Test Windows Defender Antivirus (or other security software)
Windows Defender Antivirus is the default security application for devices running Microsoft's Windows operating system.
Like Windows Firewall, it may not offer the best protection or functionality, but it is there to protect systems directly after setup.
The installation of another security program replaces Windows Defender on the system and takes its role to block attacks.
Regardless of whether Windows Defender or another security software is protecting the device, you may want to test the protection to make sure it works correctly.
We covered a couple of methods to test security software in the past: check out our articles on Comodo Leaktest or the Eicar test.
Windows Defender Antivirus tests
Microsoft maintains two test sites for Windows Defender security tests. The first, called Windows Defender SmartScreen Demo Pages, is all about SmartScreen protection.
SmartScreen Filter is a component of Windows Defender designed to protect against malicious sites, downloads and programs.
Note: none of the pages or tests are malicious. They are designed to appear malicious to find out if running security software protects the system against different attack types.
The following tests are available:
- Is This Phishing -- Displays a suspicious page warning and prompts the user for action.
- Phishing Page -- Known phishing page that the security software should block.
- Malware Page -- A page used to host malware. It should be blocked.
- Blocked Download -- A download starts on page load. That downloaded should be blocked because of the URLs reputation.
- Exploit Page -- A page designed to attack browser vulnerabilities.
- Malvertising -- A page that embeds advertising that is considered malicious.
- Known Good Program -- The program should not be blocked.
- Unknown Program -- Windows Defender SmartScreen should display a warning page.
- Known Malware -- SmartScreen should block the program.
Click on any of the available tests to run them. Again, none of the tests are malicious but they are designed to appear as if they are.
Windows Active Defense is the name of the second test page. Some of the tests require that you sign in on the site, others can be run without signing in.
The following tests and options are available:
- Cloud Delivered Protection -- Test cloud-delivered protection on the computer.
- Potentially Unwanted Applications (PUA) -- Downloads a fake PUA file to test whether potentially unwanted programs are blocked.
- Network Protection -- Loads a suspicious URL to test the network protection.
- Exploit Protection -- Apply custom Exploit protection settings
- Controlled Folder Access -- Download the Controlled Folder Access test tool.
- Block at First Sight (sign-in required) -- With the feature, new files will be analyzed and blocked shortly after on any computer.
- Attack Surface Reduction (sign-in required) -- Downloads samplees to trigger ASR rules.
Some of the tests require preparation before they can be run. A click on a test describes the test scenario and setup.
Closing Words
The tests are designed specifically for Windows Defender Antivirus. While third-party antivirus solutions may block certain simulated malicious activities as well, some tests won't deliver the desired results unless Windows Defender Antivirus is used.
Previous Post: « Spectre Next Generation vulnerabilities affect Intel processors
Next Post: Here comes the next Spectre vulnerability (Spectre V4 CPU) »
Tried with Avast Free 18.4.2338, nothing was blocked.
Very useful, thanks a lot !
“Downloads samplees”
samplees…new word of the day? (flagged by spell check)
I can cover almost all of these tests with Zero antivirus on my system [Windows 7] and with only uBlock Origin in medium mode blocking and the right filter lists plus Chrome with Site Isolation enabled/DownloadRestrictions policy (Block all downloads).
Anti-viruses are all scam, especially the free ones who collect telemetry data from your system.
Agreed, antivirus software are a lie and a placebo effect.
Agreed, they are a lie and a placebo effect.
It seems the latest version of paid Avast Internet Security and Windows 10 1803 Defender now work in a complementary way, and Defender now also starts as a consequence. Anyone else notice that?
That’s not normal…i guess something got borked during 1803 upgrade and Win doesn’t detect your Avast install. Reinstall it to fix that.
Just install Webroot SecureAnywhere and relax, 7MB use in RAM, 2 MB installation file, rest is over cloud… thats the future…buy the key over eBay for 3$ (1year instead of 30$ official page)…very suspicious that no major sites test this app like it is
There is no need for security or protection if you are using cloud services as they already compromised all your data. It’s like building a barn years after the horses have left.
