Windows Defender Sandbox Test vs Malware
Вставка
- Опубліковано 4 жов 2024
- Windows Defender Antivirus in Microsoft Windows 10 now comes with a sandbox for application isolation. How does it perform against a real onslaught of zero-day malware?
▼ Links, Resources and Contact Information ▼
✉ Contact us for business: www.thepcsecur...
🔥 Love the channel? Become a Patreon:
/ tpsc
🔥 Buy the best antivirus/security products with exclusive discounts and support this channel:
www.thepcsecur...
🔥 Join us on Discord and participate in our active community:
www.thepcsecur...
▶️ See how your product performs in a Test vs Malware:
www.thepcsecur...
▶️ Want to learn cybersecurity? Get started here:
www.thepcsecur...
*infects computer with hundreds of viruses*
"this is actually so much fun, not gonna lie."
If one of those was memz lol
ShxdoDxrpZ lmao
it's a vm, not the actual pc itself, so yeah
@@de_stroyed Duh
I was literally just reading this as he says it
I feel like i could catch a malware virus just by watching this video.
Me: *laughs in immunity to .exe files*
Apparently cyber-criminals are trying to get malware downloaded onto victim's device through youtube
edit: so there is a chance of getting a virus from this video (not specifically from this video, just from the website itself)
@@Wombat24455 O.o wait what? In what way?! 😰😬
@@robloxplayercoolgirl5981 Through a script the attacker (cyber-criminal) injected, i recommend downloading AVG Antivirus to block the malware being downloaded because when i was browsing youtube, AVG had a popup saying it blocked a Trojan virus from being downloaded
Edit: The free version of AVG is good enough
@@Wombat24455 Okay, but that means you can get a virus through a yt video? I've imagined that it could happen, but i never knew it actually could >~< There are no antiviruses on my dad's laptop, and I use dad's laptop, I'm on it right now. I'm gonna ask dad if we can get an antivirus..
To be fair, for something that comes as the default, built-in anti-virus, 90+% isn't all that bad.
Think of it in the context of reality:
(A) You don't get carpet bombed into submission with 1500 different malware, you get one piece of malware, if any.
(B) Common sense will allow you to avoid at least 9/10ths of malware to begin with, so this is an additional 9/10ths on top of that, which brings the overall effective protection to at least 99%
Ooh, memz, I wonder what that is. Probably something that makes my PC faster. Ooh it says it's a virus, nah, probably not important..
This is giving me an unbelievable amount of anxiety.
if you're new to pc's and stuff i would personally get a good antivirus software (bought), but if you know certain things, than you most likely not gonna get viruses
HYPERS Thats why it gives me anxiety. This video betrays every single computer safety philosophy that I have developed over my lifetime.
@@HypeWrecks I know, right? My momma always told me not to systematically execute 1500 samples of malware.
Cavey Möth Its the golden rule of computer security,
@@HypeWrecks The cascading waterfall of errors is just a Windows feature.
Thank you, In the process of purchasing the first PC desktop I’ve bought in years. Been debating whether to rely on MS Defender or purchase additional protection, debate settled. New to TPSC, really enjoy your reviews.
9:25 I love how the icons on the desktop and windows defender synced up with the music
@Aaron Moody what
@@crasheba1533 what
@@ViperoK Yes it does but it can also play havoc with aps that access their own files or write to their own directory so it's not worth turning it on at the moment until MS sorts it's shit out.
@@mparagames what
@@velp7718 Yes it does but it can also play havoc with aps that access their own files or write to their own directory so it's not worth turning it on at the moment until MS sorts it's shit out.
This must be what my parents saw when I downloaded games as a kid
:D
I feel like my computer is getting dirty just watching this.
