Breaking AV Software

very interesting, even if it sounds like an April Fools, anyway i want to see what a naked system's user will do against a ransomware? reformat? :rolleyes:

as an old sage said "rather resist the storm with a small hole in my raincoat than goes naked"

P.S: now you know why UAC is crucial
 
  • Like
Reactions: Rahadian Putra, Petrovic, Terry Ganzi and 1 other person
Umbra Polaris said:
P.S: now you know why UAC is crucial
Click to expand...
rn462au19l.gif
 
in fact, i can easily run my system without any 3rd party AVs, just using a guest account, Windows8 built-in security; but WHERE IS THE FUN !!!! :D
 
  • Like
Reactions: Petrovic
Wow... thanks!
I want to know the vulnerability of Kaspersky products.


Edit: I already found in the pdf that Kaspersky has exploitable items too.
 
Last edited:
Vulnerability search should be performed on a regular basis.
They must test their av engines againsts exploits just like what Google is doing for chrome.
 
Increased surface area of attack, if security products install Toolbars and Browser extensions. Agree or Disagree?
 
  • Like
Reactions: WinAndLinuxTutorials
It would be interesting to know which av products were found to have less holes andbugs.
 
Sandboxie too has been found to be vulnerable. The report was published by Bromium (which has a security product).

I read about that on wilders...
 
Tiranium has no vulnerability :D :likeaboss:

The most secure is comodo with the HIPS alerts every 2 minutes :p
 
  • Like
Reactions: Koroke San
Dubseven said:
Tiranium has no vulnerability :D :likeaboss:

The most secure is comodo with the HIPS alerts every 2 minutes :p
Click to expand...
But even Comodo was among the tested products that have been found to be vulnerable. :D
 
Umbra Total Security 2015 (Sauron Edition)

One solution to rulz them all

:D
 
  • Like
Reactions: XhenEd
From what I understand, an AV that installs deeply in the system reduces security of youe system. Most products have bugs, holes etc, so it's good not to gain "deep" priviledges to provide protection.
So, which products are less intrusive?
 
Nikos751 said:
From what I understand, an AV that installs deeply in the system reduces security of youe system. Most products have bugs, holes etc, so it's good not to gain "deep" priviledges to provide protection.
So, which products are less intrusive?
Click to expand...
Windows Defender+UAC+SmartScreen+Windows Firewall :) (win 8&8.1)
 
  • Like
Reactions: Littlebits and Nikos751
Nikos751 said:
From what I understand, an AV that installs deeply in the system reduces security of youe system. Most products have bugs, holes etc, so it's good not to gain "deep" priviledges to provide protection.
So, which products are less intrusive?
Click to expand...
The best paid protection:
Kaspersky ,F-secure,Eset;)

PS:Windoows defender is crap!!
If you want free go Avast!
 
  • Like
Reactions: Nikos751
venustus said:
The best paid protection:
Kaspersky ,F-secure,Eset;)

PS:Windoows defender is crap!!
If you want free go Avast!
Click to expand...
Kaspersky is said to be a "legit rootkit" and it installs deeply in the system as I know.
And from what I read in the pdf " If your application runs with the highest privileges, installs kernel drivers, a packet filter and tries to handle anything your computer may do...  Your attack surface dramatically increased.",
Kaspersky does not seem a very good solution.
Fsecure uses BitDefender engine which seems vulnerable.

What made you come to this conclusion? I may be wrong, that's why I 'm asking you :)

A year ago I was probably infected by some kind of malware as I was testing keys (just for fun-I don't use AV's illegally) for ESS7 found on a serials site. (it was distributing malware for some time as reported in URL scanning sites) ESS6 suddenly dissapeared from system tray and it could not run. I had Webroot secureanywhere running too. WR did not shut down, and although it did not detect the malware either, it was up and running.
Many system tools like regedit, services etc, were also disabled, and I enabled them via WR GUI.
That may be a simple incident that shows what reduced attack surface means.
 
Last edited:
Nikos751 said:
Kaspersky is said to be a "legit rootkit" and it installs deeply in the system as I know.
And from what I read in the pdf " If your application runs with the highest privileges, installs kernel drivers, a packet filter and tries to handle anything your computer may do...  Your attack surface dramatically increased.",
Kaspersky does not seem a very good solution.
Fsecure uses BitDefender engine which seems vulnerable.

What made you come to this conclusion? I may be wrong, that's why I 'm asking you :)
Click to expand...
Just my personal experience in testing these products for a very long time;)
F-Secure uses the BD engine but it is a multi-engined av solution with it's own in-house modules included!
PS:It's very late here in Sydney and I am too tired to elaborate further!
Maybe tommorrow;)

Thanks!:)
 
  • Like
Reactions: Nikos751
You must log in or register to reply here.

You may also like...