There is a reason why MS and co are pushing the cloud and why you never hear FBI and co whine about it. You are basically paying to hand over all your data to someone and anyone they care to give it to.
Great article, thanks for the information.
I’d honestly love it if you guys have made an article sharing your choice of security software. Your articles are always on point and well researched, would be very interesting to know your preferences in regards to security.
I always find it difficult to choose my security software. I don’t really need it because I keep my browsing habits clean and use extensions as another (or main) defense along with (soon) Pi-Hole for my local network. I still install them just in case.
Currently I’m using Malwarebytes Pro along with Kaspersky Free Antivirus, everything seem fine, but I’ve read so many mixed comments about Kaspersky that makes me doubt my choice.
I didn’t like Avast Free for the way they constantly push for their paid products whether through notifications or pop up windows. At least that was the experience I had the last time I tried them about a year or so ago. I understand it from a business perspective and that their goal is to gain customers, but their behavior seemed too pushy.
Anyway, thanks again for another great article.
I’m also using Malwarebytes Premium with Kaspersky Free AV. The two work great together. As for Kaspersky, it rates top in AVTEST. Kaspersky is taking an unfair hit from the U.S government. They even offered up its source code. For your protection, just to be cautious, configure it to NOT send any data back to the vendor, as I did.
tis is a wax nose, i’m sorry i did not read the previous articles about the AV test sites, but the site is useless if it is designed to work only with one specific AV.
Why ? because it just says “he defender raise an alert please” without actually doing something.
a real test would be a site where actual but crippled virii & malware would be served.
like a virus that starts notepad stating “you would have been infected if this was real”
or thats starts acryptolocker but giving the decription key.
But even such a site would give you false hope, just like some benchmarks the would check for those specific “tests” so they can say they have a 100% success rate for the AV-test.
I don’t believe its worth using an AV any more, so I don’t appreciate this extra “control” on the part of Microsoft. In fact, I don’t user Defender either – broadly speaking, just good old fashioned common sense and a very decent backup and mitigation strategy.
I don’t believe that AV is any longer what it once was – and it is also a resource hog that collects data, and you are effectively giving software like that – too many hooks into your system. Way too many. In today’s data-driven world….the “innocence” is lost, of what AV once was. That at least, is my belief. Now, there is too much monetisation, and ulterior motives.
There are so many ways “we” can take our own control. And at the very least, you should have a very comprehensive Hosts file set up.
AV is not for me, and neither Defender thanks. The world has changed.
I don’t agree. There are situations where an antivirus is must like when a hacker tries to take advantage of a system exploit, any vulnerability in the OS or say your friend gets infected and malware sends an email contain malicious links to you and you open it thinking it is a mail from your friend. Once you realise the innumerable number of ways a virus can infect you, you will definitely refrain yourself from making that statement again. Further now even antivirus software’s have become smart and use minimal CPU. Their generic signature based detection blocks most of the old as well as new malwares and they are constantly getting updated. Reputed companies like Emsisoft and Bitdefender take customer privacy very seriously. For a start you can use Bitdefender Free Antivirus. It also blocks phishing attacks of the most professional type which even an experienced user can fall prey to.
Good luck………..
I don’t agree. There are situations where an antivirus is must like when a hacker tries to take advantage of a system exploit, any vulnerability in the OS or say your friend gets infected and malware sends an email contain malicious links to you and you open it thinking it is a mail from your friend. Once you realise the innumerable number of ways a virus can infect you, you will definitely refrain yourself from making that statement again. Further now even antivirus software’s have become smart and use minimal CPU. Their generic signature based detection blocks most of the old as well as new malwares and they are constantly getting updated. Reputed companies like Emsisoft and Bitdefender take customer privacy very seriously. For a start you can use Bitdefender Free Antivirus. It also blocks phishing attacks of the most professional type which even an experienced user can fall prey to.
Good luck………..