brod56

Level 15
Verified
Joined
Feb 13, 2017
Messages
725
Operating System
Windows 10
#41
I can expain you with my bad english what you can protect with sanbox. 1. browsers. 2 exe. 3. ms office. Maby one person with good english can explain what you can do with sandbox. And is many thinks. One post from AtlBo View attachment 204881
I believe Office is pretty safe if you disable macros and other dangerous stuff via SysHardener.
 
Joined
Mar 3, 2017
Messages
107
#44
He could probably also test Shadow Defender and Rollback RX then call it a day. But the point of these videos is to gain views on Youtube and eventually monetize them (just like the PC Security channel is doing). Instead of focusing on the products that fail, we should simply focus our time and energy on the products that succeed. (y)
 

JM Safe

Level 36
Content Creator
Verified
Joined
Apr 12, 2015
Messages
2,522
Operating System
Windows 10
Antivirus
Kaspersky
#45
The way I see is: if you're only sandboxing suspicious software (cracks, keygens, etc) then you'd be better not running them at all. That's way I don't see much purpose on sandboxing on a regular use, perhaps except for the browser.
@JM Security I see you sandbox your browser which I find interesting. Is it only to prevent possible exploits or any other reason?
It is to prevent any type of malware that can be accidentally downloaded (not blocked by security browser extensions or Google Safe Browsing), because if the browser is sandboxed and something goes wrong the malware remains in the sandbox and the OS is still secure.
 

Raiden

Level 7
Content Creator
Verified
Joined
May 7, 2018
Messages
316
Operating System
Windows 10
Antivirus
Emsisoft
#46
Oh no! Uninstalling Bitdefender right away! Switching to Kaspersky Free, and no ransomware will ever touch my PC again. I am pigeon trilobyte and change my security softs whenever I see them fail in youtube!
Ah the good old never ending security program cycle every time a test comes out. :sick:

This test is completely useless IMHO.Always a companion like CF or VoodooShiled free or Exe Radar will take care of any ransomware if the traditional AV fails to detect.
While these are great programs in their own right and they do their job very well, you can still get infected using them. Simply ignoring the prompts and allowing the file to run, a piece of malware can infect a system.

You could make video of every av failing indeed, but the youtube videos are favorism of some product and bashing of one like wd. Theres someone monetizing behind every review

edit: best av is probably one with the many security layers and has many customization settings to tweak the protection
Imo bitdefender free has zero tweaking/ settings to modify . Probably good for home users that arent av fanatics and do want to replace WD
I agree, every test should be taken with a grain of salt. Problem is people put too much weight into things like YouTube tests because they've been marketed (this is exactly what it is) by the YouTube testers as being more accurate/better than the professional tests out there. Furthermore they act like they are security experts, when all they are doing is right click scanning a folder with malware with the real-time protection disabled, then running the missed samples with the real-time enabled. This isn't how people use their computers, nor realistic of how people actually run into malware. I'm not saying these people are evil or anything, but they are not security experts like some claim to be and its not as simple as they make out to be either.

The other side of this is exactly like you said, there's bias towards products people like and products people hate. Unfortunately this bias shows through, but people still drink the cool-aid regardless. What I hate about YouTube tests in general is there's little validation of the samples. We really only have their word on the matter, but how do we really know that they just didn't set up the test beforehand to get the result they wanted, then make a video of it?

To your second point, that can be true, but more settings/configuration options doesn't automatically = better protection. Sometimes these things can be overwhelming and if your aren't sure what they do, it can actually make it worse. These things appeal to us geeks because we like to play around with them, but to the average person, they couldn't care less becuase how many of them actually change these settings?

I think some people expect to much from a free AV
i'm not saying all of them (freebies) would have missed this ransomware, but paid solutions have more layers to stop such things.... but some paid solutions can also fail the test.
That shows that no AV is 100 %
Yes and no. I would take it a step further and say people expect way too much of all security programs in general, free/paid. I always preach to practice safe habits regardless of which program/setup you use. Your habits are a very important layer in the overall security envelop. Like you said, no product is perfect and will fail at some point, especially if you practice unsafe habits.

That's strange guys. I think the ransomware of this test is sophisticated and it could use AVs bypass techniques.
Maybe, but as I've said before no product is perfect and will miss things. I'm always amazed when people are shocked that a piece of malware gets by a security program, as if it was to be 100% perfect. The sad part is, no matter how many times you say that any product will miss something at some point, people will always go, ya, ya I know that, but I still can't believe it happened. It's not fiction, it's a real fact all security program will miss something, it doesn't matter how well it does on tests here or else where, it will eventually happen.

At the end of the day, I see no reason to stress about this test. Just another example showing that you still have to practice safe habits, in this case ensure you backup your data and not put 100% if your faith into the program. Pick which ever program you like, practice safe habits and chances are you will be more than safe. :emoji_expressionless:(y)
 
Last edited:

Vasudev

Level 26
Verified
Joined
Nov 8, 2014
Messages
1,549
Operating System
Windows 10
Antivirus
Windows Defender
#48
I expected BD Free will stop the ransomware just like Juan's prev. video and I saw Kaspersky 2019 Free AV works its magic. I didn't think Win defender to be working flawlessly.
 

