Windows Defender CFA bypassed by Ransomware

Hey, so the United States users of Kaspersky will apparently be updated to something called “UltraAV” and I was wondering if we could get a review from you and maybe a malware test.

AviatingRandom

I like how people say that you dont really need an AV simply because they expect windows defender will keep them safe. No This isnt the case at all i personally prefer having an AV installed rather than relying on windows defender. Also as a person who rarely downloads stuff online this isnt an issue at all.

zzzzzzz

Hey whens the ransomware vs Kaspersky video coming?

luluthecat

I was expecting 0 protection from defender so I am glad I was not wrong

artorias

Please test it again with DefenderUI on Aggressive Profile. Windows Defender can very likely do better. A few Months ago you already made a Video about Ransomware vs Defender and u used DefenderUI and had a 100% Detection Rate.

Zero-smoi

I feel like MS is in bed with a lot of AV companies because if they created an AV that had high detection, those companies would fold. To be fair, when MS developers don't close loopholes in the code, this can happen as well. Maybe they should start from scratch with a 5 year project to create an entirely new OS.

NO-END

I wonder... Does the ransomware encrypt only the user folders? Or looks for files in different folders in different drives not associated with the windows user folders??

ProfeGux

Good one, but what if in the protected folders the user puts also the C:\windows ? in that case i think you won't be able to call the explorer.exe and start the process

zigzag

test this with Emsisoft Enterprise Security

augusto

i got tired of paying for AV but what sucks is the free software that "enhances" defender always breaks defender for me, i find it turned off or not able to finish a scan.

cypher

Been a while since I last tried it. it often allowed too many things giving me no alerts, and denied too many other things.
I understand why explorer would be whitelisted, but at the same time I wish it disallowed any changes until it was approved.
Perhaps it could be good if you can approve specific applications, and after logging off or restarting Windows, it will forget them?

SmilerRyanYT

normally every windows file has microsoft signature, if win defender allowed it based on the name it's very stupid, if the ransomware add that signature that means it's very smart

HikerBiker

wasn't the memory integrity feature supposed to block tampering with core apps of windows?

NOOB-dkui

why does Windows firewall has stuff in the incoming section ????

fbifido

Why are there only 2023 likes on this video, when it's year 2024.
Let me make it right.

youtubegoogle

What happens when you have the ASR rule "Advanced Ransomware Protection" enabled?

cirixofficial

what if you submit your sample and retest after a few days?

-rimurutmpst

People going "See! Defender isn't good enough" is so cringe to me, like they completely missed the part of the video where no anti-malware service could detect the file as malicious.

AVs are supposed to protect you from old and known viruses, while common sense is supposed to defend against new ones. Windows Defender plays that role perfectly, and you don't have to install other free "AVs" adware. That's how computers have always worked and will continue to

MiyazakisPVPexperience

Why I don't use microcooks defender, cause it's not defending anything.

shadowtabbys

Windows Defender is only a stop gap AV and should only be used while you download a decent AV that will actually protect you, you know, a bit like how Internet Explorer was used to download a decent browser.

cougar