Make your video test requests!

vonvon

vonvon

Level 2
Verified
Nov 25, 2014
91
As a curiosity, if you have time, it might be interesting to test the first African antimalware: MEYE antivirus.
www.meyeprotect.com

Meye Protect | Accueil

Antivirus Meye Protect, le premier antivirus africain, équipé d'une intelligence artificielle capable d'offrir une protection efficace, rapide et optimale.
www.meyeprotect.com www.meyeprotect.com
 
Practical Response

Practical Response

Level 9
Mar 10, 2024
444
How about an individual module test.

Webroot

I would like to see when you have time, the journal and rollback system put through the hoops. A folder of ransomware should do the trick nicely. It does state the journal and rollback feature would need plenty of disk space so hopefully you can accommodate this via your VM's allocation.
 
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,685
Hey @Shadowra, in response to the post below, please test 10 true zero-days against VT and CL (WLC / VoodooAi).

malwaretips.com

Anyone missed when VT was the one of core mechanic in voodooshield

I miss having VirusTotal integrated as one the main scanner. :cry: The good old days. Wonder if Dan might someday bring it back. Wishful thinking. ;):ROFLMAO:
malwaretips.com malwaretips.com

Anyone who knows anything about cybersecurity already knows who is going to win ;).
 
  • +Reputation
Reactions: Shadowra and Moonhorse
Practical Response

Practical Response

Level 9
Mar 10, 2024
444
danb said:
Hey @Shadowra, in response to the post below, please test 10 true zero-days against VT and CL (WLC / VoodooAi).

malwaretips.com

Anyone missed when VT was the one of core mechanic in voodooshield

I miss having VirusTotal integrated as one the main scanner. :cry: The good old days. Wonder if Dan might someday bring it back. Wishful thinking. ;):ROFLMAO:
malwaretips.com malwaretips.com

Anyone who knows anything about cybersecurity already knows who is going to win ;).
Click to expand...
What happens if he treats it like an average users test as he does others, and as a average user, the user wants to run that application they clicked on, so they click "allow" on the pop up, or as some say around this forum, accidents happen and allow could be accidentally clicked.
 
  • Like
Reactions: rashmi, Shadowra and Khushal
danb

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,685
Practical Response said:
What happens if he treats it like an average users test as he does others, and as a average user, the user wants to run that application they clicked on, so they click "allow" on the pop up, or as some say around this forum, accidents happen and allow could be accidentally clicked.
Click to expand...
Sure, accidents happen, but at least the user has a second chance of blocking malware, as opposed to the malware automatically executing. I mean really, the alternative is that the malware is automatically allowed. See what I mean?

Having said that, I think most users will not allow an item they are unsure of if there is a big red prompt telling them that it is not safe, and an extra confirmation prompt letting the user know that they may be introducing malware if they click Allow.
 
  • Like
Reactions: Oldie1950 and Shadowra
Practical Response

Practical Response

Level 9
Mar 10, 2024
444
danb said:
Sure, accidents happen, but at least the user has a second chance of blocking malware, as opposed to the malware automatically executing. I mean really, the alternative is that the malware is automatically allowed. See what I mean?

Having said that, I think most users will not allow an item they are unsure of if there is a big red prompt telling them that it is not safe, and an extra confirmation prompt letting the user know that they may be introducing malware if they click Allow.
Click to expand...
I was curious, as I have seen users go so far as disabling components to allow an application being blocked by their security in this forum.
 
  • Like
Reactions: Trident, Oldie1950 and Shadowra
Practical Response

Practical Response

Level 9
Mar 10, 2024
444
Oldie1950 said:
A user who wants to install malware despite all warnings will succeed. No security software can help.
Click to expand...
If a user "whitelist" the malware, nothing will certainly help in a anti exe, although other modules in a full suite might stop it if a user ignores a prompt or clicks proceeded. Like the user I was referring to getting frustrated trying to figure out what to disable in Kaspersky to allow it through, he kept disabling things but the suite kept stopping it.
 
  • Like
Reactions: Trident and rashmi
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,761
SumTingWong said:
@Shadowra

Can you test Sophos Home?
Click to expand...
Let’s see Sophos home, I am seeing some interesting, very generic detections, for example they seem to be really aggressive now towards obfuscated scripts… will be an interesting one.