Do something quick before your computer do something dirty to you *insert Lenny face here*
Ah yes, the smell of a fresh malware in the morning
No better way to start the day
lmfao
9 year olds clicking on Free fortnite vbucks
Malware installed : “its free real estate”
aka my brother
this is like watching ultron and jarvis fighting but way more mild
Add vision 😭
lets all remember that he had to turn off real-time protection to actually be able to place the viruses in his computer. Thats a pretty strong first barrier
I'm screaming the same thing lol. If you are depending on any AV to save you from executing malicious code good luck. Always, always, always take a layered approach. Good network security, followed by good backups, AV should be the last line of defense to tell you you need to nuke and pave a system. One last thing, if a user in an Enterprise environment is able to successfully infect a PC windows defender will not be the root cause and some shitty Network Security Engineer is gonna get canned 😂
Some perhaps. The same result may have played out by the few that got passed that first barrier.
Kaspersky still protects your PC even if it's completely off😐. It's like OK you buy me? I'm forced to protect you
@@henterpriser5779 Until they send all your data to the KGB.
@@mrblanche xD
Thank you so much for your work. I was seriously considering relegating AV duty from Bitdefender to Windows, given recent "perfect" lab results, but this just affirms my decision to go with a dedicated security suite on all our devices.
"This one's good! We have a nice waterfall over here" That warmed my heart ❤
Imagine not watching the pc screen for a while and then you see this
Especially 9:11
Summary:
1. Windows Defender is really slow checking files
2. Bad detection ratio
3. Makes Windows slower compared to other AVs like BitDefender
I think bitdefender makes windows slow. But I have 128GB RAM so it doesn't matter to me
@@theeskimo9875 ua-cam.com/video/4UhUZCZMJHg/v-deo.html
@@theeskimo9875
Weird flex, but okay
How does anyone have 128 gigabytes of ram?
Bitdefender may be the best av for Windows but the only problem on this av is ram leak specially for a pc with 1-2 GB
Excellent forensic run. My BP went up just watching this!
Loved your thorough, calm and clinical approach. That is until...
"I trusted you!" LOL
Those hash names got me ptsd from the time where i was founding and deleting viruses manually
That is so accurate.
I think you somehow misunderstood the purpose of the Defender sandbox here. It is nothing at all about running any other application in a sandbox or limiting the actions of any other application to a sandbox environment.
It's just about splitting the Defender process itself into two processes, separating the actual anti-malware module from the content parser and user interface process. The latter can then run with lower privileges within the sandbox. Just like any modern web browser is doing.
If malware directly attacks Windows Defender and try to elevate it's privileges by hijacking the Defender process via a bug in its scanner module, it can only hijack the CP process which is running in the sandbox.
However, the scanned application itself is not meant to be started within any sandbox environment. Thus, the sandbox feature is not expected to have any beneficial effect on stopping malware from doing other malicious stuff except when it tries to exploit Windows Defender vulnerabilities.
I think some antivirus experts should get onboard with the whole defender program, so they can help improve it and increase the chance of it catching malware.
its all about money, There is more money in being better than windows defender and making competition than taking a small % cut of money to improve it. If windows deffender did a good job so many other av would go un used.
That could land Microsoft in a lot of trouble. Even with current Windows Defender, Microsoft is sued by some AV developer. They say that Microsoft is doing discriminatory business practice, which I think does not make sense. Why trying to give some basic protection considered discriminatory. If MS make Defender too good, they can get in a lot of trouble.
@@UltimateAlgorithm Haven't heard of that case, but I am willing to bet it had something to do with MS only allowing the user to disable Defender if they had a white listed 3rd party AV. In other words, MS was selectively blocking AV. This only affected Windows 10 home, but that is most users.
@@amirabudubai2279 and for good reason. AV starts it service early in boot process. Would you allow any application to do that? That is a terrible idea.
What are you talking about It's already good enough and catches 99% of viruses. And if you have a feeling it's a false positive, test it on virustotal.
