-
April 19th, 2011, 07:24 PM
#1
Testing AV
We use Symantec Endpoint protection at work. We are always getting those stupid fake alert programs running on machines, and symantec never stops them or removes them.
So, we are testing a new AV (Kaspersky) which so far, is doing a great job.
I would like to test against these fake alert malware programs though, and since the trial is time limited, was wondering if anyone knew a site I could go to to test this.
Obviously this is an odd request, but as the fake alert doesn't 'spread' I figured it'd be ok to send a test machine to a problem site, and click on the malware to see what happens.
Thanks in advance!
-
April 19th, 2011, 10:03 PM
#2
Drop me a PM with a mail addy that will allow password protected rar files.
I work for Panda so its easy for me to gather some samples for you. At your own risk though XD.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
April 20th, 2011, 12:54 AM
#3
I'll send you a PM shortly.
Also i can vouch for Cider, he's the Inside man with access to the good stuff.
-
April 21st, 2011, 04:34 PM
#4
If you have malicious files, you can upload them to virustotal.com ... It will run them against [currently] 41 different AV products, and display the results. These results may not reflect actual detection rates... I have heard that they run them against the CLI version of these programs, but you can still get a pretty good idea. You can also check out hash values.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
April 22nd, 2011, 12:18 AM
#5
We are always getting those stupid fake alert programs running on machines, and symantec never stops them or removes them.
I guess that unless they are well known, not much will stop scareware, as it doesn't seem to actually do anything malicious?
I would respectfully suggest that you take a look at your user account policies; as they shouldn't really be able to install anything executable?
Have you considered sandboxing your internet connections with something like sandboxie or fortres grand?
Similar Threads
-
By genXer in forum Product / Book / Training / Conference Reviews
Replies: 1
Last Post: December 9th, 2005, 06:51 PM
-
By Spiritus in forum Newbie Security Questions
Replies: 5
Last Post: January 13th, 2005, 09:08 AM
-
By mmkhan in forum Site Feedback/Questions/Suggestions
Replies: 3
Last Post: January 2nd, 2005, 02:08 AM
-
By Aspman in forum Newbie Security Questions
Replies: 9
Last Post: December 21st, 2004, 01:15 PM
-
By mmkhan in forum Miscellaneous Security Discussions
Replies: 0
Last Post: October 28th, 2004, 03:47 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|