In April, they also removed all customisations from the home software and aligned it completely with the business one, so now more frequent updates will be delivered. Before it was getting 2-3 updates a year.
In May, they added Game Mode finally.
 
  • Like
  • Applause
Reactions: lyldz, Gandalf_The_Grey, Kongo and 3 others
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,761
XylentAntivirus said:
DevSecure vs Chomar (C-Prot) vs Xylent would be interesting to see which AV is best Turkish antivirus.
Click to expand...
Is this yours?
github.com

GitHub - Rutuj-Runwal/Xylent: A powerful antivirus built using Electron framework and python

A powerful antivirus built using Electron framework and python - Rutuj-Runwal/Xylent
github.com github.com

If it is, I suggest you withdraw the test request for now… first develop some AI and ML models, heuristics, generic detections, behavioural blocking and others… 😳🫣
Your AV only has one Yara rule to identify malware you created for testing purposes and Eicar test file. And it’s got 16.9MB database full of malware hashes…

It looks more like a uni project…
 
Last edited:
  • Like
  • +Reputation
Reactions: simmerskool, likeastar20, Shadowra and 1 other person
XylentAntivirus

XylentAntivirus

Level 1
May 9, 2024
12
Trident said:
Is this yours?
github.com

GitHub - Rutuj-Runwal/Xylent: A powerful antivirus built using Electron framework and python

A powerful antivirus built using Electron framework and python - Rutuj-Runwal/Xylent
github.com github.com

If it is, I suggest you withdraw the test request for now… first develop some AI and ML models, heuristics, generic detections, behavioural blocking and others… 😳🫣
Your AV only has one Yara rule to identify malware you created for testing purposes and Eicar test file. And it’s got 16.9MB database full of malware hashes…

It looks more like a uni project…
Click to expand...
Machine Learning module exits in sourceforge I just forked that project on sourceforge and developed this. Now it's 1.4gb even if I removed duplicates and some very old hashes.
 
  • Applause
Reactions: Shadowra
Shadowra

Shadowra

Level 34
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,341
XylentAntivirus said:
https://devlopsoft.com/d/Kurulum - DevSecure.zip/ Xylent C-Prot | Windows, Android, MacOs Virüs Koruması İçin Yerli Antivirüs Yazılımı İndirin Notice: I'm going to update Xylent. I'm going to tell when I updated Xylent.
Click to expand...

I've just tested it quickly, even though you haven't updated it yet and, for the moment, too many things need to be revised...

For the record, Xylent is an antivirus project based on ClamAV. It also uses MD5 and SHA1 rules from MalShare, VirusShare, VirusSign etc., as well as YARA.
The file is 1.4GB in size, installs and... doesn't launch... I launch it directly in admin. (xylent_antivirus.exe & engine.exe )

The product consumes a lot of Ram... Between 2GB and 5GB of RAM! That's huge!!!
Capture d'écran 2024-05-09 213533.pngCapture d'écran 2024-05-09 213643.png

Xylent create no registry key at startup. In case of infection, the antivirus will not protect you. Why is this? Because there's no entry at startup... a shame for an AV...

Capture d'écran 2024-05-09 214622.png

Xylent tries to create YARA rules with Powershell. Only errors...

Capture d'écran 2024-05-09 214957.png

Obviously, with so much RAM monopolized by Xylent, the VM crashed. Either the AMD graphics driver crashed, or... BSOD (I had both)
There's definitely a problem with the anti-virus and an optimization problem.
For the moment, I won't test it. To be reworked!
 
  • +Reputation
  • Wow
  • HaHa
Reactions: SumTingWong, simmerskool, vaccineboy and 4 others

Similar threads

Shadowra
    • +Reputation
    • Like
    • Thanks
App Review Adlice RogueKiller Anti-Malware Pro 2024
Replies
9
Views
774
Video Reviews - Security and Privacy
vaccineboy
vaccineboy
struppigel
    • Applause
    • +Reputation
    • Like
Malware Analysis Video: C2 extractor for Turla's Kopiluwak using Binary Refinery
Replies
0
Views
355
Malware Analysis
struppigel
struppigel
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review SpyShelter Premium
Replies
17
Views
2,177
Video Reviews - Security and Privacy
Sorrento
Sorrento

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top