Great video and as always well made!! I hope in the future we get a video as the one you did few years back with the free security challenge
This reminds me of my old computer, the sad thing is that thing didn't have virus
@@SergeantExtreme wtf
Windows Defender is best for the people who don't click shiny "Download" button on the web.
LOL UNDERRATED.
For ransomware protection using Windows 10 built-in tools, the only reliable way to protect oneself is the Controlled Folder Access feature.
In the latest Windows 10 version the user has an easier way to unblock the apps that are wrongly blocked by controlled folder access.
Unless the user has his/her own 3rd party security tool that he/she uses, it's always a good idea to create a dedicated folder on the hard drive and add it to controlled folder access, then put all the important data there. It's not the most elegant solution but it will protect your data from encryption.
I have to go add programs manually. And for Open office you can add .BIN to the name in the select box since it's the .BIN and not the .EXE that wants to add a file in the latest documents folder.
@@LaserFur you can ease the process of adding programs with PowerShell. And in the latest version of Windows 10 You can also see the most recent blocked apps list in Windows defender and whitelist them easier.
@@laurpflorin Not as useful when it just says "setup.exe" or "runDLL.exe" I need to know what folder it ran from and what command line it had. I think some companies are going to have to adapt to not being able to drop some random exe in a temp directory and run it and it and expect that to be able to update the browser. (looking at you chrome)
@@laurpflorin just to add. Thanks I didn't notice they added it there.
Can you please tell how to create controlled access folder. I am newbie and want protection from ransomware on windows 7.i have already ESET smart security and MalwareBytes.
Very interesting video. Having decent music play on the speedups is a big bonus.
13:09
In the words of one wise Joel, who couldn't close a certain window:
"Uh-oh, guys... ...problem!"
How many bonzibuddys will i see in this comment section...
I like how you present this video , it served me well and your voice is very suitable for this test
Thank you guys.
Came for the Defender test. Stayed for the Beethoven soundtrack.
@The PC Security Channel [TPSC] I saw Python was compromised. That could be why the scan stopped without completing.
For someone new to the channel, how do you collect your malware? Also what have you found to the best at preventing malware, and what have you found to be the best at removing malware?
it did not look like you ran that in windows sandbox
But there is one key issue with the test... yes defender could, in theory, do much more isolation... but to get the malware on there you admitted to having to bypass the first line of defense for defender.... turning it off so it can't scan the files in the transfer. so you are starting with a compromised system, rather than a clean system and seeing if defender lets the stuff get copied in/saved in and then installed as it would in a real-world scenario. no one turns off their detectors before putting files on the pc. Edit: and you say it blocked 91% of what 10k simultaneous executions from a forcefully compromised system... i mean, really, this is a completely theoretical situation. the world doesn't have spherical chickens, after all.
There is no difference between the proposed test situation and a realistic attack vector, most attacks do happen due to compromised systems, vulnerability exploitation etc. and trust me, copying the files with Defender turned ON will make no difference (I've tried it). It just will take a ton of more time unnecessarily. If something is blocked when copying it would be blocked during execution as well (That's just how realtime protection works). The issues were caused by files that were "missed" and execution is the last step in the entry process (which is what the test was about) thus giving Defender the best odds of detecting stuff.
Also, having files on the disk does not make it an "infected system". The infection happens when the malware executes successfully with malicious intent which is what you saw in the video.
I believe you are misunderstanding what the sandbox is for and it really wouldn't show up in a test like this. It's an architectural change to prevent Defender from it being the source of infection. Parsing files is hard and this would help prevent the act of scanning viruses from being a vector for viruses.
LMAO I was hoping for a lot better than that! Will renew my Emsisoft for sure!
My question is , since all the malware is running together, do you think there's alot of cases where the malware takes eachother out? Maybe one just completely scrambles the other? Malware Battle Royale?
