Disclaimer

This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
We encourage you to compare these results with others and take informed decisions on what security products to use.
Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Andy Ful

Level 44
Verified
Trusted
Content Creator
AFAIK the malicious file type would be document_bill.docx.exe
If you did not enable "show file name extensions" you will see only document_bill.docx and that looks safe.
But even if it is truly document_bill.docx it is still dangerous because it might be a weaponized doc.
It is easy to fool most people by using another trick:
Code:
document_bill.docx                                                       .exe
The .exe is not visible when there are many spaces between.

Edit.
The cautious user can recognize the trick because in the "Type" column in Windows Explorer the file will be still visible as an application.
 
Last edited:

shmu26

Level 81
Verified
Trusted
Content Creator
But this thing about scripts silently downloading and attacking your computer -- that's scare stories from the sandbox fanboys, or maybe it's propaganda from some company trying to sell you something.
I want to qualify this claim a little bit. I read today that both Chrome and Firefox had an actively exploited zero-day this year. In the case of Firefox, it was in fact capable of remote code execution on Windows 7 32 bit, due to a vulnerability in that OS which was not patched at the time.
However, all the vulnerabilities were subsequently patched, and were observed only in targeted attacks. So it is still safe to say that random surfing does not put the average user at a risk of infection.

Regular AV protection is not the best way to defend against attacks of these types. The advanced security solutions are better equipped for that.

But anyways, in real-life terms, it's not a threat. Today's attacks are more and more targeted. If a malcoder worked for months and discovered a million-dollar zero-day exploit, you can be sure he won't waste it on you.
 
Last edited:

blackice

Level 7
I want to backtrack on this claim a little bit. I read today that both Chrome and Firefox had an actively exploited zero-day this year. In the case of Firefox, it was in fact capable of remote code execution on Windows 7 32 bit, due to a vulnerability in that OS which was not patched at the time.
However, all the vulnerabilities were subsequently patched, and were observed only in targeted attacks. So it is still safe to say that random surfing does not put the average user at a risk of infection.

Regular AV protection is not the best way to defend against attacks of these types. The advanced security solutions are better equipped for that. But anyways, in real-life terms, it's not a threat.
After reading your comment yesterday I proceeded to have a dream last night that I got ransomware from a drive by download. Woke up and my system is clean. :ROFLMAO: Though not impossible drive by dls are rare. I’ve been reading too many stories.
 

Dave Russo

Level 8
Verified
Eset is still a very good choice,just add voodoshield, with Eset"s low impact and nice firewall plus tweaks its very strong,There are very few of us here at Malwaretips,who do not add layers to our security,the only thing I do not recommend is buying a license from Eset, do to cost{you get the exact same product on e-bay for so much less}A good survey one day would be ,who uses a Internet security program only? I would bet on this site less than10 percent. gl all
 
Last edited:

shmu26

Level 81
Verified
Trusted
Content Creator
Eset is still a very good choice,just add voodoshield, with Eset"s low impact and nice firewall plus tweaks its very strong,There are very few of us here at Malwaretips,who do not add layers to our security,the only thing I do not recommend is buying a license from Eset, do to cost{you get the exact same product on e-bay for so much less}A good survey one day would be ,who uses a Internet security program only? I would bet on this site less than10 percent. gl all
What in particular do you like about the ESET firewall? Wondering whether it's better than Windows firewall with SysHardener tweaks.
 

Dave Russo

Level 8
Verified
What in particular do you like about the ESET firewall? Wondering whether it's better than Windows firewall with SysHardener tweaks.
Forgive me I am no expert,But Eset is one of the only program who"s firewall passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet } and I like the easy to use options.Windows firewall fails,Kaspersky"s firewall fails,but once again the test may be misleading, so I am only giving a opinion and not a expert gl.
 
Last edited:

Andrew3000

Level 3
Forgive me I am no expert,But Eset is one of the only program who"s firewall passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet } and I like the easy to use options.Windows firewall fails,Kaspersky"s firewall fails,but once again the test may be misleading, so I am only giving a opinion and not a expert gl.


With kaspersky endpoint fails because it directly blocks the script used for the test, it seems.


215262
215263
 

devjit2018

Level 10
Verified
Malware Tester
ESET Firewall is one of the best.It offers protection like the corporate firewalls and there are a ton of settings you can use. The FW can stop the common exploits. The Windows Firewall is a good no nonsense firewall which can be customised with tweaks and the outbound connections can be controlled with the help of 3rd party apps. Has Windows 10 increased the Firewall self-protection? In Windows 7, it's extremely easy to disable the inbuilt firewall and it's one of the first things a malware does. Another firewall that I like is the Norton Firewall. It's extremely smart and has the ability to protect against exploits.
 

harlan4096

Level 60
Verified
Staff member
Malware Hunter
Forgive me I am no expert,But Eset is one of the only program who"s firewall passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet } and I like the easy to use options.Windows firewall fails,Kaspersky"s firewall fails,but once again the test may be misleading, so I am only giving a opinion and not a expert gl.
This test was already discussed here in the forum about 1 year ago or even more... Kaspersky fails most of the tests because the size of the files are bigger than 1MB, once You download manually and scan it detects all:


1560961334481.png
Update: in the past there was an option to tweak that size, I can't remember now if still in KES :unsure: :emoji_thinking:
 

Andrew3000

Level 3
This test was already discussed here in the forum about 1 year ago or even more... Kaspersky fails most of the tests because the size of the files are bigger than 1MB, once You download manually and scan it detects all:


Update: in the past there was an option to tweak that size, I can't remember now if still in KES :unsure: :emoji_thinking:
Nope :(

215265
 

Dave Russo

Level 8
Verified
of the test When I tested Kaspersky, used on wifes machine Kaspersky Total security. I do not know if Firewall is different on Endpoint,but if indeed its blocking the test then that would count as a pass ,but how can someone tell? When I tried symantec endpoint ,it showed one green pass, an then
it blocked the rest of the test. But KTS did finish the test with only1 out of 18 passed
 

simmerskool

Level 7
... passes the cursed Fortiguard test {The Test - Test Your Metal by Fortinet }
my first time at the fortiguard test. I have a few layers here and ?? what is this test supposed to do or be doing?? appears as if nothing is happening? I see 0/18 as if I failed all tests yet, it also appears as if it never ran at all. no screenshots, no compressed files. all I see on the webpage is "Loading..." and nothing appears to be loading. Am I supposed to defang my security to run their security test? I'll skip it then, or am I missing the point? /sk

Since it has blocked even running the test, . :giggle:
me too +1 but not by yandex here.
edit: you got 1 red mark on the otherwise grey circle, not one thing changed here??