• Welcome to Maher's Digital World.

(New) Testing Anti Virus Suites

Started by Vasudev, June 02, 2014, 12:06 PM

Previous topic - Next topic

Vasudev

Test malwares in a VM or in sandbox using sandboxie.

Shadow.97

My experience is that virus scanners go by signature and not behavior (not all ofcourse) and this itself is a security flaw, because alot of viruses go undetected. I made one just for teh lulz in python, a keylogger that sends all input to a remote server. It was not detected by mbam, mse, avast, or avira. I didnt feel like testing more av's. But, it would require a working python installment on the computer.
I really do wonder how many viruses are out there that are undetected.
Today there was headlines about Huawei, ZTE, Xiaomi having malware code sending data to China.
-hugs my T21-A- I love you huawei tablet, even if you send data to China.

Vasudev

Quote from: Shadow.97 on November 17, 2016, 01:45 AM
My experience is that virus scanners go by signature and not behavior (not all ofcourse) and this itself is a security flaw, because alot of viruses go undetected. I made one just for teh lulz in python, a keylogger that sends all input to a remote server. It was not detected by mbam, mse, avast, or avira. I didnt feel like testing more av's. But, it would require a working python installment on the computer.
I really do wonder how many viruses are out there that are undetected.
Today there was headlines about Huawei, ZTE, Xiaomi having malware code sending data to China.
-hugs my T21-A- I love you huawei tablet, even if you send data to China.
You've AppGuard, VoodooShield, MBAM AE and HMPA doesn't rely on signatures but on heuristics. You can check at MalwareTips. Even I'm there to bolster and enhance my PC or mobile security.

humbert

I've tested several anti-virus suites and I'd say they're all more or less the same. Some pick up malware that others miss, but I'd say that's pretty normal. Frankly I get far more popups from false positives than from real threats. I was using MBAM, then when it started giving me trouble I installed Avast. If you're worried about a file, simply upload it to Virustotal and check it out there.

I guess if you want to play around with malware, you have to sandbox it. Sandboxie is pretty good, but I recommend running an older copy of Windows as a VM. VirtualBox is elite, I use it and it's awesome plus it's easy to use. Take a snapshot of your VM and restore it once you're done. No harm, no foul.

Vasudev

Quote from: humbert on April 24, 2017, 06:53 AM
I've tested several anti-virus suites and I'd say they're all more or less the same. Some pick up malware that others miss, but I'd say that's pretty normal. Frankly I get far more popups from false positives than from real threats. I was using MBAM, then when it started giving me trouble I installed Avast. If you're worried about a file, simply upload it to Virustotal and check it out there.

I guess if you want to play around with malware, you have to sandbox it. Sandboxie is pretty good, but I recommend running an older copy of Windows as a VM. VirtualBox is elite, I use it and it's awesome plus it's easy to use. Take a snapshot of your VM and restore it once you're done. No harm, no foul.
If you want a change, try Zemana Anti-malware.

humbert

Quote from: Vasudev on April 24, 2017, 07:42 AM
If you want a change, try Zemana Anti-malware.

Their site keeps talking about a free trial. Is this all trialware or do they offer a free, crippled version? I swear I hate crippleware.

Vasudev

Quote from: humbert on April 28, 2017, 04:49 AM
Quote from: Vasudev on April 24, 2017, 07:42 AM
If you want a change, try Zemana Anti-malware.

Their site keeps talking about a free trial. Is this all trialware or do they offer a free, crippled version? I swear I hate crippleware.
It comes with 15 days trial after that it reverts to a crippled freeware w/o real time protection.

humbert

Quote from: Vasudev on April 28, 2017, 12:58 PM
It comes with 15 days trial after that it reverts to a crippled freeware w/o real time protection.

I've never seen a cracked version of Zemana on any torrent site. In fact I never heard of it until you posted this. As I see it this says a lot - something nobody bothers to upload and/or develop a crack for it must not be very good.

Vasudev

Quote from: humbert on May 02, 2017, 05:25 AM
Quote from: Vasudev on April 28, 2017, 12:58 PM
It comes with 15 days trial after that it reverts to a crippled freeware w/o real time protection.

I've never seen a cracked version of Zemana on any torrent site. In fact I never heard of it until you posted this. As I see it this says a lot - something nobody bothers to upload and/or develop a crack for it must not be very good.
That makes it hard for malwares to bypass it. If you browse malwaretips.com you need hell lot of info about viruses such as access to their source code etc..

humbert

Quote from: Vasudev on May 02, 2017, 07:04 AM
That makes it hard for malwares to bypass it. If you browse malwaretips.com you need hell lot of info about viruses such as access to their source code etc..

Assuming this is true, then with so many antivirus programs out there, are you willing to shell out money to pay for this? Not me!