*infects computer with hundreds of viruses* "this is actually so much fun, not gonna lie."

I feel like i could catch a malware virus just by watching this video.

To be fair, for something that comes as the default, built-in anti-virus, 90+% isn't all that bad. Think of it in the context of reality: (A) You don't get carpet bombed into submission with 1500 different malware, you get one piece of malware, if any. (B) Common sense will allow you to avoid at least 9/10ths of malware to begin with, so this is an additional 9/10ths on top of that, which brings the overall effective protection to at least 99%

Thank you, In the process of purchasing the first PC desktop I’ve bought in years. Been debating whether to rely on MS Defender or purchase additional protection, debate settled. New to TPSC, really enjoy your reviews.

<a href="#" class="seekto" data-time="565">9:25</a> I love how the icons on the desktop and windows defender synced up with the music

This is giving me an unbelievable amount of anxiety.

This must be what my parents saw when I downloaded games as a kid

Ah yes, the smell of a fresh malware in the morning

this is like watching ultron and jarvis fighting but way more mild

I feel like my computer is getting dirty just watching this.

9 year olds clicking on Free fortnite vbucks Malware installed : “its free real estate”

Thank you so much for your work. I was seriously considering relegating AV duty from Bitdefender to Windows, given recent "perfect" lab results, but this just affirms my decision to go with a dedicated security suite on all our devices.

lets all remember that he had to turn off real-time protection to actually be able to place the viruses in his computer. Thats a pretty strong first barrier

Excellent forensic run. My BP went up just watching this! Loved your thorough, calm and clinical approach. That is until... "I trusted you!" LOL

"This one's good! We have a nice waterfall over here" That warmed my heart ❤

I think some antivirus experts should get onboard with the whole defender program, so they can help improve it and increase the chance of it catching malware.

Summary: 1. Windows Defender is really slow checking files 2. Bad detection ratio 3. Makes Windows slower compared to other AVs like BitDefender

Those hash names got me ptsd from the time where i was founding and deleting viruses manually

Imagine not watching the pc screen for a while and then you see this

I think you somehow misunderstood the purpose of the Defender sandbox here. It is nothing at all about running any other application in a sandbox or limiting the actions of any other application to a sandbox environment. It's just about splitting the Defender process itself into two processes, separating the actual anti-malware module from the content parser and user interface process. The latter can then run with lower privileges within the sandbox. Just like any modern web browser is doing. If malware directly attacks Windows Defender and try to elevate it's privileges by hijacking the Defender process via a bug in its scanner module, it can only hijack the CP process which is running in the sandbox. However, the scanned application itself is not meant to be started within any sandbox environment. Thus, the sandbox feature is not expected to have any beneficial effect on stopping malware from doing other malicious stuff except when it tries to exploit Windows Defender vulnerabilities.

Windows Defender is best for the people who don't click shiny "Download" button on the web.

For ransomware protection using Windows 10 built-in tools, the only reliable way to protect oneself is the Controlled Folder Access feature. In the latest Windows 10 version the user has an easier way to unblock the apps that are wrongly blocked by controlled folder access. Unless the user has his/her own 3rd party security tool that he/she uses, it's always a good idea to create a dedicated folder on the hard drive and add it to controlled folder access, then put all the important data there. It's not the most elegant solution but it will protect your data from encryption.

This reminds me of my old computer, the sad thing is that thing didn't have virus

For someone new to the channel, how do you collect your malware? Also what have you found to the best at preventing malware, and what have you found to be the best at removing malware?

Great video and as always well made!! I hope in the future we get a video as the one you did few years back with the free security challenge

<a href="#" class="seekto" data-time="789">13:09</a> In the words of one wise Joel, who couldn't close a certain window: "Uh-oh, guys... ...problem!"

My question is , since all the malware is running together, do you think there's alot of cases where the malware takes eachother out? Maybe one just completely scrambles the other? Malware Battle Royale?

@The PC Security Channel [TPSC] I saw Python was compromised. That could be why the scan stopped without completing.

So what happens if you didn't turn the real-time protection off?

I believe likely what happened when the scan stopped mid way was due to memory usage rather than taking too long. Windows programs will frequently crash when they can't allocate enough memory (and even if memory isn't actually full, high memory usage can still make a system unstable). Generally this is not due to the programs themselves simply using a lot of memory it almost always comes down to lots of processes using a smaller amount of memory and often times this sort of instability only happens at higher CPU usages as well (both of which was definitely seen in the video). Sometimes lots of allocating and deallocating of process memory has caused corruption for me in the past in many programs. (I've even had OS corruption from memory usage)

I like how you present this video , it served me well and your voice is very suitable for this test

Came for the Defender test. Stayed for the Beethoven soundtrack.