We got a, number one victory royale
Yeah windows we bout to get down
Get down 10 kills on the board right now
Just wiped out hard drive town
I believe likely what happened when the scan stopped mid way was due to memory usage rather than taking too long. Windows programs will frequently crash when they can't allocate enough memory (and even if memory isn't actually full, high memory usage can still make a system unstable). Generally this is not due to the programs themselves simply using a lot of memory it almost always comes down to lots of processes using a smaller amount of memory and often times this sort of instability only happens at higher CPU usages as well (both of which was definitely seen in the video).
Sometimes lots of allocating and deallocating of process memory has caused corruption for me in the past in many programs. (I've even had OS corruption from memory usage)
I wonder if enabling all ATP (Microsoft 365 E5) protections would help to get a better score. I would like to see if ATP is a valid competitor vs Crowstrike and Cylance.
Its fun seeing the little time go by in the bottom right corner
Thank you for all the hard work you do on this channel and keeping us informed. Yes I was very surprised at those results after the test. Here we are at the end of 2019 almost, with Windows OS build 1909 and yet Windows Defender is abysmal. Even more worrying is the outsourcing of the software programming to various companies abroad, and who may not use the highest levels of testing and quality assurance. Now the ordinary person may think your tests are too harsh. Not at all ! you throw every big nuisance during your tests and as many of the worst in malware that the internet can provide so yes, excellent testing !. We all have to be less naive when we roam the internet, we need to be pro-active, careful and have the best anti-virus software. From your previous videos I can see that there are a few good commercial brands that still offer good protection year after year whatever iteration those companies put out. None are perfect, some use bigger resources than others, some cause problems for avid PC gamers, some don’t have a high detection rate, but most are ok for everyday use. It’s all about education, and as you say being informed. But we must all realise as we surf the net, and click on all and sundry, to be vigilant at all times. The same goes for our emails, to be careful what we open. No longer is it like the old days when you had to actually run a .exe file to get infected. It’s a far scarier world now with scripts being automatic and running instantly in the background. So, thank you again for keeping us informed and providing good advice with respect to security products on our PC.
Aren't email stuff basically from the 90s or early 2000s? I also disagree with the comment about Windows Defender, it does its job well enough.
So what happens if you didn't turn the real-time protection off?
It probably picks up some of the .exes as malware, and the control of having 1500ish malware samples that the antivirus/antimalware can pickup isn't really a control anymore. Real-time protection should stop malware from executing just as well as it would stop it from being copied over; it's the same scan process, except it's scanning before it executes rather than scanning as it's being copied. There's a reason the python script prompts you to put Real-Time Protection back on.
Basically it stops things from happening even when you don’t run scans so it catches threats in real time
I know its unlikely that someone is gonna have that many threats running at one time like in the test, but dang, despite getting gangbanged defender continued to fight even when it lost :P
That's Because the creator of this video hates windows defender
Everyone was waiting for this.
Indeed
What a disappointment tho
@@megumin_6548Meh as well.
@@malwaretestingfan yup meh.....
Im having the same exact problem and iv been on it for about a year now teaching my self. very thing u just said is exactly what uv figured out i just havet gotten rid of it just yet
This is basically what my system would do in the 90's/early 2000's after downloading Warez and Gamez.. .ahh good ole days.
0day cracks forever!!! Pull the trigger and hope you don't fuck up your computer for that sweet, sweet freeloading. Those were the days...
Lol both of you noobs. I haven't paid for a game in over a decade and I didn't have a single virus. You think warez are the same as they were in the 00s?
you should have do an Hardcore malware check in Windows Defender (It's the one that says it takes 15 minutes)
You should try this same test, but with Controlled Folder Access enabled. I'd be curious to see if still gets "ransomwared"
I second this.
i third this
I'm sure that will prevent ransomware. It is so strict it doesn't even allow own windows software unless you allow manually. 🤦♂️
@@abhishekmaurya3453 So defense in depth then, right? Implicit deny. Comodo uses this same approach and still malware finds a way around its defenses. Assuming you whitelist what applications are allowed, this could definitely be a good way to protect the end-user's system. It's still a valid test because it confirms that what Microsoft is claiming about their feature, "Ransomware Protection" is valid.
