Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Windows Defender vs Ransomware 2024 (TPSC)
Message
<blockquote data-quote="Andy Ful" data-source="post: 1078086" data-attributes="member: 32260"><p>Even such a test would not be a challenging stress-kind for AVs. To make it more interesting one could use the known samples, but slightly modified to get new signatures without changing the malware behavior. That can be done in several ways. In my tests with WDAC ISG, I used known samples and modified the samples by only one letter in a particular text string. I noticed that in many cases Defender suspends the execution of such files and shows the well-known alert :</p><p></p><p>[ATTACH=full]281991[/ATTACH]</p><p></p><p>or</p><p></p><p>[ATTACH=full]281992[/ATTACH]</p><p></p><p>Execution of many such files at once can be a problem for Defender and other AVs.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 1078086, member: 32260"] Even such a test would not be a challenging stress-kind for AVs. To make it more interesting one could use the known samples, but slightly modified to get new signatures without changing the malware behavior. That can be done in several ways. In my tests with WDAC ISG, I used known samples and modified the samples by only one letter in a particular text string. I noticed that in many cases Defender suspends the execution of such files and shows the well-known alert : [ATTACH type="full" width="380px" alt="1709818905375.png"]281991[/ATTACH] or [ATTACH type="full" width="382px"]281992[/ATTACH] Execution of many such files at once can be a problem for Defender and other AVs. [/QUOTE]
Insert quotes…
Verification
Post reply
Top