I wonder if enabling all ATP (Microsoft 365 E5) protections would help to get a better score. I would like to see if ATP is a valid competitor vs Crowstrike and Cylance.

Very interesting video. Having decent music play on the speedups is a big bonus.

Thank you guys.

I believe you are misunderstanding what the sandbox is for and it really wouldn't show up in a test like this. It's an architectural change to prevent Defender from it being the source of infection. Parsing files is hard and this would help prevent the act of scanning viruses from being a vector for viruses.

Can you test sandboxie? It would be interesting to see how it compares. I get the feeling it might actually be a bit better. I find this interesting because WD consistently gets decent results in synthetic tests, but these results would clearly indicate otherwise.

Windows defender is one of the best second opinion scans to run on your system these days as its an excellent removal scanner. The problem is that its the baseline for avbypassing and that shows. The most popular av will always run behind but it has gotten to the point the periodic scanner can be useful.

But there is one key issue with the test... yes defender could, in theory, do much more isolation... but to get the malware on there you admitted to having to bypass the first line of defense for defender.... turning it off so it can't scan the files in the transfer. so you are starting with a compromised system, rather than a clean system and seeing if defender lets the stuff get copied in/saved in and then installed as it would in a real-world scenario. no one turns off their detectors before putting files on the pc. Edit: and you say it blocked 91% of what 10k simultaneous executions from a forcefully compromised system... i mean, really, this is a completely theoretical situation. the world doesn't have spherical chickens, after all.

<a href="#" class="seekto" data-time="188">3:08</a> ah yes, fresh malware for breakfast

Everyone was waiting for this.

Thank you for all the hard work you do on this channel and keeping us informed. Yes I was very surprised at those results after the test. Here we are at the end of 2019 almost, with Windows OS build 1909 and yet Windows Defender is abysmal. Even more worrying is the outsourcing of the software programming to various companies abroad, and who may not use the highest levels of testing and quality assurance. Now the ordinary person may think your tests are too harsh. Not at all ! you throw every big nuisance during your tests and as many of the worst in malware that the internet can provide so yes, excellent testing !. We all have to be less naive when we roam the internet, we need to be pro-active, careful and have the best anti-virus software. From your previous videos I can see that there are a few good commercial brands that still offer good protection year after year whatever iteration those companies put out. None are perfect, some use bigger resources than others, some cause problems for avid PC gamers, some don’t have a high detection rate, but most are ok for everyday use. It’s all about education, and as you say being informed. But we must all realise as we surf the net, and click on all and sundry, to be vigilant at all times. The same goes for our emails, to be careful what we open. No longer is it like the old days when you had to actually run a .exe file to get infected. It’s a far scarier world now with scripts being automatic and running instantly in the background. So, thank you again for keeping us informed and providing good advice with respect to security products on our PC.

You should try this same test, but with Controlled Folder Access enabled. I'd be curious to see if still gets "ransomwared"

Please do Kaspersky Free again.

you should have do an Hardcore malware check in Windows Defender (It's the one that says it takes 15 minutes)

LMAO I was hoping for a lot better than that! Will renew my Emsisoft for sure!

Integrating with Defender ATP would help isolating the endpoints when there is something suspicious

Its fun seeing the little time go by in the bottom right corner

I know its unlikely that someone is gonna have that many threats running at one time like in the test, but dang, despite getting gangbanged defender continued to fight even when it lost :P

This is basically what my system would do in the 90's/early 2000's after downloading Warez and Gamez.. .ahh good ole days.

You should enable controlled folder access and ransomware protection!

You should check if any of the viruses manage to leak to other users on the same computer. Windows Defender doesn't hold your hand, but it should stop any privilege escalation exploits

Don’t forget: The only reason those viruses worked was because he *disabled real-time protection and put the viruses on* had RTP been on the viruses most likely wouldn’t have gotten on his VM

This channel should support my windows xp

What about the MWB & Defender combo? It would be amazing if you'd test that as it's a very popular solution.

On the subject of A.I. and false positives Emsisoft's behaviour blocker hates videogames. It seems like everything I download something from Steam it gets flagged multiple times during install and on first launch. You also have to update the rule ever. single. time. the game is updated. I reported the false positive on Age of Wonders Planetfall right after the game came out and the behaviour blocker STILL flags the games main executable as a trojan downloader. I like Emsisoft, its basically the only antivirus that respects user privacy but they really need to fix this issue. It's been happening for years.

At this point I feel like AV companies are paying Microsoft to keep WD shity

How did the malware attempt to spread to your host machine even when Shared Folders were Read-only, Clipboard Sharing and Drag and Drop were Host to Guest only? And is there any way to prevent that from happening?

I guess I'll be sticking with VMware. One note is that this new sandbox mode needs HyperV to be installed. and Hyper V can't be installed if you use 64 bit VM's in VMware.