That windows 7 wallpaper on your profile image :)
This channel should support my windows xp
Integrating with Defender ATP would help isolating the endpoints when there is something suspicious
Windows defender is one of the best second opinion scans to run on your system these days as its an excellent removal scanner. The problem is that its the baseline for avbypassing and that shows. The most popular av will always run behind but it has gotten to the point the periodic scanner can be useful.
In this test suck
Please do Kaspersky Free again.
Kaspersky
Download
@@rudigerschaebbicke8839 Why the Free? One can but the full Poaid version for about $20 - $25 per year - that is about $2/month or less
@@ethimself5064 cause free is 0$/month
@@dgjm7129 Free does not work as well as paid - Thanks
@@ethimself5064 Ehh just don't expect alot for free. So yes. Sometimes paid is better than free
Can you test sandboxie? It would be interesting to see how it compares. I get the feeling it might actually be a bit better.
I find this interesting because WD consistently gets decent results in synthetic tests, but these results would clearly indicate otherwise.
Don’t forget: The only reason those viruses worked was because he *disabled real-time protection and put the viruses on* had RTP been on the viruses most likely wouldn’t have gotten on his VM
What about the MWB & Defender combo? It would be amazing if you'd test that as it's a very popular solution.
At this point I feel like AV companies are paying Microsoft to keep WD shity
For what it is Windows Defender is a remarkably good antivirus solution. If your semi-competent using computers and are aware of basic safety like not downloading mp3.exe files defender is all you need. The tests TPSC runs is not representative of a real world scenario. No one just accidentally runs every piece of malware on the internet.
@@nocommentary9928 "No one just accidentally runs every piece of malware on the internet." - You are so wrong
@@reckie1000 they obviously haven't met my parents
@@nocommentary9928
My uncle clicks on every ad he sees
3:08 ah yes, fresh malware for breakfast
I like your content, seem very honest and give us useful tips. Will be subscribing
why u not put ads on your videos, your content is awesome
Thank you for the kind words.
Leo has a job. Thats why.
Tungki Reza Prasakti Indonesian
You should enable controlled folder access and ransomware protection!
Wait, he ran this test with those disabled ?
@@madmax2069 yep!
@@ronaldddoooo well no wonder it didn't do as well as other videos that I've seen testing it.
@@madmax2069 oh, ok...
@@ronaldddoooo the video I was watching (which was done this year) was doing basically the same thing as this video was doing, the detection rate was around 98% out of 1700 files ( a mix of viruses, Trojans, and ransomware, and other malware.
As soon as the background wallpaper changed you knew shit hit the fan
On the subject of A.I. and false positives Emsisoft's behaviour blocker hates videogames. It seems like everything I download something from Steam it gets flagged multiple times during install and on first launch. You also have to update the rule ever. single. time. the game is updated. I reported the false positive on Age of Wonders Planetfall right after the game came out and the behaviour blocker STILL flags the games main executable as a trojan downloader. I like Emsisoft, its basically the only antivirus that respects user privacy but they really need to fix this issue. It's been happening for years.
Haze Touché
@@pcsecuritychannel I just installed Remnant: From the Ashes and behaviour blocker flagged it as a code injector. I'm not trying to belabour the point I just thought the timing was funny!
@@OverHaze Security is always a dance... annoying or a pain, or else let stuff though. It goes back to the issue of a safe computer is one buried in a bunker off the Internet, but it's not very easy to use. It's kinda riding that line between annoying notices and whitelisting, or getting something in.
I'll take whitelisting in my realm, because if anything gets in, I've got ten times the work of a whitelist.
I respect how annoying it is though, because insurance is generally annoying - in all types.
