Unlimited Giveaway McAfee Endpoint Unmanaged client - no term limits

Promotion Link
https://www.comss.ru/page.php?id=6131
Instructions
Get it from McAfee Endpoint Security
Extract the components you want to install , run setup, install,done .

Vitali Ortzi

Level 21
Verified
Dec 12, 2016
1,024
Resource

Here its using about 400
A lot of av software use a dynamic ram management based on ram availability .
More ram the AV use lower Av IO usage and allow faster scaning / detection .
Downside is that it will lower prefetch data/software ram.
Worst case scenario in some very low end pc it can cause issues like crashing in low ram systems .
 

Nagisa

Level 7
Verified
Jul 19, 2018
322
yep

View attachment 241009

PD: I used an installer from another source, that's why it's licensed
PD2: This is my malware testing VM, it has 4GB of RAM and McAfee doesn't uses too much ram in this system

View attachment 241010

Where did you get the installer file? The one that vitali sent?


Btw, I have some doubts about the results of your bonus tests of McAfee. Afaik, GTI works like cloud signatures, so even when you disable file scanning, it may has more than behavioural detection. I haven't read the documentation yet, so I, too don't know how it works exactly.
 
  • Like
Reactions: geminis3

Vitali Ortzi

Level 21
Verified
Dec 12, 2016
1,024
Where did you get the installer file? The one that vitali sent?


Btw, I have some doubts about the results of your bonus tests of McAfee. Afaik, GTI works like cloud signatures, so even when you disable file scanning, it may has more than behavioural detection. I haven't read the documentation yet, so I, too don't know how it works exactly.
Yep exactly.
It includes a license workaround in case of an issue in that regard.
 

Chri.Mi

Level 7
Apr 30, 2020
337
Good to know 👍.
Got no idea why it was so slow .
SEP always gets updates a lot faster
In cmoss.ru
Cause more ppls use it and report them when new version exists. I think mcafee is a bit ignored. Honestly i didnt know about this mcafee trial for ever, but i knew about symantec from around 5 years. Later is common thing symantec is superior vs mcafee, but i have some doubt comparing the 2 solutions (specially unmanaged vs unmanaged)
 

Vitali Ortzi

Level 21
Verified
Dec 12, 2016
1,024
Cause more ppls use it and report them when new version exists. I think mcafee is a bit ignored. Honestly i didnt know about this mcafee trial for ever, but i knew about symantec from around 5 years. Later is common thing symantec is superior vs mcafee, but i have some doubt comparing the 2 solutions (specially unmanaged vs unmanaged)
Yeah not a fair comparison because unlike MacAfee SEP GUI lacks the options that makes the real difference between Norton and endpoint products .
 
  • Like
Reactions: Dave Russo

geminis3

Level 18
Verified
Sep 10, 2015
846
Where did you get the installer file? The one that vitali sent?


Btw, I have some doubts about the results of your bonus tests of McAfee. Afaik, GTI works like cloud signatures, so even when you disable file scanning, it may has more than behavioural detection. I haven't read the documentation yet, so I, too don't know how it works exactly.
Reading the logs it says known malicious reputation, so it's like Kaspersky's System Watcher using UDS cloud signatures
EDIT: a more fair test would be disabling internet access for bonus tests and see how ATP reacts without the Cloud
 

geminis3

Level 18
Verified
Sep 10, 2015
846
Offline BONUS Test

I used 22/05/2020 signatures

McAfee Enterprise-2020-05-24-12-10-43.png


McAfee Enterprise-2020-05-24-12-08-50.png

McAfee Enterprise-2020-05-24-12-08-58.png


(HIT) ATP Rule

McAfee Enterprise-2020-05-24-12-09-22.png


(HIT) ATP Rule

McAfee Enterprise-2020-05-24-12-10-19.png


PD: This config without internet access is an FP making machine, it even blocked me from running 7zip to extract the samples so I had to temporarly disable it.
 

Nagisa

Level 7
Verified
Jul 19, 2018
322
@Vitali Ortzi

Apparently, there is no official McAfee Endpoint Security download without the time limit. Doesn't it count as piracy to use it with workarounds? I also wonder how that workaround works by, and where did you get that installation file from.

There is a topic for SEP too. They're saying that unmanaged client needs licencing as well. What do you think?

 

Vitali Ortzi

Level 21
Verified
Dec 12, 2016
1,024
@Vitali Ortzi

Apparently, there is no official McAfee Endpoint Security download without the time limit. Doesn't it count as piracy to use it with workarounds? I also wonder how that workaround works by, and where did you get that installation file from.

There is a topic for SEP too. They're saying that unmanaged client needs licencing as well. What do you think?

They don't allow submissions without SEP license
"SEP 12.1 unmanaged client requires the licenses.To enable the submission of reputation data from an unmanaged client, you must install a paid license on the client"
 

Chri.Mi

Level 7
Apr 30, 2020
337
@Vitali Ortzi

Apparently, there is no official McAfee Endpoint Security download without the time limit. Doesn't it count as piracy to use it with workarounds? I also wonder how that workaround works by, and where did you get that installation file from.

There is a topic for SEP too. They're saying that unmanaged client needs licencing as well. What do you think?

For what i understand u can use trials free without limit time... Is what is write in comss.ru for sep and mcafee.
 

geminis3

Level 18
Verified
Sep 10, 2015
846
I don't think this is the panacea of "free" AVs, it needs a lot of tweaking with exploit prevention rules to get optimal protection against fileless attacks.

I've conducted a personal test with ENS using my custom settings and Avast Free with HM vs a Netwalker fileless ransomware sample with very low detection (4/59).

ENS at default exploit prevention rules failed against Netwalker

McAfee Enterprise-2020-05-23-09-27-20.png

McAfee Enterprise-2020-05-23-09-44-46.png



Avast already detected the file by signatures, so I rolled back the test VM to an old snapshot and cut the internet access to prevent it from calling the cloud.

Avast VM-2020-05-24-08-33-19.png

Avast VM-2020-05-24-08-36-07.png

Avast VM-2020-05-24-08-36-26.png

Avast VM-2020-05-24-08-40-42.png


Behavior shield managed to block it and protected our files from fileless Netwalker.

PD: With this post I'm not saying "hey go and install Avast right now", instead I'm clarifying about the default settings of McAfee ENS.
 

Chri.Mi

Level 7
Apr 30, 2020
337
I don't think this is the panacea of "free" AVs, it needs a lot of tweaking with exploit prevention rules to get optimal protection against fileless attacks.

I've conducted a personal test with ENS using my custom settings and Avast Free with HM vs a Netwalker fileless ransomware sample with very low detection (4/59).

ENS at default exploit prevention rules failed against Netwalker

View attachment 241051
View attachment 241055


Avast already detected the file by signatures, so I rolled back the test VM to an old snapshot and cut the internet access to prevent it from calling the cloud.

View attachment 241052
View attachment 241049
View attachment 241053
View attachment 241054

Behavior shield managed to block it and protected our files from fileless Netwalker.

PD: With this post I'm not saying "hey go and install Avast right now", instead I'm clarifying about the default settings of McAfee ENS.
Is there any option for make mcafee effective vs this? If yes can u share?
 

Chri.Mi

Level 7
Apr 30, 2020
337
set all the exploit prevention rules to block and enjoy the FP fest in your machine.
Just for clarify... are u refering the ones in threat prevention where is write for example about block doppelganger, mimikatz, etc or rules down? or the rules under advanced threat protection?
 
Top