupid. I was moving too fast and clicked an ad instead of the real download. I felt like a grandma! But now i've been diving deep into PC security and finding it all super fascinating. Malwarebytes was able to get my PC clean and back to where it was before. (I hope)

  • @kennedymcdon3674
    @kennedymcdon3674 4 роки тому

    how would a person go about learning to diagnose and repair software PC problems

  • @Morphineck
    @Morphineck 4 роки тому

    I checked your kaspersky video and honestly the CPU usage was not very different (stayed on the mid 20's most of the time with spikes to 40's) and got a bit of a better result 99.53 vs 99.9.
    This was not a bad result for an included feature, not bad at all.

  • @jmzack3021
    @jmzack3021 3 роки тому

    Don’t know if anyone else is like this too, but watching videos about others downloading malware is spine-chilling to me. That’s why I’ve really never watched videos like this. But I mean-content like the stuff Leo makes is something that you can’t find anywhere else and is also pretty interesting too lol 😂
    And I’m over here watching malware one-tap PCs on one of the safest devices ever: an iPad computer lmao 🤣

  • @sm_003
    @sm_003 4 роки тому

    you didn't mention which version of Windows 10 & Windows Defender you did use?

  • @Ookami8raven
    @Ookami8raven 4 роки тому +1

    Interesting test, I love it!

  • @garymarrs2270
    @garymarrs2270 4 роки тому

    Question I'm going back to a windows PC after 9 years on a Mac. What Is the best security solution that takes up the least amount of system resources?

  • @vasipro
    @vasipro 4 роки тому

    What's the best antivirus to buy right now for PC?

  • @OktavianiFriska
    @OktavianiFriska 4 роки тому

    Hey, this is a good one. But how about a home user?

  • @svend.waterlaw8592
    @svend.waterlaw8592 4 роки тому

    I really that you now show how to secure windows. Keep that good work up :) thanks

  • @Akaya3511
    @Akaya3511 4 роки тому +1

    Can you test Iobit Malware Fighter and Iobit Advance System Care Ultimate. Im running both right now and im wondering your thoughts on them running together. Thanks for all your videos keep them coming. You should set up the you tube join option. Im happy to pitch in a few bucks every month to help you get access to software keys for testing. Im sure I am not the only one willing to do so either.

  • @ytuser30
    @ytuser30 Рік тому

    are your backgrounds available to download? if yes, how do i get them?
    preferabily without the text

  • @Teddy_the_beautiful_Dog
    @Teddy_the_beautiful_Dog 4 роки тому

    Which Software you use for Screen Recording?

  • @franklinAll8735
    @franklinAll8735 4 роки тому +1

    Please test hardened Kaspersky! You've always tested it on recommended settings, never on ultra high!

  • @DePhoegonIsle
    @DePhoegonIsle 4 роки тому +1

    Honestly, the 'performance hit' isn't as great as you want to think it is. the thing is, if you slam it with 100's+ of new files all attempting to load at the same time... ya it's going to do bad things.
    Though frankly I was someone who LOVED Comodo security suite & a literal every program had to be checked off & approved to be allowed to run (I accidently broken win 8.1 & 10, with it) and for the very feature I loved in it, to be including in windows 10 baked in... even if a preformance hit .. is great.
    There is always trade off with security & performance, but that hit is in load times, and first file loads... along with a secondary benefit of when a file is updated, it is considered first sight again.. which can help avoid subtle infections that otherwise get overlooked because it was clean once.

  • @smasher4291
    @smasher4291 4 роки тому

    What specs do your virtual machines have? I'd just like to have a reference point for how much of your resources they're using as evidently 50% of 8gb isn't the same as 50% of 32gb etc.

  • @svilenski
    @svilenski 4 роки тому

    Hi Leo. Great video as always. Would it be possible to execute any of these 800 threats without administrative privileges?

  • @CaptainXLAB
    @CaptainXLAB 4 роки тому

    Would it still perform as good with internet disconnected? (and those options enabled)

  • @astro5977
    @astro5977 4 роки тому +1

    Hey there! Do you think I can do this Windows Hardening with an i7-8700k and 16GB RAM while simultaneously being able to game/browse and such? I don't want to much of a performance impact.

  • @nicolobirocchi9786
    @nicolobirocchi9786 4 роки тому +4

    Nice job from M$
    Could you try trend micro 2020?

  • @lightingman117
    @lightingman117 4 роки тому

    Please make the video on hardening windows soon! I have no idea where to start but want to harden a VM so that viruses/people can't break out and do damage. Thanks!

  • @tmcthree
    @tmcthree 4 роки тому +2

    Love your videos. Most informative I've ever found! If you had a choice of Bitdefender free (which I don't think has the safe files feature). Or Windows defender (so you can implement controller access). Which should you go for? In other words, is the availability of a controlled access feature valuable enough to warrant a less reliable detection rate?

  • @michaelchan1629
    @michaelchan1629 4 роки тому +1

    Would you recommend these settings on top of a third party AV?