@@cschwehr We Control came out a few days ago Emsisoft flagged both of the games .exe's as malware and quarantined them without notification. No idea why there was no notification. In fairness the false positive was corrected quite quickly. Still, I don't know of any other antivirus that reacts to games as aggressively as Emsisoft.
You should check if any of the viruses manage to leak to other users on the same computer. Windows Defender doesn't hold your hand, but it should stop any privilege escalation exploits
i like that defender has the same notif sound as other windows ‘system’ notifs and is neutral sounding to me
Test AppGuard Solo. Their is more than just Anti-virus and Anti-Maleware
Thanks,
Robert
I would like to also put out there you did give emcsoft a advantage with its own background
Windows sandbox is an emulation of windows which you are able to run natvely and which erases itself upon restarting it l, and is used for testing software. Its not a security measure afaik
Yes, this guy pretends to be smarter than he really is.
You mean all the recent articles about how good Windows Defender is now where just blowing smoke up my a$$? Shocking!
Thank u that was good and woth the time
thank u for sharing im on ur site and Love the wallpaper :)
It’s gotten much better, could you do another review?
I love how you say "don't worry" when you de-activate the protection, it's so funny since we actually don't give a sh... about your PC :)
Great video man !
Beautiful review, request: trend micro 2020
I guess I'll be sticking with VMware. One note is that this new sandbox mode needs HyperV to be installed. and Hyper V can't be installed if you use 64 bit VM's in VMware.
Sandbox is trash anyways proven by this vid
so you have to turn it off to even get it on there? well if it stops it from even getting on there it can't even run. you are bypassing a feature that prevents it from downloading
I agree! I work in IT and I see Defender stopping a lot of files before they get on to the PCs (base on SCCM Defender reports).
Never heard of external storages, huh? It shouldn't just keep you safe from downloading these things, obviously.
did you miss the part where he turned it off to get it off the external storage? defender protects stuff being downloaded and stuff plugged into it. if it prevents it from being taken off the storage then it did it's job. i assumed when i said download i wasn't just saying internet but but from any source
@@james42519 You do know you don't have to copy it to your local drive to run it? Free could've also run it from the external source.
Also what about shared folders? Imagine another, not proper secured device accidentally put it into a folder, that's on a separate device (NAS for example).
What I meant was: it might have not let him copy all of the malware from the external source, so there are plenty of ways this stuff can get into your pc.
It also should prevent him from running these things.
If Defender actually let you run this infected software, Defender failed it's purpose to, well, defend you. No matter how you got that stuff.
why didn't he then? windows defender is still safe and stops about everything. should have not turned it off like he did still. if you can't copy it from flash drive without antivirus stoping it it did it's job. if you try and run from external there is a popup a lot of time and you have to allow it too.
"Defender" is so utterly broken, it's not even funny.
It can be defeated in less than a minute.
You missed the point of sandboxing. It sandboxes Windows Defender itself so that it can't be easily exploited by say a malformed file when it is parsed. It's not meant to run malware in a sandbox
Can you possibly test Windows Defender's built-in ransomware protection in the future? I'm curious to see how well it works.
Very useful, thank you.
How many files will be get copied with protection on?
Since i used windows 10 i haven't installed any 3rd party anitvirus, im just using windows defender and i haven't any issues so far
If you scan your PC rn with anything good it will find threats 100% sure
@Dex4Sure I'm not. I don't download programs I don't use and I don't even go near fishy sites
Use common sense
Honestly, I dont use any other AV either. Really, the major thing is to just watch out for what you're downloading.
Also another thing, adblocking can also drastically reduce your chances of getting hit with possible malware, as it prevents things like fake download buttons and scummy redirects. So you're less likely to click on something bad in the first place.
@@HobkinBoi yes.... exactly.... my browser is used which is edge and opera has ghostery installed on it... so far so good...also i installed spybot...