JM Safe

Level 36
Content Creator
Verified
Joined
Apr 12, 2015
Messages
2,522
Operating System
Windows 10
Antivirus
Kaspersky
#49
Maybe, but as I've said before no product is perfect and will miss things. I'm always amazed when people are shocked that a piece of malware gets by a security program, as if it was to be 100% perfect. The sad part is, no matter how many times you say that any product will miss something at some point, people will always go, ya, ya I know that, but I still can't believe it happened. It's not fiction, it's a real fact all security program will miss something, it doesn't matter how well it does on tests here or else where, it will eventually happen.

At the end of the day, I see no reason to stress about this test. Just another example showing that you still have to practice safe habits, in this case ensure you backup your data and not put 100% if your faith into the program. Pick whixh ever program you like, practice safe habits and chances are you will be more than safe. :emoji_expressionless:(y)
I agree, also who think AntiEXE can prevent ALL types of malware make a mistake because even if you use an AntiEXE as main protection there are still possibilities to get infected by a malware which manages to exploit possible vulnerabilities/flaws of the AntiEXE.
 

Raiden

Level 7
Content Creator
Verified
Joined
May 7, 2018
Messages
316
Operating System
Windows 10
Antivirus
Emsisoft
#52
It is very clear that the signatures escape the 0 days. that's why I use anti-exe or deny by default or virtualization.:giggle:
Its good to have layers, provided they don't overlap one another. I too use a combination of layers :)

One thing that came to me after my last post, is in regards to YouTube tests, or "tests" in general. Based on the testing methodology I mentioned above, my question is why are people still testing in this manner? I get it, people want to test different components on the program, but when I see comments like, we'll this products signatures are garbage, but it's bb, or what ever else stopped it, who cares? I mean does it really matter what component stopped the malware? I would be grateful if it stopped it, I don't actually care how it did it. Similarly, having different security layers, I don't care which layer stopped the malware. If something got past WD, but was stopped by VS, or OSA instead, again who cares? All that matters is that the malware was stopped. (y)
 

Moonhorse

Level 22
Content Creator
Verified
Joined
May 29, 2018
Messages
1,196
Operating System
Windows 10
Antivirus
Windows Defender
#54
I expected BD Free will stop the ransomware just like Juan's prev. video and I saw Kaspersky 2019 Free AV works its magic. I didn't think Win defender to be working flawlessly.
What i have been told is that bitdefender / kaspersky has best signatures

But bitdefender on vt has not detected ransomware by signatures = fail on the video

Bitdefender has behaviour blocker, but its too late when files are already enrycpted?
Doesnt mean bitdefender is bad, it just doesnt have any zeroday protection on free version and needs help by other sws

On other hand i have no idea how common these zeroday infections are in real life situations, its not bitdefenders fault if someone ran suspicios file , probably the web filter already did job before that and adblocker blocked it coming from ads, idk

People that torrent will run any file, even they get prompted by av/ security software
 

Raiden

Level 7
Content Creator
Verified
Joined
May 7, 2018
Messages
316
Operating System
Windows 10
Antivirus
Emsisoft
#55
On the other hand i have no idea how common these zeroday infections are in real life situations
This is a very important point. Tests don't typically mimic the real world, nor does the result of the test reflect what's really happening in the real world. The chances of running into a true zero day malware is pretty small. These usually happen to large business and governments, becuase hackers desperately want to gain access to these systems, home users probably not as desperate.

Truth is despite what all the various tests may say about a product(s) , overwhelmingly the vast majority of programs do their job well, and in the real world people aren't being subject to attack by true zero days.
 
Last edited:

Evjl's Rain

Level 39
Content Creator
MWT-Tester
Verified
Joined
Apr 18, 2016
Messages
2,896
Operating System
Windows 8.1
Antivirus
Avast
#56
What i have been told is that bitdefender / kaspersky has best signatures

But bitdefender on vt has not detected ransomware by signatures = fail on the video

Bitdefender has behaviour blocker, but its too late when files are already enrycpted?
Doesnt mean bitdefender is bad, it just doesnt have any zeroday protection on free version and needs help by other sws

On other hand i have no idea how common these zeroday infections are in real life situations, its not bitdefenders fault if someone ran suspicios file , probably the web filter already did job before that and adblocker blocked it coming from ads, idk

People that torrent will run any file, even they get prompted by av/ security software
it's a fact that BD engine on VT is completely different from the engine used in their AV. It's the only one I know has this problem
malwares detected by BD on VT doesn't mean it will be detected by BD suits and so on
BD free has BB and it's quite good, IMO
but it's a bit lacking against new variants of ransomware

in the pass, it was one of my top 5 BBs after kaspersky > emsisoft > gdata > BD
 

JoeBlack40

Level 6
Verified
Joined
Sep 28, 2011
Messages
264
Operating System
Windows 7
Antivirus
Kaspersky
#58
Ah the good old never ending security program cycle every time a test comes out. :sick:



While these are great programs in their own right and they do their job very well, you can still get infected using them. Simply ignoring the prompts and allowing the file to run, a piece of malware can infect a system.
Presuming that the user knows what he/she is doing...not a novice anyway.
 

Der.Reisende

Level 37
Content Creator
MWT-Tester
Verified
Joined
Dec 27, 2014
Messages
2,665
Operating System
Windows 10
Antivirus
Tencent
#60
That's strange guys. I think the ransomware of this test is sophisticated and it could use AVs bypass techniques.
I’m pretty sure it will it’s way to the HUB once a source is detected to get hold of it.
You may want to have a look into then?