Windows sandbox is an emulation of windows which you are able to run natvely and which erases itself upon restarting it l, and is used for testing software. Its not a security measure afaik

so you have to turn it off to even get it on there? well if it stops it from even getting on there it can't even run. you are bypassing a feature that prevents it from downloading

Im having the same exact problem and iv been on it for about a year now teaching my self. very thing u just said is exactly what uv figured out i just havet gotten rid of it just yet

why u not put ads on your videos, your content is awesome

I would like to also put out there you did give emcsoft a advantage with its own background

Sorry if this has already been answered... Just curious about if you find different results when testing threats that have been around long enough to have proper signatures in various products vs. relatively new, emerging threats...? I’m guessing the latter is harder to do, since by the time you can collect such samples they’ve already been identified as threats... Maybe I could phrase the question a bit differently: Do you see a higher protection level against older threats or new-ish threats?

It’s gotten much better, could you do another review?

I like your content, seem very honest and give us useful tips. Will be subscribing

As soon as the background wallpaper changed you knew shit hit the fan

Test AppGuard Solo. Their is more than just Anti-virus and Anti-Maleware Thanks, Robert

You mean all the recent articles about how good Windows Defender is now where just blowing smoke up my a$$? Shocking!

You missed the point of sandboxing. It sandboxes Windows Defender itself so that it can't be easily exploited by say a malformed file when it is parsed. It's not meant to run malware in a sandbox

How many files will be get copied with protection on?

i like that defender has the same notif sound as other windows ‘system’ notifs and is neutral sounding to me

I'd like to know what malware/av service do you recommend or have had best results with close to clean sheets that you spoke about. I've watched several videos now of your tests and not seen any good results yet. Love to get some good advice. What was the best result you have had so far. Or best yet. What malware/av would you use @The PC Security Channel

Beautiful review, request: trend micro 2020

it did not look like you ran that in windows sandbox

Since it wasn't in the description, the command is (setx /M MP_FORCE_USE_SANDBOX 1)

Very good would be nice to see a follow-up on how are you cleared the system and recover any files I'm sure this would be very useful

Can you possibly test Windows Defender's built-in ransomware protection in the future? I'm curious to see how well it works.

I love how you say "don't worry" when you de-activate the protection, it's so funny since we actually don't give a sh... about your PC :)

Since i used windows 10 i haven't installed any 3rd party anitvirus, im just using windows defender and i haven't any issues so far

Thank u that was good and woth the time thank u for sharing im on ur site and Love the wallpaper :)

This actually scared me because I only use Windows Defender. I think I will be switching to Bitdefender (based on your testing playlist)!

Please do Video on Deep-freeze Vs Malware.

More than likely it is trying to cause an overflow to gain access outside the sandbox, by causing a memory buffer overflow

I'm a bit confused by this. Are you just testing Windows Defender? Isn't the point of Windows Sandbox to test questionable software, let the virus do it's dirty work then just blow away the sandbox and enjoy a protected system? Or are you saying the Sandbox didn't protect the host system, in which case it should have been run in a window so we could see how it infected the host. Also, was the new randsomeware protection turned on when the randsomeware infected the system?

Avast (premier) and İObit malware figter (pro) and windows defender perfect combo try you?

Just a nit pick, SETX is actually a Windows Command Shell command. Whilst true you can run most commands through powershell, you may run into some issues with the way powershell handles syntax. There are articles relating to this elsewhere.

you can stop shilling built in windows defender has been proven to work very well

In the big scheme I don't care, that said if you're going to perform these completely unrealistic tests then try it both ways: AV *(on)* + malware install; AV *(off)* + malware install.

You did not switch on the Randsomware protection dude aka Control Folder settings

i am sorry... but i lost you the first mins... did you run the malware inside the sandox or not? cause what you say is like you run the malware outside the sandox... not inside

What's your take on those that say that AVs introduce more vulnerabilities in Windows since they can have security holes and they have deep hooks in the OS?

How is this a fair test? You literally disabled real time protection. What you should have done was open each malware individually and see if Windows can stop them from executing.

Very useful, thank you.

Can you make a video about Avira Ransomware protection? Would be realy helpful to see if its worth the prime subscription

Great video man !

<a href="#" class="seekto" data-time="489">8:09</a> *_(Insert Beethoven 5th Symphony music)_*

I want to make sure it just bricked your sandbox instead of your main PC. I currently have a test computer and re-image it when it get's infected which is a long process.

That was fun !!! Can you please advice me on how i should keep my PC safe, i wanted to run some pirated cracked softwares, but i am quite worried about the viruses they might bring with them I tried to do such things in vmware but it ran toooo slow what shoud i do will the restore point work or i have to run such softwares in dual booted systems Please answer