@Hugh Jarce hi even ads are being block... i used it in all browser edge and opera
Since it wasn't in the description, the command is (setx /M MP_FORCE_USE_SANDBOX 1)
You did not switch on the Randsomware protection dude aka Control Folder settings
When I plugged in my new mouse (straight out of the package) Windows Defender ran antimalware for some reason. This came from Amazon so no way it was harmful.
in real life situation, you won't suddenly get hundreds of malwares at a time 😬
This actually scared me because I only use Windows Defender.
I think I will be switching to Bitdefender (based on your testing playlist)!
Very good would be nice to see a follow-up on how are you cleared the system and recover any files I'm sure this would be very useful
Customer: my system got hosed by a virus using Windows defender...
MS Support-Prandeep:
Please reboot your system and get into safe mode...
Ms-Support Prandeep: and Delete system32
So how do You RUN a New Windows 10 in safe mode. Used to be able to press F8 and choose..? Now, I don't know.. Thanks, M.
@@MichaelHadac 1. Click the Windows button.
2. Hold down Shift, While holding Shift click Restart.
3. Select Troubleshoot, go to Advance Options.
4. Find Start-up Settings.
5. Look in Start-up Settings for and click Restart.
6. You will see boot option displayed.
7. Select Safe mode and then it will boot up in safe mode on restart.
Sorry if this has already been answered... Just curious about if you find different results when testing threats that have been around long enough to have proper signatures in various products vs. relatively new, emerging threats...? I’m guessing the latter is harder to do, since by the time you can collect such samples they’ve already been identified as threats...
Maybe I could phrase the question a bit differently: Do you see a higher protection level against older threats or new-ish threats?
Please do Video on Deep-freeze Vs Malware.
How did the malware attempt to spread to your host machine even when Shared Folders were Read-only, Clipboard Sharing and Drag and Drop were Host to Guest only? And is there any way to prevent that from happening?
Remove the share before executing the malware test?
You can't ever be 100% safe. It is always possible for the malware to utilise zeroday exploit in the VM software itself to infect the system, however that's VERY rare. Most guest -> host infections occur due to either having shared folders or internet connection between guest and host enabled. To be as safe as possible delete any shared folders and disable internet connection /LAN on your guest system.
@Hugh Jarce It won't help very much as long as your 'testing computer' is connected to the same network as the others are. You have to either have separate network or internet disabled before testing.
Just a nit pick, SETX is actually a Windows Command Shell command. Whilst true you can run most commands through powershell, you may run into some issues with the way powershell handles syntax. There are articles relating to this elsewhere.
I want to make sure it just bricked your sandbox instead of your main PC. I currently have a test computer and re-image it when it get's infected which is a long process.
What's your take on those that say that AVs introduce more vulnerabilities in Windows since they can have security holes and they have deep hooks in the OS?
Can you make a video about Avira Ransomware protection?
Would be realy helpful to see if its worth the prime subscription
8:09 *_(Insert Beethoven 5th Symphony music)_*
Maybe a stupid note since you're a expert on this stuff, but i assume that the host os is not connected to the default workgroup. Ive had seen other channels who made a isolated workgroup for this stuff in case the guest spreads to the host.
That was fun !!!
Can you please advice me on how i should keep my PC safe, i wanted to run some pirated cracked softwares, but i am quite worried about the viruses they might bring with them
I tried to do such things in vmware but it ran toooo slow
what shoud i do will the restore point work or i have to run such softwares in dual booted systems
Please answer
Always set the default Windows Wallpaper to protect yourself.
I'm a bit confused by this. Are you just testing Windows Defender? Isn't the point of Windows Sandbox to test questionable software, let the virus do it's dirty work then just blow away the sandbox and enjoy a protected system? Or are you saying the Sandbox didn't protect the host system, in which case it should have been run in a window so we could see how it infected the host.
Also, was the new randsomeware protection turned on when the randsomeware infected the system?
You even couldn’t protect your own wallpaper, such a shame