    • @ArthursHD
      @ArthursHD 4 роки тому

      Defender has to be turned of if you use another antivirus if you want a decent performance :-) Yet disabling scripting in Powershell is advisable if you want more security. Also using separate admin account with password, passkey or biometrics and a different user account for every day tasks. using Group Policies can reduce risk further. With firewall you can reduce exposure to malicious software. Separating often insecure IoT and out of support devices to another network can reduce exposure even further.
      Some people run Linux and when they need windows they use a VM.
      Linux by design is made more secure, small market share on desktop makes it a smaller target. There are real time antivirus for it. Like Bitdefender and Eset. Same still stands with Linux - You need to segregated access levels, reduce exposure and use common sense :)

    • @fredEVOIX
      @fredEVOIX 4 роки тому

      defender and firewall two different things

  • @SterNebula
    @SterNebula 4 роки тому +3

    I'm using Kaspersky and so far the experience has been great. I would love to see a test about it.

  • @BobaT__
    @BobaT__ 4 роки тому

    Can you recommend an AV for pc gaming?

  • @natxu
    @natxu 4 роки тому

    Did you have a chance to make the same tests (including Ransomware Tests) in Windows Defender ATP? It would be interesting to do it and check how the system holds up!
    Thank you for your vids! Nice work!

  • @premn
    @premn 4 роки тому

    Added to favourite playlist

  • @MythicLandsWorld1074
    @MythicLandsWorld1074 3 роки тому

    Can you please tell me where do you get those malware samples from please

  • @RR-zz2ml
    @RR-zz2ml 2 роки тому

    Did you try DefenderUi?

  • @gtm5650
    @gtm5650 4 роки тому

    while using Avast would you recommend these changes is group policy? Thanks

    • @AlpineTerrier
      @AlpineTerrier 4 роки тому

      George K - this group policy is for Defender. If you use Avast or any other antivirus it will disable Defender completely, so it would be irrelevant to change the group policy.

  • @STVYT
    @STVYT 4 роки тому

    Hi,
    First of all thanks much for this video. I'm in the process of creating tweakguides screenshots to harden Windows Defender as you suggested. I did the exact same method and settings that you did except I turned on Pua protection through group policy not Powershell because I was getting an error there with. My one question for you is that I think I have noticed a slight decrease in performance and if that's true which of these settings if not all of them are going to have the most impact on performance?

  • @Flare323
    @Flare323 Рік тому

    what about zero tolerance blocking level for cloud protection 3:26

  • @reaperhammer
    @reaperhammer 4 роки тому

    Why does he enable PUP protection via powershell rather than with the GPO that does it? Also I found I had to load the powershell module for defender manually from the av install folder in programdata... on win 2004 anyway...

  • @PawelJackowski
    @PawelJackowski 4 роки тому

    I'm staying tuned for the video how to harden windows 💪😊

  • @madkvideo
    @madkvideo 4 роки тому

    Opinions on RogueKiller? Works really well IMO

  • @NN-dg2xw
    @NN-dg2xw 4 роки тому

    So is it good?

  • @santtu1212
    @santtu1212 2 роки тому +1

    defender made that one script an orphan

  • @rfunk727
    @rfunk727 4 роки тому

    You should mention how many files or how much data you have on your computer so that we can estimate the time it takes.

  • @bloodstains816
    @bloodstains816 4 роки тому +3

    Getting an error message when windows boots up is really annoying :/

  • @darkmatter8650
    @darkmatter8650 4 роки тому

    But can't use both ESET and WD all protections? Anyhow?

  • @ebereiboko5555
    @ebereiboko5555 3 роки тому +1

    It is actually pretty good

  • @user975bg
    @user975bg 4 роки тому

    Leo, you are the best! Do a video on how to harden your MacOS system security.

  • @andreaangelino492
    @andreaangelino492 4 роки тому

    Why don't you check if PC is infected (malware in memory, autoruns keys added) and run second opinion scanners before rebooting?

  • @JonathanKing9608
    @JonathanKing9608 4 роки тому

    I'm surprised you didn't use Malwarebytes or Adwcleaner as a second opinion scan or the only ESET scanner or Kaspersky Virus Removal Tool.

  • @imad9279
    @imad9279 3 роки тому +1

    I wouldn't be able to sleep if I had that many malwares

  • @xanderalxandro6823
    @xanderalxandro6823 4 роки тому

    So what is the best way to contact you for help with ransomware attacks?

  • @leonardofelippine9781
    @leonardofelippine9781 4 роки тому

    As usual, an interesting video. I will look into these settings for my company.
    Where can we find these malwares to make our own tests?

  • @user-df1yx2tm6g
    @user-df1yx2tm6g 4 роки тому +1

    Question: I've ran a Full Scan with my Window Defender, and it showed me that I've hundreds of threats found caused of the new Kali Installer I've been installed in my VM. It never happened b4 but just started a few weeks ago, I've clicked on the " Start actions " button to remove those threats, but it never worked... What should I do now? just completely delete the Kali iso? but I needed it for my study.. >.< Sry if I've asked a weird question.

    • @x1aomantou
      @x1aomantou 4 роки тому

      Contact Microsoft, or try search how to clean logs(may work), this is the only issue for me. Most of the time threads already 'cleaned'.

    • @user-df1yx2tm6g
      @user-df1yx2tm6g 4 роки тому

      @@x1aomantou Thx for the reply, i might just keep using it since it's not affecting much of my performance..

  • @RodCine
    @RodCine 4 роки тому

    I tried to use -MpPreference but its showing parameter cannot be found.

  • @Northhax
    @Northhax 4 роки тому

    Firstly, thanks for the comprehensive insight. Secondly, I was wondering what your thoughts were on the various guards? Thirdly, looking forward to the windows hardening tips. Keep up the great work :)

  • @NikosApla
    @NikosApla 4 роки тому

    What free antivirus should I use?